diff --git a/charts/victoria-metrics-operator-crds/charts/crds/crd.yaml b/charts/victoria-metrics-operator-crds/charts/crds/crd.yaml index 1eb825452..8bb29ef87 120000 --- a/charts/victoria-metrics-operator-crds/charts/crds/crd.yaml +++ b/charts/victoria-metrics-operator-crds/charts/crds/crd.yaml @@ -1 +1 @@ -../../../victoria-metrics-operator/crd.yaml \ No newline at end of file +../../../victoria-metrics-operator/charts/crds/crds/crd.yaml \ No newline at end of file diff --git a/charts/victoria-metrics-operator/CHANGELOG.md b/charts/victoria-metrics-operator/CHANGELOG.md index 4cdbeb793..0e1f84971 100644 --- a/charts/victoria-metrics-operator/CHANGELOG.md +++ b/charts/victoria-metrics-operator/CHANGELOG.md @@ -1,6 +1,11 @@ ## Next release -- Added `securityContext` to the `cleanup` job +**Update node 1**: CRDs generated with `.Values.crds.plain: false` are now specless. For this case operator is fully responsible for VM specs validation. This was done to decrease helm release secret size limit. This change affects `kubectl explain` users and tools, that are rely on CRD specs during input data validation. If this behaviour is not acceptable consider using either `victoria-metrics-operator-crds` chart for CRDs management or set `.Values.crds.plain: true` to use plain CRDs. + +- Added `securityContext` to the `cleanup` job. +- Make CRDs, that are rendered using template, specless. This allows to decrease size of k8s secret significantly. If this option is not acceptable for you consider installing CRDs separately using `victoria-metrics-operator-crds` chart or set `.Values.crds.plain: true` and `.Values.crds.upgrade.enabled: true` to use plain CRDs with upgrade job instead. +- Replaced `.Values.admissionWebhooks.enabledCRDValidation` with `.Values.admissionWebhooks.disabledFor` list of CRD names to disable validation for. This change should not affect anyone, since before condition with `.Values.admissionWebhooks.enabledCRDValidation` was not working at all. +- Added CRDs upgrade job, which is only available only for plain CRDs (`.Values.crds.plain: true`). See [#2334](https://github.com/VictoriaMetrics/helm-charts/issues/2334). ## 0.53.0 diff --git a/charts/victoria-metrics-operator/Chart.yaml b/charts/victoria-metrics-operator/Chart.yaml index 5a2d65585..fec520322 100644 --- a/charts/victoria-metrics-operator/Chart.yaml +++ b/charts/victoria-metrics-operator/Chart.yaml @@ -6,7 +6,7 @@ home: https://github.com/VictoriaMetrics/operator sources: - https://github.com/VictoriaMetrics/helm-charts - https://github.com/VictoriaMetrics/operator -version: 0.53.0 +version: 0.54.0 appVersion: v0.63.0 icon: https://avatars.githubusercontent.com/u/43720803?s=200&v=4 kubeVersion: ">=1.25.0-0" diff --git a/charts/victoria-metrics-operator/charts/crds/crds/crd.yaml b/charts/victoria-metrics-operator/charts/crds/crds/crd.yaml deleted file mode 120000 index 72819fd0f..000000000 --- a/charts/victoria-metrics-operator/charts/crds/crds/crd.yaml +++ /dev/null @@ -1 +0,0 @@ -../../../crd.yaml \ No newline at end of file diff --git a/charts/victoria-metrics-operator/charts/crds/crds/crd.yaml b/charts/victoria-metrics-operator/charts/crds/crds/crd.yaml new file mode 100644 index 000000000..1b0f84a20 --- /dev/null +++ b/charts/victoria-metrics-operator/charts/crds/crds/crd.yaml @@ -0,0 +1,43143 @@ +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.18.0 + name: vlagents.operator.victoriametrics.com +spec: + group: operator.victoriametrics.com + names: + kind: VLAgent + listKind: VLAgentList + plural: vlagents + singular: vlagent + scope: Namespaced + versions: + - additionalPrinterColumns: + - description: current number of replicas + jsonPath: .status.replicas + name: Replica Count + type: integer + - description: Current status of update rollout + jsonPath: .status.updateStatus + name: Status + type: string + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + name: v1 + schema: + openAPIV3Schema: + description: VLAgent - is a tiny but brave agent, which helps you collect + logs from various sources and stores them in VictoriaLogs. + properties: + apiVersion: + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + type: string + kind: + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + type: string + metadata: + type: object + spec: + description: VLAgentSpec defines the desired state of VLAgent + properties: + affinity: + description: Affinity If specified, the pod's scheduling constraints. + type: object + x-kubernetes-preserve-unknown-fields: true + claimTemplates: + description: 'ClaimTemplates allows adding additional VolumeClaimTemplates + for VLAgent in Mode: StatefulSet' + items: + description: PersistentVolumeClaim is a user's request for and claim + to a persistent volume + properties: + apiVersion: + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + type: string + kind: + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + type: string + metadata: + description: |- + Standard object's metadata. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata + type: object + x-kubernetes-preserve-unknown-fields: true + spec: + description: |- + spec defines the desired characteristics of a volume requested by a pod author. + More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims + properties: + accessModes: + description: |- + accessModes contains the desired access modes the volume should have. + More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1 + items: + type: string + type: array + x-kubernetes-list-type: atomic + dataSource: + description: |- + dataSource field can be used to specify either: + * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot) + * An existing PVC (PersistentVolumeClaim) + If the provisioner or an external controller can support the specified data source, + it will create a new volume based on the contents of the specified data source. + When the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef, + and dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified. + If the namespace is specified, then dataSourceRef will not be copied to dataSource. + properties: + apiGroup: + description: |- + APIGroup is the group for the resource being referenced. + If APIGroup is not specified, the specified Kind must be in the core API group. + For any other third-party types, APIGroup is required. + type: string + kind: + description: Kind is the type of resource being referenced + type: string + name: + description: Name is the name of resource being referenced + type: string + required: + - kind + - name + type: object + x-kubernetes-map-type: atomic + dataSourceRef: + description: |- + dataSourceRef specifies the object from which to populate the volume with data, if a non-empty + volume is desired. This may be any object from a non-empty API group (non + core object) or a PersistentVolumeClaim object. + When this field is specified, volume binding will only succeed if the type of + the specified object matches some installed volume populator or dynamic + provisioner. + This field will replace the functionality of the dataSource field and as such + if both fields are non-empty, they must have the same value. For backwards + compatibility, when namespace isn't specified in dataSourceRef, + both fields (dataSource and dataSourceRef) will be set to the same + value automatically if one of them is empty and the other is non-empty. + When namespace is specified in dataSourceRef, + dataSource isn't set to the same value and must be empty. + There are three important differences between dataSource and dataSourceRef: + * While dataSource only allows two specific types of objects, dataSourceRef + allows any non-core object, as well as PersistentVolumeClaim objects. + * While dataSource ignores disallowed values (dropping them), dataSourceRef + preserves all values, and generates an error if a disallowed value is + specified. + * While dataSource only allows local objects, dataSourceRef allows objects + in any namespaces. + (Beta) Using this field requires the AnyVolumeDataSource feature gate to be enabled. + (Alpha) Using the namespace field of dataSourceRef requires the CrossNamespaceVolumeDataSource feature gate to be enabled. + properties: + apiGroup: + description: |- + APIGroup is the group for the resource being referenced. + If APIGroup is not specified, the specified Kind must be in the core API group. + For any other third-party types, APIGroup is required. + type: string + kind: + description: Kind is the type of resource being referenced + type: string + name: + description: Name is the name of resource being referenced + type: string + namespace: + description: |- + Namespace is the namespace of resource being referenced + Note that when a namespace is specified, a gateway.networking.k8s.io/ReferenceGrant object is required in the referent namespace to allow that namespace's owner to accept the reference. See the ReferenceGrant documentation for details. + (Alpha) This field requires the CrossNamespaceVolumeDataSource feature gate to be enabled. + type: string + required: + - kind + - name + type: object + resources: + description: |- + resources represents the minimum resources the volume should have. + If RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements + that are lower than previous value but must still be higher than capacity recorded in the + status field of the claim. + More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources + properties: + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: |- + Limits describes the maximum amount of compute resources allowed. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: |- + Requests describes the minimum amount of compute resources required. + If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, + otherwise to an implementation-defined value. Requests cannot exceed Limits. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + type: object + type: object + selector: + description: selector is a label query over volumes to consider + for binding. + properties: + matchExpressions: + description: matchExpressions is a list of label selector + requirements. The requirements are ANDed. + items: + description: |- + A label selector requirement is a selector that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: key is the label key that the selector + applies to. + type: string + operator: + description: |- + operator represents a key's relationship to a set of values. + Valid operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: |- + values is an array of string values. If the operator is In or NotIn, + the values array must be non-empty. If the operator is Exists or DoesNotExist, + the values array must be empty. This array is replaced during a strategic + merge patch. + items: + type: string + type: array + x-kubernetes-list-type: atomic + required: + - key + - operator + type: object + type: array + x-kubernetes-list-type: atomic + matchLabels: + additionalProperties: + type: string + description: |- + matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, whose key field is "key", the + operator is "In", and the values array contains only "value". The requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + storageClassName: + description: |- + storageClassName is the name of the StorageClass required by the claim. + More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1 + type: string + volumeAttributesClassName: + description: |- + volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim. + If specified, the CSI driver will create or update the volume with the attributes defined + in the corresponding VolumeAttributesClass. This has a different purpose than storageClassName, + it can be changed after the claim is created. An empty string value means that no VolumeAttributesClass + will be applied to the claim but it's not allowed to reset this field to empty string once it is set. + If unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass + will be set by the persistentvolume controller if it exists. + If the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be + set to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource + exists. + More info: https://kubernetes.io/docs/concepts/storage/volume-attributes-classes/ + (Beta) Using this field requires the VolumeAttributesClass feature gate to be enabled (off by default). + type: string + volumeMode: + description: |- + volumeMode defines what type of volume is required by the claim. + Value of Filesystem is implied when not included in claim spec. + type: string + volumeName: + description: volumeName is the binding reference to the + PersistentVolume backing this claim. + type: string + type: object + status: + description: |- + status represents the current information/status of a persistent volume claim. + Read-only. + More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims + properties: + accessModes: + description: |- + accessModes contains the actual access modes the volume backing the PVC has. + More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1 + items: + type: string + type: array + x-kubernetes-list-type: atomic + allocatedResourceStatuses: + additionalProperties: + description: |- + When a controller receives persistentvolume claim update with ClaimResourceStatus for a resource + that it does not recognizes, then it should ignore that update and let other controllers + handle it. + type: string + description: "allocatedResourceStatuses stores status of + resource being resized for the given PVC.\nKey names follow + standard Kubernetes label syntax. Valid values are either:\n\t* + Un-prefixed keys:\n\t\t- storage - the capacity of the + volume.\n\t* Custom resources must use implementation-defined + prefixed names such as \"example.com/my-custom-resource\"\nApart + from above values - keys that are unprefixed or have kubernetes.io + prefix are considered\nreserved and hence may not be used.\n\nClaimResourceStatus + can be in any of following states:\n\t- ControllerResizeInProgress:\n\t\tState + set when resize controller starts resizing the volume + in control-plane.\n\t- ControllerResizeFailed:\n\t\tState + set when resize has failed in resize controller with a + terminal error.\n\t- NodeResizePending:\n\t\tState set + when resize controller has finished resizing the volume + but further resizing of\n\t\tvolume is needed on the node.\n\t- + NodeResizeInProgress:\n\t\tState set when kubelet starts + resizing the volume.\n\t- NodeResizeFailed:\n\t\tState + set when resizing has failed in kubelet with a terminal + error. Transient errors don't set\n\t\tNodeResizeFailed.\nFor + example: if expanding a PVC for more capacity - this field + can be one of the following states:\n\t- pvc.status.allocatedResourceStatus['storage'] + = \"ControllerResizeInProgress\"\n - pvc.status.allocatedResourceStatus['storage'] + = \"ControllerResizeFailed\"\n - pvc.status.allocatedResourceStatus['storage'] + = \"NodeResizePending\"\n - pvc.status.allocatedResourceStatus['storage'] + = \"NodeResizeInProgress\"\n - pvc.status.allocatedResourceStatus['storage'] + = \"NodeResizeFailed\"\nWhen this field is not set, it + means that no resize operation is in progress for the + given PVC.\n\nA controller that receives PVC update with + previously unknown resourceName or ClaimResourceStatus\nshould + ignore the update for the purpose it was designed. For + example - a controller that\nonly is responsible for resizing + capacity of the volume, should ignore PVC updates that + change other valid\nresources associated with PVC.\n\nThis + is an alpha field and requires enabling RecoverVolumeExpansionFailure + feature." + type: object + x-kubernetes-map-type: granular + allocatedResources: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: "allocatedResources tracks the resources allocated + to a PVC including its capacity.\nKey names follow standard + Kubernetes label syntax. Valid values are either:\n\t* + Un-prefixed keys:\n\t\t- storage - the capacity of the + volume.\n\t* Custom resources must use implementation-defined + prefixed names such as \"example.com/my-custom-resource\"\nApart + from above values - keys that are unprefixed or have kubernetes.io + prefix are considered\nreserved and hence may not be used.\n\nCapacity + reported here may be larger than the actual capacity when + a volume expansion operation\nis requested.\nFor storage + quota, the larger value from allocatedResources and PVC.spec.resources + is used.\nIf allocatedResources is not set, PVC.spec.resources + alone is used for quota calculation.\nIf a volume expansion + capacity request is lowered, allocatedResources is only\nlowered + if there are no expansion operations in progress and if + the actual volume capacity\nis equal or lower than the + requested capacity.\n\nA controller that receives PVC + update with previously unknown resourceName\nshould ignore + the update for the purpose it was designed. For example + - a controller that\nonly is responsible for resizing + capacity of the volume, should ignore PVC updates that + change other valid\nresources associated with PVC.\n\nThis + is an alpha field and requires enabling RecoverVolumeExpansionFailure + feature." + type: object + capacity: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: capacity represents the actual resources of + the underlying volume. + type: object + conditions: + description: |- + conditions is the current Condition of persistent volume claim. If underlying persistent volume is being + resized then the Condition will be set to 'Resizing'. + items: + description: PersistentVolumeClaimCondition contains details + about state of pvc + properties: + lastProbeTime: + description: lastProbeTime is the time we probed the + condition. + format: date-time + type: string + lastTransitionTime: + description: lastTransitionTime is the time the condition + transitioned from one status to another. + format: date-time + type: string + message: + description: message is the human-readable message + indicating details about last transition. + type: string + reason: + description: |- + reason is a unique, this should be a short, machine understandable string that gives the reason + for condition's last transition. If it reports "Resizing" that means the underlying + persistent volume is being resized. + type: string + status: + description: |- + Status is the status of the condition. + Can be True, False, Unknown. + More info: https://kubernetes.io/docs/reference/kubernetes-api/config-and-storage-resources/persistent-volume-claim-v1/#:~:text=state%20of%20pvc-,conditions.status,-(string)%2C%20required + type: string + type: + description: |- + Type is the type of the condition. + More info: https://kubernetes.io/docs/reference/kubernetes-api/config-and-storage-resources/persistent-volume-claim-v1/#:~:text=set%20to%20%27ResizeStarted%27.-,PersistentVolumeClaimCondition,-contains%20details%20about + type: string + required: + - status + - type + type: object + type: array + x-kubernetes-list-map-keys: + - type + x-kubernetes-list-type: map + currentVolumeAttributesClassName: + description: |- + currentVolumeAttributesClassName is the current name of the VolumeAttributesClass the PVC is using. + When unset, there is no VolumeAttributeClass applied to this PersistentVolumeClaim + This is a beta field and requires enabling VolumeAttributesClass feature (off by default). + type: string + modifyVolumeStatus: + description: |- + ModifyVolumeStatus represents the status object of ControllerModifyVolume operation. + When this is unset, there is no ModifyVolume operation being attempted. + This is a beta field and requires enabling VolumeAttributesClass feature (off by default). + properties: + status: + description: "status is the status of the ControllerModifyVolume + operation. It can be in any of following states:\n + - Pending\n Pending indicates that the PersistentVolumeClaim + cannot be modified due to unmet requirements, such + as\n the specified VolumeAttributesClass not existing.\n + - InProgress\n InProgress indicates that the volume + is being modified.\n - Infeasible\n Infeasible indicates + that the request has been rejected as invalid by the + CSI driver. To\n\t resolve the error, a valid VolumeAttributesClass + needs to be specified.\nNote: New statuses can be + added in the future. Consumers should check for unknown + statuses and fail appropriately." + type: string + targetVolumeAttributesClassName: + description: targetVolumeAttributesClassName is the + name of the VolumeAttributesClass the PVC currently + being reconciled + type: string + required: + - status + type: object + phase: + description: phase represents the current phase of PersistentVolumeClaim. + type: string + type: object + type: object + type: array + configMaps: + description: |- + ConfigMaps is a list of ConfigMaps in the same namespace as the Application + object, which shall be mounted into the Application container + at /etc/vm/configs/CONFIGMAP_NAME folder + items: + type: string + type: array + containers: + description: |- + Containers property allows to inject additions sidecars or to patch existing containers. + It can be useful for proxies, backup, etc. + items: + description: A single application container that you want to run + within a pod. + required: + - name + type: object + x-kubernetes-preserve-unknown-fields: true + type: array + disableAutomountServiceAccountToken: + description: |- + DisableAutomountServiceAccountToken whether to disable serviceAccount auto mount by Kubernetes (available from v0.54.0). + Operator will conditionally create volumes and volumeMounts for containers if it requires k8s API access. + For example, vmagent and vm-config-reloader requires k8s API access. + Operator creates volumes with name: "kube-api-access", which can be used as volumeMount for extraContainers if needed. + And also adds VolumeMounts at /var/run/secrets/kubernetes.io/serviceaccount. + type: boolean + disableSelfServiceScrape: + description: |- + DisableSelfServiceScrape controls creation of VMServiceScrape by operator + for the application. + Has priority over `VM_DISABLESELFSERVICESCRAPECREATION` operator env variable + type: boolean + dnsConfig: + description: |- + Specifies the DNS parameters of a pod. + Parameters specified here will be merged to the generated DNS + configuration based on DNSPolicy. + items: + x-kubernetes-preserve-unknown-fields: true + properties: + nameservers: + description: |- + A list of DNS name server IP addresses. + This will be appended to the base nameservers generated from DNSPolicy. + Duplicated nameservers will be removed. + items: + type: string + type: array + x-kubernetes-list-type: atomic + options: + description: |- + A list of DNS resolver options. + This will be merged with the base options generated from DNSPolicy. + Duplicated entries will be removed. Resolution options given in Options + will override those that appear in the base DNSPolicy. + items: + description: PodDNSConfigOption defines DNS resolver options + of a pod. + properties: + name: + description: |- + Name is this DNS resolver option's name. + Required. + type: string + value: + description: Value is this DNS resolver option's value. + type: string + type: object + type: array + x-kubernetes-list-type: atomic + searches: + description: |- + A list of DNS search domains for host-name lookup. + This will be appended to the base search paths generated from DNSPolicy. + Duplicated search paths will be removed. + items: + type: string + type: array + x-kubernetes-list-type: atomic + type: object + dnsPolicy: + description: DNSPolicy sets DNS policy for the pod + type: string + extraArgs: + additionalProperties: + type: string + description: |- + ExtraArgs that will be passed to the application container + for example remoteWrite.tmpDataPath: /tmp + type: object + extraEnvs: + description: ExtraEnvs that will be passed to the application container + items: + description: EnvVar represents an environment variable present in + a Container. + properties: + name: + description: Name of the environment variable. Must be a C_IDENTIFIER. + type: string + value: + description: |- + Variable references $(VAR_NAME) are expanded + using the previously defined environment variables in the container and + any service environment variables. If a variable cannot be resolved, + the reference in the input string will be unchanged. Double $$ are reduced + to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. + "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". + Escaped references will never be expanded, regardless of whether the variable + exists or not. + Defaults to "". + type: string + required: + - name + type: object + x-kubernetes-preserve-unknown-fields: true + type: array + extraEnvsFrom: + description: |- + ExtraEnvsFrom defines source of env variables for the application container + could either be secret or configmap + items: + description: EnvFromSource represents the source of a set of ConfigMaps + properties: + configMapRef: + description: The ConfigMap to select from + properties: + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the ConfigMap must be defined + type: boolean + type: object + x-kubernetes-map-type: atomic + prefix: + description: An optional identifier to prepend to each key in + the ConfigMap. Must be a C_IDENTIFIER. + type: string + secretRef: + description: The Secret to select from + properties: + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret must be defined + type: boolean + type: object + x-kubernetes-map-type: atomic + type: object + type: array + host_aliases: + description: |- + HostAliasesUnderScore provides mapping for ip and hostname, + that would be propagated to pod, + cannot be used with HostNetwork. + Has Priority over hostAliases field + items: + description: |- + HostAlias holds the mapping between IP and hostnames that will be injected as an entry in the + pod's hosts file. + properties: + hostnames: + description: Hostnames for the above IP address. + items: + type: string + type: array + x-kubernetes-list-type: atomic + ip: + description: IP address of the host file entry. + type: string + required: + - ip + type: object + type: array + hostAliases: + description: |- + HostAliases provides mapping for ip and hostname, + that would be propagated to pod, + cannot be used with HostNetwork. + items: + description: |- + HostAlias holds the mapping between IP and hostnames that will be injected as an entry in the + pod's hosts file. + properties: + hostnames: + description: Hostnames for the above IP address. + items: + type: string + type: array + x-kubernetes-list-type: atomic + ip: + description: IP address of the host file entry. + type: string + required: + - ip + type: object + type: array + hostNetwork: + description: HostNetwork controls whether the pod may use the node + network namespace + type: boolean + image: + description: |- + Image - docker image settings + if no specified operator uses default version from operator config + properties: + pullPolicy: + description: PullPolicy describes how to pull docker image + type: string + repository: + description: Repository contains name of docker image + it's repository + if needed + type: string + tag: + description: Tag contains desired docker image version + type: string + type: object + imagePullSecrets: + description: |- + ImagePullSecrets An optional list of references to secrets in the same namespace + to use for pulling images from registries + see https://kubernetes.io/docs/concepts/containers/images/#referring-to-an-imagepullsecrets-on-a-pod + items: + description: |- + LocalObjectReference contains enough information to let you locate the + referenced object inside the same namespace. + properties: + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + type: object + x-kubernetes-map-type: atomic + type: array + initContainers: + description: |- + InitContainers allows adding initContainers to the pod definition. + Any errors during the execution of an initContainer will lead to a restart of the Pod. + More info: https://kubernetes.io/docs/concepts/workloads/pods/init-containers/ + items: + description: A single application container that you want to run + within a pod. + required: + - name + type: object + x-kubernetes-preserve-unknown-fields: true + type: array + livenessProbe: + description: LivenessProbe that will be added CRD pod + type: object + x-kubernetes-preserve-unknown-fields: true + logFormat: + description: LogFormat for VLAgent to be configured with. + enum: + - default + - json + type: string + logLevel: + description: |- + LogLevel for VLAgent to be configured with. + INFO, WARN, ERROR, FATAL, PANIC + enum: + - INFO + - WARN + - ERROR + - FATAL + - PANIC + type: string + managedMetadata: + description: |- + ManagedMetadata defines metadata that will be added to the all objects + created by operator for the given CustomResource + properties: + annotations: + additionalProperties: + type: string + description: |- + Annotations is an unstructured key value map stored with a resource that may be + set by external tools to store and retrieve arbitrary metadata. They are not + queryable and should be preserved when modifying objects. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations + type: object + labels: + additionalProperties: + type: string + description: |- + Labels Map of string keys and values that can be used to organize and categorize + (scope and select) objects. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels + type: object + type: object + minReadySeconds: + description: |- + MinReadySeconds defines a minimum number of seconds to wait before starting update next pod + if previous in healthy state + Has no effect for VLogs and VMSingle + format: int32 + type: integer + nodeSelector: + additionalProperties: + type: string + description: NodeSelector Define which Nodes the Pods are scheduled + on. + type: object + paused: + description: |- + Paused If set to true all actions on the underlying managed objects are not + going to be performed, except for delete actions. + type: boolean + persistentVolumeClaimRetentionPolicy: + description: PersistentVolumeClaimRetentionPolicy allows configuration + of PVC retention policy + properties: + whenDeleted: + description: |- + WhenDeleted specifies what happens to PVCs created from StatefulSet + VolumeClaimTemplates when the StatefulSet is deleted. The default policy + of `Retain` causes PVCs to not be affected by StatefulSet deletion. The + `Delete` policy causes those PVCs to be deleted. + type: string + whenScaled: + description: |- + WhenScaled specifies what happens to PVCs created from StatefulSet + VolumeClaimTemplates when the StatefulSet is scaled down. The default + policy of `Retain` causes PVCs to not be affected by a scaledown. The + `Delete` policy causes the associated PVCs for any excess pods above + the replica count to be deleted. + type: string + type: object + podDisruptionBudget: + description: PodDisruptionBudget created by operator + properties: + maxUnavailable: + anyOf: + - type: integer + - type: string + description: |- + An eviction is allowed if at most "maxUnavailable" pods selected by + "selector" are unavailable after the eviction, i.e. even in absence of + the evicted pod. For example, one can prevent all voluntary evictions + by specifying 0. This is a mutually exclusive setting with "minAvailable". + x-kubernetes-int-or-string: true + minAvailable: + anyOf: + - type: integer + - type: string + description: |- + An eviction is allowed if at least "minAvailable" pods selected by + "selector" will still be available after the eviction, i.e. even in the + absence of the evicted pod. So for example you can prevent all voluntary + evictions by specifying "100%". + x-kubernetes-int-or-string: true + selectorLabels: + additionalProperties: + type: string + description: |- + replaces default labels selector generated by operator + it's useful when you need to create custom budget + type: object + type: object + podMetadata: + description: PodMetadata configures Labels and Annotations which are + propagated to the vlagent pods. + properties: + annotations: + additionalProperties: + type: string + description: |- + Annotations is an unstructured key value map stored with a resource that may be + set by external tools to store and retrieve arbitrary metadata. They are not + queryable and should be preserved when modifying objects. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations + type: object + labels: + additionalProperties: + type: string + description: |- + Labels Map of string keys and values that can be used to organize and categorize + (scope and select) objects. May match selectors of replication controllers + and services. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels + type: object + name: + description: |- + Name must be unique within a namespace. Is required when creating resources, although + some resources may allow a client to request the generation of an appropriate name + automatically. Name is primarily intended for creation idempotence and configuration + definition. + Cannot be updated. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names#names + type: string + type: object + port: + description: Port listen address + type: string + priorityClassName: + description: PriorityClassName class assigned to the Pods + type: string + readinessGates: + description: ReadinessGates defines pod readiness gates + items: + description: PodReadinessGate contains the reference to a pod condition + properties: + conditionType: + description: ConditionType refers to a condition in the pod's + condition list with matching type. + type: string + required: + - conditionType + type: object + type: array + readinessProbe: + description: ReadinessProbe that will be added CRD pod + type: object + x-kubernetes-preserve-unknown-fields: true + remoteWrite: + description: |- + RemoteWrite list of victoria logs endpoints + for victorialogs it must looks like: http://victoria-logs-single:9428/ + or for cluster different url + https://docs.victoriametrics.com/victorialogs/vlagent/#replication-and-high-availability + items: + description: VLAgentRemoteWriteSpec defines the remote storage configuration + for VmAgent + properties: + bearerTokenPath: + description: Optional bearer auth token to use for -remoteWrite.url + type: string + bearerTokenSecret: + description: Optional bearer auth token to use for -remoteWrite.url + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + headers: + description: |- + Headers allow configuring custom http headers + Must be in form of semicolon separated header with value + e.g. + headerName: headerValue + items: + type: string + type: array + maxDiskUsage: + description: |- + MaxDiskUsage defines the maximum file-based buffer size in bytes for the given remoteWrite + It overrides global configuration defined at remoteWriteSettings.maxDiskUsagePerURL + x-kubernetes-preserve-unknown-fields: true + oauth2: + description: OAuth2 defines auth configuration + properties: + clientIDFile: + description: ClientIDFile defines path to pre-mounted OAuth2 + client id + type: string + clientIDSecret: + description: ClientIDSecret defines secret or configmap + containing the OAuth2 client id + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + clientSecret: + description: The secret containing the OAuth2 client secret + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + clientSecretFile: + description: ClientSecretFile defines path to pre-mounted + OAuth2 client secret + type: string + endpointParams: + additionalProperties: + type: string + description: EndpointParams to append to the token URL + type: object + scopes: + description: Scopes used for the token request + items: + type: string + type: array + tokenURL: + description: TokenURL defines URL to fetch the token from + minLength: 1 + type: string + required: + - tokenURL + type: object + proxyURL: + description: 'ProxyURL for -remoteWrite.url. Supported proxies: + http, https, socks5. Example: socks5://proxy:1234' + type: string + sendTimeout: + description: Timeout for sending a single block of data to -remoteWrite.url + (default 1m0s) + pattern: '[0-9]+(ms|s|m|h)' + type: string + tlsConfig: + description: TLSConfig describes tls configuration for remote + write target + properties: + caFile: + description: CAFile defines path to the pre-mounted file + with TLS ca certificate + type: string + caSecretKeyRef: + description: CASecret defines secret reference with tls + CA key by given key + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + certFile: + description: |- + CertFile defines path to the pre-mounted file with TLS certificate + mutually exclusive with CertSecret + type: string + certSecretKeyRef: + description: |- + CertSecret defines secret reference with TLS cert by given key + mutually exclusive with CASecret + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + insecureSkipVerify: + description: Disable target certificate validation. + type: boolean + keyFile: + description: |- + KeyFile defines path to the pre-mounted file with TLS cert key + mutually exclusive with CertSecret + type: string + keySecretKeyRef: + description: CertSecret defines secret reference with TLS + key by given key + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + serverName: + description: Used to verify the hostname for the targets. + type: string + type: object + url: + description: URL of the endpoint to send samples to. + type: string + required: + - url + type: object + type: array + remoteWriteSettings: + description: RemoteWriteSettings defines global settings for all remoteWrite + urls. + properties: + flushInterval: + description: Interval for flushing the data to remote storage. + (default 1s) + pattern: '[0-9]+(ms|s|m|h)' + type: string + maxBlockSize: + description: The maximum size of unpacked request to send to remote + storage + x-kubernetes-preserve-unknown-fields: true + maxDiskUsagePerURL: + description: The maximum file-based buffer size in bytes at -remoteWrite.tmpDataPath + x-kubernetes-preserve-unknown-fields: true + queues: + description: The number of concurrent queues + format: int32 + type: integer + showURL: + description: Whether to show -remoteWrite.url in the exported + metrics. It is hidden by default, since it can contain sensitive + auth info + type: boolean + tmpDataPath: + description: |- + Path to directory where temporary data for remote write component is stored (default /vlagent_pq/vlagent-remotewrite-data) + If defined, operator ignores spec.storage field and skips adding volume and volumeMount for pq + type: string + type: object + replicaCount: + description: ReplicaCount is the expected size of the Application. + format: int32 + type: integer + resources: + description: |- + Resources container resource request and limits, https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + if not defined default resources from operator config will be used + properties: + claims: + description: |- + Claims lists the names of resources, defined in spec.resourceClaims, + that are used by this container. + + This is an alpha field and requires enabling the + DynamicResourceAllocation feature gate. + + This field is immutable. It can only be set for containers. + items: + description: ResourceClaim references one entry in PodSpec.ResourceClaims. + properties: + name: + description: |- + Name must match the name of one entry in pod.spec.resourceClaims of + the Pod where this field is used. It makes that resource available + inside a container. + type: string + request: + description: |- + Request is the name chosen for a request in the referenced claim. + If empty, everything from the claim is made available, otherwise + only the result of this request. + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: |- + Limits describes the maximum amount of compute resources allowed. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: |- + Requests describes the minimum amount of compute resources required. + If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, + otherwise to an implementation-defined value. Requests cannot exceed Limits. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + type: object + type: object + revisionHistoryLimitCount: + description: |- + The number of old ReplicaSets to retain to allow rollback in deployment or + maximum number of revisions that will be maintained in the Deployment revision history. + Has no effect at StatefulSets + Defaults to 10. + format: int32 + type: integer + rollingUpdateStrategy: + description: |- + StatefulRollingUpdateStrategy allows configuration for strategyType + set it to RollingUpdate for disabling operator statefulSet rollingUpdate + type: string + runtimeClassName: + description: |- + RuntimeClassName - defines runtime class for kubernetes pod. + https://kubernetes.io/docs/concepts/containers/runtime-class/ + type: string + schedulerName: + description: SchedulerName - defines kubernetes scheduler name + type: string + secrets: + description: |- + Secrets is a list of Secrets in the same namespace as the Application + object, which shall be mounted into the Application container + at /etc/vm/secrets/SECRET_NAME folder + items: + type: string + type: array + securityContext: + description: |- + SecurityContext holds pod-level security attributes and common container settings. + This defaults to the default PodSecurityContext. + type: object + x-kubernetes-preserve-unknown-fields: true + serviceAccountName: + description: ServiceAccountName is the name of the ServiceAccount + to use to run the pods + type: string + serviceScrapeSpec: + description: ServiceScrapeSpec that will be added to vlagent VMServiceScrape + spec + required: + - endpoints + type: object + x-kubernetes-preserve-unknown-fields: true + serviceSpec: + description: ServiceSpec that will be added to vlagent service spec + properties: + metadata: + description: EmbeddedObjectMetadata defines objectMeta for additional + service. + properties: + annotations: + additionalProperties: + type: string + description: |- + Annotations is an unstructured key value map stored with a resource that may be + set by external tools to store and retrieve arbitrary metadata. They are not + queryable and should be preserved when modifying objects. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations + type: object + labels: + additionalProperties: + type: string + description: |- + Labels Map of string keys and values that can be used to organize and categorize + (scope and select) objects. May match selectors of replication controllers + and services. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels + type: object + name: + description: |- + Name must be unique within a namespace. Is required when creating resources, although + some resources may allow a client to request the generation of an appropriate name + automatically. Name is primarily intended for creation idempotence and configuration + definition. + Cannot be updated. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names#names + type: string + type: object + spec: + description: |- + ServiceSpec describes the attributes that a user creates on a service. + More info: https://kubernetes.io/docs/concepts/services-networking/service/ + type: object + x-kubernetes-preserve-unknown-fields: true + useAsDefault: + description: |- + UseAsDefault applies changes from given service definition to the main object Service + Changing from headless service to clusterIP or loadbalancer may break cross-component communication + type: boolean + required: + - spec + type: object + startupProbe: + description: StartupProbe that will be added to CRD pod + type: object + x-kubernetes-preserve-unknown-fields: true + storage: + description: StatefulStorage configures storage for StatefulSet + properties: + disableMountSubPath: + description: |- + Deprecated: subPath usage will be disabled by default in a future release, this option will become unnecessary. + DisableMountSubPath allows to remove any subPath usage in volume mounts. + type: boolean + emptyDir: + description: |- + EmptyDirVolumeSource to be used by the Prometheus StatefulSets. If specified, used in place of any volumeClaimTemplate. More + info: https://kubernetes.io/docs/concepts/storage/volumes/#emptydir + properties: + medium: + description: |- + medium represents what type of storage medium should back this directory. + The default is "" which means to use the node's default medium. + Must be an empty string (default) or Memory. + More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir + type: string + sizeLimit: + anyOf: + - type: integer + - type: string + description: |- + sizeLimit is the total amount of local storage required for this EmptyDir volume. + The size limit is also applicable for memory medium. + The maximum usage on memory medium EmptyDir would be the minimum value between + the SizeLimit specified here and the sum of memory limits of all containers in a pod. + The default is nil which means that the limit is undefined. + More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + volumeClaimTemplate: + description: A PVC spec to be used by the StatefulSets/Deployments. + properties: + apiVersion: + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + type: string + kind: + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + type: string + metadata: + description: EmbeddedMetadata contains metadata relevant to + an EmbeddedResource. + properties: + annotations: + additionalProperties: + type: string + description: |- + Annotations is an unstructured key value map stored with a resource that may be + set by external tools to store and retrieve arbitrary metadata. They are not + queryable and should be preserved when modifying objects. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations + type: object + labels: + additionalProperties: + type: string + description: |- + Labels Map of string keys and values that can be used to organize and categorize + (scope and select) objects. May match selectors of replication controllers + and services. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels + type: object + name: + description: |- + Name must be unique within a namespace. Is required when creating resources, although + some resources may allow a client to request the generation of an appropriate name + automatically. Name is primarily intended for creation idempotence and configuration + definition. + Cannot be updated. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names#names + type: string + type: object + spec: + description: |- + Spec defines the desired characteristics of a volume requested by a pod author. + More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims + properties: + accessModes: + description: |- + accessModes contains the desired access modes the volume should have. + More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1 + items: + type: string + type: array + x-kubernetes-list-type: atomic + dataSource: + description: |- + dataSource field can be used to specify either: + * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot) + * An existing PVC (PersistentVolumeClaim) + If the provisioner or an external controller can support the specified data source, + it will create a new volume based on the contents of the specified data source. + When the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef, + and dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified. + If the namespace is specified, then dataSourceRef will not be copied to dataSource. + properties: + apiGroup: + description: |- + APIGroup is the group for the resource being referenced. + If APIGroup is not specified, the specified Kind must be in the core API group. + For any other third-party types, APIGroup is required. + type: string + kind: + description: Kind is the type of resource being referenced + type: string + name: + description: Name is the name of resource being referenced + type: string + required: + - kind + - name + type: object + x-kubernetes-map-type: atomic + dataSourceRef: + description: |- + dataSourceRef specifies the object from which to populate the volume with data, if a non-empty + volume is desired. This may be any object from a non-empty API group (non + core object) or a PersistentVolumeClaim object. + When this field is specified, volume binding will only succeed if the type of + the specified object matches some installed volume populator or dynamic + provisioner. + This field will replace the functionality of the dataSource field and as such + if both fields are non-empty, they must have the same value. For backwards + compatibility, when namespace isn't specified in dataSourceRef, + both fields (dataSource and dataSourceRef) will be set to the same + value automatically if one of them is empty and the other is non-empty. + When namespace is specified in dataSourceRef, + dataSource isn't set to the same value and must be empty. + There are three important differences between dataSource and dataSourceRef: + * While dataSource only allows two specific types of objects, dataSourceRef + allows any non-core object, as well as PersistentVolumeClaim objects. + * While dataSource ignores disallowed values (dropping them), dataSourceRef + preserves all values, and generates an error if a disallowed value is + specified. + * While dataSource only allows local objects, dataSourceRef allows objects + in any namespaces. + (Beta) Using this field requires the AnyVolumeDataSource feature gate to be enabled. + (Alpha) Using the namespace field of dataSourceRef requires the CrossNamespaceVolumeDataSource feature gate to be enabled. + properties: + apiGroup: + description: |- + APIGroup is the group for the resource being referenced. + If APIGroup is not specified, the specified Kind must be in the core API group. + For any other third-party types, APIGroup is required. + type: string + kind: + description: Kind is the type of resource being referenced + type: string + name: + description: Name is the name of resource being referenced + type: string + namespace: + description: |- + Namespace is the namespace of resource being referenced + Note that when a namespace is specified, a gateway.networking.k8s.io/ReferenceGrant object is required in the referent namespace to allow that namespace's owner to accept the reference. See the ReferenceGrant documentation for details. + (Alpha) This field requires the CrossNamespaceVolumeDataSource feature gate to be enabled. + type: string + required: + - kind + - name + type: object + resources: + description: |- + resources represents the minimum resources the volume should have. + If RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements + that are lower than previous value but must still be higher than capacity recorded in the + status field of the claim. + More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources + properties: + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: |- + Limits describes the maximum amount of compute resources allowed. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: |- + Requests describes the minimum amount of compute resources required. + If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, + otherwise to an implementation-defined value. Requests cannot exceed Limits. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + type: object + type: object + selector: + description: selector is a label query over volumes to + consider for binding. + properties: + matchExpressions: + description: matchExpressions is a list of label selector + requirements. The requirements are ANDed. + items: + description: |- + A label selector requirement is a selector that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: key is the label key that the selector + applies to. + type: string + operator: + description: |- + operator represents a key's relationship to a set of values. + Valid operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: |- + values is an array of string values. If the operator is In or NotIn, + the values array must be non-empty. If the operator is Exists or DoesNotExist, + the values array must be empty. This array is replaced during a strategic + merge patch. + items: + type: string + type: array + x-kubernetes-list-type: atomic + required: + - key + - operator + type: object + type: array + x-kubernetes-list-type: atomic + matchLabels: + additionalProperties: + type: string + description: |- + matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, whose key field is "key", the + operator is "In", and the values array contains only "value". The requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + storageClassName: + description: |- + storageClassName is the name of the StorageClass required by the claim. + More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1 + type: string + volumeAttributesClassName: + description: |- + volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim. + If specified, the CSI driver will create or update the volume with the attributes defined + in the corresponding VolumeAttributesClass. This has a different purpose than storageClassName, + it can be changed after the claim is created. An empty string value means that no VolumeAttributesClass + will be applied to the claim but it's not allowed to reset this field to empty string once it is set. + If unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass + will be set by the persistentvolume controller if it exists. + If the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be + set to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource + exists. + More info: https://kubernetes.io/docs/concepts/storage/volume-attributes-classes/ + (Beta) Using this field requires the VolumeAttributesClass feature gate to be enabled (off by default). + type: string + volumeMode: + description: |- + volumeMode defines what type of volume is required by the claim. + Value of Filesystem is implied when not included in claim spec. + type: string + volumeName: + description: volumeName is the binding reference to the + PersistentVolume backing this claim. + type: string + type: object + status: + description: |- + Status represents the current information/status of a persistent volume claim. + Read-only. + More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims + properties: + accessModes: + description: |- + accessModes contains the actual access modes the volume backing the PVC has. + More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1 + items: + type: string + type: array + x-kubernetes-list-type: atomic + allocatedResourceStatuses: + additionalProperties: + description: |- + When a controller receives persistentvolume claim update with ClaimResourceStatus for a resource + that it does not recognizes, then it should ignore that update and let other controllers + handle it. + type: string + description: "allocatedResourceStatuses stores status + of resource being resized for the given PVC.\nKey names + follow standard Kubernetes label syntax. Valid values + are either:\n\t* Un-prefixed keys:\n\t\t- storage - + the capacity of the volume.\n\t* Custom resources must + use implementation-defined prefixed names such as \"example.com/my-custom-resource\"\nApart + from above values - keys that are unprefixed or have + kubernetes.io prefix are considered\nreserved and hence + may not be used.\n\nClaimResourceStatus can be in any + of following states:\n\t- ControllerResizeInProgress:\n\t\tState + set when resize controller starts resizing the volume + in control-plane.\n\t- ControllerResizeFailed:\n\t\tState + set when resize has failed in resize controller with + a terminal error.\n\t- NodeResizePending:\n\t\tState + set when resize controller has finished resizing the + volume but further resizing of\n\t\tvolume is needed + on the node.\n\t- NodeResizeInProgress:\n\t\tState set + when kubelet starts resizing the volume.\n\t- NodeResizeFailed:\n\t\tState + set when resizing has failed in kubelet with a terminal + error. Transient errors don't set\n\t\tNodeResizeFailed.\nFor + example: if expanding a PVC for more capacity - this + field can be one of the following states:\n\t- pvc.status.allocatedResourceStatus['storage'] + = \"ControllerResizeInProgress\"\n - pvc.status.allocatedResourceStatus['storage'] + = \"ControllerResizeFailed\"\n - pvc.status.allocatedResourceStatus['storage'] + = \"NodeResizePending\"\n - pvc.status.allocatedResourceStatus['storage'] + = \"NodeResizeInProgress\"\n - pvc.status.allocatedResourceStatus['storage'] + = \"NodeResizeFailed\"\nWhen this field is not set, + it means that no resize operation is in progress for + the given PVC.\n\nA controller that receives PVC update + with previously unknown resourceName or ClaimResourceStatus\nshould + ignore the update for the purpose it was designed. For + example - a controller that\nonly is responsible for + resizing capacity of the volume, should ignore PVC updates + that change other valid\nresources associated with PVC.\n\nThis + is an alpha field and requires enabling RecoverVolumeExpansionFailure + feature." + type: object + x-kubernetes-map-type: granular + allocatedResources: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: "allocatedResources tracks the resources + allocated to a PVC including its capacity.\nKey names + follow standard Kubernetes label syntax. Valid values + are either:\n\t* Un-prefixed keys:\n\t\t- storage - + the capacity of the volume.\n\t* Custom resources must + use implementation-defined prefixed names such as \"example.com/my-custom-resource\"\nApart + from above values - keys that are unprefixed or have + kubernetes.io prefix are considered\nreserved and hence + may not be used.\n\nCapacity reported here may be larger + than the actual capacity when a volume expansion operation\nis + requested.\nFor storage quota, the larger value from + allocatedResources and PVC.spec.resources is used.\nIf + allocatedResources is not set, PVC.spec.resources alone + is used for quota calculation.\nIf a volume expansion + capacity request is lowered, allocatedResources is only\nlowered + if there are no expansion operations in progress and + if the actual volume capacity\nis equal or lower than + the requested capacity.\n\nA controller that receives + PVC update with previously unknown resourceName\nshould + ignore the update for the purpose it was designed. For + example - a controller that\nonly is responsible for + resizing capacity of the volume, should ignore PVC updates + that change other valid\nresources associated with PVC.\n\nThis + is an alpha field and requires enabling RecoverVolumeExpansionFailure + feature." + type: object + capacity: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: capacity represents the actual resources + of the underlying volume. + type: object + conditions: + description: |- + conditions is the current Condition of persistent volume claim. If underlying persistent volume is being + resized then the Condition will be set to 'Resizing'. + items: + description: PersistentVolumeClaimCondition contains + details about state of pvc + properties: + lastProbeTime: + description: lastProbeTime is the time we probed + the condition. + format: date-time + type: string + lastTransitionTime: + description: lastTransitionTime is the time the + condition transitioned from one status to another. + format: date-time + type: string + message: + description: message is the human-readable message + indicating details about last transition. + type: string + reason: + description: |- + reason is a unique, this should be a short, machine understandable string that gives the reason + for condition's last transition. If it reports "Resizing" that means the underlying + persistent volume is being resized. + type: string + status: + description: |- + Status is the status of the condition. + Can be True, False, Unknown. + More info: https://kubernetes.io/docs/reference/kubernetes-api/config-and-storage-resources/persistent-volume-claim-v1/#:~:text=state%20of%20pvc-,conditions.status,-(string)%2C%20required + type: string + type: + description: |- + Type is the type of the condition. + More info: https://kubernetes.io/docs/reference/kubernetes-api/config-and-storage-resources/persistent-volume-claim-v1/#:~:text=set%20to%20%27ResizeStarted%27.-,PersistentVolumeClaimCondition,-contains%20details%20about + type: string + required: + - status + - type + type: object + type: array + x-kubernetes-list-map-keys: + - type + x-kubernetes-list-type: map + currentVolumeAttributesClassName: + description: |- + currentVolumeAttributesClassName is the current name of the VolumeAttributesClass the PVC is using. + When unset, there is no VolumeAttributeClass applied to this PersistentVolumeClaim + This is a beta field and requires enabling VolumeAttributesClass feature (off by default). + type: string + modifyVolumeStatus: + description: |- + ModifyVolumeStatus represents the status object of ControllerModifyVolume operation. + When this is unset, there is no ModifyVolume operation being attempted. + This is a beta field and requires enabling VolumeAttributesClass feature (off by default). + properties: + status: + description: "status is the status of the ControllerModifyVolume + operation. It can be in any of following states:\n + - Pending\n Pending indicates that the PersistentVolumeClaim + cannot be modified due to unmet requirements, such + as\n the specified VolumeAttributesClass not existing.\n + - InProgress\n InProgress indicates that the volume + is being modified.\n - Infeasible\n Infeasible + indicates that the request has been rejected as + invalid by the CSI driver. To\n\t resolve the error, + a valid VolumeAttributesClass needs to be specified.\nNote: + New statuses can be added in the future. Consumers + should check for unknown statuses and fail appropriately." + type: string + targetVolumeAttributesClassName: + description: targetVolumeAttributesClassName is the + name of the VolumeAttributesClass the PVC currently + being reconciled + type: string + required: + - status + type: object + phase: + description: phase represents the current phase of PersistentVolumeClaim. + type: string + type: object + type: object + type: object + syslogSpec: + description: SyslogSpec defines syslog listener configuration + properties: + tcpListeners: + description: TCPListeners defines syslog server TCP listener configuration + items: + description: SyslogTCPListener defines configuration for TCP + syslog server listen + properties: + compressMethod: + description: |- + CompressMethod for syslog messages + see https://docs.victoriametrics.com/victorialogs/data-ingestion/syslog/#compression + pattern: ^(none|zstd|gzip|deflate)$ + type: string + decolorizeFields: + description: |- + DecolorizeFields to remove ANSI color codes across logs + see https://docs.victoriametrics.com/victorialogs/data-ingestion/syslog/#decolorizing-fields + type: string + ignoreFields: + description: |- + IgnoreFields to ignore at logs + see https://docs.victoriametrics.com/victorialogs/data-ingestion/syslog/#dropping-fields + type: string + listenPort: + description: ListenPort defines listen port + format: int32 + type: integer + streamFields: + description: |- + StreamFields to use as log stream labels + see https://docs.victoriametrics.com/victorialogs/data-ingestion/syslog/#stream-fields + type: string + tenantID: + description: |- + TenantID for logs ingested in form of accountID:projectID + see https://docs.victoriametrics.com/victorialogs/data-ingestion/syslog/#multiple-configs + type: string + tlsConfig: + description: TLSServerConfig defines VictoriaMetrics TLS + configuration for the application's server + properties: + certFile: + description: |- + CertFile defines path to the pre-mounted file with certificate + mutually exclusive with CertSecret + type: string + certSecret: + description: |- + CertSecretRef defines reference for secret with certificate content under given key + mutually exclusive with CertFile + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key + must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + keyFile: + description: |- + KeyFile defines path to the pre-mounted file with certificate key + mutually exclusive with KeySecretRef + type: string + keySecret: + description: |- + Key defines reference for secret with certificate key content under given key + mutually exclusive with KeyFile + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key + must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + required: + - listenPort + type: object + type: array + udpListeners: + description: UDPListeners defines syslog server UDP listener configuration + items: + description: SyslogUDPListener defines configuration for UDP + syslog server listen + properties: + compressMethod: + description: |- + CompressMethod for syslog messages + see https://docs.victoriametrics.com/victorialogs/data-ingestion/syslog/#compression + pattern: ^(none|zstd|gzip|deflate)$ + type: string + decolorizeFields: + description: |- + DecolorizeFields to remove ANSI color codes across logs + see https://docs.victoriametrics.com/victorialogs/data-ingestion/syslog/#decolorizing-fields + type: string + ignoreFields: + description: |- + IgnoreFields to ignore at logs + see https://docs.victoriametrics.com/victorialogs/data-ingestion/syslog/#dropping-fields + type: string + listenPort: + description: ListenPort defines listen port + format: int32 + type: integer + streamFields: + description: |- + StreamFields to use as log stream labels + see https://docs.victoriametrics.com/victorialogs/data-ingestion/syslog/#stream-fields + type: string + tenantID: + description: |- + TenantID for logs ingested in form of accountID:projectID + see https://docs.victoriametrics.com/victorialogs/data-ingestion/syslog/#multiple-configs + type: string + required: + - listenPort + type: object + type: array + type: object + terminationGracePeriodSeconds: + description: TerminationGracePeriodSeconds period for container graceful + termination + format: int64 + type: integer + tolerations: + description: Tolerations If specified, the pod's tolerations. + items: + description: |- + The pod this Toleration is attached to tolerates any taint that matches + the triple using the matching operator . + properties: + effect: + description: |- + Effect indicates the taint effect to match. Empty means match all taint effects. + When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute. + type: string + key: + description: |- + Key is the taint key that the toleration applies to. Empty means match all taint keys. + If the key is empty, operator must be Exists; this combination means to match all values and all keys. + type: string + operator: + description: |- + Operator represents a key's relationship to the value. + Valid operators are Exists and Equal. Defaults to Equal. + Exists is equivalent to wildcard for value, so that a pod can + tolerate all taints of a particular category. + type: string + tolerationSeconds: + description: |- + TolerationSeconds represents the period of time the toleration (which must be + of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, + it is not set, which means tolerate the taint forever (do not evict). Zero and + negative values will be treated as 0 (evict immediately) by the system. + format: int64 + type: integer + value: + description: |- + Value is the taint value the toleration matches to. + If the operator is Exists, the value should be empty, otherwise just a regular string. + type: string + type: object + type: array + topologySpreadConstraints: + description: |- + TopologySpreadConstraints embedded kubernetes pod configuration option, + controls how pods are spread across your cluster among failure-domains + such as regions, zones, nodes, and other user-defined topology domains + https://kubernetes.io/docs/concepts/workloads/pods/pod-topology-spread-constraints/ + items: + description: TopologySpreadConstraint specifies how to spread matching + pods among the given topology. + required: + - maxSkew + - topologyKey + - whenUnsatisfiable + type: object + x-kubernetes-preserve-unknown-fields: true + type: array + useDefaultResources: + description: |- + UseDefaultResources controls resource settings + By default, operator sets built-in resource requirements + type: boolean + useStrictSecurity: + description: |- + UseStrictSecurity enables strict security mode for component + it restricts disk writes access + uses non-root user out of the box + drops not needed security permissions + type: boolean + volumeMounts: + description: |- + VolumeMounts allows configuration of additional VolumeMounts on the output Deployment/StatefulSet definition. + VolumeMounts specified will be appended to other VolumeMounts in the Application container + items: + description: VolumeMount describes a mounting of a Volume within + a container. + properties: + mountPath: + description: |- + Path within the container at which the volume should be mounted. Must + not contain ':'. + type: string + mountPropagation: + description: |- + mountPropagation determines how mounts are propagated from the host + to container and the other way around. + When not set, MountPropagationNone is used. + This field is beta in 1.10. + When RecursiveReadOnly is set to IfPossible or to Enabled, MountPropagation must be None or unspecified + (which defaults to None). + type: string + name: + description: This must match the Name of a Volume. + type: string + readOnly: + description: |- + Mounted read-only if true, read-write otherwise (false or unspecified). + Defaults to false. + type: boolean + recursiveReadOnly: + description: |- + RecursiveReadOnly specifies whether read-only mounts should be handled + recursively. + + If ReadOnly is false, this field has no meaning and must be unspecified. + + If ReadOnly is true, and this field is set to Disabled, the mount is not made + recursively read-only. If this field is set to IfPossible, the mount is made + recursively read-only, if it is supported by the container runtime. If this + field is set to Enabled, the mount is made recursively read-only if it is + supported by the container runtime, otherwise the pod will not be started and + an error will be generated to indicate the reason. + + If this field is set to IfPossible or Enabled, MountPropagation must be set to + None (or be unspecified, which defaults to None). + + If this field is not specified, it is treated as an equivalent of Disabled. + type: string + subPath: + description: |- + Path within the volume from which the container's volume should be mounted. + Defaults to "" (volume's root). + type: string + subPathExpr: + description: |- + Expanded path within the volume from which the container's volume should be mounted. + Behaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment. + Defaults to "" (volume's root). + SubPathExpr and SubPath are mutually exclusive. + type: string + required: + - mountPath + - name + type: object + type: array + volumes: + description: |- + Volumes allows configuration of additional volumes on the output Deployment/StatefulSet definition. + Volumes specified will be appended to other volumes that are generated. + / +optional + items: + description: Volume represents a named volume in a pod that may + be accessed by any container in the pod. + required: + - name + type: object + x-kubernetes-preserve-unknown-fields: true + type: array + required: + - remoteWrite + type: object + status: + description: VLAgentStatus defines the observed state of VLAgent + properties: + conditions: + description: 'Known .status.conditions.type are: "Available", "Progressing", + and "Degraded"' + items: + description: Condition defines status condition of the resource + properties: + lastTransitionTime: + description: lastTransitionTime is the last time the condition + transitioned from one status to another. + format: date-time + type: string + lastUpdateTime: + description: |- + LastUpdateTime is the last time of given type update. + This value is used for status TTL update and removal + format: date-time + type: string + message: + description: |- + message is a human readable message indicating details about the transition. + This may be an empty string. + maxLength: 32768 + type: string + observedGeneration: + description: |- + observedGeneration represents the .metadata.generation that the condition was set based upon. + For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date + with respect to the current state of the instance. + format: int64 + minimum: 0 + type: integer + reason: + description: |- + reason contains a programmatic identifier indicating the reason for the condition's last transition. + Producers of specific condition types may define expected values and meanings for this field, + and whether the values are considered a guaranteed API. + The value should be a CamelCase string. + This field may not be empty. + maxLength: 1024 + minLength: 1 + type: string + status: + description: status of the condition, one of True, False, Unknown. + enum: + - "True" + - "False" + - Unknown + type: string + type: + description: Type of condition in CamelCase or in name.namespace.resource.victoriametrics.com/CamelCase. + maxLength: 316 + type: string + required: + - lastTransitionTime + - lastUpdateTime + - reason + - status + - type + type: object + type: array + x-kubernetes-list-map-keys: + - type + x-kubernetes-list-type: map + observedGeneration: + description: |- + ObservedGeneration defines current generation picked by operator for the + reconcile + format: int64 + type: integer + reason: + description: Reason defines human readable error reason + type: string + replicas: + description: ReplicaCount Total number of pods targeted by this VLAgent + format: int32 + type: integer + selector: + description: Selector string form of label value set for autoscaling + type: string + updateStatus: + description: UpdateStatus defines a status for update rollout + type: string + type: object + type: object + served: true + storage: true + subresources: + scale: + labelSelectorPath: .status.selector + specReplicasPath: .spec.shardCount + statusReplicasPath: .status.shards + status: {} +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.18.0 + name: vlclusters.operator.victoriametrics.com +spec: + group: operator.victoriametrics.com + names: + kind: VLCluster + listKind: VLClusterList + plural: vlclusters + singular: vlcluster + scope: Namespaced + versions: + - additionalPrinterColumns: + - description: replicas of VLInsert + jsonPath: .spec.vlinsert.replicaCount + name: Insert Count + type: string + - description: replicas of VLStorage + jsonPath: .spec.vlstorage.replicaCount + name: Storage Count + type: string + - description: replicas of VLSelect + jsonPath: .spec.vlselect.replicaCount + name: Select Count + type: string + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + - description: Current status of cluster + jsonPath: .status.updateStatus + name: Status + type: string + name: v1 + schema: + openAPIV3Schema: + description: VLCluster is fast, cost-effective and scalable logs database. + properties: + apiVersion: + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + type: string + kind: + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + type: string + metadata: + type: object + spec: + description: VLClusterSpec defines the desired state of VLCluster + properties: + clusterDomainName: + description: |- + ClusterDomainName defines domain name suffix for in-cluster dns addresses + aka .cluster.local + used by vlinsert and vlselect to build vlstorage address + type: string + clusterVersion: + description: |- + ClusterVersion defines default images tag for all components. + it can be overwritten with component specific image.tag value. + type: string + imagePullSecrets: + description: |- + ImagePullSecrets An optional list of references to secrets in the same namespace + to use for pulling images from registries + see https://kubernetes.io/docs/concepts/containers/images/#referring-to-an-imagepullsecrets-on-a-pod + items: + description: |- + LocalObjectReference contains enough information to let you locate the + referenced object inside the same namespace. + properties: + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + type: object + x-kubernetes-map-type: atomic + type: array + managedMetadata: + description: |- + ManagedMetadata defines metadata that will be added to the all objects + created by operator for the given CustomResource + properties: + annotations: + additionalProperties: + type: string + description: |- + Annotations is an unstructured key value map stored with a resource that may be + set by external tools to store and retrieve arbitrary metadata. They are not + queryable and should be preserved when modifying objects. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations + type: object + labels: + additionalProperties: + type: string + description: |- + Labels Map of string keys and values that can be used to organize and categorize + (scope and select) objects. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels + type: object + type: object + paused: + description: |- + Paused If set to true all actions on the underlying managed objects are not + going to be performed, except for delete actions. + type: boolean + requestsLoadBalancer: + description: |- + RequestsLoadBalancer configures load-balancing for vlinsert and vlselect requests. + It helps to evenly spread load across pods. + Usually it's not possible with Kubernetes TCP-based services. + properties: + disableInsertBalancing: + type: boolean + disableSelectBalancing: + type: boolean + enabled: + type: boolean + spec: + description: |- + VMAuthLoadBalancerSpec defines configuration spec for VMAuth used as load-balancer + for VMCluster component + type: object + x-kubernetes-preserve-unknown-fields: true + type: object + serviceAccountName: + description: |- + ServiceAccountName is the name of the ServiceAccount to use to run the + VLSelect, VLInsert and VLStorage Pods. + type: string + useStrictSecurity: + description: |- + UseStrictSecurity enables strict security mode for component + it restricts disk writes access + uses non-root user out of the box + drops not needed security permissions + type: boolean + vlinsert: + description: VLInsert defines vlinsert component configuration at + victoria-logs cluster + properties: + affinity: + description: Affinity If specified, the pod's scheduling constraints. + type: object + x-kubernetes-preserve-unknown-fields: true + configMaps: + description: |- + ConfigMaps is a list of ConfigMaps in the same namespace as the Application + object, which shall be mounted into the Application container + at /etc/vm/configs/CONFIGMAP_NAME folder + items: + type: string + type: array + containers: + description: |- + Containers property allows to inject additions sidecars or to patch existing containers. + It can be useful for proxies, backup, etc. + items: + description: A single application container that you want to + run within a pod. + required: + - name + type: object + x-kubernetes-preserve-unknown-fields: true + type: array + disableAutomountServiceAccountToken: + description: |- + DisableAutomountServiceAccountToken whether to disable serviceAccount auto mount by Kubernetes (available from v0.54.0). + Operator will conditionally create volumes and volumeMounts for containers if it requires k8s API access. + For example, vmagent and vm-config-reloader requires k8s API access. + Operator creates volumes with name: "kube-api-access", which can be used as volumeMount for extraContainers if needed. + And also adds VolumeMounts at /var/run/secrets/kubernetes.io/serviceaccount. + type: boolean + disableSelfServiceScrape: + description: |- + DisableSelfServiceScrape controls creation of VMServiceScrape by operator + for the application. + Has priority over `VM_DISABLESELFSERVICESCRAPECREATION` operator env variable + type: boolean + dnsConfig: + description: |- + Specifies the DNS parameters of a pod. + Parameters specified here will be merged to the generated DNS + configuration based on DNSPolicy. + items: + x-kubernetes-preserve-unknown-fields: true + properties: + nameservers: + description: |- + A list of DNS name server IP addresses. + This will be appended to the base nameservers generated from DNSPolicy. + Duplicated nameservers will be removed. + items: + type: string + type: array + x-kubernetes-list-type: atomic + options: + description: |- + A list of DNS resolver options. + This will be merged with the base options generated from DNSPolicy. + Duplicated entries will be removed. Resolution options given in Options + will override those that appear in the base DNSPolicy. + items: + description: PodDNSConfigOption defines DNS resolver options + of a pod. + properties: + name: + description: |- + Name is this DNS resolver option's name. + Required. + type: string + value: + description: Value is this DNS resolver option's value. + type: string + type: object + type: array + x-kubernetes-list-type: atomic + searches: + description: |- + A list of DNS search domains for host-name lookup. + This will be appended to the base search paths generated from DNSPolicy. + Duplicated search paths will be removed. + items: + type: string + type: array + x-kubernetes-list-type: atomic + type: object + dnsPolicy: + description: DNSPolicy sets DNS policy for the pod + type: string + extraArgs: + additionalProperties: + type: string + description: |- + ExtraArgs that will be passed to the application container + for example remoteWrite.tmpDataPath: /tmp + type: object + extraEnvs: + description: ExtraEnvs that will be passed to the application + container + items: + description: EnvVar represents an environment variable present + in a Container. + properties: + name: + description: Name of the environment variable. Must be a + C_IDENTIFIER. + type: string + value: + description: |- + Variable references $(VAR_NAME) are expanded + using the previously defined environment variables in the container and + any service environment variables. If a variable cannot be resolved, + the reference in the input string will be unchanged. Double $$ are reduced + to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. + "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". + Escaped references will never be expanded, regardless of whether the variable + exists or not. + Defaults to "". + type: string + required: + - name + type: object + x-kubernetes-preserve-unknown-fields: true + type: array + extraEnvsFrom: + description: |- + ExtraEnvsFrom defines source of env variables for the application container + could either be secret or configmap + items: + description: EnvFromSource represents the source of a set of + ConfigMaps + properties: + configMapRef: + description: The ConfigMap to select from + properties: + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the ConfigMap must be defined + type: boolean + type: object + x-kubernetes-map-type: atomic + prefix: + description: An optional identifier to prepend to each key + in the ConfigMap. Must be a C_IDENTIFIER. + type: string + secretRef: + description: The Secret to select from + properties: + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret must be defined + type: boolean + type: object + x-kubernetes-map-type: atomic + type: object + type: array + host_aliases: + description: |- + HostAliasesUnderScore provides mapping for ip and hostname, + that would be propagated to pod, + cannot be used with HostNetwork. + Has Priority over hostAliases field + items: + description: |- + HostAlias holds the mapping between IP and hostnames that will be injected as an entry in the + pod's hosts file. + properties: + hostnames: + description: Hostnames for the above IP address. + items: + type: string + type: array + x-kubernetes-list-type: atomic + ip: + description: IP address of the host file entry. + type: string + required: + - ip + type: object + type: array + hostAliases: + description: |- + HostAliases provides mapping for ip and hostname, + that would be propagated to pod, + cannot be used with HostNetwork. + items: + description: |- + HostAlias holds the mapping between IP and hostnames that will be injected as an entry in the + pod's hosts file. + properties: + hostnames: + description: Hostnames for the above IP address. + items: + type: string + type: array + x-kubernetes-list-type: atomic + ip: + description: IP address of the host file entry. + type: string + required: + - ip + type: object + type: array + hostNetwork: + description: HostNetwork controls whether the pod may use the + node network namespace + type: boolean + hpa: + description: Configures horizontal pod autoscaling. + type: object + x-kubernetes-preserve-unknown-fields: true + image: + description: |- + Image - docker image settings + if no specified operator uses default version from operator config + properties: + pullPolicy: + description: PullPolicy describes how to pull docker image + type: string + repository: + description: Repository contains name of docker image + it's + repository if needed + type: string + tag: + description: Tag contains desired docker image version + type: string + type: object + imagePullSecrets: + description: |- + ImagePullSecrets An optional list of references to secrets in the same namespace + to use for pulling images from registries + see https://kubernetes.io/docs/concepts/containers/images/#referring-to-an-imagepullsecrets-on-a-pod + items: + description: |- + LocalObjectReference contains enough information to let you locate the + referenced object inside the same namespace. + properties: + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + type: object + x-kubernetes-map-type: atomic + type: array + initContainers: + description: |- + InitContainers allows adding initContainers to the pod definition. + Any errors during the execution of an initContainer will lead to a restart of the Pod. + More info: https://kubernetes.io/docs/concepts/workloads/pods/init-containers/ + items: + description: A single application container that you want to + run within a pod. + required: + - name + type: object + x-kubernetes-preserve-unknown-fields: true + type: array + livenessProbe: + description: LivenessProbe that will be added CRD pod + type: object + x-kubernetes-preserve-unknown-fields: true + logFormat: + description: |- + LogFormat for VLSelect to be configured with. + default or json + enum: + - default + - json + type: string + logLevel: + description: LogLevel for VLSelect to be configured with. + enum: + - INFO + - WARN + - ERROR + - FATAL + - PANIC + type: string + minReadySeconds: + description: |- + MinReadySeconds defines a minimum number of seconds to wait before starting update next pod + if previous in healthy state + Has no effect for VLogs and VMSingle + format: int32 + type: integer + nodeSelector: + additionalProperties: + type: string + description: NodeSelector Define which Nodes the Pods are scheduled + on. + type: object + paused: + description: |- + Paused If set to true all actions on the underlying managed objects are not + going to be performed, except for delete actions. + type: boolean + podDisruptionBudget: + description: PodDisruptionBudget created by operator + properties: + maxUnavailable: + anyOf: + - type: integer + - type: string + description: |- + An eviction is allowed if at most "maxUnavailable" pods selected by + "selector" are unavailable after the eviction, i.e. even in absence of + the evicted pod. For example, one can prevent all voluntary evictions + by specifying 0. This is a mutually exclusive setting with "minAvailable". + x-kubernetes-int-or-string: true + minAvailable: + anyOf: + - type: integer + - type: string + description: |- + An eviction is allowed if at least "minAvailable" pods selected by + "selector" will still be available after the eviction, i.e. even in the + absence of the evicted pod. So for example you can prevent all voluntary + evictions by specifying "100%". + x-kubernetes-int-or-string: true + selectorLabels: + additionalProperties: + type: string + description: |- + replaces default labels selector generated by operator + it's useful when you need to create custom budget + type: object + type: object + podMetadata: + description: PodMetadata configures Labels and Annotations which + are propagated to the VLSelect pods. + properties: + annotations: + additionalProperties: + type: string + description: |- + Annotations is an unstructured key value map stored with a resource that may be + set by external tools to store and retrieve arbitrary metadata. They are not + queryable and should be preserved when modifying objects. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations + type: object + labels: + additionalProperties: + type: string + description: |- + Labels Map of string keys and values that can be used to organize and categorize + (scope and select) objects. May match selectors of replication controllers + and services. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels + type: object + name: + description: |- + Name must be unique within a namespace. Is required when creating resources, although + some resources may allow a client to request the generation of an appropriate name + automatically. Name is primarily intended for creation idempotence and configuration + definition. + Cannot be updated. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names#names + type: string + type: object + port: + description: Port listen address + type: string + priorityClassName: + description: PriorityClassName class assigned to the Pods + type: string + readinessGates: + description: ReadinessGates defines pod readiness gates + items: + description: PodReadinessGate contains the reference to a pod + condition + properties: + conditionType: + description: ConditionType refers to a condition in the + pod's condition list with matching type. + type: string + required: + - conditionType + type: object + type: array + readinessProbe: + description: ReadinessProbe that will be added CRD pod + type: object + x-kubernetes-preserve-unknown-fields: true + replicaCount: + description: ReplicaCount is the expected size of the Application. + format: int32 + type: integer + resources: + description: |- + Resources container resource request and limits, https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + if not defined default resources from operator config will be used + properties: + claims: + description: |- + Claims lists the names of resources, defined in spec.resourceClaims, + that are used by this container. + + This is an alpha field and requires enabling the + DynamicResourceAllocation feature gate. + + This field is immutable. It can only be set for containers. + items: + description: ResourceClaim references one entry in PodSpec.ResourceClaims. + properties: + name: + description: |- + Name must match the name of one entry in pod.spec.resourceClaims of + the Pod where this field is used. It makes that resource available + inside a container. + type: string + request: + description: |- + Request is the name chosen for a request in the referenced claim. + If empty, everything from the claim is made available, otherwise + only the result of this request. + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: |- + Limits describes the maximum amount of compute resources allowed. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: |- + Requests describes the minimum amount of compute resources required. + If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, + otherwise to an implementation-defined value. Requests cannot exceed Limits. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + type: object + type: object + revisionHistoryLimitCount: + description: |- + The number of old ReplicaSets to retain to allow rollback in deployment or + maximum number of revisions that will be maintained in the Deployment revision history. + Has no effect at StatefulSets + Defaults to 10. + format: int32 + type: integer + rollingUpdate: + description: RollingUpdate - overrides deployment update params. + properties: + maxSurge: + anyOf: + - type: integer + - type: string + description: |- + The maximum number of pods that can be scheduled above the desired number of + pods. + Value can be an absolute number (ex: 5) or a percentage of desired pods (ex: 10%). + This can not be 0 if MaxUnavailable is 0. + Absolute number is calculated from percentage by rounding up. + Defaults to 25%. + Example: when this is set to 30%, the new ReplicaSet can be scaled up immediately when + the rolling update starts, such that the total number of old and new pods do not exceed + 130% of desired pods. Once old pods have been killed, + new ReplicaSet can be scaled up further, ensuring that total number of pods running + at any time during the update is at most 130% of desired pods. + x-kubernetes-int-or-string: true + maxUnavailable: + anyOf: + - type: integer + - type: string + description: |- + The maximum number of pods that can be unavailable during the update. + Value can be an absolute number (ex: 5) or a percentage of desired pods (ex: 10%). + Absolute number is calculated from percentage by rounding down. + This can not be 0 if MaxSurge is 0. + Defaults to 25%. + Example: when this is set to 30%, the old ReplicaSet can be scaled down to 70% of desired pods + immediately when the rolling update starts. Once new pods are ready, old ReplicaSet + can be scaled down further, followed by scaling up the new ReplicaSet, ensuring + that the total number of pods available at all times during the update is at + least 70% of desired pods. + x-kubernetes-int-or-string: true + type: object + runtimeClassName: + description: |- + RuntimeClassName - defines runtime class for kubernetes pod. + https://kubernetes.io/docs/concepts/containers/runtime-class/ + type: string + schedulerName: + description: SchedulerName - defines kubernetes scheduler name + type: string + secrets: + description: |- + Secrets is a list of Secrets in the same namespace as the Application + object, which shall be mounted into the Application container + at /etc/vm/secrets/SECRET_NAME folder + items: + type: string + type: array + securityContext: + description: |- + SecurityContext holds pod-level security attributes and common container settings. + This defaults to the default PodSecurityContext. + type: object + x-kubernetes-preserve-unknown-fields: true + serviceScrapeSpec: + description: ServiceScrapeSpec that will be added to vlselect + VMServiceScrape spec + required: + - endpoints + type: object + x-kubernetes-preserve-unknown-fields: true + serviceSpec: + description: ServiceSpec that will be added to vlselect service + spec + properties: + metadata: + description: EmbeddedObjectMetadata defines objectMeta for + additional service. + properties: + annotations: + additionalProperties: + type: string + description: |- + Annotations is an unstructured key value map stored with a resource that may be + set by external tools to store and retrieve arbitrary metadata. They are not + queryable and should be preserved when modifying objects. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations + type: object + labels: + additionalProperties: + type: string + description: |- + Labels Map of string keys and values that can be used to organize and categorize + (scope and select) objects. May match selectors of replication controllers + and services. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels + type: object + name: + description: |- + Name must be unique within a namespace. Is required when creating resources, although + some resources may allow a client to request the generation of an appropriate name + automatically. Name is primarily intended for creation idempotence and configuration + definition. + Cannot be updated. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names#names + type: string + type: object + spec: + description: |- + ServiceSpec describes the attributes that a user creates on a service. + More info: https://kubernetes.io/docs/concepts/services-networking/service/ + type: object + x-kubernetes-preserve-unknown-fields: true + useAsDefault: + description: |- + UseAsDefault applies changes from given service definition to the main object Service + Changing from headless service to clusterIP or loadbalancer may break cross-component communication + type: boolean + required: + - spec + type: object + startupProbe: + description: StartupProbe that will be added to CRD pod + type: object + x-kubernetes-preserve-unknown-fields: true + syslogSpec: + description: SyslogSpec defines syslog listener configuration + properties: + tcpListeners: + description: TCPListeners defines syslog server TCP listener + configuration + items: + description: SyslogTCPListener defines configuration for + TCP syslog server listen + properties: + compressMethod: + description: |- + CompressMethod for syslog messages + see https://docs.victoriametrics.com/victorialogs/data-ingestion/syslog/#compression + pattern: ^(none|zstd|gzip|deflate)$ + type: string + decolorizeFields: + description: |- + DecolorizeFields to remove ANSI color codes across logs + see https://docs.victoriametrics.com/victorialogs/data-ingestion/syslog/#decolorizing-fields + type: string + ignoreFields: + description: |- + IgnoreFields to ignore at logs + see https://docs.victoriametrics.com/victorialogs/data-ingestion/syslog/#dropping-fields + type: string + listenPort: + description: ListenPort defines listen port + format: int32 + type: integer + streamFields: + description: |- + StreamFields to use as log stream labels + see https://docs.victoriametrics.com/victorialogs/data-ingestion/syslog/#stream-fields + type: string + tenantID: + description: |- + TenantID for logs ingested in form of accountID:projectID + see https://docs.victoriametrics.com/victorialogs/data-ingestion/syslog/#multiple-configs + type: string + tlsConfig: + description: TLSServerConfig defines VictoriaMetrics + TLS configuration for the application's server + properties: + certFile: + description: |- + CertFile defines path to the pre-mounted file with certificate + mutually exclusive with CertSecret + type: string + certSecret: + description: |- + CertSecretRef defines reference for secret with certificate content under given key + mutually exclusive with CertFile + properties: + key: + description: The key of the secret to select + from. Must be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its + key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + keyFile: + description: |- + KeyFile defines path to the pre-mounted file with certificate key + mutually exclusive with KeySecretRef + type: string + keySecret: + description: |- + Key defines reference for secret with certificate key content under given key + mutually exclusive with KeyFile + properties: + key: + description: The key of the secret to select + from. Must be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its + key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + required: + - listenPort + type: object + type: array + udpListeners: + description: UDPListeners defines syslog server UDP listener + configuration + items: + description: SyslogUDPListener defines configuration for + UDP syslog server listen + properties: + compressMethod: + description: |- + CompressMethod for syslog messages + see https://docs.victoriametrics.com/victorialogs/data-ingestion/syslog/#compression + pattern: ^(none|zstd|gzip|deflate)$ + type: string + decolorizeFields: + description: |- + DecolorizeFields to remove ANSI color codes across logs + see https://docs.victoriametrics.com/victorialogs/data-ingestion/syslog/#decolorizing-fields + type: string + ignoreFields: + description: |- + IgnoreFields to ignore at logs + see https://docs.victoriametrics.com/victorialogs/data-ingestion/syslog/#dropping-fields + type: string + listenPort: + description: ListenPort defines listen port + format: int32 + type: integer + streamFields: + description: |- + StreamFields to use as log stream labels + see https://docs.victoriametrics.com/victorialogs/data-ingestion/syslog/#stream-fields + type: string + tenantID: + description: |- + TenantID for logs ingested in form of accountID:projectID + see https://docs.victoriametrics.com/victorialogs/data-ingestion/syslog/#multiple-configs + type: string + required: + - listenPort + type: object + type: array + type: object + terminationGracePeriodSeconds: + description: TerminationGracePeriodSeconds period for container + graceful termination + format: int64 + type: integer + tolerations: + description: Tolerations If specified, the pod's tolerations. + items: + description: |- + The pod this Toleration is attached to tolerates any taint that matches + the triple using the matching operator . + properties: + effect: + description: |- + Effect indicates the taint effect to match. Empty means match all taint effects. + When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute. + type: string + key: + description: |- + Key is the taint key that the toleration applies to. Empty means match all taint keys. + If the key is empty, operator must be Exists; this combination means to match all values and all keys. + type: string + operator: + description: |- + Operator represents a key's relationship to the value. + Valid operators are Exists and Equal. Defaults to Equal. + Exists is equivalent to wildcard for value, so that a pod can + tolerate all taints of a particular category. + type: string + tolerationSeconds: + description: |- + TolerationSeconds represents the period of time the toleration (which must be + of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, + it is not set, which means tolerate the taint forever (do not evict). Zero and + negative values will be treated as 0 (evict immediately) by the system. + format: int64 + type: integer + value: + description: |- + Value is the taint value the toleration matches to. + If the operator is Exists, the value should be empty, otherwise just a regular string. + type: string + type: object + type: array + topologySpreadConstraints: + description: |- + TopologySpreadConstraints embedded kubernetes pod configuration option, + controls how pods are spread across your cluster among failure-domains + such as regions, zones, nodes, and other user-defined topology domains + https://kubernetes.io/docs/concepts/workloads/pods/pod-topology-spread-constraints/ + items: + description: TopologySpreadConstraint specifies how to spread + matching pods among the given topology. + required: + - maxSkew + - topologyKey + - whenUnsatisfiable + type: object + x-kubernetes-preserve-unknown-fields: true + type: array + updateStrategy: + description: UpdateStrategy - overrides default update strategy. + enum: + - Recreate + - RollingUpdate + type: string + useDefaultResources: + description: |- + UseDefaultResources controls resource settings + By default, operator sets built-in resource requirements + type: boolean + useStrictSecurity: + description: |- + UseStrictSecurity enables strict security mode for component + it restricts disk writes access + uses non-root user out of the box + drops not needed security permissions + type: boolean + volumeMounts: + description: |- + VolumeMounts allows configuration of additional VolumeMounts on the output Deployment/StatefulSet definition. + VolumeMounts specified will be appended to other VolumeMounts in the Application container + items: + description: VolumeMount describes a mounting of a Volume within + a container. + properties: + mountPath: + description: |- + Path within the container at which the volume should be mounted. Must + not contain ':'. + type: string + mountPropagation: + description: |- + mountPropagation determines how mounts are propagated from the host + to container and the other way around. + When not set, MountPropagationNone is used. + This field is beta in 1.10. + When RecursiveReadOnly is set to IfPossible or to Enabled, MountPropagation must be None or unspecified + (which defaults to None). + type: string + name: + description: This must match the Name of a Volume. + type: string + readOnly: + description: |- + Mounted read-only if true, read-write otherwise (false or unspecified). + Defaults to false. + type: boolean + recursiveReadOnly: + description: |- + RecursiveReadOnly specifies whether read-only mounts should be handled + recursively. + + If ReadOnly is false, this field has no meaning and must be unspecified. + + If ReadOnly is true, and this field is set to Disabled, the mount is not made + recursively read-only. If this field is set to IfPossible, the mount is made + recursively read-only, if it is supported by the container runtime. If this + field is set to Enabled, the mount is made recursively read-only if it is + supported by the container runtime, otherwise the pod will not be started and + an error will be generated to indicate the reason. + + If this field is set to IfPossible or Enabled, MountPropagation must be set to + None (or be unspecified, which defaults to None). + + If this field is not specified, it is treated as an equivalent of Disabled. + type: string + subPath: + description: |- + Path within the volume from which the container's volume should be mounted. + Defaults to "" (volume's root). + type: string + subPathExpr: + description: |- + Expanded path within the volume from which the container's volume should be mounted. + Behaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment. + Defaults to "" (volume's root). + SubPathExpr and SubPath are mutually exclusive. + type: string + required: + - mountPath + - name + type: object + type: array + volumes: + description: |- + Volumes allows configuration of additional volumes on the output Deployment/StatefulSet definition. + Volumes specified will be appended to other volumes that are generated. + / +optional + items: + description: Volume represents a named volume in a pod that + may be accessed by any container in the pod. + required: + - name + type: object + x-kubernetes-preserve-unknown-fields: true + type: array + type: object + vlselect: + description: VLSelect defines vlselect component configuration at + victoria-logs cluster + properties: + affinity: + description: Affinity If specified, the pod's scheduling constraints. + type: object + x-kubernetes-preserve-unknown-fields: true + configMaps: + description: |- + ConfigMaps is a list of ConfigMaps in the same namespace as the Application + object, which shall be mounted into the Application container + at /etc/vm/configs/CONFIGMAP_NAME folder + items: + type: string + type: array + containers: + description: |- + Containers property allows to inject additions sidecars or to patch existing containers. + It can be useful for proxies, backup, etc. + items: + description: A single application container that you want to + run within a pod. + required: + - name + type: object + x-kubernetes-preserve-unknown-fields: true + type: array + disableAutomountServiceAccountToken: + description: |- + DisableAutomountServiceAccountToken whether to disable serviceAccount auto mount by Kubernetes (available from v0.54.0). + Operator will conditionally create volumes and volumeMounts for containers if it requires k8s API access. + For example, vmagent and vm-config-reloader requires k8s API access. + Operator creates volumes with name: "kube-api-access", which can be used as volumeMount for extraContainers if needed. + And also adds VolumeMounts at /var/run/secrets/kubernetes.io/serviceaccount. + type: boolean + disableSelfServiceScrape: + description: |- + DisableSelfServiceScrape controls creation of VMServiceScrape by operator + for the application. + Has priority over `VM_DISABLESELFSERVICESCRAPECREATION` operator env variable + type: boolean + dnsConfig: + description: |- + Specifies the DNS parameters of a pod. + Parameters specified here will be merged to the generated DNS + configuration based on DNSPolicy. + items: + x-kubernetes-preserve-unknown-fields: true + properties: + nameservers: + description: |- + A list of DNS name server IP addresses. + This will be appended to the base nameservers generated from DNSPolicy. + Duplicated nameservers will be removed. + items: + type: string + type: array + x-kubernetes-list-type: atomic + options: + description: |- + A list of DNS resolver options. + This will be merged with the base options generated from DNSPolicy. + Duplicated entries will be removed. Resolution options given in Options + will override those that appear in the base DNSPolicy. + items: + description: PodDNSConfigOption defines DNS resolver options + of a pod. + properties: + name: + description: |- + Name is this DNS resolver option's name. + Required. + type: string + value: + description: Value is this DNS resolver option's value. + type: string + type: object + type: array + x-kubernetes-list-type: atomic + searches: + description: |- + A list of DNS search domains for host-name lookup. + This will be appended to the base search paths generated from DNSPolicy. + Duplicated search paths will be removed. + items: + type: string + type: array + x-kubernetes-list-type: atomic + type: object + dnsPolicy: + description: DNSPolicy sets DNS policy for the pod + type: string + extraArgs: + additionalProperties: + type: string + description: |- + ExtraArgs that will be passed to the application container + for example remoteWrite.tmpDataPath: /tmp + type: object + extraEnvs: + description: ExtraEnvs that will be passed to the application + container + items: + description: EnvVar represents an environment variable present + in a Container. + properties: + name: + description: Name of the environment variable. Must be a + C_IDENTIFIER. + type: string + value: + description: |- + Variable references $(VAR_NAME) are expanded + using the previously defined environment variables in the container and + any service environment variables. If a variable cannot be resolved, + the reference in the input string will be unchanged. Double $$ are reduced + to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. + "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". + Escaped references will never be expanded, regardless of whether the variable + exists or not. + Defaults to "". + type: string + required: + - name + type: object + x-kubernetes-preserve-unknown-fields: true + type: array + extraEnvsFrom: + description: |- + ExtraEnvsFrom defines source of env variables for the application container + could either be secret or configmap + items: + description: EnvFromSource represents the source of a set of + ConfigMaps + properties: + configMapRef: + description: The ConfigMap to select from + properties: + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the ConfigMap must be defined + type: boolean + type: object + x-kubernetes-map-type: atomic + prefix: + description: An optional identifier to prepend to each key + in the ConfigMap. Must be a C_IDENTIFIER. + type: string + secretRef: + description: The Secret to select from + properties: + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret must be defined + type: boolean + type: object + x-kubernetes-map-type: atomic + type: object + type: array + host_aliases: + description: |- + HostAliasesUnderScore provides mapping for ip and hostname, + that would be propagated to pod, + cannot be used with HostNetwork. + Has Priority over hostAliases field + items: + description: |- + HostAlias holds the mapping between IP and hostnames that will be injected as an entry in the + pod's hosts file. + properties: + hostnames: + description: Hostnames for the above IP address. + items: + type: string + type: array + x-kubernetes-list-type: atomic + ip: + description: IP address of the host file entry. + type: string + required: + - ip + type: object + type: array + hostAliases: + description: |- + HostAliases provides mapping for ip and hostname, + that would be propagated to pod, + cannot be used with HostNetwork. + items: + description: |- + HostAlias holds the mapping between IP and hostnames that will be injected as an entry in the + pod's hosts file. + properties: + hostnames: + description: Hostnames for the above IP address. + items: + type: string + type: array + x-kubernetes-list-type: atomic + ip: + description: IP address of the host file entry. + type: string + required: + - ip + type: object + type: array + hostNetwork: + description: HostNetwork controls whether the pod may use the + node network namespace + type: boolean + hpa: + description: Configures horizontal pod autoscaling. + type: object + x-kubernetes-preserve-unknown-fields: true + image: + description: |- + Image - docker image settings + if no specified operator uses default version from operator config + properties: + pullPolicy: + description: PullPolicy describes how to pull docker image + type: string + repository: + description: Repository contains name of docker image + it's + repository if needed + type: string + tag: + description: Tag contains desired docker image version + type: string + type: object + imagePullSecrets: + description: |- + ImagePullSecrets An optional list of references to secrets in the same namespace + to use for pulling images from registries + see https://kubernetes.io/docs/concepts/containers/images/#referring-to-an-imagepullsecrets-on-a-pod + items: + description: |- + LocalObjectReference contains enough information to let you locate the + referenced object inside the same namespace. + properties: + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + type: object + x-kubernetes-map-type: atomic + type: array + initContainers: + description: |- + InitContainers allows adding initContainers to the pod definition. + Any errors during the execution of an initContainer will lead to a restart of the Pod. + More info: https://kubernetes.io/docs/concepts/workloads/pods/init-containers/ + items: + description: A single application container that you want to + run within a pod. + required: + - name + type: object + x-kubernetes-preserve-unknown-fields: true + type: array + livenessProbe: + description: LivenessProbe that will be added CRD pod + type: object + x-kubernetes-preserve-unknown-fields: true + logFormat: + description: |- + LogFormat for VLSelect to be configured with. + default or json + enum: + - default + - json + type: string + logLevel: + description: LogLevel for VLSelect to be configured with. + enum: + - INFO + - WARN + - ERROR + - FATAL + - PANIC + type: string + minReadySeconds: + description: |- + MinReadySeconds defines a minimum number of seconds to wait before starting update next pod + if previous in healthy state + Has no effect for VLogs and VMSingle + format: int32 + type: integer + nodeSelector: + additionalProperties: + type: string + description: NodeSelector Define which Nodes the Pods are scheduled + on. + type: object + paused: + description: |- + Paused If set to true all actions on the underlying managed objects are not + going to be performed, except for delete actions. + type: boolean + podDisruptionBudget: + description: PodDisruptionBudget created by operator + properties: + maxUnavailable: + anyOf: + - type: integer + - type: string + description: |- + An eviction is allowed if at most "maxUnavailable" pods selected by + "selector" are unavailable after the eviction, i.e. even in absence of + the evicted pod. For example, one can prevent all voluntary evictions + by specifying 0. This is a mutually exclusive setting with "minAvailable". + x-kubernetes-int-or-string: true + minAvailable: + anyOf: + - type: integer + - type: string + description: |- + An eviction is allowed if at least "minAvailable" pods selected by + "selector" will still be available after the eviction, i.e. even in the + absence of the evicted pod. So for example you can prevent all voluntary + evictions by specifying "100%". + x-kubernetes-int-or-string: true + selectorLabels: + additionalProperties: + type: string + description: |- + replaces default labels selector generated by operator + it's useful when you need to create custom budget + type: object + type: object + podMetadata: + description: PodMetadata configures Labels and Annotations which + are propagated to the VLSelect pods. + properties: + annotations: + additionalProperties: + type: string + description: |- + Annotations is an unstructured key value map stored with a resource that may be + set by external tools to store and retrieve arbitrary metadata. They are not + queryable and should be preserved when modifying objects. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations + type: object + labels: + additionalProperties: + type: string + description: |- + Labels Map of string keys and values that can be used to organize and categorize + (scope and select) objects. May match selectors of replication controllers + and services. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels + type: object + name: + description: |- + Name must be unique within a namespace. Is required when creating resources, although + some resources may allow a client to request the generation of an appropriate name + automatically. Name is primarily intended for creation idempotence and configuration + definition. + Cannot be updated. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names#names + type: string + type: object + port: + description: Port listen address + type: string + priorityClassName: + description: PriorityClassName class assigned to the Pods + type: string + readinessGates: + description: ReadinessGates defines pod readiness gates + items: + description: PodReadinessGate contains the reference to a pod + condition + properties: + conditionType: + description: ConditionType refers to a condition in the + pod's condition list with matching type. + type: string + required: + - conditionType + type: object + type: array + readinessProbe: + description: ReadinessProbe that will be added CRD pod + type: object + x-kubernetes-preserve-unknown-fields: true + replicaCount: + description: ReplicaCount is the expected size of the Application. + format: int32 + type: integer + resources: + description: |- + Resources container resource request and limits, https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + if not defined default resources from operator config will be used + properties: + claims: + description: |- + Claims lists the names of resources, defined in spec.resourceClaims, + that are used by this container. + + This is an alpha field and requires enabling the + DynamicResourceAllocation feature gate. + + This field is immutable. It can only be set for containers. + items: + description: ResourceClaim references one entry in PodSpec.ResourceClaims. + properties: + name: + description: |- + Name must match the name of one entry in pod.spec.resourceClaims of + the Pod where this field is used. It makes that resource available + inside a container. + type: string + request: + description: |- + Request is the name chosen for a request in the referenced claim. + If empty, everything from the claim is made available, otherwise + only the result of this request. + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: |- + Limits describes the maximum amount of compute resources allowed. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: |- + Requests describes the minimum amount of compute resources required. + If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, + otherwise to an implementation-defined value. Requests cannot exceed Limits. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + type: object + type: object + revisionHistoryLimitCount: + description: |- + The number of old ReplicaSets to retain to allow rollback in deployment or + maximum number of revisions that will be maintained in the Deployment revision history. + Has no effect at StatefulSets + Defaults to 10. + format: int32 + type: integer + rollingUpdate: + description: RollingUpdate - overrides deployment update params. + properties: + maxSurge: + anyOf: + - type: integer + - type: string + description: |- + The maximum number of pods that can be scheduled above the desired number of + pods. + Value can be an absolute number (ex: 5) or a percentage of desired pods (ex: 10%). + This can not be 0 if MaxUnavailable is 0. + Absolute number is calculated from percentage by rounding up. + Defaults to 25%. + Example: when this is set to 30%, the new ReplicaSet can be scaled up immediately when + the rolling update starts, such that the total number of old and new pods do not exceed + 130% of desired pods. Once old pods have been killed, + new ReplicaSet can be scaled up further, ensuring that total number of pods running + at any time during the update is at most 130% of desired pods. + x-kubernetes-int-or-string: true + maxUnavailable: + anyOf: + - type: integer + - type: string + description: |- + The maximum number of pods that can be unavailable during the update. + Value can be an absolute number (ex: 5) or a percentage of desired pods (ex: 10%). + Absolute number is calculated from percentage by rounding down. + This can not be 0 if MaxSurge is 0. + Defaults to 25%. + Example: when this is set to 30%, the old ReplicaSet can be scaled down to 70% of desired pods + immediately when the rolling update starts. Once new pods are ready, old ReplicaSet + can be scaled down further, followed by scaling up the new ReplicaSet, ensuring + that the total number of pods available at all times during the update is at + least 70% of desired pods. + x-kubernetes-int-or-string: true + type: object + runtimeClassName: + description: |- + RuntimeClassName - defines runtime class for kubernetes pod. + https://kubernetes.io/docs/concepts/containers/runtime-class/ + type: string + schedulerName: + description: SchedulerName - defines kubernetes scheduler name + type: string + secrets: + description: |- + Secrets is a list of Secrets in the same namespace as the Application + object, which shall be mounted into the Application container + at /etc/vm/secrets/SECRET_NAME folder + items: + type: string + type: array + securityContext: + description: |- + SecurityContext holds pod-level security attributes and common container settings. + This defaults to the default PodSecurityContext. + type: object + x-kubernetes-preserve-unknown-fields: true + serviceScrapeSpec: + description: ServiceScrapeSpec that will be added to vlselect + VMServiceScrape spec + required: + - endpoints + type: object + x-kubernetes-preserve-unknown-fields: true + serviceSpec: + description: ServiceSpec that will be added to vlselect service + spec + properties: + metadata: + description: EmbeddedObjectMetadata defines objectMeta for + additional service. + properties: + annotations: + additionalProperties: + type: string + description: |- + Annotations is an unstructured key value map stored with a resource that may be + set by external tools to store and retrieve arbitrary metadata. They are not + queryable and should be preserved when modifying objects. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations + type: object + labels: + additionalProperties: + type: string + description: |- + Labels Map of string keys and values that can be used to organize and categorize + (scope and select) objects. May match selectors of replication controllers + and services. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels + type: object + name: + description: |- + Name must be unique within a namespace. Is required when creating resources, although + some resources may allow a client to request the generation of an appropriate name + automatically. Name is primarily intended for creation idempotence and configuration + definition. + Cannot be updated. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names#names + type: string + type: object + spec: + description: |- + ServiceSpec describes the attributes that a user creates on a service. + More info: https://kubernetes.io/docs/concepts/services-networking/service/ + type: object + x-kubernetes-preserve-unknown-fields: true + useAsDefault: + description: |- + UseAsDefault applies changes from given service definition to the main object Service + Changing from headless service to clusterIP or loadbalancer may break cross-component communication + type: boolean + required: + - spec + type: object + startupProbe: + description: StartupProbe that will be added to CRD pod + type: object + x-kubernetes-preserve-unknown-fields: true + terminationGracePeriodSeconds: + description: TerminationGracePeriodSeconds period for container + graceful termination + format: int64 + type: integer + tolerations: + description: Tolerations If specified, the pod's tolerations. + items: + description: |- + The pod this Toleration is attached to tolerates any taint that matches + the triple using the matching operator . + properties: + effect: + description: |- + Effect indicates the taint effect to match. Empty means match all taint effects. + When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute. + type: string + key: + description: |- + Key is the taint key that the toleration applies to. Empty means match all taint keys. + If the key is empty, operator must be Exists; this combination means to match all values and all keys. + type: string + operator: + description: |- + Operator represents a key's relationship to the value. + Valid operators are Exists and Equal. Defaults to Equal. + Exists is equivalent to wildcard for value, so that a pod can + tolerate all taints of a particular category. + type: string + tolerationSeconds: + description: |- + TolerationSeconds represents the period of time the toleration (which must be + of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, + it is not set, which means tolerate the taint forever (do not evict). Zero and + negative values will be treated as 0 (evict immediately) by the system. + format: int64 + type: integer + value: + description: |- + Value is the taint value the toleration matches to. + If the operator is Exists, the value should be empty, otherwise just a regular string. + type: string + type: object + type: array + topologySpreadConstraints: + description: |- + TopologySpreadConstraints embedded kubernetes pod configuration option, + controls how pods are spread across your cluster among failure-domains + such as regions, zones, nodes, and other user-defined topology domains + https://kubernetes.io/docs/concepts/workloads/pods/pod-topology-spread-constraints/ + items: + description: TopologySpreadConstraint specifies how to spread + matching pods among the given topology. + required: + - maxSkew + - topologyKey + - whenUnsatisfiable + type: object + x-kubernetes-preserve-unknown-fields: true + type: array + updateStrategy: + description: UpdateStrategy - overrides default update strategy. + enum: + - Recreate + - RollingUpdate + type: string + useDefaultResources: + description: |- + UseDefaultResources controls resource settings + By default, operator sets built-in resource requirements + type: boolean + useStrictSecurity: + description: |- + UseStrictSecurity enables strict security mode for component + it restricts disk writes access + uses non-root user out of the box + drops not needed security permissions + type: boolean + volumeMounts: + description: |- + VolumeMounts allows configuration of additional VolumeMounts on the output Deployment/StatefulSet definition. + VolumeMounts specified will be appended to other VolumeMounts in the Application container + items: + description: VolumeMount describes a mounting of a Volume within + a container. + properties: + mountPath: + description: |- + Path within the container at which the volume should be mounted. Must + not contain ':'. + type: string + mountPropagation: + description: |- + mountPropagation determines how mounts are propagated from the host + to container and the other way around. + When not set, MountPropagationNone is used. + This field is beta in 1.10. + When RecursiveReadOnly is set to IfPossible or to Enabled, MountPropagation must be None or unspecified + (which defaults to None). + type: string + name: + description: This must match the Name of a Volume. + type: string + readOnly: + description: |- + Mounted read-only if true, read-write otherwise (false or unspecified). + Defaults to false. + type: boolean + recursiveReadOnly: + description: |- + RecursiveReadOnly specifies whether read-only mounts should be handled + recursively. + + If ReadOnly is false, this field has no meaning and must be unspecified. + + If ReadOnly is true, and this field is set to Disabled, the mount is not made + recursively read-only. If this field is set to IfPossible, the mount is made + recursively read-only, if it is supported by the container runtime. If this + field is set to Enabled, the mount is made recursively read-only if it is + supported by the container runtime, otherwise the pod will not be started and + an error will be generated to indicate the reason. + + If this field is set to IfPossible or Enabled, MountPropagation must be set to + None (or be unspecified, which defaults to None). + + If this field is not specified, it is treated as an equivalent of Disabled. + type: string + subPath: + description: |- + Path within the volume from which the container's volume should be mounted. + Defaults to "" (volume's root). + type: string + subPathExpr: + description: |- + Expanded path within the volume from which the container's volume should be mounted. + Behaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment. + Defaults to "" (volume's root). + SubPathExpr and SubPath are mutually exclusive. + type: string + required: + - mountPath + - name + type: object + type: array + volumes: + description: |- + Volumes allows configuration of additional volumes on the output Deployment/StatefulSet definition. + Volumes specified will be appended to other volumes that are generated. + / +optional + items: + description: Volume represents a named volume in a pod that + may be accessed by any container in the pod. + required: + - name + type: object + x-kubernetes-preserve-unknown-fields: true + type: array + type: object + vlstorage: + description: VLStorage defines vlstorage component configuration at + victoria-logs cluster + properties: + affinity: + description: Affinity If specified, the pod's scheduling constraints. + type: object + x-kubernetes-preserve-unknown-fields: true + claimTemplates: + description: ClaimTemplates allows adding additional VolumeClaimTemplates + for StatefulSet + items: + description: PersistentVolumeClaim is a user's request for and + claim to a persistent volume + type: object + x-kubernetes-preserve-unknown-fields: true + type: array + configMaps: + description: |- + ConfigMaps is a list of ConfigMaps in the same namespace as the Application + object, which shall be mounted into the Application container + at /etc/vm/configs/CONFIGMAP_NAME folder + items: + type: string + type: array + containers: + description: |- + Containers property allows to inject additions sidecars or to patch existing containers. + It can be useful for proxies, backup, etc. + items: + description: A single application container that you want to + run within a pod. + required: + - name + type: object + x-kubernetes-preserve-unknown-fields: true + type: array + disableAutomountServiceAccountToken: + description: |- + DisableAutomountServiceAccountToken whether to disable serviceAccount auto mount by Kubernetes (available from v0.54.0). + Operator will conditionally create volumes and volumeMounts for containers if it requires k8s API access. + For example, vmagent and vm-config-reloader requires k8s API access. + Operator creates volumes with name: "kube-api-access", which can be used as volumeMount for extraContainers if needed. + And also adds VolumeMounts at /var/run/secrets/kubernetes.io/serviceaccount. + type: boolean + disableSelfServiceScrape: + description: |- + DisableSelfServiceScrape controls creation of VMServiceScrape by operator + for the application. + Has priority over `VM_DISABLESELFSERVICESCRAPECREATION` operator env variable + type: boolean + dnsConfig: + description: |- + Specifies the DNS parameters of a pod. + Parameters specified here will be merged to the generated DNS + configuration based on DNSPolicy. + items: + x-kubernetes-preserve-unknown-fields: true + properties: + nameservers: + description: |- + A list of DNS name server IP addresses. + This will be appended to the base nameservers generated from DNSPolicy. + Duplicated nameservers will be removed. + items: + type: string + type: array + x-kubernetes-list-type: atomic + options: + description: |- + A list of DNS resolver options. + This will be merged with the base options generated from DNSPolicy. + Duplicated entries will be removed. Resolution options given in Options + will override those that appear in the base DNSPolicy. + items: + description: PodDNSConfigOption defines DNS resolver options + of a pod. + properties: + name: + description: |- + Name is this DNS resolver option's name. + Required. + type: string + value: + description: Value is this DNS resolver option's value. + type: string + type: object + type: array + x-kubernetes-list-type: atomic + searches: + description: |- + A list of DNS search domains for host-name lookup. + This will be appended to the base search paths generated from DNSPolicy. + Duplicated search paths will be removed. + items: + type: string + type: array + x-kubernetes-list-type: atomic + type: object + dnsPolicy: + description: DNSPolicy sets DNS policy for the pod + type: string + extraArgs: + additionalProperties: + type: string + description: |- + ExtraArgs that will be passed to the application container + for example remoteWrite.tmpDataPath: /tmp + type: object + extraEnvs: + description: ExtraEnvs that will be passed to the application + container + items: + description: EnvVar represents an environment variable present + in a Container. + properties: + name: + description: Name of the environment variable. Must be a + C_IDENTIFIER. + type: string + value: + description: |- + Variable references $(VAR_NAME) are expanded + using the previously defined environment variables in the container and + any service environment variables. If a variable cannot be resolved, + the reference in the input string will be unchanged. Double $$ are reduced + to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. + "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". + Escaped references will never be expanded, regardless of whether the variable + exists or not. + Defaults to "". + type: string + required: + - name + type: object + x-kubernetes-preserve-unknown-fields: true + type: array + extraEnvsFrom: + description: |- + ExtraEnvsFrom defines source of env variables for the application container + could either be secret or configmap + items: + description: EnvFromSource represents the source of a set of + ConfigMaps + properties: + configMapRef: + description: The ConfigMap to select from + properties: + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the ConfigMap must be defined + type: boolean + type: object + x-kubernetes-map-type: atomic + prefix: + description: An optional identifier to prepend to each key + in the ConfigMap. Must be a C_IDENTIFIER. + type: string + secretRef: + description: The Secret to select from + properties: + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret must be defined + type: boolean + type: object + x-kubernetes-map-type: atomic + type: object + type: array + futureRetention: + description: |- + FutureRetention for the stored logs + Log entries with timestamps bigger than now+futureRetention are rejected during data ingestion; see https://docs.victoriametrics.com/victorialogs/#retention + pattern: ^[0-9]+(h|d|w|y)?$ + type: string + host_aliases: + description: |- + HostAliasesUnderScore provides mapping for ip and hostname, + that would be propagated to pod, + cannot be used with HostNetwork. + Has Priority over hostAliases field + items: + description: |- + HostAlias holds the mapping between IP and hostnames that will be injected as an entry in the + pod's hosts file. + properties: + hostnames: + description: Hostnames for the above IP address. + items: + type: string + type: array + x-kubernetes-list-type: atomic + ip: + description: IP address of the host file entry. + type: string + required: + - ip + type: object + type: array + hostAliases: + description: |- + HostAliases provides mapping for ip and hostname, + that would be propagated to pod, + cannot be used with HostNetwork. + items: + description: |- + HostAlias holds the mapping between IP and hostnames that will be injected as an entry in the + pod's hosts file. + properties: + hostnames: + description: Hostnames for the above IP address. + items: + type: string + type: array + x-kubernetes-list-type: atomic + ip: + description: IP address of the host file entry. + type: string + required: + - ip + type: object + type: array + hostNetwork: + description: HostNetwork controls whether the pod may use the + node network namespace + type: boolean + image: + description: |- + Image - docker image settings + if no specified operator uses default version from operator config + properties: + pullPolicy: + description: PullPolicy describes how to pull docker image + type: string + repository: + description: Repository contains name of docker image + it's + repository if needed + type: string + tag: + description: Tag contains desired docker image version + type: string + type: object + imagePullSecrets: + description: |- + ImagePullSecrets An optional list of references to secrets in the same namespace + to use for pulling images from registries + see https://kubernetes.io/docs/concepts/containers/images/#referring-to-an-imagepullsecrets-on-a-pod + items: + description: |- + LocalObjectReference contains enough information to let you locate the + referenced object inside the same namespace. + properties: + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + type: object + x-kubernetes-map-type: atomic + type: array + initContainers: + description: |- + InitContainers allows adding initContainers to the pod definition. + Any errors during the execution of an initContainer will lead to a restart of the Pod. + More info: https://kubernetes.io/docs/concepts/workloads/pods/init-containers/ + items: + description: A single application container that you want to + run within a pod. + required: + - name + type: object + x-kubernetes-preserve-unknown-fields: true + type: array + livenessProbe: + description: LivenessProbe that will be added CRD pod + type: object + x-kubernetes-preserve-unknown-fields: true + logFormat: + description: |- + LogFormat for VLStorage to be configured with. + default or json + enum: + - default + - json + type: string + logIngestedRows: + description: Whether to log all the ingested log entries; this + can be useful for debugging of data ingestion; see https://docs.victoriametrics.com/victorialogs/data-ingestion/ + type: boolean + logLevel: + description: LogLevel for VLStorage to be configured with. + enum: + - INFO + - WARN + - ERROR + - FATAL + - PANIC + type: string + logNewStreams: + description: LogNewStreams Whether to log creation of new streams; + this can be useful for debugging of high cardinality issues + with log streams; see https://docs.victoriametrics.com/victorialogs/keyconcepts/#stream-fields + type: boolean + maintenanceInsertNodeIDs: + description: |- + MaintenanceInsertNodeIDs - excludes given node ids from insert requests routing, must contain pod suffixes - for pod-0, id will be 0 and etc. + lets say, you have pod-0, pod-1, pod-2, pod-3. to exclude pod-0 and pod-3 from insert routing, define nodeIDs: [0,3]. + Useful at storage expanding, when you want to rebalance some data at cluster. + items: + format: int32 + type: integer + type: array + maintenanceSelectNodeIDs: + description: MaintenanceInsertNodeIDs - excludes given node ids + from select requests routing, must contain pod suffixes - for + pod-0, id will be 0 and etc. + items: + format: int32 + type: integer + type: array + minReadySeconds: + description: |- + MinReadySeconds defines a minimum number of seconds to wait before starting update next pod + if previous in healthy state + Has no effect for VLogs and VMSingle + format: int32 + type: integer + nodeSelector: + additionalProperties: + type: string + description: NodeSelector Define which Nodes the Pods are scheduled + on. + type: object + paused: + description: |- + Paused If set to true all actions on the underlying managed objects are not + going to be performed, except for delete actions. + type: boolean + persistentVolumeClaimRetentionPolicy: + description: PersistentVolumeClaimRetentionPolicy allows configuration + of PVC retention policy + properties: + whenDeleted: + description: |- + WhenDeleted specifies what happens to PVCs created from StatefulSet + VolumeClaimTemplates when the StatefulSet is deleted. The default policy + of `Retain` causes PVCs to not be affected by StatefulSet deletion. The + `Delete` policy causes those PVCs to be deleted. + type: string + whenScaled: + description: |- + WhenScaled specifies what happens to PVCs created from StatefulSet + VolumeClaimTemplates when the StatefulSet is scaled down. The default + policy of `Retain` causes PVCs to not be affected by a scaledown. The + `Delete` policy causes the associated PVCs for any excess pods above + the replica count to be deleted. + type: string + type: object + podDisruptionBudget: + description: PodDisruptionBudget created by operator + properties: + maxUnavailable: + anyOf: + - type: integer + - type: string + description: |- + An eviction is allowed if at most "maxUnavailable" pods selected by + "selector" are unavailable after the eviction, i.e. even in absence of + the evicted pod. For example, one can prevent all voluntary evictions + by specifying 0. This is a mutually exclusive setting with "minAvailable". + x-kubernetes-int-or-string: true + minAvailable: + anyOf: + - type: integer + - type: string + description: |- + An eviction is allowed if at least "minAvailable" pods selected by + "selector" will still be available after the eviction, i.e. even in the + absence of the evicted pod. So for example you can prevent all voluntary + evictions by specifying "100%". + x-kubernetes-int-or-string: true + selectorLabels: + additionalProperties: + type: string + description: |- + replaces default labels selector generated by operator + it's useful when you need to create custom budget + type: object + type: object + podMetadata: + description: PodMetadata configures Labels and Annotations which + are propagated to the VLStorage pods. + properties: + annotations: + additionalProperties: + type: string + description: |- + Annotations is an unstructured key value map stored with a resource that may be + set by external tools to store and retrieve arbitrary metadata. They are not + queryable and should be preserved when modifying objects. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations + type: object + labels: + additionalProperties: + type: string + description: |- + Labels Map of string keys and values that can be used to organize and categorize + (scope and select) objects. May match selectors of replication controllers + and services. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels + type: object + name: + description: |- + Name must be unique within a namespace. Is required when creating resources, although + some resources may allow a client to request the generation of an appropriate name + automatically. Name is primarily intended for creation idempotence and configuration + definition. + Cannot be updated. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names#names + type: string + type: object + port: + description: Port listen address + type: string + priorityClassName: + description: PriorityClassName class assigned to the Pods + type: string + readinessGates: + description: ReadinessGates defines pod readiness gates + items: + description: PodReadinessGate contains the reference to a pod + condition + properties: + conditionType: + description: ConditionType refers to a condition in the + pod's condition list with matching type. + type: string + required: + - conditionType + type: object + type: array + readinessProbe: + description: ReadinessProbe that will be added CRD pod + type: object + x-kubernetes-preserve-unknown-fields: true + replicaCount: + description: ReplicaCount is the expected size of the Application. + format: int32 + type: integer + resources: + description: |- + Resources container resource request and limits, https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + if not defined default resources from operator config will be used + properties: + claims: + description: |- + Claims lists the names of resources, defined in spec.resourceClaims, + that are used by this container. + + This is an alpha field and requires enabling the + DynamicResourceAllocation feature gate. + + This field is immutable. It can only be set for containers. + items: + description: ResourceClaim references one entry in PodSpec.ResourceClaims. + properties: + name: + description: |- + Name must match the name of one entry in pod.spec.resourceClaims of + the Pod where this field is used. It makes that resource available + inside a container. + type: string + request: + description: |- + Request is the name chosen for a request in the referenced claim. + If empty, everything from the claim is made available, otherwise + only the result of this request. + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: |- + Limits describes the maximum amount of compute resources allowed. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: |- + Requests describes the minimum amount of compute resources required. + If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, + otherwise to an implementation-defined value. Requests cannot exceed Limits. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + type: object + type: object + retentionMaxDiskSpaceUsageBytes: + description: |- + RetentionMaxDiskSpaceUsageBytes for the stored logs + VictoriaLogs keeps at least two last days of data in order to guarantee that the logs for the last day can be returned in queries. + This means that the total disk space usage may exceed the -retention.maxDiskSpaceUsageBytes, + if the size of the last two days of data exceeds the -retention.maxDiskSpaceUsageBytes. + https://docs.victoriametrics.com/victorialogs/#retention-by-disk-space-usage + type: string + retentionPeriod: + description: |- + RetentionPeriod for the stored logs + https://docs.victoriametrics.com/victorialogs/#retention + pattern: ^[0-9]+(h|d|w|y)?$ + type: string + revisionHistoryLimitCount: + description: |- + The number of old ReplicaSets to retain to allow rollback in deployment or + maximum number of revisions that will be maintained in the Deployment revision history. + Has no effect at StatefulSets + Defaults to 10. + format: int32 + type: integer + rollingUpdateStrategy: + description: |- + RollingUpdateStrategy defines strategy for application updates + Default is OnDelete, in this case operator handles update process + Can be changed for RollingUpdate + type: string + rollingUpdateStrategyBehavior: + description: |- + RollingUpdateStrategyBehavior defines customized behavior for rolling updates. + It applies if the RollingUpdateStrategy is set to OnDelete, which is the default. + properties: + maxUnavailable: + anyOf: + - type: integer + - type: string + description: |- + MaxUnavailable defines the maximum number of pods that can be unavailable during the update. + It can be specified as an absolute number (e.g. 2) or a percentage of the total pods (e.g. "50%"). + For example, if set to 100%, all pods will be upgraded at once, minimizing downtime when needed. + x-kubernetes-int-or-string: true + type: object + runtimeClassName: + description: |- + RuntimeClassName - defines runtime class for kubernetes pod. + https://kubernetes.io/docs/concepts/containers/runtime-class/ + type: string + schedulerName: + description: SchedulerName - defines kubernetes scheduler name + type: string + secrets: + description: |- + Secrets is a list of Secrets in the same namespace as the Application + object, which shall be mounted into the Application container + at /etc/vm/secrets/SECRET_NAME folder + items: + type: string + type: array + securityContext: + description: |- + SecurityContext holds pod-level security attributes and common container settings. + This defaults to the default PodSecurityContext. + type: object + x-kubernetes-preserve-unknown-fields: true + serviceScrapeSpec: + description: ServiceScrapeSpec that will be added to vlselect + VMServiceScrape spec + required: + - endpoints + type: object + x-kubernetes-preserve-unknown-fields: true + serviceSpec: + description: ServiceSpec that will be added to vlselect service + spec + properties: + metadata: + description: EmbeddedObjectMetadata defines objectMeta for + additional service. + properties: + annotations: + additionalProperties: + type: string + description: |- + Annotations is an unstructured key value map stored with a resource that may be + set by external tools to store and retrieve arbitrary metadata. They are not + queryable and should be preserved when modifying objects. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations + type: object + labels: + additionalProperties: + type: string + description: |- + Labels Map of string keys and values that can be used to organize and categorize + (scope and select) objects. May match selectors of replication controllers + and services. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels + type: object + name: + description: |- + Name must be unique within a namespace. Is required when creating resources, although + some resources may allow a client to request the generation of an appropriate name + automatically. Name is primarily intended for creation idempotence and configuration + definition. + Cannot be updated. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names#names + type: string + type: object + spec: + description: |- + ServiceSpec describes the attributes that a user creates on a service. + More info: https://kubernetes.io/docs/concepts/services-networking/service/ + type: object + x-kubernetes-preserve-unknown-fields: true + useAsDefault: + description: |- + UseAsDefault applies changes from given service definition to the main object Service + Changing from headless service to clusterIP or loadbalancer may break cross-component communication + type: boolean + required: + - spec + type: object + startupProbe: + description: StartupProbe that will be added to CRD pod + type: object + x-kubernetes-preserve-unknown-fields: true + storage: + description: Storage configures persistent volume for VLStorage + properties: + disableMountSubPath: + description: |- + Deprecated: subPath usage will be disabled by default in a future release, this option will become unnecessary. + DisableMountSubPath allows to remove any subPath usage in volume mounts. + type: boolean + emptyDir: + description: |- + EmptyDirVolumeSource to be used by the Prometheus StatefulSets. If specified, used in place of any volumeClaimTemplate. More + info: https://kubernetes.io/docs/concepts/storage/volumes/#emptydir + properties: + medium: + description: |- + medium represents what type of storage medium should back this directory. + The default is "" which means to use the node's default medium. + Must be an empty string (default) or Memory. + More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir + type: string + sizeLimit: + anyOf: + - type: integer + - type: string + description: |- + sizeLimit is the total amount of local storage required for this EmptyDir volume. + The size limit is also applicable for memory medium. + The maximum usage on memory medium EmptyDir would be the minimum value between + the SizeLimit specified here and the sum of memory limits of all containers in a pod. + The default is nil which means that the limit is undefined. + More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + volumeClaimTemplate: + description: A PVC spec to be used by the StatefulSets/Deployments. + type: object + x-kubernetes-preserve-unknown-fields: true + type: object + storageDataPath: + description: StorageDataPath - path to storage data + type: string + terminationGracePeriodSeconds: + description: TerminationGracePeriodSeconds period for container + graceful termination + format: int64 + type: integer + tolerations: + description: Tolerations If specified, the pod's tolerations. + items: + description: |- + The pod this Toleration is attached to tolerates any taint that matches + the triple using the matching operator . + properties: + effect: + description: |- + Effect indicates the taint effect to match. Empty means match all taint effects. + When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute. + type: string + key: + description: |- + Key is the taint key that the toleration applies to. Empty means match all taint keys. + If the key is empty, operator must be Exists; this combination means to match all values and all keys. + type: string + operator: + description: |- + Operator represents a key's relationship to the value. + Valid operators are Exists and Equal. Defaults to Equal. + Exists is equivalent to wildcard for value, so that a pod can + tolerate all taints of a particular category. + type: string + tolerationSeconds: + description: |- + TolerationSeconds represents the period of time the toleration (which must be + of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, + it is not set, which means tolerate the taint forever (do not evict). Zero and + negative values will be treated as 0 (evict immediately) by the system. + format: int64 + type: integer + value: + description: |- + Value is the taint value the toleration matches to. + If the operator is Exists, the value should be empty, otherwise just a regular string. + type: string + type: object + type: array + topologySpreadConstraints: + description: |- + TopologySpreadConstraints embedded kubernetes pod configuration option, + controls how pods are spread across your cluster among failure-domains + such as regions, zones, nodes, and other user-defined topology domains + https://kubernetes.io/docs/concepts/workloads/pods/pod-topology-spread-constraints/ + items: + description: TopologySpreadConstraint specifies how to spread + matching pods among the given topology. + required: + - maxSkew + - topologyKey + - whenUnsatisfiable + type: object + x-kubernetes-preserve-unknown-fields: true + type: array + useDefaultResources: + description: |- + UseDefaultResources controls resource settings + By default, operator sets built-in resource requirements + type: boolean + useStrictSecurity: + description: |- + UseStrictSecurity enables strict security mode for component + it restricts disk writes access + uses non-root user out of the box + drops not needed security permissions + type: boolean + volumeMounts: + description: |- + VolumeMounts allows configuration of additional VolumeMounts on the output Deployment/StatefulSet definition. + VolumeMounts specified will be appended to other VolumeMounts in the Application container + items: + description: VolumeMount describes a mounting of a Volume within + a container. + properties: + mountPath: + description: |- + Path within the container at which the volume should be mounted. Must + not contain ':'. + type: string + mountPropagation: + description: |- + mountPropagation determines how mounts are propagated from the host + to container and the other way around. + When not set, MountPropagationNone is used. + This field is beta in 1.10. + When RecursiveReadOnly is set to IfPossible or to Enabled, MountPropagation must be None or unspecified + (which defaults to None). + type: string + name: + description: This must match the Name of a Volume. + type: string + readOnly: + description: |- + Mounted read-only if true, read-write otherwise (false or unspecified). + Defaults to false. + type: boolean + recursiveReadOnly: + description: |- + RecursiveReadOnly specifies whether read-only mounts should be handled + recursively. + + If ReadOnly is false, this field has no meaning and must be unspecified. + + If ReadOnly is true, and this field is set to Disabled, the mount is not made + recursively read-only. If this field is set to IfPossible, the mount is made + recursively read-only, if it is supported by the container runtime. If this + field is set to Enabled, the mount is made recursively read-only if it is + supported by the container runtime, otherwise the pod will not be started and + an error will be generated to indicate the reason. + + If this field is set to IfPossible or Enabled, MountPropagation must be set to + None (or be unspecified, which defaults to None). + + If this field is not specified, it is treated as an equivalent of Disabled. + type: string + subPath: + description: |- + Path within the volume from which the container's volume should be mounted. + Defaults to "" (volume's root). + type: string + subPathExpr: + description: |- + Expanded path within the volume from which the container's volume should be mounted. + Behaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment. + Defaults to "" (volume's root). + SubPathExpr and SubPath are mutually exclusive. + type: string + required: + - mountPath + - name + type: object + type: array + volumes: + description: |- + Volumes allows configuration of additional volumes on the output Deployment/StatefulSet definition. + Volumes specified will be appended to other volumes that are generated. + / +optional + items: + description: Volume represents a named volume in a pod that + may be accessed by any container in the pod. + required: + - name + type: object + x-kubernetes-preserve-unknown-fields: true + type: array + type: object + type: object + status: + description: VLClusterStatus defines the observed state of VLCluster + properties: + conditions: + description: 'Known .status.conditions.type are: "Available", "Progressing", + and "Degraded"' + items: + description: Condition defines status condition of the resource + properties: + lastTransitionTime: + description: lastTransitionTime is the last time the condition + transitioned from one status to another. + format: date-time + type: string + lastUpdateTime: + description: |- + LastUpdateTime is the last time of given type update. + This value is used for status TTL update and removal + format: date-time + type: string + message: + description: |- + message is a human readable message indicating details about the transition. + This may be an empty string. + maxLength: 32768 + type: string + observedGeneration: + description: |- + observedGeneration represents the .metadata.generation that the condition was set based upon. + For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date + with respect to the current state of the instance. + format: int64 + minimum: 0 + type: integer + reason: + description: |- + reason contains a programmatic identifier indicating the reason for the condition's last transition. + Producers of specific condition types may define expected values and meanings for this field, + and whether the values are considered a guaranteed API. + The value should be a CamelCase string. + This field may not be empty. + maxLength: 1024 + minLength: 1 + type: string + status: + description: status of the condition, one of True, False, Unknown. + enum: + - "True" + - "False" + - Unknown + type: string + type: + description: Type of condition in CamelCase or in name.namespace.resource.victoriametrics.com/CamelCase. + maxLength: 316 + type: string + required: + - lastTransitionTime + - lastUpdateTime + - reason + - status + - type + type: object + type: array + x-kubernetes-list-map-keys: + - type + x-kubernetes-list-type: map + observedGeneration: + description: |- + ObservedGeneration defines current generation picked by operator for the + reconcile + format: int64 + type: integer + reason: + description: Reason defines human readable error reason + type: string + updateStatus: + description: UpdateStatus defines a status for update rollout + type: string + type: object + type: object + served: true + storage: true + subresources: + status: {} +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.18.0 + name: vlogs.operator.victoriametrics.com +spec: + group: operator.victoriametrics.com + names: + kind: VLogs + listKind: VLogsList + plural: vlogs + singular: vlogs + scope: Namespaced + versions: + - additionalPrinterColumns: + - description: Current status of logs instance update process + jsonPath: .status.status + name: Status + type: string + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + name: v1beta1 + schema: + openAPIV3Schema: + description: |- + VLogs is fast, cost-effective and scalable logs database. + VLogs is the Schema for the vlogs API + properties: + apiVersion: + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + type: string + kind: + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + type: string + metadata: + type: object + spec: + description: |- + VLogsSpec defines the desired state of VLogs + VLogs is deprecated, migrate to the VLSingle + required: + - retentionPeriod + type: object + x-kubernetes-preserve-unknown-fields: true + status: + description: VLogsStatus defines the observed state of VLogs + properties: + conditions: + description: 'Known .status.conditions.type are: "Available", "Progressing", + and "Degraded"' + items: + description: Condition defines status condition of the resource + properties: + lastTransitionTime: + description: lastTransitionTime is the last time the condition + transitioned from one status to another. + format: date-time + type: string + lastUpdateTime: + description: |- + LastUpdateTime is the last time of given type update. + This value is used for status TTL update and removal + format: date-time + type: string + message: + description: |- + message is a human readable message indicating details about the transition. + This may be an empty string. + maxLength: 32768 + type: string + observedGeneration: + description: |- + observedGeneration represents the .metadata.generation that the condition was set based upon. + For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date + with respect to the current state of the instance. + format: int64 + minimum: 0 + type: integer + reason: + description: |- + reason contains a programmatic identifier indicating the reason for the condition's last transition. + Producers of specific condition types may define expected values and meanings for this field, + and whether the values are considered a guaranteed API. + The value should be a CamelCase string. + This field may not be empty. + maxLength: 1024 + minLength: 1 + type: string + status: + description: status of the condition, one of True, False, Unknown. + enum: + - "True" + - "False" + - Unknown + type: string + type: + description: Type of condition in CamelCase or in name.namespace.resource.victoriametrics.com/CamelCase. + maxLength: 316 + type: string + required: + - lastTransitionTime + - lastUpdateTime + - reason + - status + - type + type: object + type: array + x-kubernetes-list-map-keys: + - type + x-kubernetes-list-type: map + observedGeneration: + description: |- + ObservedGeneration defines current generation picked by operator for the + reconcile + format: int64 + type: integer + reason: + description: Reason defines human readable error reason + type: string + updateStatus: + description: UpdateStatus defines a status for update rollout + type: string + type: object + type: object + served: true + storage: true + subresources: + status: {} +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.18.0 + name: vlsingles.operator.victoriametrics.com +spec: + group: operator.victoriametrics.com + names: + kind: VLSingle + listKind: VLSingleList + plural: vlsingles + singular: vlsingle + scope: Namespaced + versions: + - additionalPrinterColumns: + - description: Current status of logs instance update process + jsonPath: .status.status + name: Status + type: string + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + name: v1 + schema: + openAPIV3Schema: + description: |- + VLSingle is fast, cost-effective and scalable logs database. + VLSingle is the Schema for the API + properties: + apiVersion: + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + type: string + kind: + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + type: string + metadata: + type: object + spec: + description: VLSingleSpec defines the desired state of VLSingle + properties: + affinity: + description: Affinity If specified, the pod's scheduling constraints. + type: object + x-kubernetes-preserve-unknown-fields: true + configMaps: + description: |- + ConfigMaps is a list of ConfigMaps in the same namespace as the Application + object, which shall be mounted into the Application container + at /etc/vm/configs/CONFIGMAP_NAME folder + items: + type: string + type: array + containers: + description: |- + Containers property allows to inject additions sidecars or to patch existing containers. + It can be useful for proxies, backup, etc. + items: + description: A single application container that you want to run + within a pod. + required: + - name + type: object + x-kubernetes-preserve-unknown-fields: true + type: array + disableAutomountServiceAccountToken: + description: |- + DisableAutomountServiceAccountToken whether to disable serviceAccount auto mount by Kubernetes (available from v0.54.0). + Operator will conditionally create volumes and volumeMounts for containers if it requires k8s API access. + For example, vmagent and vm-config-reloader requires k8s API access. + Operator creates volumes with name: "kube-api-access", which can be used as volumeMount for extraContainers if needed. + And also adds VolumeMounts at /var/run/secrets/kubernetes.io/serviceaccount. + type: boolean + disableSelfServiceScrape: + description: |- + DisableSelfServiceScrape controls creation of VMServiceScrape by operator + for the application. + Has priority over `VM_DISABLESELFSERVICESCRAPECREATION` operator env variable + type: boolean + dnsConfig: + description: |- + Specifies the DNS parameters of a pod. + Parameters specified here will be merged to the generated DNS + configuration based on DNSPolicy. + items: + x-kubernetes-preserve-unknown-fields: true + properties: + nameservers: + description: |- + A list of DNS name server IP addresses. + This will be appended to the base nameservers generated from DNSPolicy. + Duplicated nameservers will be removed. + items: + type: string + type: array + x-kubernetes-list-type: atomic + options: + description: |- + A list of DNS resolver options. + This will be merged with the base options generated from DNSPolicy. + Duplicated entries will be removed. Resolution options given in Options + will override those that appear in the base DNSPolicy. + items: + description: PodDNSConfigOption defines DNS resolver options + of a pod. + properties: + name: + description: |- + Name is this DNS resolver option's name. + Required. + type: string + value: + description: Value is this DNS resolver option's value. + type: string + type: object + type: array + x-kubernetes-list-type: atomic + searches: + description: |- + A list of DNS search domains for host-name lookup. + This will be appended to the base search paths generated from DNSPolicy. + Duplicated search paths will be removed. + items: + type: string + type: array + x-kubernetes-list-type: atomic + type: object + dnsPolicy: + description: DNSPolicy sets DNS policy for the pod + type: string + extraArgs: + additionalProperties: + type: string + description: |- + ExtraArgs that will be passed to the application container + for example remoteWrite.tmpDataPath: /tmp + type: object + extraEnvs: + description: ExtraEnvs that will be passed to the application container + items: + description: EnvVar represents an environment variable present in + a Container. + properties: + name: + description: Name of the environment variable. Must be a C_IDENTIFIER. + type: string + value: + description: |- + Variable references $(VAR_NAME) are expanded + using the previously defined environment variables in the container and + any service environment variables. If a variable cannot be resolved, + the reference in the input string will be unchanged. Double $$ are reduced + to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. + "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". + Escaped references will never be expanded, regardless of whether the variable + exists or not. + Defaults to "". + type: string + required: + - name + type: object + x-kubernetes-preserve-unknown-fields: true + type: array + extraEnvsFrom: + description: |- + ExtraEnvsFrom defines source of env variables for the application container + could either be secret or configmap + items: + description: EnvFromSource represents the source of a set of ConfigMaps + properties: + configMapRef: + description: The ConfigMap to select from + properties: + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the ConfigMap must be defined + type: boolean + type: object + x-kubernetes-map-type: atomic + prefix: + description: An optional identifier to prepend to each key in + the ConfigMap. Must be a C_IDENTIFIER. + type: string + secretRef: + description: The Secret to select from + properties: + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret must be defined + type: boolean + type: object + x-kubernetes-map-type: atomic + type: object + type: array + futureRetention: + description: |- + FutureRetention for the stored logs + Log entries with timestamps bigger than now+futureRetention are rejected during data ingestion; see https://docs.victoriametrics.com/victorialogs/#retention + pattern: ^[0-9]+(h|d|y)?$ + type: string + host_aliases: + description: |- + HostAliasesUnderScore provides mapping for ip and hostname, + that would be propagated to pod, + cannot be used with HostNetwork. + Has Priority over hostAliases field + items: + description: |- + HostAlias holds the mapping between IP and hostnames that will be injected as an entry in the + pod's hosts file. + properties: + hostnames: + description: Hostnames for the above IP address. + items: + type: string + type: array + x-kubernetes-list-type: atomic + ip: + description: IP address of the host file entry. + type: string + required: + - ip + type: object + type: array + hostAliases: + description: |- + HostAliases provides mapping for ip and hostname, + that would be propagated to pod, + cannot be used with HostNetwork. + items: + description: |- + HostAlias holds the mapping between IP and hostnames that will be injected as an entry in the + pod's hosts file. + properties: + hostnames: + description: Hostnames for the above IP address. + items: + type: string + type: array + x-kubernetes-list-type: atomic + ip: + description: IP address of the host file entry. + type: string + required: + - ip + type: object + type: array + hostNetwork: + description: HostNetwork controls whether the pod may use the node + network namespace + type: boolean + image: + description: |- + Image - docker image settings + if no specified operator uses default version from operator config + properties: + pullPolicy: + description: PullPolicy describes how to pull docker image + type: string + repository: + description: Repository contains name of docker image + it's repository + if needed + type: string + tag: + description: Tag contains desired docker image version + type: string + type: object + imagePullSecrets: + description: |- + ImagePullSecrets An optional list of references to secrets in the same namespace + to use for pulling images from registries + see https://kubernetes.io/docs/concepts/containers/images/#referring-to-an-imagepullsecrets-on-a-pod + items: + description: |- + LocalObjectReference contains enough information to let you locate the + referenced object inside the same namespace. + properties: + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + type: object + x-kubernetes-map-type: atomic + type: array + initContainers: + description: |- + InitContainers allows adding initContainers to the pod definition. + Any errors during the execution of an initContainer will lead to a restart of the Pod. + More info: https://kubernetes.io/docs/concepts/workloads/pods/init-containers/ + items: + description: A single application container that you want to run + within a pod. + required: + - name + type: object + x-kubernetes-preserve-unknown-fields: true + type: array + livenessProbe: + description: LivenessProbe that will be added CRD pod + type: object + x-kubernetes-preserve-unknown-fields: true + logFormat: + description: LogFormat for VLSingle to be configured with. + enum: + - default + - json + type: string + logIngestedRows: + description: Whether to log all the ingested log entries; this can + be useful for debugging of data ingestion; see https://docs.victoriametrics.com/victorialogs/data-ingestion/ + type: boolean + logLevel: + description: LogLevel for VictoriaLogs to be configured with. + enum: + - INFO + - WARN + - ERROR + - FATAL + - PANIC + type: string + logNewStreams: + description: LogNewStreams Whether to log creation of new streams; + this can be useful for debugging of high cardinality issues with + log streams; see https://docs.victoriametrics.com/victorialogs/keyconcepts/#stream-fields + type: boolean + managedMetadata: + description: |- + ManagedMetadata defines metadata that will be added to the all objects + created by operator for the given CustomResource + properties: + annotations: + additionalProperties: + type: string + description: |- + Annotations is an unstructured key value map stored with a resource that may be + set by external tools to store and retrieve arbitrary metadata. They are not + queryable and should be preserved when modifying objects. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations + type: object + labels: + additionalProperties: + type: string + description: |- + Labels Map of string keys and values that can be used to organize and categorize + (scope and select) objects. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels + type: object + type: object + minReadySeconds: + description: |- + MinReadySeconds defines a minimum number of seconds to wait before starting update next pod + if previous in healthy state + Has no effect for VLogs and VMSingle + format: int32 + type: integer + nodeSelector: + additionalProperties: + type: string + description: NodeSelector Define which Nodes the Pods are scheduled + on. + type: object + paused: + description: |- + Paused If set to true all actions on the underlying managed objects are not + going to be performed, except for delete actions. + type: boolean + podMetadata: + description: PodMetadata configures Labels and Annotations which are + propagated to the VLSingle pods. + properties: + annotations: + additionalProperties: + type: string + description: |- + Annotations is an unstructured key value map stored with a resource that may be + set by external tools to store and retrieve arbitrary metadata. They are not + queryable and should be preserved when modifying objects. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations + type: object + labels: + additionalProperties: + type: string + description: |- + Labels Map of string keys and values that can be used to organize and categorize + (scope and select) objects. May match selectors of replication controllers + and services. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels + type: object + name: + description: |- + Name must be unique within a namespace. Is required when creating resources, although + some resources may allow a client to request the generation of an appropriate name + automatically. Name is primarily intended for creation idempotence and configuration + definition. + Cannot be updated. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names#names + type: string + type: object + port: + description: Port listen address + type: string + priorityClassName: + description: PriorityClassName class assigned to the Pods + type: string + readinessGates: + description: ReadinessGates defines pod readiness gates + items: + description: PodReadinessGate contains the reference to a pod condition + properties: + conditionType: + description: ConditionType refers to a condition in the pod's + condition list with matching type. + type: string + required: + - conditionType + type: object + type: array + readinessProbe: + description: ReadinessProbe that will be added CRD pod + type: object + x-kubernetes-preserve-unknown-fields: true + replicaCount: + description: ReplicaCount is the expected size of the Application. + format: int32 + type: integer + resources: + description: |- + Resources container resource request and limits, https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + if not defined default resources from operator config will be used + properties: + claims: + description: |- + Claims lists the names of resources, defined in spec.resourceClaims, + that are used by this container. + + This is an alpha field and requires enabling the + DynamicResourceAllocation feature gate. + + This field is immutable. It can only be set for containers. + items: + description: ResourceClaim references one entry in PodSpec.ResourceClaims. + properties: + name: + description: |- + Name must match the name of one entry in pod.spec.resourceClaims of + the Pod where this field is used. It makes that resource available + inside a container. + type: string + request: + description: |- + Request is the name chosen for a request in the referenced claim. + If empty, everything from the claim is made available, otherwise + only the result of this request. + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: |- + Limits describes the maximum amount of compute resources allowed. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: |- + Requests describes the minimum amount of compute resources required. + If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, + otherwise to an implementation-defined value. Requests cannot exceed Limits. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + type: object + type: object + retentionMaxDiskSpaceUsageBytes: + description: |- + RetentionMaxDiskSpaceUsageBytes for the stored logs + VictoriaLogs keeps at least two last days of data in order to guarantee that the logs for the last day can be returned in queries. + This means that the total disk space usage may exceed the -retention.maxDiskSpaceUsageBytes, + if the size of the last two days of data exceeds the -retention.maxDiskSpaceUsageBytes. + https://docs.victoriametrics.com/victorialogs/#retention-by-disk-space-usage + type: string + retentionPeriod: + description: |- + RetentionPeriod for the stored logs + https://docs.victoriametrics.com/victorialogs/#retention + pattern: ^[0-9]+(h|d|w|y)?$ + type: string + revisionHistoryLimitCount: + description: |- + The number of old ReplicaSets to retain to allow rollback in deployment or + maximum number of revisions that will be maintained in the Deployment revision history. + Has no effect at StatefulSets + Defaults to 10. + format: int32 + type: integer + runtimeClassName: + description: |- + RuntimeClassName - defines runtime class for kubernetes pod. + https://kubernetes.io/docs/concepts/containers/runtime-class/ + type: string + schedulerName: + description: SchedulerName - defines kubernetes scheduler name + type: string + secrets: + description: |- + Secrets is a list of Secrets in the same namespace as the Application + object, which shall be mounted into the Application container + at /etc/vm/secrets/SECRET_NAME folder + items: + type: string + type: array + securityContext: + description: |- + SecurityContext holds pod-level security attributes and common container settings. + This defaults to the default PodSecurityContext. + type: object + x-kubernetes-preserve-unknown-fields: true + serviceAccountName: + description: ServiceAccountName is the name of the ServiceAccount + to use to run the pods + type: string + serviceScrapeSpec: + description: ServiceScrapeSpec that will be added to vlsingle VMServiceScrape + spec + required: + - endpoints + type: object + x-kubernetes-preserve-unknown-fields: true + serviceSpec: + description: ServiceSpec that will be added to vlsingle service spec + properties: + metadata: + description: EmbeddedObjectMetadata defines objectMeta for additional + service. + properties: + annotations: + additionalProperties: + type: string + description: |- + Annotations is an unstructured key value map stored with a resource that may be + set by external tools to store and retrieve arbitrary metadata. They are not + queryable and should be preserved when modifying objects. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations + type: object + labels: + additionalProperties: + type: string + description: |- + Labels Map of string keys and values that can be used to organize and categorize + (scope and select) objects. May match selectors of replication controllers + and services. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels + type: object + name: + description: |- + Name must be unique within a namespace. Is required when creating resources, although + some resources may allow a client to request the generation of an appropriate name + automatically. Name is primarily intended for creation idempotence and configuration + definition. + Cannot be updated. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names#names + type: string + type: object + spec: + description: |- + ServiceSpec describes the attributes that a user creates on a service. + More info: https://kubernetes.io/docs/concepts/services-networking/service/ + type: object + x-kubernetes-preserve-unknown-fields: true + useAsDefault: + description: |- + UseAsDefault applies changes from given service definition to the main object Service + Changing from headless service to clusterIP or loadbalancer may break cross-component communication + type: boolean + required: + - spec + type: object + startupProbe: + description: StartupProbe that will be added to CRD pod + type: object + x-kubernetes-preserve-unknown-fields: true + storage: + description: |- + Storage is the definition of how storage will be used by the VLSingle + by default it`s empty dir + properties: + accessModes: + description: |- + accessModes contains the desired access modes the volume should have. + More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1 + items: + type: string + type: array + x-kubernetes-list-type: atomic + dataSource: + description: |- + dataSource field can be used to specify either: + * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot) + * An existing PVC (PersistentVolumeClaim) + If the provisioner or an external controller can support the specified data source, + it will create a new volume based on the contents of the specified data source. + When the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef, + and dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified. + If the namespace is specified, then dataSourceRef will not be copied to dataSource. + properties: + apiGroup: + description: |- + APIGroup is the group for the resource being referenced. + If APIGroup is not specified, the specified Kind must be in the core API group. + For any other third-party types, APIGroup is required. + type: string + kind: + description: Kind is the type of resource being referenced + type: string + name: + description: Name is the name of resource being referenced + type: string + required: + - kind + - name + type: object + x-kubernetes-map-type: atomic + dataSourceRef: + description: |- + dataSourceRef specifies the object from which to populate the volume with data, if a non-empty + volume is desired. This may be any object from a non-empty API group (non + core object) or a PersistentVolumeClaim object. + When this field is specified, volume binding will only succeed if the type of + the specified object matches some installed volume populator or dynamic + provisioner. + This field will replace the functionality of the dataSource field and as such + if both fields are non-empty, they must have the same value. For backwards + compatibility, when namespace isn't specified in dataSourceRef, + both fields (dataSource and dataSourceRef) will be set to the same + value automatically if one of them is empty and the other is non-empty. + When namespace is specified in dataSourceRef, + dataSource isn't set to the same value and must be empty. + There are three important differences between dataSource and dataSourceRef: + * While dataSource only allows two specific types of objects, dataSourceRef + allows any non-core object, as well as PersistentVolumeClaim objects. + * While dataSource ignores disallowed values (dropping them), dataSourceRef + preserves all values, and generates an error if a disallowed value is + specified. + * While dataSource only allows local objects, dataSourceRef allows objects + in any namespaces. + (Beta) Using this field requires the AnyVolumeDataSource feature gate to be enabled. + (Alpha) Using the namespace field of dataSourceRef requires the CrossNamespaceVolumeDataSource feature gate to be enabled. + properties: + apiGroup: + description: |- + APIGroup is the group for the resource being referenced. + If APIGroup is not specified, the specified Kind must be in the core API group. + For any other third-party types, APIGroup is required. + type: string + kind: + description: Kind is the type of resource being referenced + type: string + name: + description: Name is the name of resource being referenced + type: string + namespace: + description: |- + Namespace is the namespace of resource being referenced + Note that when a namespace is specified, a gateway.networking.k8s.io/ReferenceGrant object is required in the referent namespace to allow that namespace's owner to accept the reference. See the ReferenceGrant documentation for details. + (Alpha) This field requires the CrossNamespaceVolumeDataSource feature gate to be enabled. + type: string + required: + - kind + - name + type: object + resources: + description: |- + resources represents the minimum resources the volume should have. + If RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements + that are lower than previous value but must still be higher than capacity recorded in the + status field of the claim. + More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources + properties: + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: |- + Limits describes the maximum amount of compute resources allowed. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: |- + Requests describes the minimum amount of compute resources required. + If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, + otherwise to an implementation-defined value. Requests cannot exceed Limits. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + type: object + type: object + selector: + description: selector is a label query over volumes to consider + for binding. + properties: + matchExpressions: + description: matchExpressions is a list of label selector + requirements. The requirements are ANDed. + items: + description: |- + A label selector requirement is a selector that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: key is the label key that the selector + applies to. + type: string + operator: + description: |- + operator represents a key's relationship to a set of values. + Valid operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: |- + values is an array of string values. If the operator is In or NotIn, + the values array must be non-empty. If the operator is Exists or DoesNotExist, + the values array must be empty. This array is replaced during a strategic + merge patch. + items: + type: string + type: array + x-kubernetes-list-type: atomic + required: + - key + - operator + type: object + type: array + x-kubernetes-list-type: atomic + matchLabels: + additionalProperties: + type: string + description: |- + matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, whose key field is "key", the + operator is "In", and the values array contains only "value". The requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + storageClassName: + description: |- + storageClassName is the name of the StorageClass required by the claim. + More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1 + type: string + volumeAttributesClassName: + description: |- + volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim. + If specified, the CSI driver will create or update the volume with the attributes defined + in the corresponding VolumeAttributesClass. This has a different purpose than storageClassName, + it can be changed after the claim is created. An empty string value means that no VolumeAttributesClass + will be applied to the claim but it's not allowed to reset this field to empty string once it is set. + If unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass + will be set by the persistentvolume controller if it exists. + If the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be + set to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource + exists. + More info: https://kubernetes.io/docs/concepts/storage/volume-attributes-classes/ + (Beta) Using this field requires the VolumeAttributesClass feature gate to be enabled (off by default). + type: string + volumeMode: + description: |- + volumeMode defines what type of volume is required by the claim. + Value of Filesystem is implied when not included in claim spec. + type: string + volumeName: + description: volumeName is the binding reference to the PersistentVolume + backing this claim. + type: string + type: object + storageDataPath: + description: |- + StorageDataPath disables spec.storage option and overrides arg for victoria-logs binary --storageDataPath, + its users responsibility to mount proper device into given path. + type: string + storageMetadata: + description: StorageMeta defines annotations and labels attached to + PVC for given vlsingle CR + properties: + annotations: + additionalProperties: + type: string + description: |- + Annotations is an unstructured key value map stored with a resource that may be + set by external tools to store and retrieve arbitrary metadata. They are not + queryable and should be preserved when modifying objects. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations + type: object + labels: + additionalProperties: + type: string + description: |- + Labels Map of string keys and values that can be used to organize and categorize + (scope and select) objects. May match selectors of replication controllers + and services. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels + type: object + name: + description: |- + Name must be unique within a namespace. Is required when creating resources, although + some resources may allow a client to request the generation of an appropriate name + automatically. Name is primarily intended for creation idempotence and configuration + definition. + Cannot be updated. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names#names + type: string + type: object + syslogSpec: + description: SyslogSpec defines syslog listener configuration + properties: + tcpListeners: + description: TCPListeners defines syslog server TCP listener configuration + items: + description: SyslogTCPListener defines configuration for TCP + syslog server listen + properties: + compressMethod: + description: |- + CompressMethod for syslog messages + see https://docs.victoriametrics.com/victorialogs/data-ingestion/syslog/#compression + pattern: ^(none|zstd|gzip|deflate)$ + type: string + decolorizeFields: + description: |- + DecolorizeFields to remove ANSI color codes across logs + see https://docs.victoriametrics.com/victorialogs/data-ingestion/syslog/#decolorizing-fields + type: string + ignoreFields: + description: |- + IgnoreFields to ignore at logs + see https://docs.victoriametrics.com/victorialogs/data-ingestion/syslog/#dropping-fields + type: string + listenPort: + description: ListenPort defines listen port + format: int32 + type: integer + streamFields: + description: |- + StreamFields to use as log stream labels + see https://docs.victoriametrics.com/victorialogs/data-ingestion/syslog/#stream-fields + type: string + tenantID: + description: |- + TenantID for logs ingested in form of accountID:projectID + see https://docs.victoriametrics.com/victorialogs/data-ingestion/syslog/#multiple-configs + type: string + tlsConfig: + description: TLSServerConfig defines VictoriaMetrics TLS + configuration for the application's server + properties: + certFile: + description: |- + CertFile defines path to the pre-mounted file with certificate + mutually exclusive with CertSecret + type: string + certSecret: + description: |- + CertSecretRef defines reference for secret with certificate content under given key + mutually exclusive with CertFile + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key + must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + keyFile: + description: |- + KeyFile defines path to the pre-mounted file with certificate key + mutually exclusive with KeySecretRef + type: string + keySecret: + description: |- + Key defines reference for secret with certificate key content under given key + mutually exclusive with KeyFile + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key + must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + required: + - listenPort + type: object + type: array + udpListeners: + description: UDPListeners defines syslog server UDP listener configuration + items: + description: SyslogUDPListener defines configuration for UDP + syslog server listen + properties: + compressMethod: + description: |- + CompressMethod for syslog messages + see https://docs.victoriametrics.com/victorialogs/data-ingestion/syslog/#compression + pattern: ^(none|zstd|gzip|deflate)$ + type: string + decolorizeFields: + description: |- + DecolorizeFields to remove ANSI color codes across logs + see https://docs.victoriametrics.com/victorialogs/data-ingestion/syslog/#decolorizing-fields + type: string + ignoreFields: + description: |- + IgnoreFields to ignore at logs + see https://docs.victoriametrics.com/victorialogs/data-ingestion/syslog/#dropping-fields + type: string + listenPort: + description: ListenPort defines listen port + format: int32 + type: integer + streamFields: + description: |- + StreamFields to use as log stream labels + see https://docs.victoriametrics.com/victorialogs/data-ingestion/syslog/#stream-fields + type: string + tenantID: + description: |- + TenantID for logs ingested in form of accountID:projectID + see https://docs.victoriametrics.com/victorialogs/data-ingestion/syslog/#multiple-configs + type: string + required: + - listenPort + type: object + type: array + type: object + terminationGracePeriodSeconds: + description: TerminationGracePeriodSeconds period for container graceful + termination + format: int64 + type: integer + tolerations: + description: Tolerations If specified, the pod's tolerations. + items: + description: |- + The pod this Toleration is attached to tolerates any taint that matches + the triple using the matching operator . + properties: + effect: + description: |- + Effect indicates the taint effect to match. Empty means match all taint effects. + When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute. + type: string + key: + description: |- + Key is the taint key that the toleration applies to. Empty means match all taint keys. + If the key is empty, operator must be Exists; this combination means to match all values and all keys. + type: string + operator: + description: |- + Operator represents a key's relationship to the value. + Valid operators are Exists and Equal. Defaults to Equal. + Exists is equivalent to wildcard for value, so that a pod can + tolerate all taints of a particular category. + type: string + tolerationSeconds: + description: |- + TolerationSeconds represents the period of time the toleration (which must be + of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, + it is not set, which means tolerate the taint forever (do not evict). Zero and + negative values will be treated as 0 (evict immediately) by the system. + format: int64 + type: integer + value: + description: |- + Value is the taint value the toleration matches to. + If the operator is Exists, the value should be empty, otherwise just a regular string. + type: string + type: object + type: array + topologySpreadConstraints: + description: |- + TopologySpreadConstraints embedded kubernetes pod configuration option, + controls how pods are spread across your cluster among failure-domains + such as regions, zones, nodes, and other user-defined topology domains + https://kubernetes.io/docs/concepts/workloads/pods/pod-topology-spread-constraints/ + items: + description: TopologySpreadConstraint specifies how to spread matching + pods among the given topology. + required: + - maxSkew + - topologyKey + - whenUnsatisfiable + type: object + x-kubernetes-preserve-unknown-fields: true + type: array + useDefaultResources: + description: |- + UseDefaultResources controls resource settings + By default, operator sets built-in resource requirements + type: boolean + useStrictSecurity: + description: |- + UseStrictSecurity enables strict security mode for component + it restricts disk writes access + uses non-root user out of the box + drops not needed security permissions + type: boolean + volumeMounts: + description: |- + VolumeMounts allows configuration of additional VolumeMounts on the output Deployment/StatefulSet definition. + VolumeMounts specified will be appended to other VolumeMounts in the Application container + items: + description: VolumeMount describes a mounting of a Volume within + a container. + properties: + mountPath: + description: |- + Path within the container at which the volume should be mounted. Must + not contain ':'. + type: string + mountPropagation: + description: |- + mountPropagation determines how mounts are propagated from the host + to container and the other way around. + When not set, MountPropagationNone is used. + This field is beta in 1.10. + When RecursiveReadOnly is set to IfPossible or to Enabled, MountPropagation must be None or unspecified + (which defaults to None). + type: string + name: + description: This must match the Name of a Volume. + type: string + readOnly: + description: |- + Mounted read-only if true, read-write otherwise (false or unspecified). + Defaults to false. + type: boolean + recursiveReadOnly: + description: |- + RecursiveReadOnly specifies whether read-only mounts should be handled + recursively. + + If ReadOnly is false, this field has no meaning and must be unspecified. + + If ReadOnly is true, and this field is set to Disabled, the mount is not made + recursively read-only. If this field is set to IfPossible, the mount is made + recursively read-only, if it is supported by the container runtime. If this + field is set to Enabled, the mount is made recursively read-only if it is + supported by the container runtime, otherwise the pod will not be started and + an error will be generated to indicate the reason. + + If this field is set to IfPossible or Enabled, MountPropagation must be set to + None (or be unspecified, which defaults to None). + + If this field is not specified, it is treated as an equivalent of Disabled. + type: string + subPath: + description: |- + Path within the volume from which the container's volume should be mounted. + Defaults to "" (volume's root). + type: string + subPathExpr: + description: |- + Expanded path within the volume from which the container's volume should be mounted. + Behaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment. + Defaults to "" (volume's root). + SubPathExpr and SubPath are mutually exclusive. + type: string + required: + - mountPath + - name + type: object + type: array + volumes: + description: |- + Volumes allows configuration of additional volumes on the output Deployment/StatefulSet definition. + Volumes specified will be appended to other volumes that are generated. + / +optional + items: + description: Volume represents a named volume in a pod that may + be accessed by any container in the pod. + required: + - name + type: object + x-kubernetes-preserve-unknown-fields: true + type: array + type: object + status: + description: VLSingleStatus defines the observed state of VLSingle + properties: + conditions: + description: 'Known .status.conditions.type are: "Available", "Progressing", + and "Degraded"' + items: + description: Condition defines status condition of the resource + properties: + lastTransitionTime: + description: lastTransitionTime is the last time the condition + transitioned from one status to another. + format: date-time + type: string + lastUpdateTime: + description: |- + LastUpdateTime is the last time of given type update. + This value is used for status TTL update and removal + format: date-time + type: string + message: + description: |- + message is a human readable message indicating details about the transition. + This may be an empty string. + maxLength: 32768 + type: string + observedGeneration: + description: |- + observedGeneration represents the .metadata.generation that the condition was set based upon. + For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date + with respect to the current state of the instance. + format: int64 + minimum: 0 + type: integer + reason: + description: |- + reason contains a programmatic identifier indicating the reason for the condition's last transition. + Producers of specific condition types may define expected values and meanings for this field, + and whether the values are considered a guaranteed API. + The value should be a CamelCase string. + This field may not be empty. + maxLength: 1024 + minLength: 1 + type: string + status: + description: status of the condition, one of True, False, Unknown. + enum: + - "True" + - "False" + - Unknown + type: string + type: + description: Type of condition in CamelCase or in name.namespace.resource.victoriametrics.com/CamelCase. + maxLength: 316 + type: string + required: + - lastTransitionTime + - lastUpdateTime + - reason + - status + - type + type: object + type: array + x-kubernetes-list-map-keys: + - type + x-kubernetes-list-type: map + observedGeneration: + description: |- + ObservedGeneration defines current generation picked by operator for the + reconcile + format: int64 + type: integer + reason: + description: Reason defines human readable error reason + type: string + updateStatus: + description: UpdateStatus defines a status for update rollout + type: string + type: object + type: object + served: true + storage: true + subresources: + status: {} +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.18.0 + name: vmagents.operator.victoriametrics.com +spec: + group: operator.victoriametrics.com + names: + kind: VMAgent + listKind: VMAgentList + plural: vmagents + singular: vmagent + scope: Namespaced + versions: + - additionalPrinterColumns: + - description: current number of shards + jsonPath: .status.shards + name: Shards Count + type: integer + - description: current number of replicas + jsonPath: .status.replicas + name: Replica Count + type: integer + - description: Current status of update rollout + jsonPath: .status.updateStatus + name: Status + type: string + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + name: v1beta1 + schema: + openAPIV3Schema: + description: |- + VMAgent - is a tiny but brave agent, which helps you collect metrics from various sources and stores them in VictoriaMetrics + or any other Prometheus-compatible storage system that supports the remote_write protocol. + properties: + apiVersion: + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + type: string + kind: + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + type: string + metadata: + type: object + spec: + description: VMAgentSpec defines the desired state of VMAgent + properties: + aPIServerConfig: + description: |- + APIServerConfig allows specifying a host and auth methods to access apiserver. + If left empty, VMAgent is assumed to run inside of the cluster + and will discover API servers automatically and use the pod's CA certificate + and bearer token file at /var/run/secrets/kubernetes.io/serviceaccount/. + aPIServerConfig is deprecated use apiServerConfig instead + required: + - host + type: object + x-kubernetes-preserve-unknown-fields: true + additionalScrapeConfigs: + description: |- + AdditionalScrapeConfigs As scrape configs are appended, the user is responsible to make sure it + is valid. Note that using this feature may expose the possibility to + break upgrades of VMAgent. It is advised to review VMAgent release + notes to ensure that no incompatible scrape configs are going to break + VMAgent after the upgrade. + properties: + key: + description: The key of the secret to select from. Must be a + valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + affinity: + description: Affinity If specified, the pod's scheduling constraints. + type: object + x-kubernetes-preserve-unknown-fields: true + apiServerConfig: + description: |- + APIServerConfig allows specifying a host and auth methods to access apiserver. + If left empty, VMAgent is assumed to run inside of the cluster + and will discover API servers automatically and use the pod's CA certificate + and bearer token file at /var/run/secrets/kubernetes.io/serviceaccount/. + properties: + authorization: + description: Authorization configures generic authorization params + properties: + credentials: + description: Reference to the secret with value for authorization + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + credentialsFile: + description: File with value for authorization + type: string + type: + description: Type of authorization, default to bearer + type: string + type: object + basicAuth: + description: BasicAuth allow an endpoint to authenticate over + basic authentication + properties: + password: + description: |- + Password defines reference for secret with password value + The secret needs to be in the same namespace as scrape object + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + password_file: + description: |- + PasswordFile defines path to password file at disk + must be pre-mounted + type: string + username: + description: |- + Username defines reference for secret with username value + The secret needs to be in the same namespace as scrape object + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + bearerToken: + description: Bearer token for accessing apiserver. + type: string + bearerTokenFile: + description: File to read bearer token for accessing apiserver. + type: string + host: + description: |- + Host of apiserver. + A valid string consisting of a hostname or IP followed by an optional port number + type: string + tlsConfig: + description: TLSConfig Config to use for accessing apiserver. + properties: + ca: + description: Struct containing the CA cert to use for the + targets. + properties: + configMap: + description: ConfigMap containing data to use for the + targets. + properties: + key: + description: The key to select. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the ConfigMap or its + key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + secret: + description: Secret containing data to use for the targets. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key + must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + caFile: + description: Path to the CA cert in the container to use for + the targets. + type: string + cert: + description: Struct containing the client cert file for the + targets. + properties: + configMap: + description: ConfigMap containing data to use for the + targets. + properties: + key: + description: The key to select. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the ConfigMap or its + key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + secret: + description: Secret containing data to use for the targets. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key + must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + certFile: + description: Path to the client cert file in the container + for the targets. + type: string + insecureSkipVerify: + description: Disable target certificate validation. + type: boolean + keyFile: + description: Path to the client key file in the container + for the targets. + type: string + keySecret: + description: Secret containing the client key file for the + targets. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + serverName: + description: Used to verify the hostname for the targets. + type: string + type: object + required: + - host + type: object + arbitraryFSAccessThroughSMs: + description: |- + ArbitraryFSAccessThroughSMs configures whether configuration + based on EndpointAuth can access arbitrary files on the file system + of the VMAgent container e.g. bearer token files, basic auth, tls certs + properties: + deny: + type: boolean + type: object + claimTemplates: + description: ClaimTemplates allows adding additional VolumeClaimTemplates + for VMAgent in StatefulMode + items: + description: PersistentVolumeClaim is a user's request for and claim + to a persistent volume + properties: + apiVersion: + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + type: string + kind: + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + type: string + metadata: + description: |- + Standard object's metadata. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata + type: object + x-kubernetes-preserve-unknown-fields: true + spec: + description: |- + spec defines the desired characteristics of a volume requested by a pod author. + More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims + properties: + accessModes: + description: |- + accessModes contains the desired access modes the volume should have. + More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1 + items: + type: string + type: array + x-kubernetes-list-type: atomic + dataSource: + description: |- + dataSource field can be used to specify either: + * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot) + * An existing PVC (PersistentVolumeClaim) + If the provisioner or an external controller can support the specified data source, + it will create a new volume based on the contents of the specified data source. + When the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef, + and dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified. + If the namespace is specified, then dataSourceRef will not be copied to dataSource. + properties: + apiGroup: + description: |- + APIGroup is the group for the resource being referenced. + If APIGroup is not specified, the specified Kind must be in the core API group. + For any other third-party types, APIGroup is required. + type: string + kind: + description: Kind is the type of resource being referenced + type: string + name: + description: Name is the name of resource being referenced + type: string + required: + - kind + - name + type: object + x-kubernetes-map-type: atomic + dataSourceRef: + description: |- + dataSourceRef specifies the object from which to populate the volume with data, if a non-empty + volume is desired. This may be any object from a non-empty API group (non + core object) or a PersistentVolumeClaim object. + When this field is specified, volume binding will only succeed if the type of + the specified object matches some installed volume populator or dynamic + provisioner. + This field will replace the functionality of the dataSource field and as such + if both fields are non-empty, they must have the same value. For backwards + compatibility, when namespace isn't specified in dataSourceRef, + both fields (dataSource and dataSourceRef) will be set to the same + value automatically if one of them is empty and the other is non-empty. + When namespace is specified in dataSourceRef, + dataSource isn't set to the same value and must be empty. + There are three important differences between dataSource and dataSourceRef: + * While dataSource only allows two specific types of objects, dataSourceRef + allows any non-core object, as well as PersistentVolumeClaim objects. + * While dataSource ignores disallowed values (dropping them), dataSourceRef + preserves all values, and generates an error if a disallowed value is + specified. + * While dataSource only allows local objects, dataSourceRef allows objects + in any namespaces. + (Beta) Using this field requires the AnyVolumeDataSource feature gate to be enabled. + (Alpha) Using the namespace field of dataSourceRef requires the CrossNamespaceVolumeDataSource feature gate to be enabled. + properties: + apiGroup: + description: |- + APIGroup is the group for the resource being referenced. + If APIGroup is not specified, the specified Kind must be in the core API group. + For any other third-party types, APIGroup is required. + type: string + kind: + description: Kind is the type of resource being referenced + type: string + name: + description: Name is the name of resource being referenced + type: string + namespace: + description: |- + Namespace is the namespace of resource being referenced + Note that when a namespace is specified, a gateway.networking.k8s.io/ReferenceGrant object is required in the referent namespace to allow that namespace's owner to accept the reference. See the ReferenceGrant documentation for details. + (Alpha) This field requires the CrossNamespaceVolumeDataSource feature gate to be enabled. + type: string + required: + - kind + - name + type: object + resources: + description: |- + resources represents the minimum resources the volume should have. + If RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements + that are lower than previous value but must still be higher than capacity recorded in the + status field of the claim. + More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources + properties: + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: |- + Limits describes the maximum amount of compute resources allowed. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: |- + Requests describes the minimum amount of compute resources required. + If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, + otherwise to an implementation-defined value. Requests cannot exceed Limits. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + type: object + type: object + selector: + description: selector is a label query over volumes to consider + for binding. + properties: + matchExpressions: + description: matchExpressions is a list of label selector + requirements. The requirements are ANDed. + items: + description: |- + A label selector requirement is a selector that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: key is the label key that the selector + applies to. + type: string + operator: + description: |- + operator represents a key's relationship to a set of values. + Valid operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: |- + values is an array of string values. If the operator is In or NotIn, + the values array must be non-empty. If the operator is Exists or DoesNotExist, + the values array must be empty. This array is replaced during a strategic + merge patch. + items: + type: string + type: array + x-kubernetes-list-type: atomic + required: + - key + - operator + type: object + type: array + x-kubernetes-list-type: atomic + matchLabels: + additionalProperties: + type: string + description: |- + matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, whose key field is "key", the + operator is "In", and the values array contains only "value". The requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + storageClassName: + description: |- + storageClassName is the name of the StorageClass required by the claim. + More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1 + type: string + volumeAttributesClassName: + description: |- + volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim. + If specified, the CSI driver will create or update the volume with the attributes defined + in the corresponding VolumeAttributesClass. This has a different purpose than storageClassName, + it can be changed after the claim is created. An empty string value means that no VolumeAttributesClass + will be applied to the claim but it's not allowed to reset this field to empty string once it is set. + If unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass + will be set by the persistentvolume controller if it exists. + If the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be + set to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource + exists. + More info: https://kubernetes.io/docs/concepts/storage/volume-attributes-classes/ + (Beta) Using this field requires the VolumeAttributesClass feature gate to be enabled (off by default). + type: string + volumeMode: + description: |- + volumeMode defines what type of volume is required by the claim. + Value of Filesystem is implied when not included in claim spec. + type: string + volumeName: + description: volumeName is the binding reference to the + PersistentVolume backing this claim. + type: string + type: object + status: + description: |- + status represents the current information/status of a persistent volume claim. + Read-only. + More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims + properties: + accessModes: + description: |- + accessModes contains the actual access modes the volume backing the PVC has. + More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1 + items: + type: string + type: array + x-kubernetes-list-type: atomic + allocatedResourceStatuses: + additionalProperties: + description: |- + When a controller receives persistentvolume claim update with ClaimResourceStatus for a resource + that it does not recognizes, then it should ignore that update and let other controllers + handle it. + type: string + description: "allocatedResourceStatuses stores status of + resource being resized for the given PVC.\nKey names follow + standard Kubernetes label syntax. Valid values are either:\n\t* + Un-prefixed keys:\n\t\t- storage - the capacity of the + volume.\n\t* Custom resources must use implementation-defined + prefixed names such as \"example.com/my-custom-resource\"\nApart + from above values - keys that are unprefixed or have kubernetes.io + prefix are considered\nreserved and hence may not be used.\n\nClaimResourceStatus + can be in any of following states:\n\t- ControllerResizeInProgress:\n\t\tState + set when resize controller starts resizing the volume + in control-plane.\n\t- ControllerResizeFailed:\n\t\tState + set when resize has failed in resize controller with a + terminal error.\n\t- NodeResizePending:\n\t\tState set + when resize controller has finished resizing the volume + but further resizing of\n\t\tvolume is needed on the node.\n\t- + NodeResizeInProgress:\n\t\tState set when kubelet starts + resizing the volume.\n\t- NodeResizeFailed:\n\t\tState + set when resizing has failed in kubelet with a terminal + error. Transient errors don't set\n\t\tNodeResizeFailed.\nFor + example: if expanding a PVC for more capacity - this field + can be one of the following states:\n\t- pvc.status.allocatedResourceStatus['storage'] + = \"ControllerResizeInProgress\"\n - pvc.status.allocatedResourceStatus['storage'] + = \"ControllerResizeFailed\"\n - pvc.status.allocatedResourceStatus['storage'] + = \"NodeResizePending\"\n - pvc.status.allocatedResourceStatus['storage'] + = \"NodeResizeInProgress\"\n - pvc.status.allocatedResourceStatus['storage'] + = \"NodeResizeFailed\"\nWhen this field is not set, it + means that no resize operation is in progress for the + given PVC.\n\nA controller that receives PVC update with + previously unknown resourceName or ClaimResourceStatus\nshould + ignore the update for the purpose it was designed. For + example - a controller that\nonly is responsible for resizing + capacity of the volume, should ignore PVC updates that + change other valid\nresources associated with PVC.\n\nThis + is an alpha field and requires enabling RecoverVolumeExpansionFailure + feature." + type: object + x-kubernetes-map-type: granular + allocatedResources: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: "allocatedResources tracks the resources allocated + to a PVC including its capacity.\nKey names follow standard + Kubernetes label syntax. Valid values are either:\n\t* + Un-prefixed keys:\n\t\t- storage - the capacity of the + volume.\n\t* Custom resources must use implementation-defined + prefixed names such as \"example.com/my-custom-resource\"\nApart + from above values - keys that are unprefixed or have kubernetes.io + prefix are considered\nreserved and hence may not be used.\n\nCapacity + reported here may be larger than the actual capacity when + a volume expansion operation\nis requested.\nFor storage + quota, the larger value from allocatedResources and PVC.spec.resources + is used.\nIf allocatedResources is not set, PVC.spec.resources + alone is used for quota calculation.\nIf a volume expansion + capacity request is lowered, allocatedResources is only\nlowered + if there are no expansion operations in progress and if + the actual volume capacity\nis equal or lower than the + requested capacity.\n\nA controller that receives PVC + update with previously unknown resourceName\nshould ignore + the update for the purpose it was designed. For example + - a controller that\nonly is responsible for resizing + capacity of the volume, should ignore PVC updates that + change other valid\nresources associated with PVC.\n\nThis + is an alpha field and requires enabling RecoverVolumeExpansionFailure + feature." + type: object + capacity: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: capacity represents the actual resources of + the underlying volume. + type: object + conditions: + description: |- + conditions is the current Condition of persistent volume claim. If underlying persistent volume is being + resized then the Condition will be set to 'Resizing'. + items: + description: PersistentVolumeClaimCondition contains details + about state of pvc + properties: + lastProbeTime: + description: lastProbeTime is the time we probed the + condition. + format: date-time + type: string + lastTransitionTime: + description: lastTransitionTime is the time the condition + transitioned from one status to another. + format: date-time + type: string + message: + description: message is the human-readable message + indicating details about last transition. + type: string + reason: + description: |- + reason is a unique, this should be a short, machine understandable string that gives the reason + for condition's last transition. If it reports "Resizing" that means the underlying + persistent volume is being resized. + type: string + status: + description: |- + Status is the status of the condition. + Can be True, False, Unknown. + More info: https://kubernetes.io/docs/reference/kubernetes-api/config-and-storage-resources/persistent-volume-claim-v1/#:~:text=state%20of%20pvc-,conditions.status,-(string)%2C%20required + type: string + type: + description: |- + Type is the type of the condition. + More info: https://kubernetes.io/docs/reference/kubernetes-api/config-and-storage-resources/persistent-volume-claim-v1/#:~:text=set%20to%20%27ResizeStarted%27.-,PersistentVolumeClaimCondition,-contains%20details%20about + type: string + required: + - status + - type + type: object + type: array + x-kubernetes-list-map-keys: + - type + x-kubernetes-list-type: map + currentVolumeAttributesClassName: + description: |- + currentVolumeAttributesClassName is the current name of the VolumeAttributesClass the PVC is using. + When unset, there is no VolumeAttributeClass applied to this PersistentVolumeClaim + This is a beta field and requires enabling VolumeAttributesClass feature (off by default). + type: string + modifyVolumeStatus: + description: |- + ModifyVolumeStatus represents the status object of ControllerModifyVolume operation. + When this is unset, there is no ModifyVolume operation being attempted. + This is a beta field and requires enabling VolumeAttributesClass feature (off by default). + properties: + status: + description: "status is the status of the ControllerModifyVolume + operation. It can be in any of following states:\n + - Pending\n Pending indicates that the PersistentVolumeClaim + cannot be modified due to unmet requirements, such + as\n the specified VolumeAttributesClass not existing.\n + - InProgress\n InProgress indicates that the volume + is being modified.\n - Infeasible\n Infeasible indicates + that the request has been rejected as invalid by the + CSI driver. To\n\t resolve the error, a valid VolumeAttributesClass + needs to be specified.\nNote: New statuses can be + added in the future. Consumers should check for unknown + statuses and fail appropriately." + type: string + targetVolumeAttributesClassName: + description: targetVolumeAttributesClassName is the + name of the VolumeAttributesClass the PVC currently + being reconciled + type: string + required: + - status + type: object + phase: + description: phase represents the current phase of PersistentVolumeClaim. + type: string + type: object + type: object + type: array + configMaps: + description: |- + ConfigMaps is a list of ConfigMaps in the same namespace as the Application + object, which shall be mounted into the Application container + at /etc/vm/configs/CONFIGMAP_NAME folder + items: + type: string + type: array + configReloadAuthKeySecret: + description: |- + ConfigReloadAuthKeySecret defines optional secret reference authKey for /-/reload API requests. + Given secret reference will be added to the application and vm-config-reloader as volume + available since v0.57.0 version + properties: + key: + description: The key of the secret to select from. Must be a + valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + configReloaderExtraArgs: + additionalProperties: + type: string + description: |- + ConfigReloaderExtraArgs that will be passed to VMAuths config-reloader container + for example resyncInterval: "30s" + type: object + configReloaderImageTag: + description: ConfigReloaderImageTag defines image:tag for config-reloader + container + type: string + configReloaderResources: + description: |- + ConfigReloaderResources config-reloader container resource request and limits, https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + if not defined default resources from operator config will be used + properties: + claims: + description: |- + Claims lists the names of resources, defined in spec.resourceClaims, + that are used by this container. + + This is an alpha field and requires enabling the + DynamicResourceAllocation feature gate. + + This field is immutable. It can only be set for containers. + items: + description: ResourceClaim references one entry in PodSpec.ResourceClaims. + properties: + name: + description: |- + Name must match the name of one entry in pod.spec.resourceClaims of + the Pod where this field is used. It makes that resource available + inside a container. + type: string + request: + description: |- + Request is the name chosen for a request in the referenced claim. + If empty, everything from the claim is made available, otherwise + only the result of this request. + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: |- + Limits describes the maximum amount of compute resources allowed. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: |- + Requests describes the minimum amount of compute resources required. + If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, + otherwise to an implementation-defined value. Requests cannot exceed Limits. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + type: object + type: object + containers: + description: |- + Containers property allows to inject additions sidecars or to patch existing containers. + It can be useful for proxies, backup, etc. + items: + description: A single application container that you want to run + within a pod. + required: + - name + type: object + x-kubernetes-preserve-unknown-fields: true + type: array + daemonSetMode: + description: |- + DaemonSetMode enables DaemonSet deployment mode instead of Deployment. + Supports only VMPodScrape + (available from v0.55.0). + Cannot be used with statefulMode + type: boolean + disableAutomountServiceAccountToken: + description: |- + DisableAutomountServiceAccountToken whether to disable serviceAccount auto mount by Kubernetes (available from v0.54.0). + Operator will conditionally create volumes and volumeMounts for containers if it requires k8s API access. + For example, vmagent and vm-config-reloader requires k8s API access. + Operator creates volumes with name: "kube-api-access", which can be used as volumeMount for extraContainers if needed. + And also adds VolumeMounts at /var/run/secrets/kubernetes.io/serviceaccount. + type: boolean + disableSelfServiceScrape: + description: |- + DisableSelfServiceScrape controls creation of VMServiceScrape by operator + for the application. + Has priority over `VM_DISABLESELFSERVICESCRAPECREATION` operator env variable + type: boolean + dnsConfig: + description: |- + Specifies the DNS parameters of a pod. + Parameters specified here will be merged to the generated DNS + configuration based on DNSPolicy. + items: + x-kubernetes-preserve-unknown-fields: true + properties: + nameservers: + description: |- + A list of DNS name server IP addresses. + This will be appended to the base nameservers generated from DNSPolicy. + Duplicated nameservers will be removed. + items: + type: string + type: array + x-kubernetes-list-type: atomic + options: + description: |- + A list of DNS resolver options. + This will be merged with the base options generated from DNSPolicy. + Duplicated entries will be removed. Resolution options given in Options + will override those that appear in the base DNSPolicy. + items: + description: PodDNSConfigOption defines DNS resolver options + of a pod. + properties: + name: + description: |- + Name is this DNS resolver option's name. + Required. + type: string + value: + description: Value is this DNS resolver option's value. + type: string + type: object + type: array + x-kubernetes-list-type: atomic + searches: + description: |- + A list of DNS search domains for host-name lookup. + This will be appended to the base search paths generated from DNSPolicy. + Duplicated search paths will be removed. + items: + type: string + type: array + x-kubernetes-list-type: atomic + type: object + dnsPolicy: + description: DNSPolicy sets DNS policy for the pod + type: string + enableKubernetesAPISelectors: + description: |- + EnableKubernetesAPISelectors instructs vmagent to use CRD scrape objects spec.selectors for + Kubernetes API list and watch requests. + https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#list-and-watch-filtering + It could be useful to reduce Kubernetes API server resource usage for serving less than 100 CRD scrape objects in total. + type: boolean + enforcedNamespaceLabel: + description: |- + EnforcedNamespaceLabel enforces adding a namespace label of origin for each alert + and metric that is user created. The label value will always be the namespace of the object that is + being created. + type: string + externalLabels: + additionalProperties: + type: string + description: |- + ExternalLabels The labels to add to any time series scraped by vmagent. + it doesn't affect metrics ingested directly by push API's + type: object + extraArgs: + additionalProperties: + type: string + description: |- + ExtraArgs that will be passed to the application container + for example remoteWrite.tmpDataPath: /tmp + type: object + extraEnvs: + description: ExtraEnvs that will be passed to the application container + items: + description: EnvVar represents an environment variable present in + a Container. + properties: + name: + description: Name of the environment variable. Must be a C_IDENTIFIER. + type: string + value: + description: |- + Variable references $(VAR_NAME) are expanded + using the previously defined environment variables in the container and + any service environment variables. If a variable cannot be resolved, + the reference in the input string will be unchanged. Double $$ are reduced + to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. + "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". + Escaped references will never be expanded, regardless of whether the variable + exists or not. + Defaults to "". + type: string + required: + - name + type: object + x-kubernetes-preserve-unknown-fields: true + type: array + extraEnvsFrom: + description: |- + ExtraEnvsFrom defines source of env variables for the application container + could either be secret or configmap + items: + description: EnvFromSource represents the source of a set of ConfigMaps + properties: + configMapRef: + description: The ConfigMap to select from + properties: + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the ConfigMap must be defined + type: boolean + type: object + x-kubernetes-map-type: atomic + prefix: + description: An optional identifier to prepend to each key in + the ConfigMap. Must be a C_IDENTIFIER. + type: string + secretRef: + description: The Secret to select from + properties: + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret must be defined + type: boolean + type: object + x-kubernetes-map-type: atomic + type: object + type: array + globalScrapeMetricRelabelConfigs: + description: GlobalScrapeMetricRelabelConfigs is a global metric relabel + configuration, which is applied to each scrape job. + items: + description: |- + RelabelConfig allows dynamic rewriting of the label set + More info: https://docs.victoriametrics.com/victoriametrics/#relabeling + properties: + action: + description: Action to perform based on regex matching. Default + is 'replace' + type: string + if: + description: 'If represents metricsQL match expression (or list + of expressions): ''{__name__=~"foo_.*"}''' + x-kubernetes-preserve-unknown-fields: true + labels: + additionalProperties: + type: string + description: 'Labels is used together with Match for `action: + graphite`' + type: object + match: + description: 'Match is used together with Labels for `action: + graphite`' + type: string + modulus: + description: Modulus to take of the hash of the source label + values. + format: int64 + type: integer + regex: + description: |- + Regular expression against which the extracted value is matched. Default is '(.*)' + victoriaMetrics supports multiline regex joined with | + https://docs.victoriametrics.com/victoriametrics/vmagent/#relabeling-enhancements + x-kubernetes-preserve-unknown-fields: true + replacement: + description: |- + Replacement value against which a regex replace is performed if the + regular expression matches. Regex capture groups are available. Default is '$1' + type: string + separator: + description: Separator placed between concatenated source label + values. default is ';'. + type: string + source_labels: + description: |- + UnderScoreSourceLabels - additional form of source labels source_labels + for compatibility with original relabel config. + if set both sourceLabels and source_labels, sourceLabels has priority. + for details https://github.com/VictoriaMetrics/operator/issues/131 + items: + type: string + type: array + sourceLabels: + description: |- + The source labels select values from existing labels. Their content is concatenated + using the configured separator and matched against the configured regular expression + for the replace, keep, and drop actions. + items: + type: string + type: array + target_label: + description: |- + UnderScoreTargetLabel - additional form of target label - target_label + for compatibility with original relabel config. + if set both targetLabel and target_label, targetLabel has priority. + for details https://github.com/VictoriaMetrics/operator/issues/131 + type: string + targetLabel: + description: |- + Label to which the resulting value is written in a replace action. + It is mandatory for replace actions. Regex capture groups are available. + type: string + type: object + type: array + globalScrapeRelabelConfigs: + description: GlobalScrapeRelabelConfigs is a global relabel configuration, + which is applied to each samples of each scrape job during service + discovery. + items: + description: |- + RelabelConfig allows dynamic rewriting of the label set + More info: https://docs.victoriametrics.com/victoriametrics/#relabeling + properties: + action: + description: Action to perform based on regex matching. Default + is 'replace' + type: string + if: + description: 'If represents metricsQL match expression (or list + of expressions): ''{__name__=~"foo_.*"}''' + x-kubernetes-preserve-unknown-fields: true + labels: + additionalProperties: + type: string + description: 'Labels is used together with Match for `action: + graphite`' + type: object + match: + description: 'Match is used together with Labels for `action: + graphite`' + type: string + modulus: + description: Modulus to take of the hash of the source label + values. + format: int64 + type: integer + regex: + description: |- + Regular expression against which the extracted value is matched. Default is '(.*)' + victoriaMetrics supports multiline regex joined with | + https://docs.victoriametrics.com/victoriametrics/vmagent/#relabeling-enhancements + x-kubernetes-preserve-unknown-fields: true + replacement: + description: |- + Replacement value against which a regex replace is performed if the + regular expression matches. Regex capture groups are available. Default is '$1' + type: string + separator: + description: Separator placed between concatenated source label + values. default is ';'. + type: string + source_labels: + description: |- + UnderScoreSourceLabels - additional form of source labels source_labels + for compatibility with original relabel config. + if set both sourceLabels and source_labels, sourceLabels has priority. + for details https://github.com/VictoriaMetrics/operator/issues/131 + items: + type: string + type: array + sourceLabels: + description: |- + The source labels select values from existing labels. Their content is concatenated + using the configured separator and matched against the configured regular expression + for the replace, keep, and drop actions. + items: + type: string + type: array + target_label: + description: |- + UnderScoreTargetLabel - additional form of target label - target_label + for compatibility with original relabel config. + if set both targetLabel and target_label, targetLabel has priority. + for details https://github.com/VictoriaMetrics/operator/issues/131 + type: string + targetLabel: + description: |- + Label to which the resulting value is written in a replace action. + It is mandatory for replace actions. Regex capture groups are available. + type: string + type: object + type: array + host_aliases: + description: |- + HostAliasesUnderScore provides mapping for ip and hostname, + that would be propagated to pod, + cannot be used with HostNetwork. + Has Priority over hostAliases field + items: + description: |- + HostAlias holds the mapping between IP and hostnames that will be injected as an entry in the + pod's hosts file. + properties: + hostnames: + description: Hostnames for the above IP address. + items: + type: string + type: array + x-kubernetes-list-type: atomic + ip: + description: IP address of the host file entry. + type: string + required: + - ip + type: object + type: array + hostAliases: + description: |- + HostAliases provides mapping for ip and hostname, + that would be propagated to pod, + cannot be used with HostNetwork. + items: + description: |- + HostAlias holds the mapping between IP and hostnames that will be injected as an entry in the + pod's hosts file. + properties: + hostnames: + description: Hostnames for the above IP address. + items: + type: string + type: array + x-kubernetes-list-type: atomic + ip: + description: IP address of the host file entry. + type: string + required: + - ip + type: object + type: array + hostNetwork: + description: HostNetwork controls whether the pod may use the node + network namespace + type: boolean + ignoreNamespaceSelectors: + description: |- + IgnoreNamespaceSelectors if set to true will ignore NamespaceSelector settings from + scrape objects, and they will only discover endpoints + within their current namespace. Defaults to false. + type: boolean + image: + description: |- + Image - docker image settings + if no specified operator uses default version from operator config + properties: + pullPolicy: + description: PullPolicy describes how to pull docker image + type: string + repository: + description: Repository contains name of docker image + it's repository + if needed + type: string + tag: + description: Tag contains desired docker image version + type: string + type: object + imagePullSecrets: + description: |- + ImagePullSecrets An optional list of references to secrets in the same namespace + to use for pulling images from registries + see https://kubernetes.io/docs/concepts/containers/images/#referring-to-an-imagepullsecrets-on-a-pod + items: + description: |- + LocalObjectReference contains enough information to let you locate the + referenced object inside the same namespace. + properties: + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + type: object + x-kubernetes-map-type: atomic + type: array + ingestOnlyMode: + description: |- + IngestOnlyMode switches vmagent into unmanaged mode + it disables any config generation for scraping + Currently it prevents vmagent from managing tls and auth options for remote write + type: boolean + initContainers: + description: |- + InitContainers allows adding initContainers to the pod definition. + Any errors during the execution of an initContainer will lead to a restart of the Pod. + More info: https://kubernetes.io/docs/concepts/workloads/pods/init-containers/ + items: + description: A single application container that you want to run + within a pod. + required: + - name + type: object + x-kubernetes-preserve-unknown-fields: true + type: array + inlineRelabelConfig: + description: InlineRelabelConfig - defines GlobalRelabelConfig for + vmagent, can be defined directly at CRD. + items: + description: |- + RelabelConfig allows dynamic rewriting of the label set + More info: https://docs.victoriametrics.com/victoriametrics/#relabeling + properties: + action: + description: Action to perform based on regex matching. Default + is 'replace' + type: string + if: + description: 'If represents metricsQL match expression (or list + of expressions): ''{__name__=~"foo_.*"}''' + x-kubernetes-preserve-unknown-fields: true + labels: + additionalProperties: + type: string + description: 'Labels is used together with Match for `action: + graphite`' + type: object + match: + description: 'Match is used together with Labels for `action: + graphite`' + type: string + modulus: + description: Modulus to take of the hash of the source label + values. + format: int64 + type: integer + regex: + description: |- + Regular expression against which the extracted value is matched. Default is '(.*)' + victoriaMetrics supports multiline regex joined with | + https://docs.victoriametrics.com/victoriametrics/vmagent/#relabeling-enhancements + x-kubernetes-preserve-unknown-fields: true + replacement: + description: |- + Replacement value against which a regex replace is performed if the + regular expression matches. Regex capture groups are available. Default is '$1' + type: string + separator: + description: Separator placed between concatenated source label + values. default is ';'. + type: string + source_labels: + description: |- + UnderScoreSourceLabels - additional form of source labels source_labels + for compatibility with original relabel config. + if set both sourceLabels and source_labels, sourceLabels has priority. + for details https://github.com/VictoriaMetrics/operator/issues/131 + items: + type: string + type: array + sourceLabels: + description: |- + The source labels select values from existing labels. Their content is concatenated + using the configured separator and matched against the configured regular expression + for the replace, keep, and drop actions. + items: + type: string + type: array + target_label: + description: |- + UnderScoreTargetLabel - additional form of target label - target_label + for compatibility with original relabel config. + if set both targetLabel and target_label, targetLabel has priority. + for details https://github.com/VictoriaMetrics/operator/issues/131 + type: string + targetLabel: + description: |- + Label to which the resulting value is written in a replace action. + It is mandatory for replace actions. Regex capture groups are available. + type: string + type: object + type: array + inlineScrapeConfig: + description: |- + InlineScrapeConfig As scrape configs are appended, the user is responsible to make sure it + is valid. Note that using this feature may expose the possibility to + break upgrades of VMAgent. It is advised to review VMAgent release + notes to ensure that no incompatible scrape configs are going to break + VMAgent after the upgrade. + it should be defined as single yaml file. + inlineScrapeConfig: | + - job_name: "prometheus" + static_configs: + - targets: ["localhost:9090"] + type: string + insertPorts: + description: InsertPorts - additional listen ports for data ingestion. + properties: + graphitePort: + description: GraphitePort listen port + type: string + influxPort: + description: InfluxPort listen port + type: string + openTSDBHTTPPort: + description: OpenTSDBHTTPPort for http connections. + type: string + openTSDBPort: + description: OpenTSDBPort for tcp and udp listen + type: string + type: object + license: + description: |- + License allows to configure license key to be used for enterprise features. + Using license key is supported starting from VictoriaMetrics v1.94.0. + See [here](https://docs.victoriametrics.com/victoriametrics/enterprise/) + properties: + forceOffline: + description: Enforce offline verification of the license key. + type: boolean + key: + description: |- + Enterprise license key. This flag is available only in [VictoriaMetrics enterprise](https://docs.victoriametrics.com/victoriametrics/enterprise/). + To request a trial license, [go to](https://victoriametrics.com/products/enterprise/trial) + type: string + keyRef: + description: KeyRef is reference to secret with license key for + enterprise features. + properties: + key: + description: The key of the secret to select from. Must be + a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must be + defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + reloadInterval: + description: Interval to be used for checking for license key + changes. Note that this is only applicable when using KeyRef. + type: string + type: object + livenessProbe: + description: LivenessProbe that will be added CRD pod + type: object + x-kubernetes-preserve-unknown-fields: true + logFormat: + description: LogFormat for VMAgent to be configured with. + enum: + - default + - json + type: string + logLevel: + description: |- + LogLevel for VMAgent to be configured with. + INFO, WARN, ERROR, FATAL, PANIC + enum: + - INFO + - WARN + - ERROR + - FATAL + - PANIC + type: string + managedMetadata: + description: |- + ManagedMetadata defines metadata that will be added to the all objects + created by operator for the given CustomResource + properties: + annotations: + additionalProperties: + type: string + description: |- + Annotations is an unstructured key value map stored with a resource that may be + set by external tools to store and retrieve arbitrary metadata. They are not + queryable and should be preserved when modifying objects. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations + type: object + labels: + additionalProperties: + type: string + description: |- + Labels Map of string keys and values that can be used to organize and categorize + (scope and select) objects. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels + type: object + type: object + maxScrapeInterval: + description: |- + MaxScrapeInterval allows limiting maximum scrape interval for VMServiceScrape, VMPodScrape and other scrapes + If interval is higher than defined limit, `maxScrapeInterval` will be used. + type: string + minReadySeconds: + description: |- + MinReadySeconds defines a minimum number of seconds to wait before starting update next pod + if previous in healthy state + Has no effect for VLogs and VMSingle + format: int32 + type: integer + minScrapeInterval: + description: |- + MinScrapeInterval allows limiting minimal scrape interval for VMServiceScrape, VMPodScrape and other scrapes + If interval is lower than defined limit, `minScrapeInterval` will be used. + type: string + nodeScrapeNamespaceSelector: + description: |- + NodeScrapeNamespaceSelector defines Namespaces to be selected for VMNodeScrape discovery. + Works in combination with Selector. + NamespaceSelector nil - only objects at VMAgent namespace. + Selector nil - only objects at NamespaceSelector namespaces. + If both nil - behaviour controlled by selectAllByDefault + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. + The requirements are ANDed. + items: + description: |- + A label selector requirement is a selector that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: key is the label key that the selector applies + to. + type: string + operator: + description: |- + operator represents a key's relationship to a set of values. + Valid operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: |- + values is an array of string values. If the operator is In or NotIn, + the values array must be non-empty. If the operator is Exists or DoesNotExist, + the values array must be empty. This array is replaced during a strategic + merge patch. + items: + type: string + type: array + x-kubernetes-list-type: atomic + required: + - key + - operator + type: object + type: array + x-kubernetes-list-type: atomic + matchLabels: + additionalProperties: + type: string + description: |- + matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, whose key field is "key", the + operator is "In", and the values array contains only "value". The requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + nodeScrapeRelabelTemplate: + description: |- + NodeScrapeRelabelTemplate defines relabel config, that will be added to each VMNodeScrape. + it's useful for adding specific labels to all targets + items: + description: |- + RelabelConfig allows dynamic rewriting of the label set + More info: https://docs.victoriametrics.com/victoriametrics/#relabeling + properties: + action: + description: Action to perform based on regex matching. Default + is 'replace' + type: string + if: + description: 'If represents metricsQL match expression (or list + of expressions): ''{__name__=~"foo_.*"}''' + x-kubernetes-preserve-unknown-fields: true + labels: + additionalProperties: + type: string + description: 'Labels is used together with Match for `action: + graphite`' + type: object + match: + description: 'Match is used together with Labels for `action: + graphite`' + type: string + modulus: + description: Modulus to take of the hash of the source label + values. + format: int64 + type: integer + regex: + description: |- + Regular expression against which the extracted value is matched. Default is '(.*)' + victoriaMetrics supports multiline regex joined with | + https://docs.victoriametrics.com/victoriametrics/vmagent/#relabeling-enhancements + x-kubernetes-preserve-unknown-fields: true + replacement: + description: |- + Replacement value against which a regex replace is performed if the + regular expression matches. Regex capture groups are available. Default is '$1' + type: string + separator: + description: Separator placed between concatenated source label + values. default is ';'. + type: string + source_labels: + description: |- + UnderScoreSourceLabels - additional form of source labels source_labels + for compatibility with original relabel config. + if set both sourceLabels and source_labels, sourceLabels has priority. + for details https://github.com/VictoriaMetrics/operator/issues/131 + items: + type: string + type: array + sourceLabels: + description: |- + The source labels select values from existing labels. Their content is concatenated + using the configured separator and matched against the configured regular expression + for the replace, keep, and drop actions. + items: + type: string + type: array + target_label: + description: |- + UnderScoreTargetLabel - additional form of target label - target_label + for compatibility with original relabel config. + if set both targetLabel and target_label, targetLabel has priority. + for details https://github.com/VictoriaMetrics/operator/issues/131 + type: string + targetLabel: + description: |- + Label to which the resulting value is written in a replace action. + It is mandatory for replace actions. Regex capture groups are available. + type: string + type: object + type: array + nodeScrapeSelector: + description: |- + NodeScrapeSelector defines VMNodeScrape to be selected for scraping. + Works in combination with NamespaceSelector. + NamespaceSelector nil - only objects at VMAgent namespace. + Selector nil - only objects at NamespaceSelector namespaces. + If both nil - behaviour controlled by selectAllByDefault + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. + The requirements are ANDed. + items: + description: |- + A label selector requirement is a selector that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: key is the label key that the selector applies + to. + type: string + operator: + description: |- + operator represents a key's relationship to a set of values. + Valid operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: |- + values is an array of string values. If the operator is In or NotIn, + the values array must be non-empty. If the operator is Exists or DoesNotExist, + the values array must be empty. This array is replaced during a strategic + merge patch. + items: + type: string + type: array + x-kubernetes-list-type: atomic + required: + - key + - operator + type: object + type: array + x-kubernetes-list-type: atomic + matchLabels: + additionalProperties: + type: string + description: |- + matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, whose key field is "key", the + operator is "In", and the values array contains only "value". The requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + nodeSelector: + additionalProperties: + type: string + description: NodeSelector Define which Nodes the Pods are scheduled + on. + type: object + overrideHonorLabels: + description: |- + OverrideHonorLabels if set to true overrides all user configured honor_labels. + If HonorLabels is set in scrape objects to true, this overrides honor_labels to false. + type: boolean + overrideHonorTimestamps: + description: OverrideHonorTimestamps allows to globally enforce honoring + timestamps in all scrape configs. + type: boolean + paused: + description: |- + Paused If set to true all actions on the underlying managed objects are not + going to be performed, except for delete actions. + type: boolean + persistentVolumeClaimRetentionPolicy: + description: PersistentVolumeClaimRetentionPolicy allows configuration + of PVC retention policy + properties: + whenDeleted: + description: |- + WhenDeleted specifies what happens to PVCs created from StatefulSet + VolumeClaimTemplates when the StatefulSet is deleted. The default policy + of `Retain` causes PVCs to not be affected by StatefulSet deletion. The + `Delete` policy causes those PVCs to be deleted. + type: string + whenScaled: + description: |- + WhenScaled specifies what happens to PVCs created from StatefulSet + VolumeClaimTemplates when the StatefulSet is scaled down. The default + policy of `Retain` causes PVCs to not be affected by a scaledown. The + `Delete` policy causes the associated PVCs for any excess pods above + the replica count to be deleted. + type: string + type: object + podDisruptionBudget: + description: PodDisruptionBudget created by operator + properties: + maxUnavailable: + anyOf: + - type: integer + - type: string + description: |- + An eviction is allowed if at most "maxUnavailable" pods selected by + "selector" are unavailable after the eviction, i.e. even in absence of + the evicted pod. For example, one can prevent all voluntary evictions + by specifying 0. This is a mutually exclusive setting with "minAvailable". + x-kubernetes-int-or-string: true + minAvailable: + anyOf: + - type: integer + - type: string + description: |- + An eviction is allowed if at least "minAvailable" pods selected by + "selector" will still be available after the eviction, i.e. even in the + absence of the evicted pod. So for example you can prevent all voluntary + evictions by specifying "100%". + x-kubernetes-int-or-string: true + selectorLabels: + additionalProperties: + type: string + description: |- + replaces default labels selector generated by operator + it's useful when you need to create custom budget + type: object + type: object + podMetadata: + description: PodMetadata configures Labels and Annotations which are + propagated to the vmagent pods. + properties: + annotations: + additionalProperties: + type: string + description: |- + Annotations is an unstructured key value map stored with a resource that may be + set by external tools to store and retrieve arbitrary metadata. They are not + queryable and should be preserved when modifying objects. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations + type: object + labels: + additionalProperties: + type: string + description: |- + Labels Map of string keys and values that can be used to organize and categorize + (scope and select) objects. May match selectors of replication controllers + and services. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels + type: object + name: + description: |- + Name must be unique within a namespace. Is required when creating resources, although + some resources may allow a client to request the generation of an appropriate name + automatically. Name is primarily intended for creation idempotence and configuration + definition. + Cannot be updated. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names#names + type: string + type: object + podScrapeNamespaceSelector: + description: |- + PodScrapeNamespaceSelector defines Namespaces to be selected for VMPodScrape discovery. + Works in combination with Selector. + NamespaceSelector nil - only objects at VMAgent namespace. + Selector nil - only objects at NamespaceSelector namespaces. + If both nil - behaviour controlled by selectAllByDefault + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. + The requirements are ANDed. + items: + description: |- + A label selector requirement is a selector that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: key is the label key that the selector applies + to. + type: string + operator: + description: |- + operator represents a key's relationship to a set of values. + Valid operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: |- + values is an array of string values. If the operator is In or NotIn, + the values array must be non-empty. If the operator is Exists or DoesNotExist, + the values array must be empty. This array is replaced during a strategic + merge patch. + items: + type: string + type: array + x-kubernetes-list-type: atomic + required: + - key + - operator + type: object + type: array + x-kubernetes-list-type: atomic + matchLabels: + additionalProperties: + type: string + description: |- + matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, whose key field is "key", the + operator is "In", and the values array contains only "value". The requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + podScrapeRelabelTemplate: + description: |- + PodScrapeRelabelTemplate defines relabel config, that will be added to each VMPodScrape. + it's useful for adding specific labels to all targets + items: + description: |- + RelabelConfig allows dynamic rewriting of the label set + More info: https://docs.victoriametrics.com/victoriametrics/#relabeling + properties: + action: + description: Action to perform based on regex matching. Default + is 'replace' + type: string + if: + description: 'If represents metricsQL match expression (or list + of expressions): ''{__name__=~"foo_.*"}''' + x-kubernetes-preserve-unknown-fields: true + labels: + additionalProperties: + type: string + description: 'Labels is used together with Match for `action: + graphite`' + type: object + match: + description: 'Match is used together with Labels for `action: + graphite`' + type: string + modulus: + description: Modulus to take of the hash of the source label + values. + format: int64 + type: integer + regex: + description: |- + Regular expression against which the extracted value is matched. Default is '(.*)' + victoriaMetrics supports multiline regex joined with | + https://docs.victoriametrics.com/victoriametrics/vmagent/#relabeling-enhancements + x-kubernetes-preserve-unknown-fields: true + replacement: + description: |- + Replacement value against which a regex replace is performed if the + regular expression matches. Regex capture groups are available. Default is '$1' + type: string + separator: + description: Separator placed between concatenated source label + values. default is ';'. + type: string + source_labels: + description: |- + UnderScoreSourceLabels - additional form of source labels source_labels + for compatibility with original relabel config. + if set both sourceLabels and source_labels, sourceLabels has priority. + for details https://github.com/VictoriaMetrics/operator/issues/131 + items: + type: string + type: array + sourceLabels: + description: |- + The source labels select values from existing labels. Their content is concatenated + using the configured separator and matched against the configured regular expression + for the replace, keep, and drop actions. + items: + type: string + type: array + target_label: + description: |- + UnderScoreTargetLabel - additional form of target label - target_label + for compatibility with original relabel config. + if set both targetLabel and target_label, targetLabel has priority. + for details https://github.com/VictoriaMetrics/operator/issues/131 + type: string + targetLabel: + description: |- + Label to which the resulting value is written in a replace action. + It is mandatory for replace actions. Regex capture groups are available. + type: string + type: object + type: array + podScrapeSelector: + description: |- + PodScrapeSelector defines PodScrapes to be selected for target discovery. + Works in combination with NamespaceSelector. + NamespaceSelector nil - only objects at VMAgent namespace. + Selector nil - only objects at NamespaceSelector namespaces. + If both nil - behaviour controlled by selectAllByDefault + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. + The requirements are ANDed. + items: + description: |- + A label selector requirement is a selector that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: key is the label key that the selector applies + to. + type: string + operator: + description: |- + operator represents a key's relationship to a set of values. + Valid operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: |- + values is an array of string values. If the operator is In or NotIn, + the values array must be non-empty. If the operator is Exists or DoesNotExist, + the values array must be empty. This array is replaced during a strategic + merge patch. + items: + type: string + type: array + x-kubernetes-list-type: atomic + required: + - key + - operator + type: object + type: array + x-kubernetes-list-type: atomic + matchLabels: + additionalProperties: + type: string + description: |- + matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, whose key field is "key", the + operator is "In", and the values array contains only "value". The requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + port: + description: Port listen address + type: string + priorityClassName: + description: PriorityClassName class assigned to the Pods + type: string + probeNamespaceSelector: + description: |- + ProbeNamespaceSelector defines Namespaces to be selected for VMProbe discovery. + Works in combination with Selector. + NamespaceSelector nil - only objects at VMAgent namespace. + Selector nil - only objects at NamespaceSelector namespaces. + If both nil - behaviour controlled by selectAllByDefault + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. + The requirements are ANDed. + items: + description: |- + A label selector requirement is a selector that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: key is the label key that the selector applies + to. + type: string + operator: + description: |- + operator represents a key's relationship to a set of values. + Valid operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: |- + values is an array of string values. If the operator is In or NotIn, + the values array must be non-empty. If the operator is Exists or DoesNotExist, + the values array must be empty. This array is replaced during a strategic + merge patch. + items: + type: string + type: array + x-kubernetes-list-type: atomic + required: + - key + - operator + type: object + type: array + x-kubernetes-list-type: atomic + matchLabels: + additionalProperties: + type: string + description: |- + matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, whose key field is "key", the + operator is "In", and the values array contains only "value". The requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + probeScrapeRelabelTemplate: + description: |- + ProbeScrapeRelabelTemplate defines relabel config, that will be added to each VMProbeScrape. + it's useful for adding specific labels to all targets + items: + description: |- + RelabelConfig allows dynamic rewriting of the label set + More info: https://docs.victoriametrics.com/victoriametrics/#relabeling + properties: + action: + description: Action to perform based on regex matching. Default + is 'replace' + type: string + if: + description: 'If represents metricsQL match expression (or list + of expressions): ''{__name__=~"foo_.*"}''' + x-kubernetes-preserve-unknown-fields: true + labels: + additionalProperties: + type: string + description: 'Labels is used together with Match for `action: + graphite`' + type: object + match: + description: 'Match is used together with Labels for `action: + graphite`' + type: string + modulus: + description: Modulus to take of the hash of the source label + values. + format: int64 + type: integer + regex: + description: |- + Regular expression against which the extracted value is matched. Default is '(.*)' + victoriaMetrics supports multiline regex joined with | + https://docs.victoriametrics.com/victoriametrics/vmagent/#relabeling-enhancements + x-kubernetes-preserve-unknown-fields: true + replacement: + description: |- + Replacement value against which a regex replace is performed if the + regular expression matches. Regex capture groups are available. Default is '$1' + type: string + separator: + description: Separator placed between concatenated source label + values. default is ';'. + type: string + source_labels: + description: |- + UnderScoreSourceLabels - additional form of source labels source_labels + for compatibility with original relabel config. + if set both sourceLabels and source_labels, sourceLabels has priority. + for details https://github.com/VictoriaMetrics/operator/issues/131 + items: + type: string + type: array + sourceLabels: + description: |- + The source labels select values from existing labels. Their content is concatenated + using the configured separator and matched against the configured regular expression + for the replace, keep, and drop actions. + items: + type: string + type: array + target_label: + description: |- + UnderScoreTargetLabel - additional form of target label - target_label + for compatibility with original relabel config. + if set both targetLabel and target_label, targetLabel has priority. + for details https://github.com/VictoriaMetrics/operator/issues/131 + type: string + targetLabel: + description: |- + Label to which the resulting value is written in a replace action. + It is mandatory for replace actions. Regex capture groups are available. + type: string + type: object + type: array + probeSelector: + description: |- + ProbeSelector defines VMProbe to be selected for target probing. + Works in combination with NamespaceSelector. + NamespaceSelector nil - only objects at VMAgent namespace. + Selector nil - only objects at NamespaceSelector namespaces. + If both nil - behaviour controlled by selectAllByDefault + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. + The requirements are ANDed. + items: + description: |- + A label selector requirement is a selector that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: key is the label key that the selector applies + to. + type: string + operator: + description: |- + operator represents a key's relationship to a set of values. + Valid operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: |- + values is an array of string values. If the operator is In or NotIn, + the values array must be non-empty. If the operator is Exists or DoesNotExist, + the values array must be empty. This array is replaced during a strategic + merge patch. + items: + type: string + type: array + x-kubernetes-list-type: atomic + required: + - key + - operator + type: object + type: array + x-kubernetes-list-type: atomic + matchLabels: + additionalProperties: + type: string + description: |- + matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, whose key field is "key", the + operator is "In", and the values array contains only "value". The requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + readinessGates: + description: ReadinessGates defines pod readiness gates + items: + description: PodReadinessGate contains the reference to a pod condition + properties: + conditionType: + description: ConditionType refers to a condition in the pod's + condition list with matching type. + type: string + required: + - conditionType + type: object + type: array + readinessProbe: + description: ReadinessProbe that will be added CRD pod + type: object + x-kubernetes-preserve-unknown-fields: true + relabelConfig: + description: |- + RelabelConfig ConfigMap with global relabel config -remoteWrite.relabelConfig + This relabeling is applied to all the collected metrics before sending them to remote storage. + properties: + key: + description: The key to select. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the ConfigMap or its key must be + defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + remoteWrite: + description: |- + RemoteWrite list of victoria metrics /some other remote write system + for vm it must looks like: http://victoria-metrics-single:8428/api/v1/write + or for cluster different url + https://docs.victoriametrics.com/victoriametrics/vmagent/#splitting-data-streams-among-multiple-systems + items: + description: VMAgentRemoteWriteSpec defines the remote storage configuration + for VmAgent + properties: + aws: + description: AWS describes params specific to AWS cloud + properties: + ec2Endpoint: + description: EC2Endpoint is an optional AWS EC2 API endpoint + to use for the corresponding -remoteWrite.url if -remoteWrite.aws.useSigv4 + is set + type: string + region: + description: Region is an optional AWS region to use for + the corresponding -remoteWrite.url if -remoteWrite.aws.useSigv4 + is set + type: string + roleARN: + description: RoleARN is an optional AWS region to use for + the corresponding -remoteWrite.url if -remoteWrite.aws.useSigv4 + is set + type: string + service: + description: Service is an optional AWS Service to use for + the corresponding -remoteWrite.url if -remoteWrite.aws.useSigv4 + is set + type: string + stsEndpoint: + description: STSEndpoint is an optional AWS STS API endpoint + to use for the corresponding -remoteWrite.url if -remoteWrite.aws.useSigv4 + is set + type: string + useSigv4: + description: UseSigv4 enables SigV4 request signing for + the corresponding -remoteWrite.url + type: boolean + type: object + basicAuth: + description: BasicAuth allow an endpoint to authenticate over + basic authentication + properties: + password: + description: |- + Password defines reference for secret with password value + The secret needs to be in the same namespace as scrape object + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + password_file: + description: |- + PasswordFile defines path to password file at disk + must be pre-mounted + type: string + username: + description: |- + Username defines reference for secret with username value + The secret needs to be in the same namespace as scrape object + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + bearerTokenSecret: + description: Optional bearer auth token to use for -remoteWrite.url + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + forceVMProto: + description: ForceVMProto forces using VictoriaMetrics protocol + for sending data to -remoteWrite.url + type: boolean + headers: + description: |- + Headers allow configuring custom http headers + Must be in form of semicolon separated header with value + e.g. + headerName: headerValue + vmagent supports since 1.79.0 version + items: + type: string + type: array + inlineUrlRelabelConfig: + description: InlineUrlRelabelConfig defines relabeling config + for remoteWriteURL, it can be defined at crd spec. + items: + description: |- + RelabelConfig allows dynamic rewriting of the label set + More info: https://docs.victoriametrics.com/victoriametrics/#relabeling + properties: + action: + description: Action to perform based on regex matching. + Default is 'replace' + type: string + if: + description: 'If represents metricsQL match expression + (or list of expressions): ''{__name__=~"foo_.*"}''' + x-kubernetes-preserve-unknown-fields: true + labels: + additionalProperties: + type: string + description: 'Labels is used together with Match for `action: + graphite`' + type: object + match: + description: 'Match is used together with Labels for `action: + graphite`' + type: string + modulus: + description: Modulus to take of the hash of the source + label values. + format: int64 + type: integer + regex: + description: |- + Regular expression against which the extracted value is matched. Default is '(.*)' + victoriaMetrics supports multiline regex joined with | + https://docs.victoriametrics.com/victoriametrics/vmagent/#relabeling-enhancements + x-kubernetes-preserve-unknown-fields: true + replacement: + description: |- + Replacement value against which a regex replace is performed if the + regular expression matches. Regex capture groups are available. Default is '$1' + type: string + separator: + description: Separator placed between concatenated source + label values. default is ';'. + type: string + source_labels: + description: |- + UnderScoreSourceLabels - additional form of source labels source_labels + for compatibility with original relabel config. + if set both sourceLabels and source_labels, sourceLabels has priority. + for details https://github.com/VictoriaMetrics/operator/issues/131 + items: + type: string + type: array + sourceLabels: + description: |- + The source labels select values from existing labels. Their content is concatenated + using the configured separator and matched against the configured regular expression + for the replace, keep, and drop actions. + items: + type: string + type: array + target_label: + description: |- + UnderScoreTargetLabel - additional form of target label - target_label + for compatibility with original relabel config. + if set both targetLabel and target_label, targetLabel has priority. + for details https://github.com/VictoriaMetrics/operator/issues/131 + type: string + targetLabel: + description: |- + Label to which the resulting value is written in a replace action. + It is mandatory for replace actions. Regex capture groups are available. + type: string + type: object + type: array + maxDiskUsage: + description: |- + MaxDiskUsage defines the maximum file-based buffer size in bytes for the given remoteWrite + It overrides global configuration defined at remoteWriteSettings.maxDiskUsagePerURL + x-kubernetes-preserve-unknown-fields: true + oauth2: + description: OAuth2 defines auth configuration + properties: + client_id: + description: The secret or configmap containing the OAuth2 + client id + properties: + configMap: + description: ConfigMap containing data to use for the + targets. + properties: + key: + description: The key to select. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the ConfigMap or its + key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + secret: + description: Secret containing data to use for the targets. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key + must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + client_secret: + description: The secret containing the OAuth2 client secret + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + client_secret_file: + description: ClientSecretFile defines path for client secret + file. + type: string + endpoint_params: + additionalProperties: + type: string + description: Parameters to append to the token URL + type: object + proxy_url: + description: |- + The proxy URL for token_url connection + ( available from v0.55.0). + Is only supported by Scrape objects family + type: string + scopes: + description: OAuth2 scopes used for the token request + items: + type: string + type: array + tls_config: + description: |- + TLSConfig for token_url connection + ( available from v0.55.0). + Is only supported by Scrape objects family + x-kubernetes-preserve-unknown-fields: true + token_url: + description: The URL to fetch the token from + minLength: 1 + type: string + required: + - client_id + - token_url + type: object + proxyURL: + description: 'ProxyURL for -remoteWrite.url. Supported proxies: + http, https, socks5. Example: socks5://proxy:1234' + type: string + sendTimeout: + description: Timeout for sending a single block of data to -remoteWrite.url + (default 1m0s) + pattern: '[0-9]+(ms|s|m|h)' + type: string + streamAggrConfig: + description: StreamAggrConfig defines stream aggregation configuration + for VMAgent for -remoteWrite.url + properties: + configmap: + description: ConfigMap with stream aggregation rules + properties: + key: + description: The key to select. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the ConfigMap or its key + must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + dedupInterval: + description: Allows setting different de-duplication intervals + per each configured remote storage + type: string + dropInput: + description: Allow drop all the input samples after the + aggregation + type: boolean + dropInputLabels: + description: labels to drop from samples for aggregator + before stream de-duplication and aggregation + items: + type: string + type: array + enableWindows: + description: EnableWindows enables aggregating data in separate + windows ( available from v0.54.0). + type: boolean + ignoreFirstIntervals: + description: IgnoreFirstIntervals instructs to ignore first + interval + type: integer + ignoreFirstSampleInterval: + description: IgnoreFirstSampleInterval sets interval for + total and prometheus_total during which first samples + will be ignored + type: string + ignoreOldSamples: + description: IgnoreOldSamples instructs to ignore samples + with old timestamps outside the current aggregation interval. + type: boolean + keepInput: + description: Allows writing both raw and aggregate data + type: boolean + rules: + description: Stream aggregation rules + items: + description: StreamAggrRule defines the rule in stream + aggregation config + properties: + by: + description: |- + By is an optional list of labels for grouping input series. + + See also Without. + + If neither By nor Without are set, then the Outputs are calculated + individually per each input time series. + items: + type: string + type: array + dedup_interval: + description: DedupInterval is an optional interval + for deduplication. + type: string + drop_input_labels: + description: |- + DropInputLabels is an optional list with labels, which must be dropped before further processing of input samples. + + Labels are dropped before de-duplication and aggregation. + items: + type: string + type: array + enable_windows: + description: EnableWindows enables aggregating data + in separate windows + type: boolean + flush_on_shutdown: + description: |- + FlushOnShutdown defines whether to flush the aggregation state on process termination + or config reload. Is `false` by default. + It is not recommended changing this setting, unless unfinished aggregations states + are preferred to missing data points. + type: boolean + ignore_first_intervals: + type: integer + ignore_old_samples: + description: IgnoreOldSamples instructs to ignore + samples with old timestamps outside the current + aggregation interval. + type: boolean + ignoreFirstSampleInterval: + description: IgnoreFirstSampleInterval sets interval + for total and prometheus_total during which first + samples will be ignored + type: string + input_relabel_configs: + description: |- + InputRelabelConfigs is an optional relabeling rules, which are applied on the input + before aggregation. + items: + description: |- + RelabelConfig allows dynamic rewriting of the label set + More info: https://docs.victoriametrics.com/victoriametrics/#relabeling + properties: + action: + description: Action to perform based on regex + matching. Default is 'replace' + type: string + if: + description: 'If represents metricsQL match + expression (or list of expressions): ''{__name__=~"foo_.*"}''' + x-kubernetes-preserve-unknown-fields: true + labels: + additionalProperties: + type: string + description: 'Labels is used together with Match + for `action: graphite`' + type: object + match: + description: 'Match is used together with Labels + for `action: graphite`' + type: string + modulus: + description: Modulus to take of the hash of + the source label values. + format: int64 + type: integer + regex: + description: |- + Regular expression against which the extracted value is matched. Default is '(.*)' + victoriaMetrics supports multiline regex joined with | + https://docs.victoriametrics.com/victoriametrics/vmagent/#relabeling-enhancements + x-kubernetes-preserve-unknown-fields: true + replacement: + description: |- + Replacement value against which a regex replace is performed if the + regular expression matches. Regex capture groups are available. Default is '$1' + type: string + separator: + description: Separator placed between concatenated + source label values. default is ';'. + type: string + source_labels: + description: |- + UnderScoreSourceLabels - additional form of source labels source_labels + for compatibility with original relabel config. + if set both sourceLabels and source_labels, sourceLabels has priority. + for details https://github.com/VictoriaMetrics/operator/issues/131 + items: + type: string + type: array + sourceLabels: + description: |- + The source labels select values from existing labels. Their content is concatenated + using the configured separator and matched against the configured regular expression + for the replace, keep, and drop actions. + items: + type: string + type: array + target_label: + description: |- + UnderScoreTargetLabel - additional form of target label - target_label + for compatibility with original relabel config. + if set both targetLabel and target_label, targetLabel has priority. + for details https://github.com/VictoriaMetrics/operator/issues/131 + type: string + targetLabel: + description: |- + Label to which the resulting value is written in a replace action. + It is mandatory for replace actions. Regex capture groups are available. + type: string + type: object + type: array + interval: + description: Interval is the interval between aggregations. + type: string + keep_metric_names: + description: KeepMetricNames instructs to leave metric + names as is for the output time series without adding + any suffix. + type: boolean + match: + description: |- + Match is a label selector (or list of label selectors) for filtering time series for the given selector. + + If the match isn't set, then all the input time series are processed. + x-kubernetes-preserve-unknown-fields: true + no_align_flush_to_interval: + description: |- + NoAlignFlushToInterval disables aligning of flushes to multiples of Interval. + By default flushes are aligned to Interval. + type: boolean + output_relabel_configs: + description: |- + OutputRelabelConfigs is an optional relabeling rules, which are applied + on the aggregated output before being sent to remote storage. + items: + description: |- + RelabelConfig allows dynamic rewriting of the label set + More info: https://docs.victoriametrics.com/victoriametrics/#relabeling + properties: + action: + description: Action to perform based on regex + matching. Default is 'replace' + type: string + if: + description: 'If represents metricsQL match + expression (or list of expressions): ''{__name__=~"foo_.*"}''' + x-kubernetes-preserve-unknown-fields: true + labels: + additionalProperties: + type: string + description: 'Labels is used together with Match + for `action: graphite`' + type: object + match: + description: 'Match is used together with Labels + for `action: graphite`' + type: string + modulus: + description: Modulus to take of the hash of + the source label values. + format: int64 + type: integer + regex: + description: |- + Regular expression against which the extracted value is matched. Default is '(.*)' + victoriaMetrics supports multiline regex joined with | + https://docs.victoriametrics.com/victoriametrics/vmagent/#relabeling-enhancements + x-kubernetes-preserve-unknown-fields: true + replacement: + description: |- + Replacement value against which a regex replace is performed if the + regular expression matches. Regex capture groups are available. Default is '$1' + type: string + separator: + description: Separator placed between concatenated + source label values. default is ';'. + type: string + source_labels: + description: |- + UnderScoreSourceLabels - additional form of source labels source_labels + for compatibility with original relabel config. + if set both sourceLabels and source_labels, sourceLabels has priority. + for details https://github.com/VictoriaMetrics/operator/issues/131 + items: + type: string + type: array + sourceLabels: + description: |- + The source labels select values from existing labels. Their content is concatenated + using the configured separator and matched against the configured regular expression + for the replace, keep, and drop actions. + items: + type: string + type: array + target_label: + description: |- + UnderScoreTargetLabel - additional form of target label - target_label + for compatibility with original relabel config. + if set both targetLabel and target_label, targetLabel has priority. + for details https://github.com/VictoriaMetrics/operator/issues/131 + type: string + targetLabel: + description: |- + Label to which the resulting value is written in a replace action. + It is mandatory for replace actions. Regex capture groups are available. + type: string + type: object + type: array + outputs: + description: |- + Outputs is a list of output aggregate functions to produce. + + The following names are allowed: + + - total - aggregates input counters + - increase - counts the increase over input counters + - count_series - counts the input series + - count_samples - counts the input samples + - sum_samples - sums the input samples + - last - the last biggest sample value + - min - the minimum sample value + - max - the maximum sample value + - avg - the average value across all the samples + - stddev - standard deviation across all the samples + - stdvar - standard variance across all the samples + - histogram_bucket - creates VictoriaMetrics histogram for input samples + - quantiles(phi1, ..., phiN) - quantiles' estimation for phi in the range [0..1] + + The output time series will have the following names: + + input_name:aggr__ + items: + type: string + type: array + staleness_interval: + description: |- + Staleness interval is interval after which the series state will be reset if no samples have been sent during it. + The parameter is only relevant for outputs: total, total_prometheus, increase, increase_prometheus and histogram_bucket. + type: string + without: + description: |- + Without is an optional list of labels, which must be excluded when grouping input series. + + See also By. + + If neither By nor Without are set, then the Outputs are calculated + individually per each input time series. + items: + type: string + type: array + required: + - interval + - outputs + type: object + type: array + type: object + tlsConfig: + description: TLSConfig describes tls configuration for remote + write target + properties: + ca: + description: Struct containing the CA cert to use for the + targets. + properties: + configMap: + description: ConfigMap containing data to use for the + targets. + properties: + key: + description: The key to select. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the ConfigMap or its + key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + secret: + description: Secret containing data to use for the targets. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key + must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + caFile: + description: Path to the CA cert in the container to use + for the targets. + type: string + cert: + description: Struct containing the client cert file for + the targets. + properties: + configMap: + description: ConfigMap containing data to use for the + targets. + properties: + key: + description: The key to select. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the ConfigMap or its + key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + secret: + description: Secret containing data to use for the targets. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key + must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + certFile: + description: Path to the client cert file in the container + for the targets. + type: string + insecureSkipVerify: + description: Disable target certificate validation. + type: boolean + keyFile: + description: Path to the client key file in the container + for the targets. + type: string + keySecret: + description: Secret containing the client key file for the + targets. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + serverName: + description: Used to verify the hostname for the targets. + type: string + type: object + url: + description: URL of the endpoint to send samples to. + type: string + urlRelabelConfig: + description: ConfigMap with relabeling config which is applied + to metrics before sending them to the corresponding -remoteWrite.url + properties: + key: + description: The key to select. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the ConfigMap or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + required: + - url + type: object + type: array + remoteWriteSettings: + description: RemoteWriteSettings defines global settings for all remoteWrite + urls. + properties: + flushInterval: + description: Interval for flushing the data to remote storage. + (default 1s) + pattern: '[0-9]+(ms|s|m|h)' + type: string + label: + additionalProperties: + type: string + description: Labels in the form 'name=value' to add to all the + metrics before sending them. This overrides the label if it + already exists. + type: object + maxBlockSize: + description: The maximum size in bytes of unpacked request to + send to remote storage + format: int32 + type: integer + maxDiskUsagePerURL: + description: The maximum file-based buffer size in bytes at -remoteWrite.tmpDataPath + x-kubernetes-preserve-unknown-fields: true + queues: + description: The number of concurrent queues + format: int32 + type: integer + showURL: + description: Whether to show -remoteWrite.url in the exported + metrics. It is hidden by default, since it can contain sensitive + auth info + type: boolean + tmpDataPath: + description: Path to directory where temporary data for remote + write component is stored (default vmagent-remotewrite-data) + type: string + useMultiTenantMode: + description: |- + Configures vmagent accepting data via the same multitenant endpoints as vminsert at VictoriaMetrics cluster does, + see [here](https://docs.victoriametrics.com/victoriametrics/vmagent/#multitenancy). + it's global setting and affects all remote storage configurations + type: boolean + type: object + replicaCount: + description: ReplicaCount is the expected size of the Application. + format: int32 + type: integer + resources: + description: |- + Resources container resource request and limits, https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + if not defined default resources from operator config will be used + properties: + claims: + description: |- + Claims lists the names of resources, defined in spec.resourceClaims, + that are used by this container. + + This is an alpha field and requires enabling the + DynamicResourceAllocation feature gate. + + This field is immutable. It can only be set for containers. + items: + description: ResourceClaim references one entry in PodSpec.ResourceClaims. + properties: + name: + description: |- + Name must match the name of one entry in pod.spec.resourceClaims of + the Pod where this field is used. It makes that resource available + inside a container. + type: string + request: + description: |- + Request is the name chosen for a request in the referenced claim. + If empty, everything from the claim is made available, otherwise + only the result of this request. + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: |- + Limits describes the maximum amount of compute resources allowed. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: |- + Requests describes the minimum amount of compute resources required. + If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, + otherwise to an implementation-defined value. Requests cannot exceed Limits. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + type: object + type: object + revisionHistoryLimitCount: + description: |- + The number of old ReplicaSets to retain to allow rollback in deployment or + maximum number of revisions that will be maintained in the Deployment revision history. + Has no effect at StatefulSets + Defaults to 10. + format: int32 + type: integer + rollingUpdate: + description: RollingUpdate - overrides deployment update params. + properties: + maxSurge: + anyOf: + - type: integer + - type: string + description: |- + The maximum number of pods that can be scheduled above the desired number of + pods. + Value can be an absolute number (ex: 5) or a percentage of desired pods (ex: 10%). + This can not be 0 if MaxUnavailable is 0. + Absolute number is calculated from percentage by rounding up. + Defaults to 25%. + Example: when this is set to 30%, the new ReplicaSet can be scaled up immediately when + the rolling update starts, such that the total number of old and new pods do not exceed + 130% of desired pods. Once old pods have been killed, + new ReplicaSet can be scaled up further, ensuring that total number of pods running + at any time during the update is at most 130% of desired pods. + x-kubernetes-int-or-string: true + maxUnavailable: + anyOf: + - type: integer + - type: string + description: |- + The maximum number of pods that can be unavailable during the update. + Value can be an absolute number (ex: 5) or a percentage of desired pods (ex: 10%). + Absolute number is calculated from percentage by rounding down. + This can not be 0 if MaxSurge is 0. + Defaults to 25%. + Example: when this is set to 30%, the old ReplicaSet can be scaled down to 70% of desired pods + immediately when the rolling update starts. Once new pods are ready, old ReplicaSet + can be scaled down further, followed by scaling up the new ReplicaSet, ensuring + that the total number of pods available at all times during the update is at + least 70% of desired pods. + x-kubernetes-int-or-string: true + type: object + runtimeClassName: + description: |- + RuntimeClassName - defines runtime class for kubernetes pod. + https://kubernetes.io/docs/concepts/containers/runtime-class/ + type: string + schedulerName: + description: SchedulerName - defines kubernetes scheduler name + type: string + scrapeConfigNamespaceSelector: + description: |- + ScrapeConfigNamespaceSelector defines Namespaces to be selected for VMScrapeConfig discovery. + Works in combination with Selector. + NamespaceSelector nil - only objects at VMAgent namespace. + Selector nil - only objects at NamespaceSelector namespaces. + If both nil - behaviour controlled by selectAllByDefault + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. + The requirements are ANDed. + items: + description: |- + A label selector requirement is a selector that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: key is the label key that the selector applies + to. + type: string + operator: + description: |- + operator represents a key's relationship to a set of values. + Valid operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: |- + values is an array of string values. If the operator is In or NotIn, + the values array must be non-empty. If the operator is Exists or DoesNotExist, + the values array must be empty. This array is replaced during a strategic + merge patch. + items: + type: string + type: array + x-kubernetes-list-type: atomic + required: + - key + - operator + type: object + type: array + x-kubernetes-list-type: atomic + matchLabels: + additionalProperties: + type: string + description: |- + matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, whose key field is "key", the + operator is "In", and the values array contains only "value". The requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + scrapeConfigRelabelTemplate: + description: |- + ScrapeConfigRelabelTemplate defines relabel config, that will be added to each VMScrapeConfig. + it's useful for adding specific labels to all targets + items: + description: |- + RelabelConfig allows dynamic rewriting of the label set + More info: https://docs.victoriametrics.com/victoriametrics/#relabeling + properties: + action: + description: Action to perform based on regex matching. Default + is 'replace' + type: string + if: + description: 'If represents metricsQL match expression (or list + of expressions): ''{__name__=~"foo_.*"}''' + x-kubernetes-preserve-unknown-fields: true + labels: + additionalProperties: + type: string + description: 'Labels is used together with Match for `action: + graphite`' + type: object + match: + description: 'Match is used together with Labels for `action: + graphite`' + type: string + modulus: + description: Modulus to take of the hash of the source label + values. + format: int64 + type: integer + regex: + description: |- + Regular expression against which the extracted value is matched. Default is '(.*)' + victoriaMetrics supports multiline regex joined with | + https://docs.victoriametrics.com/victoriametrics/vmagent/#relabeling-enhancements + x-kubernetes-preserve-unknown-fields: true + replacement: + description: |- + Replacement value against which a regex replace is performed if the + regular expression matches. Regex capture groups are available. Default is '$1' + type: string + separator: + description: Separator placed between concatenated source label + values. default is ';'. + type: string + source_labels: + description: |- + UnderScoreSourceLabels - additional form of source labels source_labels + for compatibility with original relabel config. + if set both sourceLabels and source_labels, sourceLabels has priority. + for details https://github.com/VictoriaMetrics/operator/issues/131 + items: + type: string + type: array + sourceLabels: + description: |- + The source labels select values from existing labels. Their content is concatenated + using the configured separator and matched against the configured regular expression + for the replace, keep, and drop actions. + items: + type: string + type: array + target_label: + description: |- + UnderScoreTargetLabel - additional form of target label - target_label + for compatibility with original relabel config. + if set both targetLabel and target_label, targetLabel has priority. + for details https://github.com/VictoriaMetrics/operator/issues/131 + type: string + targetLabel: + description: |- + Label to which the resulting value is written in a replace action. + It is mandatory for replace actions. Regex capture groups are available. + type: string + type: object + type: array + scrapeConfigSelector: + description: |- + ScrapeConfigSelector defines VMScrapeConfig to be selected for target discovery. + Works in combination with NamespaceSelector. + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. + The requirements are ANDed. + items: + description: |- + A label selector requirement is a selector that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: key is the label key that the selector applies + to. + type: string + operator: + description: |- + operator represents a key's relationship to a set of values. + Valid operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: |- + values is an array of string values. If the operator is In or NotIn, + the values array must be non-empty. If the operator is Exists or DoesNotExist, + the values array must be empty. This array is replaced during a strategic + merge patch. + items: + type: string + type: array + x-kubernetes-list-type: atomic + required: + - key + - operator + type: object + type: array + x-kubernetes-list-type: atomic + matchLabels: + additionalProperties: + type: string + description: |- + matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, whose key field is "key", the + operator is "In", and the values array contains only "value". The requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + scrapeInterval: + description: ScrapeInterval defines how often scrape targets by default + pattern: '[0-9]+(ms|s|m|h)' + type: string + scrapeTimeout: + description: ScrapeTimeout defines global timeout for targets scrape + pattern: '[0-9]+(ms|s|m|h)' + type: string + secrets: + description: |- + Secrets is a list of Secrets in the same namespace as the Application + object, which shall be mounted into the Application container + at /etc/vm/secrets/SECRET_NAME folder + items: + type: string + type: array + securityContext: + description: |- + SecurityContext holds pod-level security attributes and common container settings. + This defaults to the default PodSecurityContext. + type: object + x-kubernetes-preserve-unknown-fields: true + selectAllByDefault: + description: |- + SelectAllByDefault changes default behavior for empty CRD selectors, such ServiceScrapeSelector. + with selectAllByDefault: true and empty serviceScrapeSelector and ServiceScrapeNamespaceSelector + Operator selects all exist serviceScrapes + with selectAllByDefault: false - selects nothing + type: boolean + serviceAccountName: + description: ServiceAccountName is the name of the ServiceAccount + to use to run the pods + type: string + serviceScrapeNamespaceSelector: + description: |- + ServiceScrapeNamespaceSelector Namespaces to be selected for VMServiceScrape discovery. + Works in combination with Selector. + NamespaceSelector nil - only objects at VMAgent namespace. + Selector nil - only objects at NamespaceSelector namespaces. + If both nil - behaviour controlled by selectAllByDefault + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. + The requirements are ANDed. + items: + description: |- + A label selector requirement is a selector that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: key is the label key that the selector applies + to. + type: string + operator: + description: |- + operator represents a key's relationship to a set of values. + Valid operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: |- + values is an array of string values. If the operator is In or NotIn, + the values array must be non-empty. If the operator is Exists or DoesNotExist, + the values array must be empty. This array is replaced during a strategic + merge patch. + items: + type: string + type: array + x-kubernetes-list-type: atomic + required: + - key + - operator + type: object + type: array + x-kubernetes-list-type: atomic + matchLabels: + additionalProperties: + type: string + description: |- + matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, whose key field is "key", the + operator is "In", and the values array contains only "value". The requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + serviceScrapeRelabelTemplate: + description: |- + ServiceScrapeRelabelTemplate defines relabel config, that will be added to each VMServiceScrape. + it's useful for adding specific labels to all targets + items: + description: |- + RelabelConfig allows dynamic rewriting of the label set + More info: https://docs.victoriametrics.com/victoriametrics/#relabeling + properties: + action: + description: Action to perform based on regex matching. Default + is 'replace' + type: string + if: + description: 'If represents metricsQL match expression (or list + of expressions): ''{__name__=~"foo_.*"}''' + x-kubernetes-preserve-unknown-fields: true + labels: + additionalProperties: + type: string + description: 'Labels is used together with Match for `action: + graphite`' + type: object + match: + description: 'Match is used together with Labels for `action: + graphite`' + type: string + modulus: + description: Modulus to take of the hash of the source label + values. + format: int64 + type: integer + regex: + description: |- + Regular expression against which the extracted value is matched. Default is '(.*)' + victoriaMetrics supports multiline regex joined with | + https://docs.victoriametrics.com/victoriametrics/vmagent/#relabeling-enhancements + x-kubernetes-preserve-unknown-fields: true + replacement: + description: |- + Replacement value against which a regex replace is performed if the + regular expression matches. Regex capture groups are available. Default is '$1' + type: string + separator: + description: Separator placed between concatenated source label + values. default is ';'. + type: string + source_labels: + description: |- + UnderScoreSourceLabels - additional form of source labels source_labels + for compatibility with original relabel config. + if set both sourceLabels and source_labels, sourceLabels has priority. + for details https://github.com/VictoriaMetrics/operator/issues/131 + items: + type: string + type: array + sourceLabels: + description: |- + The source labels select values from existing labels. Their content is concatenated + using the configured separator and matched against the configured regular expression + for the replace, keep, and drop actions. + items: + type: string + type: array + target_label: + description: |- + UnderScoreTargetLabel - additional form of target label - target_label + for compatibility with original relabel config. + if set both targetLabel and target_label, targetLabel has priority. + for details https://github.com/VictoriaMetrics/operator/issues/131 + type: string + targetLabel: + description: |- + Label to which the resulting value is written in a replace action. + It is mandatory for replace actions. Regex capture groups are available. + type: string + type: object + type: array + serviceScrapeSelector: + description: |- + ServiceScrapeSelector defines ServiceScrapes to be selected for target discovery. + Works in combination with NamespaceSelector. + NamespaceSelector nil - only objects at VMAgent namespace. + Selector nil - only objects at NamespaceSelector namespaces. + If both nil - behaviour controlled by selectAllByDefault + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. + The requirements are ANDed. + items: + description: |- + A label selector requirement is a selector that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: key is the label key that the selector applies + to. + type: string + operator: + description: |- + operator represents a key's relationship to a set of values. + Valid operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: |- + values is an array of string values. If the operator is In or NotIn, + the values array must be non-empty. If the operator is Exists or DoesNotExist, + the values array must be empty. This array is replaced during a strategic + merge patch. + items: + type: string + type: array + x-kubernetes-list-type: atomic + required: + - key + - operator + type: object + type: array + x-kubernetes-list-type: atomic + matchLabels: + additionalProperties: + type: string + description: |- + matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, whose key field is "key", the + operator is "In", and the values array contains only "value". The requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + serviceScrapeSpec: + description: ServiceScrapeSpec that will be added to vmagent VMServiceScrape + spec + required: + - endpoints + type: object + x-kubernetes-preserve-unknown-fields: true + serviceSpec: + description: ServiceSpec that will be added to vmagent service spec + properties: + metadata: + description: EmbeddedObjectMetadata defines objectMeta for additional + service. + properties: + annotations: + additionalProperties: + type: string + description: |- + Annotations is an unstructured key value map stored with a resource that may be + set by external tools to store and retrieve arbitrary metadata. They are not + queryable and should be preserved when modifying objects. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations + type: object + labels: + additionalProperties: + type: string + description: |- + Labels Map of string keys and values that can be used to organize and categorize + (scope and select) objects. May match selectors of replication controllers + and services. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels + type: object + name: + description: |- + Name must be unique within a namespace. Is required when creating resources, although + some resources may allow a client to request the generation of an appropriate name + automatically. Name is primarily intended for creation idempotence and configuration + definition. + Cannot be updated. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names#names + type: string + type: object + spec: + description: |- + ServiceSpec describes the attributes that a user creates on a service. + More info: https://kubernetes.io/docs/concepts/services-networking/service/ + type: object + x-kubernetes-preserve-unknown-fields: true + useAsDefault: + description: |- + UseAsDefault applies changes from given service definition to the main object Service + Changing from headless service to clusterIP or loadbalancer may break cross-component communication + type: boolean + required: + - spec + type: object + shardCount: + description: |- + ShardCount - numbers of shards of VMAgent + in this case operator will use 1 deployment/sts per shard with + replicas count according to spec.replicas, + see [here](https://docs.victoriametrics.com/victoriametrics/vmagent/#scraping-big-number-of-targets) + type: integer + startupProbe: + description: StartupProbe that will be added to CRD pod + type: object + x-kubernetes-preserve-unknown-fields: true + statefulMode: + description: |- + StatefulMode enables StatefulSet for `VMAgent` instead of Deployment + it allows using persistent storage for vmagent's persistentQueue + type: boolean + statefulRollingUpdateStrategy: + description: |- + StatefulRollingUpdateStrategy allows configuration for strategyType + set it to RollingUpdate for disabling operator statefulSet rollingUpdate + type: string + statefulStorage: + description: StatefulStorage configures storage for StatefulSet + properties: + disableMountSubPath: + description: |- + Deprecated: subPath usage will be disabled by default in a future release, this option will become unnecessary. + DisableMountSubPath allows to remove any subPath usage in volume mounts. + type: boolean + emptyDir: + description: |- + EmptyDirVolumeSource to be used by the Prometheus StatefulSets. If specified, used in place of any volumeClaimTemplate. More + info: https://kubernetes.io/docs/concepts/storage/volumes/#emptydir + properties: + medium: + description: |- + medium represents what type of storage medium should back this directory. + The default is "" which means to use the node's default medium. + Must be an empty string (default) or Memory. + More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir + type: string + sizeLimit: + anyOf: + - type: integer + - type: string + description: |- + sizeLimit is the total amount of local storage required for this EmptyDir volume. + The size limit is also applicable for memory medium. + The maximum usage on memory medium EmptyDir would be the minimum value between + the SizeLimit specified here and the sum of memory limits of all containers in a pod. + The default is nil which means that the limit is undefined. + More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + volumeClaimTemplate: + description: A PVC spec to be used by the StatefulSets/Deployments. + properties: + apiVersion: + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + type: string + kind: + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + type: string + metadata: + description: EmbeddedMetadata contains metadata relevant to + an EmbeddedResource. + properties: + annotations: + additionalProperties: + type: string + description: |- + Annotations is an unstructured key value map stored with a resource that may be + set by external tools to store and retrieve arbitrary metadata. They are not + queryable and should be preserved when modifying objects. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations + type: object + labels: + additionalProperties: + type: string + description: |- + Labels Map of string keys and values that can be used to organize and categorize + (scope and select) objects. May match selectors of replication controllers + and services. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels + type: object + name: + description: |- + Name must be unique within a namespace. Is required when creating resources, although + some resources may allow a client to request the generation of an appropriate name + automatically. Name is primarily intended for creation idempotence and configuration + definition. + Cannot be updated. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names#names + type: string + type: object + spec: + description: |- + Spec defines the desired characteristics of a volume requested by a pod author. + More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims + properties: + accessModes: + description: |- + accessModes contains the desired access modes the volume should have. + More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1 + items: + type: string + type: array + x-kubernetes-list-type: atomic + dataSource: + description: |- + dataSource field can be used to specify either: + * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot) + * An existing PVC (PersistentVolumeClaim) + If the provisioner or an external controller can support the specified data source, + it will create a new volume based on the contents of the specified data source. + When the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef, + and dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified. + If the namespace is specified, then dataSourceRef will not be copied to dataSource. + properties: + apiGroup: + description: |- + APIGroup is the group for the resource being referenced. + If APIGroup is not specified, the specified Kind must be in the core API group. + For any other third-party types, APIGroup is required. + type: string + kind: + description: Kind is the type of resource being referenced + type: string + name: + description: Name is the name of resource being referenced + type: string + required: + - kind + - name + type: object + x-kubernetes-map-type: atomic + dataSourceRef: + description: |- + dataSourceRef specifies the object from which to populate the volume with data, if a non-empty + volume is desired. This may be any object from a non-empty API group (non + core object) or a PersistentVolumeClaim object. + When this field is specified, volume binding will only succeed if the type of + the specified object matches some installed volume populator or dynamic + provisioner. + This field will replace the functionality of the dataSource field and as such + if both fields are non-empty, they must have the same value. For backwards + compatibility, when namespace isn't specified in dataSourceRef, + both fields (dataSource and dataSourceRef) will be set to the same + value automatically if one of them is empty and the other is non-empty. + When namespace is specified in dataSourceRef, + dataSource isn't set to the same value and must be empty. + There are three important differences between dataSource and dataSourceRef: + * While dataSource only allows two specific types of objects, dataSourceRef + allows any non-core object, as well as PersistentVolumeClaim objects. + * While dataSource ignores disallowed values (dropping them), dataSourceRef + preserves all values, and generates an error if a disallowed value is + specified. + * While dataSource only allows local objects, dataSourceRef allows objects + in any namespaces. + (Beta) Using this field requires the AnyVolumeDataSource feature gate to be enabled. + (Alpha) Using the namespace field of dataSourceRef requires the CrossNamespaceVolumeDataSource feature gate to be enabled. + properties: + apiGroup: + description: |- + APIGroup is the group for the resource being referenced. + If APIGroup is not specified, the specified Kind must be in the core API group. + For any other third-party types, APIGroup is required. + type: string + kind: + description: Kind is the type of resource being referenced + type: string + name: + description: Name is the name of resource being referenced + type: string + namespace: + description: |- + Namespace is the namespace of resource being referenced + Note that when a namespace is specified, a gateway.networking.k8s.io/ReferenceGrant object is required in the referent namespace to allow that namespace's owner to accept the reference. See the ReferenceGrant documentation for details. + (Alpha) This field requires the CrossNamespaceVolumeDataSource feature gate to be enabled. + type: string + required: + - kind + - name + type: object + resources: + description: |- + resources represents the minimum resources the volume should have. + If RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements + that are lower than previous value but must still be higher than capacity recorded in the + status field of the claim. + More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources + properties: + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: |- + Limits describes the maximum amount of compute resources allowed. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: |- + Requests describes the minimum amount of compute resources required. + If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, + otherwise to an implementation-defined value. Requests cannot exceed Limits. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + type: object + type: object + selector: + description: selector is a label query over volumes to + consider for binding. + properties: + matchExpressions: + description: matchExpressions is a list of label selector + requirements. The requirements are ANDed. + items: + description: |- + A label selector requirement is a selector that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: key is the label key that the selector + applies to. + type: string + operator: + description: |- + operator represents a key's relationship to a set of values. + Valid operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: |- + values is an array of string values. If the operator is In or NotIn, + the values array must be non-empty. If the operator is Exists or DoesNotExist, + the values array must be empty. This array is replaced during a strategic + merge patch. + items: + type: string + type: array + x-kubernetes-list-type: atomic + required: + - key + - operator + type: object + type: array + x-kubernetes-list-type: atomic + matchLabels: + additionalProperties: + type: string + description: |- + matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, whose key field is "key", the + operator is "In", and the values array contains only "value". The requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + storageClassName: + description: |- + storageClassName is the name of the StorageClass required by the claim. + More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1 + type: string + volumeAttributesClassName: + description: |- + volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim. + If specified, the CSI driver will create or update the volume with the attributes defined + in the corresponding VolumeAttributesClass. This has a different purpose than storageClassName, + it can be changed after the claim is created. An empty string value means that no VolumeAttributesClass + will be applied to the claim but it's not allowed to reset this field to empty string once it is set. + If unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass + will be set by the persistentvolume controller if it exists. + If the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be + set to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource + exists. + More info: https://kubernetes.io/docs/concepts/storage/volume-attributes-classes/ + (Beta) Using this field requires the VolumeAttributesClass feature gate to be enabled (off by default). + type: string + volumeMode: + description: |- + volumeMode defines what type of volume is required by the claim. + Value of Filesystem is implied when not included in claim spec. + type: string + volumeName: + description: volumeName is the binding reference to the + PersistentVolume backing this claim. + type: string + type: object + status: + description: |- + Status represents the current information/status of a persistent volume claim. + Read-only. + More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims + properties: + accessModes: + description: |- + accessModes contains the actual access modes the volume backing the PVC has. + More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1 + items: + type: string + type: array + x-kubernetes-list-type: atomic + allocatedResourceStatuses: + additionalProperties: + description: |- + When a controller receives persistentvolume claim update with ClaimResourceStatus for a resource + that it does not recognizes, then it should ignore that update and let other controllers + handle it. + type: string + description: "allocatedResourceStatuses stores status + of resource being resized for the given PVC.\nKey names + follow standard Kubernetes label syntax. Valid values + are either:\n\t* Un-prefixed keys:\n\t\t- storage - + the capacity of the volume.\n\t* Custom resources must + use implementation-defined prefixed names such as \"example.com/my-custom-resource\"\nApart + from above values - keys that are unprefixed or have + kubernetes.io prefix are considered\nreserved and hence + may not be used.\n\nClaimResourceStatus can be in any + of following states:\n\t- ControllerResizeInProgress:\n\t\tState + set when resize controller starts resizing the volume + in control-plane.\n\t- ControllerResizeFailed:\n\t\tState + set when resize has failed in resize controller with + a terminal error.\n\t- NodeResizePending:\n\t\tState + set when resize controller has finished resizing the + volume but further resizing of\n\t\tvolume is needed + on the node.\n\t- NodeResizeInProgress:\n\t\tState set + when kubelet starts resizing the volume.\n\t- NodeResizeFailed:\n\t\tState + set when resizing has failed in kubelet with a terminal + error. Transient errors don't set\n\t\tNodeResizeFailed.\nFor + example: if expanding a PVC for more capacity - this + field can be one of the following states:\n\t- pvc.status.allocatedResourceStatus['storage'] + = \"ControllerResizeInProgress\"\n - pvc.status.allocatedResourceStatus['storage'] + = \"ControllerResizeFailed\"\n - pvc.status.allocatedResourceStatus['storage'] + = \"NodeResizePending\"\n - pvc.status.allocatedResourceStatus['storage'] + = \"NodeResizeInProgress\"\n - pvc.status.allocatedResourceStatus['storage'] + = \"NodeResizeFailed\"\nWhen this field is not set, + it means that no resize operation is in progress for + the given PVC.\n\nA controller that receives PVC update + with previously unknown resourceName or ClaimResourceStatus\nshould + ignore the update for the purpose it was designed. For + example - a controller that\nonly is responsible for + resizing capacity of the volume, should ignore PVC updates + that change other valid\nresources associated with PVC.\n\nThis + is an alpha field and requires enabling RecoverVolumeExpansionFailure + feature." + type: object + x-kubernetes-map-type: granular + allocatedResources: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: "allocatedResources tracks the resources + allocated to a PVC including its capacity.\nKey names + follow standard Kubernetes label syntax. Valid values + are either:\n\t* Un-prefixed keys:\n\t\t- storage - + the capacity of the volume.\n\t* Custom resources must + use implementation-defined prefixed names such as \"example.com/my-custom-resource\"\nApart + from above values - keys that are unprefixed or have + kubernetes.io prefix are considered\nreserved and hence + may not be used.\n\nCapacity reported here may be larger + than the actual capacity when a volume expansion operation\nis + requested.\nFor storage quota, the larger value from + allocatedResources and PVC.spec.resources is used.\nIf + allocatedResources is not set, PVC.spec.resources alone + is used for quota calculation.\nIf a volume expansion + capacity request is lowered, allocatedResources is only\nlowered + if there are no expansion operations in progress and + if the actual volume capacity\nis equal or lower than + the requested capacity.\n\nA controller that receives + PVC update with previously unknown resourceName\nshould + ignore the update for the purpose it was designed. For + example - a controller that\nonly is responsible for + resizing capacity of the volume, should ignore PVC updates + that change other valid\nresources associated with PVC.\n\nThis + is an alpha field and requires enabling RecoverVolumeExpansionFailure + feature." + type: object + capacity: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: capacity represents the actual resources + of the underlying volume. + type: object + conditions: + description: |- + conditions is the current Condition of persistent volume claim. If underlying persistent volume is being + resized then the Condition will be set to 'Resizing'. + items: + description: PersistentVolumeClaimCondition contains + details about state of pvc + properties: + lastProbeTime: + description: lastProbeTime is the time we probed + the condition. + format: date-time + type: string + lastTransitionTime: + description: lastTransitionTime is the time the + condition transitioned from one status to another. + format: date-time + type: string + message: + description: message is the human-readable message + indicating details about last transition. + type: string + reason: + description: |- + reason is a unique, this should be a short, machine understandable string that gives the reason + for condition's last transition. If it reports "Resizing" that means the underlying + persistent volume is being resized. + type: string + status: + description: |- + Status is the status of the condition. + Can be True, False, Unknown. + More info: https://kubernetes.io/docs/reference/kubernetes-api/config-and-storage-resources/persistent-volume-claim-v1/#:~:text=state%20of%20pvc-,conditions.status,-(string)%2C%20required + type: string + type: + description: |- + Type is the type of the condition. + More info: https://kubernetes.io/docs/reference/kubernetes-api/config-and-storage-resources/persistent-volume-claim-v1/#:~:text=set%20to%20%27ResizeStarted%27.-,PersistentVolumeClaimCondition,-contains%20details%20about + type: string + required: + - status + - type + type: object + type: array + x-kubernetes-list-map-keys: + - type + x-kubernetes-list-type: map + currentVolumeAttributesClassName: + description: |- + currentVolumeAttributesClassName is the current name of the VolumeAttributesClass the PVC is using. + When unset, there is no VolumeAttributeClass applied to this PersistentVolumeClaim + This is a beta field and requires enabling VolumeAttributesClass feature (off by default). + type: string + modifyVolumeStatus: + description: |- + ModifyVolumeStatus represents the status object of ControllerModifyVolume operation. + When this is unset, there is no ModifyVolume operation being attempted. + This is a beta field and requires enabling VolumeAttributesClass feature (off by default). + properties: + status: + description: "status is the status of the ControllerModifyVolume + operation. It can be in any of following states:\n + - Pending\n Pending indicates that the PersistentVolumeClaim + cannot be modified due to unmet requirements, such + as\n the specified VolumeAttributesClass not existing.\n + - InProgress\n InProgress indicates that the volume + is being modified.\n - Infeasible\n Infeasible + indicates that the request has been rejected as + invalid by the CSI driver. To\n\t resolve the error, + a valid VolumeAttributesClass needs to be specified.\nNote: + New statuses can be added in the future. Consumers + should check for unknown statuses and fail appropriately." + type: string + targetVolumeAttributesClassName: + description: targetVolumeAttributesClassName is the + name of the VolumeAttributesClass the PVC currently + being reconciled + type: string + required: + - status + type: object + phase: + description: phase represents the current phase of PersistentVolumeClaim. + type: string + type: object + type: object + type: object + staticScrapeNamespaceSelector: + description: |- + StaticScrapeNamespaceSelector defines Namespaces to be selected for VMStaticScrape discovery. + Works in combination with NamespaceSelector. + NamespaceSelector nil - only objects at VMAgent namespace. + Selector nil - only objects at NamespaceSelector namespaces. + If both nil - behaviour controlled by selectAllByDefault + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. + The requirements are ANDed. + items: + description: |- + A label selector requirement is a selector that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: key is the label key that the selector applies + to. + type: string + operator: + description: |- + operator represents a key's relationship to a set of values. + Valid operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: |- + values is an array of string values. If the operator is In or NotIn, + the values array must be non-empty. If the operator is Exists or DoesNotExist, + the values array must be empty. This array is replaced during a strategic + merge patch. + items: + type: string + type: array + x-kubernetes-list-type: atomic + required: + - key + - operator + type: object + type: array + x-kubernetes-list-type: atomic + matchLabels: + additionalProperties: + type: string + description: |- + matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, whose key field is "key", the + operator is "In", and the values array contains only "value". The requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + staticScrapeRelabelTemplate: + description: |- + StaticScrapeRelabelTemplate defines relabel config, that will be added to each VMStaticScrape. + it's useful for adding specific labels to all targets + items: + description: |- + RelabelConfig allows dynamic rewriting of the label set + More info: https://docs.victoriametrics.com/victoriametrics/#relabeling + properties: + action: + description: Action to perform based on regex matching. Default + is 'replace' + type: string + if: + description: 'If represents metricsQL match expression (or list + of expressions): ''{__name__=~"foo_.*"}''' + x-kubernetes-preserve-unknown-fields: true + labels: + additionalProperties: + type: string + description: 'Labels is used together with Match for `action: + graphite`' + type: object + match: + description: 'Match is used together with Labels for `action: + graphite`' + type: string + modulus: + description: Modulus to take of the hash of the source label + values. + format: int64 + type: integer + regex: + description: |- + Regular expression against which the extracted value is matched. Default is '(.*)' + victoriaMetrics supports multiline regex joined with | + https://docs.victoriametrics.com/victoriametrics/vmagent/#relabeling-enhancements + x-kubernetes-preserve-unknown-fields: true + replacement: + description: |- + Replacement value against which a regex replace is performed if the + regular expression matches. Regex capture groups are available. Default is '$1' + type: string + separator: + description: Separator placed between concatenated source label + values. default is ';'. + type: string + source_labels: + description: |- + UnderScoreSourceLabels - additional form of source labels source_labels + for compatibility with original relabel config. + if set both sourceLabels and source_labels, sourceLabels has priority. + for details https://github.com/VictoriaMetrics/operator/issues/131 + items: + type: string + type: array + sourceLabels: + description: |- + The source labels select values from existing labels. Their content is concatenated + using the configured separator and matched against the configured regular expression + for the replace, keep, and drop actions. + items: + type: string + type: array + target_label: + description: |- + UnderScoreTargetLabel - additional form of target label - target_label + for compatibility with original relabel config. + if set both targetLabel and target_label, targetLabel has priority. + for details https://github.com/VictoriaMetrics/operator/issues/131 + type: string + targetLabel: + description: |- + Label to which the resulting value is written in a replace action. + It is mandatory for replace actions. Regex capture groups are available. + type: string + type: object + type: array + staticScrapeSelector: + description: |- + StaticScrapeSelector defines VMStaticScrape to be selected for target discovery. + Works in combination with NamespaceSelector. + If both nil - match everything. + NamespaceSelector nil - only objects at VMAgent namespace. + Selector nil - only objects at NamespaceSelector namespaces. + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. + The requirements are ANDed. + items: + description: |- + A label selector requirement is a selector that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: key is the label key that the selector applies + to. + type: string + operator: + description: |- + operator represents a key's relationship to a set of values. + Valid operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: |- + values is an array of string values. If the operator is In or NotIn, + the values array must be non-empty. If the operator is Exists or DoesNotExist, + the values array must be empty. This array is replaced during a strategic + merge patch. + items: + type: string + type: array + x-kubernetes-list-type: atomic + required: + - key + - operator + type: object + type: array + x-kubernetes-list-type: atomic + matchLabels: + additionalProperties: + type: string + description: |- + matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, whose key field is "key", the + operator is "In", and the values array contains only "value". The requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + streamAggrConfig: + description: StreamAggrConfig defines global stream aggregation configuration + for VMAgent + properties: + configmap: + description: ConfigMap with stream aggregation rules + properties: + key: + description: The key to select. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the ConfigMap or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + dedupInterval: + description: Allows setting different de-duplication intervals + per each configured remote storage + type: string + dropInput: + description: Allow drop all the input samples after the aggregation + type: boolean + dropInputLabels: + description: labels to drop from samples for aggregator before + stream de-duplication and aggregation + items: + type: string + type: array + enableWindows: + description: EnableWindows enables aggregating data in separate + windows ( available from v0.54.0). + type: boolean + ignoreFirstIntervals: + description: IgnoreFirstIntervals instructs to ignore first interval + type: integer + ignoreFirstSampleInterval: + description: IgnoreFirstSampleInterval sets interval for total + and prometheus_total during which first samples will be ignored + type: string + ignoreOldSamples: + description: IgnoreOldSamples instructs to ignore samples with + old timestamps outside the current aggregation interval. + type: boolean + keepInput: + description: Allows writing both raw and aggregate data + type: boolean + rules: + description: Stream aggregation rules + items: + description: StreamAggrRule defines the rule in stream aggregation + config + properties: + by: + description: |- + By is an optional list of labels for grouping input series. + + See also Without. + + If neither By nor Without are set, then the Outputs are calculated + individually per each input time series. + items: + type: string + type: array + dedup_interval: + description: DedupInterval is an optional interval for deduplication. + type: string + drop_input_labels: + description: |- + DropInputLabels is an optional list with labels, which must be dropped before further processing of input samples. + + Labels are dropped before de-duplication and aggregation. + items: + type: string + type: array + enable_windows: + description: EnableWindows enables aggregating data in separate + windows + type: boolean + flush_on_shutdown: + description: |- + FlushOnShutdown defines whether to flush the aggregation state on process termination + or config reload. Is `false` by default. + It is not recommended changing this setting, unless unfinished aggregations states + are preferred to missing data points. + type: boolean + ignore_first_intervals: + type: integer + ignore_old_samples: + description: IgnoreOldSamples instructs to ignore samples + with old timestamps outside the current aggregation interval. + type: boolean + ignoreFirstSampleInterval: + description: IgnoreFirstSampleInterval sets interval for + total and prometheus_total during which first samples + will be ignored + type: string + input_relabel_configs: + description: |- + InputRelabelConfigs is an optional relabeling rules, which are applied on the input + before aggregation. + items: + description: |- + RelabelConfig allows dynamic rewriting of the label set + More info: https://docs.victoriametrics.com/victoriametrics/#relabeling + properties: + action: + description: Action to perform based on regex matching. + Default is 'replace' + type: string + if: + description: 'If represents metricsQL match expression + (or list of expressions): ''{__name__=~"foo_.*"}''' + x-kubernetes-preserve-unknown-fields: true + labels: + additionalProperties: + type: string + description: 'Labels is used together with Match for + `action: graphite`' + type: object + match: + description: 'Match is used together with Labels for + `action: graphite`' + type: string + modulus: + description: Modulus to take of the hash of the source + label values. + format: int64 + type: integer + regex: + description: |- + Regular expression against which the extracted value is matched. Default is '(.*)' + victoriaMetrics supports multiline regex joined with | + https://docs.victoriametrics.com/victoriametrics/vmagent/#relabeling-enhancements + x-kubernetes-preserve-unknown-fields: true + replacement: + description: |- + Replacement value against which a regex replace is performed if the + regular expression matches. Regex capture groups are available. Default is '$1' + type: string + separator: + description: Separator placed between concatenated + source label values. default is ';'. + type: string + source_labels: + description: |- + UnderScoreSourceLabels - additional form of source labels source_labels + for compatibility with original relabel config. + if set both sourceLabels and source_labels, sourceLabels has priority. + for details https://github.com/VictoriaMetrics/operator/issues/131 + items: + type: string + type: array + sourceLabels: + description: |- + The source labels select values from existing labels. Their content is concatenated + using the configured separator and matched against the configured regular expression + for the replace, keep, and drop actions. + items: + type: string + type: array + target_label: + description: |- + UnderScoreTargetLabel - additional form of target label - target_label + for compatibility with original relabel config. + if set both targetLabel and target_label, targetLabel has priority. + for details https://github.com/VictoriaMetrics/operator/issues/131 + type: string + targetLabel: + description: |- + Label to which the resulting value is written in a replace action. + It is mandatory for replace actions. Regex capture groups are available. + type: string + type: object + type: array + interval: + description: Interval is the interval between aggregations. + type: string + keep_metric_names: + description: KeepMetricNames instructs to leave metric names + as is for the output time series without adding any suffix. + type: boolean + match: + description: |- + Match is a label selector (or list of label selectors) for filtering time series for the given selector. + + If the match isn't set, then all the input time series are processed. + x-kubernetes-preserve-unknown-fields: true + no_align_flush_to_interval: + description: |- + NoAlignFlushToInterval disables aligning of flushes to multiples of Interval. + By default flushes are aligned to Interval. + type: boolean + output_relabel_configs: + description: |- + OutputRelabelConfigs is an optional relabeling rules, which are applied + on the aggregated output before being sent to remote storage. + items: + description: |- + RelabelConfig allows dynamic rewriting of the label set + More info: https://docs.victoriametrics.com/victoriametrics/#relabeling + properties: + action: + description: Action to perform based on regex matching. + Default is 'replace' + type: string + if: + description: 'If represents metricsQL match expression + (or list of expressions): ''{__name__=~"foo_.*"}''' + x-kubernetes-preserve-unknown-fields: true + labels: + additionalProperties: + type: string + description: 'Labels is used together with Match for + `action: graphite`' + type: object + match: + description: 'Match is used together with Labels for + `action: graphite`' + type: string + modulus: + description: Modulus to take of the hash of the source + label values. + format: int64 + type: integer + regex: + description: |- + Regular expression against which the extracted value is matched. Default is '(.*)' + victoriaMetrics supports multiline regex joined with | + https://docs.victoriametrics.com/victoriametrics/vmagent/#relabeling-enhancements + x-kubernetes-preserve-unknown-fields: true + replacement: + description: |- + Replacement value against which a regex replace is performed if the + regular expression matches. Regex capture groups are available. Default is '$1' + type: string + separator: + description: Separator placed between concatenated + source label values. default is ';'. + type: string + source_labels: + description: |- + UnderScoreSourceLabels - additional form of source labels source_labels + for compatibility with original relabel config. + if set both sourceLabels and source_labels, sourceLabels has priority. + for details https://github.com/VictoriaMetrics/operator/issues/131 + items: + type: string + type: array + sourceLabels: + description: |- + The source labels select values from existing labels. Their content is concatenated + using the configured separator and matched against the configured regular expression + for the replace, keep, and drop actions. + items: + type: string + type: array + target_label: + description: |- + UnderScoreTargetLabel - additional form of target label - target_label + for compatibility with original relabel config. + if set both targetLabel and target_label, targetLabel has priority. + for details https://github.com/VictoriaMetrics/operator/issues/131 + type: string + targetLabel: + description: |- + Label to which the resulting value is written in a replace action. + It is mandatory for replace actions. Regex capture groups are available. + type: string + type: object + type: array + outputs: + description: |- + Outputs is a list of output aggregate functions to produce. + + The following names are allowed: + + - total - aggregates input counters + - increase - counts the increase over input counters + - count_series - counts the input series + - count_samples - counts the input samples + - sum_samples - sums the input samples + - last - the last biggest sample value + - min - the minimum sample value + - max - the maximum sample value + - avg - the average value across all the samples + - stddev - standard deviation across all the samples + - stdvar - standard variance across all the samples + - histogram_bucket - creates VictoriaMetrics histogram for input samples + - quantiles(phi1, ..., phiN) - quantiles' estimation for phi in the range [0..1] + + The output time series will have the following names: + + input_name:aggr__ + items: + type: string + type: array + staleness_interval: + description: |- + Staleness interval is interval after which the series state will be reset if no samples have been sent during it. + The parameter is only relevant for outputs: total, total_prometheus, increase, increase_prometheus and histogram_bucket. + type: string + without: + description: |- + Without is an optional list of labels, which must be excluded when grouping input series. + + See also By. + + If neither By nor Without are set, then the Outputs are calculated + individually per each input time series. + items: + type: string + type: array + required: + - interval + - outputs + type: object + type: array + type: object + terminationGracePeriodSeconds: + description: TerminationGracePeriodSeconds period for container graceful + termination + format: int64 + type: integer + tolerations: + description: Tolerations If specified, the pod's tolerations. + items: + description: |- + The pod this Toleration is attached to tolerates any taint that matches + the triple using the matching operator . + properties: + effect: + description: |- + Effect indicates the taint effect to match. Empty means match all taint effects. + When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute. + type: string + key: + description: |- + Key is the taint key that the toleration applies to. Empty means match all taint keys. + If the key is empty, operator must be Exists; this combination means to match all values and all keys. + type: string + operator: + description: |- + Operator represents a key's relationship to the value. + Valid operators are Exists and Equal. Defaults to Equal. + Exists is equivalent to wildcard for value, so that a pod can + tolerate all taints of a particular category. + type: string + tolerationSeconds: + description: |- + TolerationSeconds represents the period of time the toleration (which must be + of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, + it is not set, which means tolerate the taint forever (do not evict). Zero and + negative values will be treated as 0 (evict immediately) by the system. + format: int64 + type: integer + value: + description: |- + Value is the taint value the toleration matches to. + If the operator is Exists, the value should be empty, otherwise just a regular string. + type: string + type: object + type: array + topologySpreadConstraints: + description: |- + TopologySpreadConstraints embedded kubernetes pod configuration option, + controls how pods are spread across your cluster among failure-domains + such as regions, zones, nodes, and other user-defined topology domains + https://kubernetes.io/docs/concepts/workloads/pods/pod-topology-spread-constraints/ + items: + description: TopologySpreadConstraint specifies how to spread matching + pods among the given topology. + required: + - maxSkew + - topologyKey + - whenUnsatisfiable + type: object + x-kubernetes-preserve-unknown-fields: true + type: array + updateStrategy: + description: |- + UpdateStrategy - overrides default update strategy. + works only for deployments, statefulset always use OnDelete. + enum: + - Recreate + - RollingUpdate + type: string + useDefaultResources: + description: |- + UseDefaultResources controls resource settings + By default, operator sets built-in resource requirements + type: boolean + useStrictSecurity: + description: |- + UseStrictSecurity enables strict security mode for component + it restricts disk writes access + uses non-root user out of the box + drops not needed security permissions + type: boolean + useVMConfigReloader: + description: |- + UseVMConfigReloader replaces prometheus-like config-reloader + with vm one. It uses secrets watch instead of file watch + which greatly increases speed of config updates + type: boolean + vmAgentExternalLabelName: + description: |- + VMAgentExternalLabelName Name of vmAgent external label used to denote vmAgent instance + name. Defaults to the value of `prometheus`. External label will + _not_ be added when value is set to empty string (`""`). + type: string + volumeMounts: + description: |- + VolumeMounts allows configuration of additional VolumeMounts on the output Deployment/StatefulSet definition. + VolumeMounts specified will be appended to other VolumeMounts in the Application container + items: + description: VolumeMount describes a mounting of a Volume within + a container. + properties: + mountPath: + description: |- + Path within the container at which the volume should be mounted. Must + not contain ':'. + type: string + mountPropagation: + description: |- + mountPropagation determines how mounts are propagated from the host + to container and the other way around. + When not set, MountPropagationNone is used. + This field is beta in 1.10. + When RecursiveReadOnly is set to IfPossible or to Enabled, MountPropagation must be None or unspecified + (which defaults to None). + type: string + name: + description: This must match the Name of a Volume. + type: string + readOnly: + description: |- + Mounted read-only if true, read-write otherwise (false or unspecified). + Defaults to false. + type: boolean + recursiveReadOnly: + description: |- + RecursiveReadOnly specifies whether read-only mounts should be handled + recursively. + + If ReadOnly is false, this field has no meaning and must be unspecified. + + If ReadOnly is true, and this field is set to Disabled, the mount is not made + recursively read-only. If this field is set to IfPossible, the mount is made + recursively read-only, if it is supported by the container runtime. If this + field is set to Enabled, the mount is made recursively read-only if it is + supported by the container runtime, otherwise the pod will not be started and + an error will be generated to indicate the reason. + + If this field is set to IfPossible or Enabled, MountPropagation must be set to + None (or be unspecified, which defaults to None). + + If this field is not specified, it is treated as an equivalent of Disabled. + type: string + subPath: + description: |- + Path within the volume from which the container's volume should be mounted. + Defaults to "" (volume's root). + type: string + subPathExpr: + description: |- + Expanded path within the volume from which the container's volume should be mounted. + Behaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment. + Defaults to "" (volume's root). + SubPathExpr and SubPath are mutually exclusive. + type: string + required: + - mountPath + - name + type: object + type: array + volumes: + description: |- + Volumes allows configuration of additional volumes on the output Deployment/StatefulSet definition. + Volumes specified will be appended to other volumes that are generated. + / +optional + items: + description: Volume represents a named volume in a pod that may + be accessed by any container in the pod. + required: + - name + type: object + x-kubernetes-preserve-unknown-fields: true + type: array + required: + - remoteWrite + type: object + status: + description: VMAgentStatus defines the observed state of VMAgent + properties: + conditions: + description: 'Known .status.conditions.type are: "Available", "Progressing", + and "Degraded"' + items: + description: Condition defines status condition of the resource + properties: + lastTransitionTime: + description: lastTransitionTime is the last time the condition + transitioned from one status to another. + format: date-time + type: string + lastUpdateTime: + description: |- + LastUpdateTime is the last time of given type update. + This value is used for status TTL update and removal + format: date-time + type: string + message: + description: |- + message is a human readable message indicating details about the transition. + This may be an empty string. + maxLength: 32768 + type: string + observedGeneration: + description: |- + observedGeneration represents the .metadata.generation that the condition was set based upon. + For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date + with respect to the current state of the instance. + format: int64 + minimum: 0 + type: integer + reason: + description: |- + reason contains a programmatic identifier indicating the reason for the condition's last transition. + Producers of specific condition types may define expected values and meanings for this field, + and whether the values are considered a guaranteed API. + The value should be a CamelCase string. + This field may not be empty. + maxLength: 1024 + minLength: 1 + type: string + status: + description: status of the condition, one of True, False, Unknown. + enum: + - "True" + - "False" + - Unknown + type: string + type: + description: Type of condition in CamelCase or in name.namespace.resource.victoriametrics.com/CamelCase. + maxLength: 316 + type: string + required: + - lastTransitionTime + - lastUpdateTime + - reason + - status + - type + type: object + type: array + x-kubernetes-list-map-keys: + - type + x-kubernetes-list-type: map + observedGeneration: + description: |- + ObservedGeneration defines current generation picked by operator for the + reconcile + format: int64 + type: integer + reason: + description: Reason defines human readable error reason + type: string + replicas: + description: ReplicaCount Total number of pods targeted by this VMAgent + format: int32 + type: integer + selector: + description: Selector string form of label value set for autoscaling + type: string + shards: + description: Shards represents total number of vmagent deployments + with uniq scrape targets + format: int32 + type: integer + updateStatus: + description: UpdateStatus defines a status for update rollout + type: string + type: object + type: object + served: true + storage: true + subresources: + scale: + labelSelectorPath: .status.selector + specReplicasPath: .spec.shardCount + statusReplicasPath: .status.shards + status: {} +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.18.0 + name: vmalertmanagerconfigs.operator.victoriametrics.com +spec: + group: operator.victoriametrics.com + names: + kind: VMAlertmanagerConfig + listKind: VMAlertmanagerConfigList + plural: vmalertmanagerconfigs + singular: vmalertmanagerconfig + scope: Namespaced + versions: + - additionalPrinterColumns: + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + - jsonPath: .status.updateStatus + name: Status + type: string + - jsonPath: .status.reason + name: Sync Error + type: string + name: v1beta1 + schema: + openAPIV3Schema: + description: VMAlertmanagerConfig is the Schema for the vmalertmanagerconfigs + API + properties: + apiVersion: + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + type: string + kind: + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + type: string + metadata: + type: object + spec: + description: |- + VMAlertmanagerConfigSpec defines configuration for VMAlertmanagerConfig + it must reference only locally defined objects + properties: + inhibit_rules: + description: |- + InhibitRules will only apply for alerts matching + the resource's namespace. + items: + description: |- + InhibitRule defines an inhibition rule that allows to mute alerts when other + alerts are already firing. + Note, it doesn't support deprecated alertmanager config options. + See https://prometheus.io/docs/alerting/latest/configuration/#inhibit_rule + properties: + equal: + description: |- + Labels that must have an equal value in the source and target alert for + the inhibition to take effect. + items: + type: string + type: array + source_matchers: + description: |- + SourceMatchers defines a list of matchers for which one or more alerts have + to exist for the inhibition to take effect. + items: + type: string + type: array + target_matchers: + description: |- + TargetMatchers defines a list of matchers that have to be fulfilled by the target + alerts to be muted. + items: + type: string + type: array + type: object + type: array + receivers: + description: Receivers defines alert receivers + items: + description: Receiver defines one or more notification integrations. + properties: + discord_configs: + items: + properties: + avatar_url: + description: |- + AvatarURL defines message avatar URL + Available from operator v0.55.0 and alertmanager v0.28.0 + type: string + content: + description: |- + Content defines message content template + Available from operator v0.55.0 and alertmanager v0.28.0 + maxLength: 2000 + type: string + http_config: + description: HTTP client configuration. + properties: + authorization: + description: |- + Authorization header configuration for the client. + This is mutually exclusive with BasicAuth and is only available starting from Alertmanager v0.22+. + properties: + credentials: + description: Reference to the secret with value + for authorization + properties: + key: + description: The key of the secret to select + from. Must be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or + its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + credentialsFile: + description: File with value for authorization + type: string + type: + description: Type of authorization, default to + bearer + type: string + type: object + basic_auth: + description: BasicAuth for the client. + properties: + password: + description: |- + Password defines reference for secret with password value + The secret needs to be in the same namespace as scrape object + properties: + key: + description: The key of the secret to select + from. Must be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or + its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + password_file: + description: |- + PasswordFile defines path to password file at disk + must be pre-mounted + type: string + username: + description: |- + Username defines reference for secret with username value + The secret needs to be in the same namespace as scrape object + properties: + key: + description: The key of the secret to select + from. Must be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or + its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + bearer_token_file: + description: BearerTokenFile defines filename for + bearer token, it must be mounted to pod. + type: string + bearer_token_secret: + description: |- + The secret's key that contains the bearer token + It must be at them same namespace as CRD + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its + key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + oauth2: + description: OAuth2 client credentials used to fetch + a token for the targets. + properties: + client_id: + description: The secret or configmap containing + the OAuth2 client id + properties: + configMap: + description: ConfigMap containing data to + use for the targets. + properties: + key: + description: The key to select. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the ConfigMap + or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + secret: + description: Secret containing data to use + for the targets. + properties: + key: + description: The key of the secret to + select from. Must be a valid secret + key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret + or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + client_secret: + description: The secret containing the OAuth2 + client secret + properties: + key: + description: The key of the secret to select + from. Must be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or + its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + client_secret_file: + description: ClientSecretFile defines path for + client secret file. + type: string + endpoint_params: + additionalProperties: + type: string + description: Parameters to append to the token + URL + type: object + proxy_url: + description: |- + The proxy URL for token_url connection + ( available from v0.55.0). + Is only supported by Scrape objects family + type: string + scopes: + description: OAuth2 scopes used for the token + request + items: + type: string + type: array + tls_config: + description: |- + TLSConfig for token_url connection + ( available from v0.55.0). + Is only supported by Scrape objects family + x-kubernetes-preserve-unknown-fields: true + token_url: + description: The URL to fetch the token from + minLength: 1 + type: string + required: + - client_id + - token_url + type: object + proxyURL: + description: Optional proxy URL. + type: string + tls_config: + description: TLS configuration for the client. + properties: + ca: + description: Struct containing the CA cert to + use for the targets. + properties: + configMap: + description: ConfigMap containing data to + use for the targets. + properties: + key: + description: The key to select. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the ConfigMap + or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + secret: + description: Secret containing data to use + for the targets. + properties: + key: + description: The key of the secret to + select from. Must be a valid secret + key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret + or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + caFile: + description: Path to the CA cert in the container + to use for the targets. + type: string + cert: + description: Struct containing the client cert + file for the targets. + properties: + configMap: + description: ConfigMap containing data to + use for the targets. + properties: + key: + description: The key to select. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the ConfigMap + or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + secret: + description: Secret containing data to use + for the targets. + properties: + key: + description: The key of the secret to + select from. Must be a valid secret + key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret + or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + certFile: + description: Path to the client cert file in the + container for the targets. + type: string + insecureSkipVerify: + description: Disable target certificate validation. + type: boolean + keyFile: + description: Path to the client key file in the + container for the targets. + type: string + keySecret: + description: Secret containing the client key + file for the targets. + properties: + key: + description: The key of the secret to select + from. Must be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or + its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + serverName: + description: Used to verify the hostname for the + targets. + type: string + type: object + type: object + message: + description: The message body template + type: string + send_resolved: + description: SendResolved controls notify about resolved + alerts. + type: boolean + title: + description: The message title template + type: string + username: + description: |- + Username defines message username + Available from operator v0.55.0 and alertmanager v0.28.0 + type: string + webhook_url: + description: |- + The discord webhook URL + one of `urlSecret` and `url` must be defined. + type: string + webhook_url_secret: + description: |- + URLSecret defines secret name and key at the CRD namespace. + It must contain the webhook URL. + one of `urlSecret` and `url` must be defined. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key + must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + type: array + email_configs: + description: EmailConfigs defines email notification configurations. + items: + description: EmailConfig configures notifications via Email. + properties: + auth_identity: + description: The identity to use for authentication. + type: string + auth_password: + description: AuthPassword defines secret name and key + at CRD namespace. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key + must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + auth_secret: + description: |- + AuthSecret defines secret name and key at CRD namespace. + It must contain the CRAM-MD5 secret. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key + must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + auth_username: + description: The username to use for authentication. + type: string + from: + description: |- + The sender address. + fallback to global setting if empty + type: string + headers: + additionalProperties: + type: string + description: |- + Further headers email header key/value pairs. Overrides any headers + previously set by the notification implementation. + type: object + hello: + description: The hostname to identify to the SMTP server. + type: string + html: + description: The HTML body of the email notification. + type: string + require_tls: + description: |- + The SMTP TLS requirement. + Note that Go does not support unencrypted connections to remote SMTP endpoints. + type: boolean + send_resolved: + description: SendResolved controls notify about resolved + alerts. + type: boolean + smarthost: + description: |- + The SMTP host through which emails are sent. + fallback to global setting if empty + type: string + text: + description: The text body of the email notification. + type: string + tls_config: + description: TLS configuration + properties: + ca: + description: Struct containing the CA cert to use + for the targets. + properties: + configMap: + description: ConfigMap containing data to use + for the targets. + properties: + key: + description: The key to select. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the ConfigMap + or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + secret: + description: Secret containing data to use for + the targets. + properties: + key: + description: The key of the secret to select + from. Must be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or + its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + caFile: + description: Path to the CA cert in the container + to use for the targets. + type: string + cert: + description: Struct containing the client cert file + for the targets. + properties: + configMap: + description: ConfigMap containing data to use + for the targets. + properties: + key: + description: The key to select. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the ConfigMap + or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + secret: + description: Secret containing data to use for + the targets. + properties: + key: + description: The key of the secret to select + from. Must be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or + its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + certFile: + description: Path to the client cert file in the container + for the targets. + type: string + insecureSkipVerify: + description: Disable target certificate validation. + type: boolean + keyFile: + description: Path to the client key file in the container + for the targets. + type: string + keySecret: + description: Secret containing the client key file + for the targets. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its + key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + serverName: + description: Used to verify the hostname for the targets. + type: string + type: object + to: + description: The email address to send notifications to. + type: string + type: object + type: array + jira_configs: + items: + description: |- + JiraConfig represent alertmanager's jira_config entry + https://prometheus.io/docs/alerting/latest/configuration/#jira_config + available from v0.55.0 operator version + and v0.28.0 alertmanager version + properties: + api_url: + description: |- + The URL to send API requests to. The full API path must be included. + Example: https://company.atlassian.net/rest/api/2/ + type: string + custom_fields: + additionalProperties: + x-kubernetes-preserve-unknown-fields: true + description: |- + Other issue and custom fields. + Jira issue field can have multiple types. + Depends on the field type, the values must be provided differently. + See https://developer.atlassian.com/server/jira/platform/jira-rest-api-examples/#setting-custom-field-data-for-other-field-types for further examples. + type: object + description: + description: Issue description template. + type: string + http_config: + description: |- + The HTTP client's configuration. You must use this configuration to supply the personal access token (PAT) as part of the HTTP `Authorization` header. + For Jira Cloud, use basic_auth with the email address as the username and the PAT as the password. + For Jira Data Center, use the 'authorization' field with 'credentials: '. + x-kubernetes-preserve-unknown-fields: true + issue_type: + description: Type of the issue (e.g. Bug) + type: string + labels: + description: Labels to be added to the issue + items: + type: string + type: array + priority: + description: Priority of the issue + type: string + project: + description: The project key where issues are created + type: string + reopen_duration: + description: |- + If reopen_transition is defined, reopen the issue when it is not older than this value (rounded down to the nearest minute). + The resolutiondate field is used to determine the age of the issue. + pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$ + type: string + reopen_transition: + description: |- + Name of the workflow transition to resolve an issue. + The target status must have the category "done". + type: string + resolve_transition: + description: |- + Name of the workflow transition to reopen an issue. + The target status should not have the category "done". + type: string + send_resolved: + description: SendResolved controls notify about resolved + alerts. + type: boolean + summary: + description: Issue summary template + type: string + wont_fix_resolution: + description: If reopen_transition is defined, ignore issues + with that resolution. + type: string + required: + - issue_type + - project + type: object + type: array + msteams_configs: + items: + properties: + http_config: + description: HTTP client configuration. + properties: + authorization: + description: |- + Authorization header configuration for the client. + This is mutually exclusive with BasicAuth and is only available starting from Alertmanager v0.22+. + properties: + credentials: + description: Reference to the secret with value + for authorization + properties: + key: + description: The key of the secret to select + from. Must be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or + its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + credentialsFile: + description: File with value for authorization + type: string + type: + description: Type of authorization, default to + bearer + type: string + type: object + basic_auth: + description: BasicAuth for the client. + properties: + password: + description: |- + Password defines reference for secret with password value + The secret needs to be in the same namespace as scrape object + properties: + key: + description: The key of the secret to select + from. Must be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or + its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + password_file: + description: |- + PasswordFile defines path to password file at disk + must be pre-mounted + type: string + username: + description: |- + Username defines reference for secret with username value + The secret needs to be in the same namespace as scrape object + properties: + key: + description: The key of the secret to select + from. Must be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or + its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + bearer_token_file: + description: BearerTokenFile defines filename for + bearer token, it must be mounted to pod. + type: string + bearer_token_secret: + description: |- + The secret's key that contains the bearer token + It must be at them same namespace as CRD + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its + key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + oauth2: + description: OAuth2 client credentials used to fetch + a token for the targets. + properties: + client_id: + description: The secret or configmap containing + the OAuth2 client id + properties: + configMap: + description: ConfigMap containing data to + use for the targets. + properties: + key: + description: The key to select. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the ConfigMap + or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + secret: + description: Secret containing data to use + for the targets. + properties: + key: + description: The key of the secret to + select from. Must be a valid secret + key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret + or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + client_secret: + description: The secret containing the OAuth2 + client secret + properties: + key: + description: The key of the secret to select + from. Must be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or + its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + client_secret_file: + description: ClientSecretFile defines path for + client secret file. + type: string + endpoint_params: + additionalProperties: + type: string + description: Parameters to append to the token + URL + type: object + proxy_url: + description: |- + The proxy URL for token_url connection + ( available from v0.55.0). + Is only supported by Scrape objects family + type: string + scopes: + description: OAuth2 scopes used for the token + request + items: + type: string + type: array + tls_config: + description: |- + TLSConfig for token_url connection + ( available from v0.55.0). + Is only supported by Scrape objects family + x-kubernetes-preserve-unknown-fields: true + token_url: + description: The URL to fetch the token from + minLength: 1 + type: string + required: + - client_id + - token_url + type: object + proxyURL: + description: Optional proxy URL. + type: string + tls_config: + description: TLS configuration for the client. + properties: + ca: + description: Struct containing the CA cert to + use for the targets. + properties: + configMap: + description: ConfigMap containing data to + use for the targets. + properties: + key: + description: The key to select. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the ConfigMap + or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + secret: + description: Secret containing data to use + for the targets. + properties: + key: + description: The key of the secret to + select from. Must be a valid secret + key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret + or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + caFile: + description: Path to the CA cert in the container + to use for the targets. + type: string + cert: + description: Struct containing the client cert + file for the targets. + properties: + configMap: + description: ConfigMap containing data to + use for the targets. + properties: + key: + description: The key to select. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the ConfigMap + or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + secret: + description: Secret containing data to use + for the targets. + properties: + key: + description: The key of the secret to + select from. Must be a valid secret + key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret + or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + certFile: + description: Path to the client cert file in the + container for the targets. + type: string + insecureSkipVerify: + description: Disable target certificate validation. + type: boolean + keyFile: + description: Path to the client key file in the + container for the targets. + type: string + keySecret: + description: Secret containing the client key + file for the targets. + properties: + key: + description: The key of the secret to select + from. Must be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or + its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + serverName: + description: Used to verify the hostname for the + targets. + type: string + type: object + type: object + send_resolved: + description: SendResolved controls notify about resolved + alerts. + type: boolean + text: + description: The text body of the teams notification. + type: string + title: + description: The title of the teams notification. + type: string + webhook_url: + description: |- + The incoming webhook URL + one of `urlSecret` and `url` must be defined. + type: string + webhook_url_secret: + description: |- + URLSecret defines secret name and key at the CRD namespace. + It must contain the webhook URL. + one of `urlSecret` and `url` must be defined. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key + must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + type: array + msteamsv2_configs: + items: + description: |- + MSTeamsV2Config sends notifications using the new message format with adaptive cards as required by flows. + https://support.microsoft.com/en-gb/office/create-incoming-webhooks-with-workflows-for-microsoft-teams-8ae491c7-0394-4861-ba59-055e33f75498 + available from v0.55.0 operator version + and v0.28.0 alertmanager version + properties: + http_config: + x-kubernetes-preserve-unknown-fields: true + send_resolved: + description: SendResolved controls notify about resolved + alerts. + type: boolean + text: + description: Message body template. + type: string + title: + description: Message title template. + type: string + webhook_url: + description: |- + The incoming webhook URL + one of `urlSecret` and `url` must be defined. + type: string + webhook_url_secret: + description: |- + URLSecret defines secret name and key at the CRD namespace. + It must contain the webhook URL. + one of `webhook_url` or `webhook_url_secret` must be defined. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key + must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + type: array + name: + description: Name of the receiver. Must be unique across all + items from the list. + minLength: 1 + type: string + opsgenie_configs: + description: OpsGenieConfigs defines ops genie notification + configurations. + items: + description: |- + OpsGenieConfig configures notifications via OpsGenie. + See https://prometheus.io/docs/alerting/latest/configuration/#opsgenie_config + properties: + actions: + description: Comma separated list of actions that will + be available for the alert. + type: string + api_key: + description: |- + The secret's key that contains the OpsGenie API key. + It must be at them same namespace as CRD + fallback to global setting if empty + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key + must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + apiURL: + description: The URL to send OpsGenie API requests to. + type: string + description: + description: Description of the incident. + type: string + details: + additionalProperties: + type: string + description: A set of arbitrary key/value pairs that provide + further detail about the incident. + type: object + entity: + description: Optional field that can be used to specify + which domain alert is related to. + type: string + http_config: + description: HTTP client configuration. + type: object + x-kubernetes-preserve-unknown-fields: true + message: + description: Alert text limited to 130 characters. + type: string + note: + description: Additional alert note. + type: string + priority: + description: Priority level of alert. Possible values + are P1, P2, P3, P4, and P5. + type: string + responders: + description: List of responders responsible for notifications. + items: + description: |- + OpsGenieConfigResponder defines a responder to an incident. + One of `id`, `name` or `username` has to be defined. + properties: + id: + description: ID of the responder. + type: string + name: + description: Name of the responder. + type: string + type: + description: Type of responder. + minLength: 1 + type: string + username: + description: Username of the responder. + type: string + required: + - type + type: object + type: array + send_resolved: + description: SendResolved controls notify about resolved + alerts. + type: boolean + source: + description: Backlink to the sender of the notification. + type: string + tags: + description: Comma separated list of tags attached to + the notifications. + type: string + update_alerts: + description: |- + Whether to update message and description of the alert in OpsGenie if it already exists + By default, the alert is never updated in OpsGenie, the new message only appears in activity log. + type: boolean + type: object + type: array + pagerduty_configs: + description: PagerDutyConfigs defines pager duty notification + configurations. + items: + description: |- + PagerDutyConfig configures notifications via PagerDuty. + See https://prometheus.io/docs/alerting/latest/configuration/#pagerduty_config + properties: + class: + description: The class/type of the event. + type: string + client: + description: Client identification. + type: string + client_url: + description: Backlink to the sender of notification. + type: string + component: + description: The part or component of the affected system + that is broken. + type: string + description: + description: Description of the incident. + type: string + details: + additionalProperties: + type: string + description: Arbitrary key/value pairs that provide further + detail about the incident. + type: object + group: + description: A cluster or grouping of sources. + type: string + http_config: + description: HTTP client configuration. + type: object + x-kubernetes-preserve-unknown-fields: true + images: + description: Images to attach to the incident. + items: + description: |- + ImageConfig is used to attach images to the incident. + See https://developer.pagerduty.com/docs/ZG9jOjExMDI5NTgx-send-an-alert-event#the-images-property + for more information. + properties: + alt: + type: string + href: + type: string + source: + type: string + required: + - source + type: object + type: array + links: + description: Links to attach to the incident. + items: + description: |- + LinkConfig is used to attach text links to the incident. + See https://developer.pagerduty.com/docs/ZG9jOjExMDI5NTgx-send-an-alert-event#the-links-property + for more information. + properties: + href: + type: string + text: + type: string + required: + - href + type: object + type: array + routing_key: + description: |- + The secret's key that contains the PagerDuty integration key (when using + Events API v2). Either this field or `serviceKey` needs to be defined. + It must be at them same namespace as CRD + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key + must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + send_resolved: + description: SendResolved controls notify about resolved + alerts. + type: boolean + service_key: + description: |- + The secret's key that contains the PagerDuty service key (when using + integration type "Prometheus"). Either this field or `routingKey` needs to + be defined. + It must be at them same namespace as CRD + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key + must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + severity: + description: Severity of the incident. + type: string + url: + description: The URL to send requests to. + type: string + type: object + type: array + pushover_configs: + description: PushoverConfigs defines push over notification + configurations. + items: + description: |- + PushoverConfig configures notifications via Pushover. + See https://prometheus.io/docs/alerting/latest/configuration/#pushover_config + properties: + expire: + description: |- + How long your notification will continue to be retried for, unless the user + acknowledges the notification. + type: string + html: + description: Whether notification message is HTML or plain + text. + type: boolean + http_config: + description: HTTP client configuration. + type: object + x-kubernetes-preserve-unknown-fields: true + message: + description: Notification message. + type: string + priority: + description: Priority, see https://pushover.net/api#priority + type: string + retry: + description: |- + How often the Pushover servers will send the same notification to the user. + Must be at least 30 seconds. + type: string + send_resolved: + description: SendResolved controls notify about resolved + alerts. + type: boolean + sound: + description: The name of one of the sounds supported by + device clients to override the user's default sound + choice + type: string + title: + description: Notification title. + type: string + token: + description: |- + The secret's key that contains the registered application’s API token, see https://pushover.net/apps. + It must be at them same namespace as CRD + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key + must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + url: + description: A supplementary URL shown alongside the message. + type: string + url_title: + description: A title for supplementary URL, otherwise + just the URL is shown + type: string + user_key: + description: |- + The secret's key that contains the recipient user’s user key. + It must be at them same namespace as CRD + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key + must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + type: array + rocketchat_configs: + items: + description: |- + RocketchatConfig configures notifications via Rocketchat. + https://prometheus.io/docs/alerting/latest/configuration/#rocketchat_config + available from v0.55.0 operator version + and v0.28.0 alertmanager version + properties: + actions: + items: + description: |- + RocketchatAttachmentAction defines message attachments + https://github.com/RocketChat/Rocket.Chat.Go.SDK/blob/master/models/message.go + properties: + msg: + type: string + text: + type: string + type: + type: string + url: + type: string + type: object + type: array + api_url: + type: string + channel: + description: 'RocketChat channel override, (like #other-channel + or @username).' + type: string + color: + type: string + emoji: + type: string + fields: + items: + description: |- + RocketchatAttachmentField defines API fields + https://developer.rocket.chat/reference/api/rest-api/endpoints/messaging/chat-endpoints/postmessage#attachment-field-objects + properties: + short: + type: boolean + title: + type: string + value: + type: string + type: object + type: array + http_config: + x-kubernetes-preserve-unknown-fields: true + icon_url: + type: string + image_url: + type: string + link_names: + type: boolean + send_resolved: + description: SendResolved controls notify about resolved + alerts. + type: boolean + short_fields: + type: boolean + text: + type: string + thumb_url: + type: string + title: + type: string + title_link: + type: string + token: + description: SecretKeySelector selects a key of a Secret. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key + must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + token_id: + description: |- + The sender token and token_id + See https://docs.rocket.chat/use-rocket.chat/user-guides/user-panel/my-account#personal-access-tokens + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key + must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + type: array + slack_configs: + description: SlackConfigs defines slack notification configurations. + items: + description: |- + SlackConfig configures notifications via Slack. + See https://prometheus.io/docs/alerting/latest/configuration/#slack_config + properties: + actions: + description: A list of Slack actions that are sent with + each notification. + items: + description: |- + SlackAction configures a single Slack action that is sent with each + notification. + See https://api.slack.com/docs/message-attachments#action_fields and + https://api.slack.com/docs/message-buttons for more information. + properties: + confirm: + description: |- + SlackConfirmationField protect users from destructive actions or + particularly distinguished decisions by asking them to confirm their button + click one more time. + See https://api.slack.com/docs/interactive-message-field-guide#confirmation_fields + for more information. + properties: + dismiss_text: + type: string + ok_text: + type: string + text: + minLength: 1 + type: string + title: + type: string + required: + - text + type: object + name: + type: string + style: + type: string + text: + minLength: 1 + type: string + type: + minLength: 1 + type: string + url: + type: string + value: + type: string + required: + - text + - type + type: object + type: array + api_url: + description: |- + The secret's key that contains the Slack webhook URL. + It must be at them same namespace as CRD + fallback to global setting if empty + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key + must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + callback_id: + type: string + channel: + description: The channel or user to send notifications + to. + type: string + color: + type: string + fallback: + type: string + fields: + description: A list of Slack fields that are sent with + each notification. + items: + description: |- + SlackField configures a single Slack field that is sent with each notification. + See https://api.slack.com/docs/message-attachments#fields for more information. + properties: + short: + type: boolean + title: + minLength: 1 + type: string + value: + minLength: 1 + type: string + required: + - title + - value + type: object + type: array + footer: + type: string + http_config: + description: HTTP client configuration. + type: object + x-kubernetes-preserve-unknown-fields: true + icon_emoji: + type: string + icon_url: + type: string + image_url: + type: string + link_names: + type: boolean + mrkdwn_in: + items: + type: string + type: array + pretext: + type: string + send_resolved: + description: SendResolved controls notify about resolved + alerts. + type: boolean + short_fields: + type: boolean + text: + type: string + thumb_url: + type: string + title: + type: string + title_link: + type: string + username: + type: string + type: object + type: array + sns_configs: + items: + properties: + api_url: + description: The api URL + type: string + attributes: + additionalProperties: + type: string + description: SNS message attributes + type: object + http_config: + description: HTTP client configuration. + properties: + authorization: + description: |- + Authorization header configuration for the client. + This is mutually exclusive with BasicAuth and is only available starting from Alertmanager v0.22+. + properties: + credentials: + description: Reference to the secret with value + for authorization + properties: + key: + description: The key of the secret to select + from. Must be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or + its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + credentialsFile: + description: File with value for authorization + type: string + type: + description: Type of authorization, default to + bearer + type: string + type: object + basic_auth: + description: BasicAuth for the client. + properties: + password: + description: |- + Password defines reference for secret with password value + The secret needs to be in the same namespace as scrape object + properties: + key: + description: The key of the secret to select + from. Must be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or + its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + password_file: + description: |- + PasswordFile defines path to password file at disk + must be pre-mounted + type: string + username: + description: |- + Username defines reference for secret with username value + The secret needs to be in the same namespace as scrape object + properties: + key: + description: The key of the secret to select + from. Must be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or + its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + bearer_token_file: + description: BearerTokenFile defines filename for + bearer token, it must be mounted to pod. + type: string + bearer_token_secret: + description: |- + The secret's key that contains the bearer token + It must be at them same namespace as CRD + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its + key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + oauth2: + description: OAuth2 client credentials used to fetch + a token for the targets. + properties: + client_id: + description: The secret or configmap containing + the OAuth2 client id + properties: + configMap: + description: ConfigMap containing data to + use for the targets. + properties: + key: + description: The key to select. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the ConfigMap + or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + secret: + description: Secret containing data to use + for the targets. + properties: + key: + description: The key of the secret to + select from. Must be a valid secret + key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret + or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + client_secret: + description: The secret containing the OAuth2 + client secret + properties: + key: + description: The key of the secret to select + from. Must be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or + its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + client_secret_file: + description: ClientSecretFile defines path for + client secret file. + type: string + endpoint_params: + additionalProperties: + type: string + description: Parameters to append to the token + URL + type: object + proxy_url: + description: |- + The proxy URL for token_url connection + ( available from v0.55.0). + Is only supported by Scrape objects family + type: string + scopes: + description: OAuth2 scopes used for the token + request + items: + type: string + type: array + tls_config: + description: |- + TLSConfig for token_url connection + ( available from v0.55.0). + Is only supported by Scrape objects family + x-kubernetes-preserve-unknown-fields: true + token_url: + description: The URL to fetch the token from + minLength: 1 + type: string + required: + - client_id + - token_url + type: object + proxyURL: + description: Optional proxy URL. + type: string + tls_config: + description: TLS configuration for the client. + properties: + ca: + description: Struct containing the CA cert to + use for the targets. + properties: + configMap: + description: ConfigMap containing data to + use for the targets. + properties: + key: + description: The key to select. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the ConfigMap + or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + secret: + description: Secret containing data to use + for the targets. + properties: + key: + description: The key of the secret to + select from. Must be a valid secret + key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret + or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + caFile: + description: Path to the CA cert in the container + to use for the targets. + type: string + cert: + description: Struct containing the client cert + file for the targets. + properties: + configMap: + description: ConfigMap containing data to + use for the targets. + properties: + key: + description: The key to select. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the ConfigMap + or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + secret: + description: Secret containing data to use + for the targets. + properties: + key: + description: The key of the secret to + select from. Must be a valid secret + key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret + or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + certFile: + description: Path to the client cert file in the + container for the targets. + type: string + insecureSkipVerify: + description: Disable target certificate validation. + type: boolean + keyFile: + description: Path to the client key file in the + container for the targets. + type: string + keySecret: + description: Secret containing the client key + file for the targets. + properties: + key: + description: The key of the secret to select + from. Must be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or + its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + serverName: + description: Used to verify the hostname for the + targets. + type: string + type: object + type: object + message: + description: The message content of the SNS notification. + type: string + phone_number: + description: |- + Phone number if message is delivered via SMS + Specify this, topic_arn or target_arn + type: string + send_resolved: + description: SendResolved controls notify about resolved + alerts. + type: boolean + sigv4: + description: Configure the AWS Signature Verification + 4 signing process + properties: + access_key: + description: |- + The AWS API keys. Both access_key and secret_key must be supplied or both must be blank. + If blank the environment variables `AWS_ACCESS_KEY_ID` and `AWS_SECRET_ACCESS_KEY` are used. + type: string + access_key_selector: + description: secret key selector to get the keys from + a Kubernetes Secret + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its + key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + profile: + description: Named AWS profile used to authenticate + type: string + region: + description: AWS region, if blank the region from + the default credentials chain is used + type: string + role_arn: + description: AWS Role ARN, an alternative to using + AWS API keys + type: string + secret_key_selector: + description: secret key selector to get the keys from + a Kubernetes Secret + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its + key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + subject: + description: The subject line if message is delivered + to an email endpoint. + type: string + target_arn: + description: |- + Mobile platform endpoint ARN if message is delivered via mobile notifications + Specify this, topic_arn or phone_number + type: string + topic_arn: + description: SNS topic ARN, either specify this, phone_number + or target_arn + type: string + type: object + type: array + telegram_configs: + items: + description: |- + TelegramConfig configures notification via telegram + https://prometheus.io/docs/alerting/latest/configuration/#telegram_config + properties: + api_url: + description: APIUrl the Telegram API URL i.e. https://api.telegram.org. + type: string + bot_token: + description: |- + BotToken token for the bot + https://core.telegram.org/bots/api + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key + must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + chat_id: + description: ChatID is ID of the chat where to send the + messages. + type: integer + disable_notifications: + description: DisableNotifications + type: boolean + http_config: + description: HTTP client configuration. + type: object + x-kubernetes-preserve-unknown-fields: true + message: + description: Message is templated message + type: string + message_thread_id: + description: MessageThreadID defines ID of the message + thread where to send the messages. + type: integer + parse_mode: + description: |- + ParseMode for telegram message, + supported values are MarkdownV2, Markdown, Markdown and empty string for plain text. + type: string + send_resolved: + description: SendResolved controls notify about resolved + alerts. + type: boolean + required: + - bot_token + - chat_id + type: object + type: array + victorops_configs: + description: VictorOpsConfigs defines victor ops notification + configurations. + items: + description: |- + VictorOpsConfig configures notifications via VictorOps. + See https://prometheus.io/docs/alerting/latest/configuration/#victorops_config + properties: + api_key: + description: |- + The secret's key that contains the API key to use when talking to the VictorOps API. + It must be at them same namespace as CRD + fallback to global setting if empty + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key + must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + api_url: + description: The VictorOps API URL. + type: string + custom_fields: + additionalProperties: + type: string + description: |- + Adds optional custom fields + https://github.com/prometheus/alertmanager/blob/v0.24.0/config/notifiers.go#L537 + type: object + entity_display_name: + description: Contains summary of the alerted problem. + type: string + http_config: + description: The HTTP client's configuration. + properties: + authorization: + description: |- + Authorization header configuration for the client. + This is mutually exclusive with BasicAuth and is only available starting from Alertmanager v0.22+. + properties: + credentials: + description: Reference to the secret with value + for authorization + properties: + key: + description: The key of the secret to select + from. Must be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or + its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + credentialsFile: + description: File with value for authorization + type: string + type: + description: Type of authorization, default to + bearer + type: string + type: object + basic_auth: + description: BasicAuth for the client. + properties: + password: + description: |- + Password defines reference for secret with password value + The secret needs to be in the same namespace as scrape object + properties: + key: + description: The key of the secret to select + from. Must be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or + its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + password_file: + description: |- + PasswordFile defines path to password file at disk + must be pre-mounted + type: string + username: + description: |- + Username defines reference for secret with username value + The secret needs to be in the same namespace as scrape object + properties: + key: + description: The key of the secret to select + from. Must be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or + its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + bearer_token_file: + description: BearerTokenFile defines filename for + bearer token, it must be mounted to pod. + type: string + bearer_token_secret: + description: |- + The secret's key that contains the bearer token + It must be at them same namespace as CRD + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its + key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + oauth2: + description: OAuth2 client credentials used to fetch + a token for the targets. + properties: + client_id: + description: The secret or configmap containing + the OAuth2 client id + properties: + configMap: + description: ConfigMap containing data to + use for the targets. + properties: + key: + description: The key to select. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the ConfigMap + or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + secret: + description: Secret containing data to use + for the targets. + properties: + key: + description: The key of the secret to + select from. Must be a valid secret + key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret + or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + client_secret: + description: The secret containing the OAuth2 + client secret + properties: + key: + description: The key of the secret to select + from. Must be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or + its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + client_secret_file: + description: ClientSecretFile defines path for + client secret file. + type: string + endpoint_params: + additionalProperties: + type: string + description: Parameters to append to the token + URL + type: object + proxy_url: + description: |- + The proxy URL for token_url connection + ( available from v0.55.0). + Is only supported by Scrape objects family + type: string + scopes: + description: OAuth2 scopes used for the token + request + items: + type: string + type: array + tls_config: + description: |- + TLSConfig for token_url connection + ( available from v0.55.0). + Is only supported by Scrape objects family + x-kubernetes-preserve-unknown-fields: true + token_url: + description: The URL to fetch the token from + minLength: 1 + type: string + required: + - client_id + - token_url + type: object + proxyURL: + description: Optional proxy URL. + type: string + tls_config: + description: TLS configuration for the client. + properties: + ca: + description: Struct containing the CA cert to + use for the targets. + properties: + configMap: + description: ConfigMap containing data to + use for the targets. + properties: + key: + description: The key to select. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the ConfigMap + or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + secret: + description: Secret containing data to use + for the targets. + properties: + key: + description: The key of the secret to + select from. Must be a valid secret + key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret + or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + caFile: + description: Path to the CA cert in the container + to use for the targets. + type: string + cert: + description: Struct containing the client cert + file for the targets. + properties: + configMap: + description: ConfigMap containing data to + use for the targets. + properties: + key: + description: The key to select. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the ConfigMap + or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + secret: + description: Secret containing data to use + for the targets. + properties: + key: + description: The key of the secret to + select from. Must be a valid secret + key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret + or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + certFile: + description: Path to the client cert file in the + container for the targets. + type: string + insecureSkipVerify: + description: Disable target certificate validation. + type: boolean + keyFile: + description: Path to the client key file in the + container for the targets. + type: string + keySecret: + description: Secret containing the client key + file for the targets. + properties: + key: + description: The key of the secret to select + from. Must be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or + its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + serverName: + description: Used to verify the hostname for the + targets. + type: string + type: object + type: object + message_type: + description: Describes the behavior of the alert (CRITICAL, + WARNING, INFO). + type: string + monitoring_tool: + description: The monitoring tool the state message is + from. + type: string + routing_key: + description: A key used to map the alert to a team. + type: string + send_resolved: + description: SendResolved controls notify about resolved + alerts. + type: boolean + state_message: + description: Contains long explanation of the alerted + problem. + type: string + required: + - routing_key + type: object + type: array + webex_configs: + items: + properties: + api_url: + description: The Webex Teams API URL, i.e. https://webexapis.com/v1/messages + type: string + http_config: + description: HTTP client configuration. You must use this + configuration to supply the bot token as part of the + HTTP `Authorization` header. + properties: + authorization: + description: |- + Authorization header configuration for the client. + This is mutually exclusive with BasicAuth and is only available starting from Alertmanager v0.22+. + properties: + credentials: + description: Reference to the secret with value + for authorization + properties: + key: + description: The key of the secret to select + from. Must be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or + its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + credentialsFile: + description: File with value for authorization + type: string + type: + description: Type of authorization, default to + bearer + type: string + type: object + basic_auth: + description: BasicAuth for the client. + properties: + password: + description: |- + Password defines reference for secret with password value + The secret needs to be in the same namespace as scrape object + properties: + key: + description: The key of the secret to select + from. Must be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or + its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + password_file: + description: |- + PasswordFile defines path to password file at disk + must be pre-mounted + type: string + username: + description: |- + Username defines reference for secret with username value + The secret needs to be in the same namespace as scrape object + properties: + key: + description: The key of the secret to select + from. Must be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or + its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + bearer_token_file: + description: BearerTokenFile defines filename for + bearer token, it must be mounted to pod. + type: string + bearer_token_secret: + description: |- + The secret's key that contains the bearer token + It must be at them same namespace as CRD + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its + key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + oauth2: + description: OAuth2 client credentials used to fetch + a token for the targets. + properties: + client_id: + description: The secret or configmap containing + the OAuth2 client id + properties: + configMap: + description: ConfigMap containing data to + use for the targets. + properties: + key: + description: The key to select. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the ConfigMap + or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + secret: + description: Secret containing data to use + for the targets. + properties: + key: + description: The key of the secret to + select from. Must be a valid secret + key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret + or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + client_secret: + description: The secret containing the OAuth2 + client secret + properties: + key: + description: The key of the secret to select + from. Must be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or + its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + client_secret_file: + description: ClientSecretFile defines path for + client secret file. + type: string + endpoint_params: + additionalProperties: + type: string + description: Parameters to append to the token + URL + type: object + proxy_url: + description: |- + The proxy URL for token_url connection + ( available from v0.55.0). + Is only supported by Scrape objects family + type: string + scopes: + description: OAuth2 scopes used for the token + request + items: + type: string + type: array + tls_config: + description: |- + TLSConfig for token_url connection + ( available from v0.55.0). + Is only supported by Scrape objects family + x-kubernetes-preserve-unknown-fields: true + token_url: + description: The URL to fetch the token from + minLength: 1 + type: string + required: + - client_id + - token_url + type: object + proxyURL: + description: Optional proxy URL. + type: string + tls_config: + description: TLS configuration for the client. + properties: + ca: + description: Struct containing the CA cert to + use for the targets. + properties: + configMap: + description: ConfigMap containing data to + use for the targets. + properties: + key: + description: The key to select. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the ConfigMap + or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + secret: + description: Secret containing data to use + for the targets. + properties: + key: + description: The key of the secret to + select from. Must be a valid secret + key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret + or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + caFile: + description: Path to the CA cert in the container + to use for the targets. + type: string + cert: + description: Struct containing the client cert + file for the targets. + properties: + configMap: + description: ConfigMap containing data to + use for the targets. + properties: + key: + description: The key to select. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the ConfigMap + or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + secret: + description: Secret containing data to use + for the targets. + properties: + key: + description: The key of the secret to + select from. Must be a valid secret + key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret + or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + certFile: + description: Path to the client cert file in the + container for the targets. + type: string + insecureSkipVerify: + description: Disable target certificate validation. + type: boolean + keyFile: + description: Path to the client key file in the + container for the targets. + type: string + keySecret: + description: Secret containing the client key + file for the targets. + properties: + key: + description: The key of the secret to select + from. Must be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or + its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + serverName: + description: Used to verify the hostname for the + targets. + type: string + type: object + type: object + message: + description: The message body template + type: string + room_id: + description: The ID of the Webex Teams room where to send + the messages + type: string + send_resolved: + description: SendResolved controls notify about resolved + alerts. + type: boolean + required: + - room_id + type: object + type: array + webhook_configs: + description: WebhookConfigs defines webhook notification configurations. + items: + description: |- + WebhookConfig configures notifications via a generic receiver supporting the webhook payload. + See https://prometheus.io/docs/alerting/latest/configuration/#webhook_config + properties: + http_config: + description: HTTP client configuration. + type: object + x-kubernetes-preserve-unknown-fields: true + max_alerts: + description: Maximum number of alerts to be sent per webhook + message. When 0, all alerts are included. + format: int32 + minimum: 0 + type: integer + send_resolved: + description: SendResolved controls notify about resolved + alerts. + type: boolean + timeout: + description: |- + Timeout is the maximum time allowed to invoke the webhook + available since v0.28.0 alertmanager version + pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$ + type: string + url: + description: |- + URL to send requests to, + one of `urlSecret` and `url` must be defined. + type: string + url_secret: + description: |- + URLSecret defines secret name and key at the CRD namespace. + It must contain the webhook URL. + one of `urlSecret` and `url` must be defined. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key + must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + type: array + wechat_configs: + description: WeChatConfigs defines wechat notification configurations. + items: + description: |- + WeChatConfig configures notifications via WeChat. + See https://prometheus.io/docs/alerting/latest/configuration/#wechat_config + properties: + agent_id: + type: string + api_secret: + description: |- + The secret's key that contains the WeChat API key. + The secret needs to be in the same namespace as the AlertmanagerConfig + fallback to global alertmanager setting if empty + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key + must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + api_url: + description: |- + The WeChat API URL. + fallback to global alertmanager setting if empty + type: string + corp_id: + description: |- + The corp id for authentication. + fallback to global alertmanager setting if empty + type: string + http_config: + description: HTTP client configuration. + properties: + authorization: + description: |- + Authorization header configuration for the client. + This is mutually exclusive with BasicAuth and is only available starting from Alertmanager v0.22+. + properties: + credentials: + description: Reference to the secret with value + for authorization + properties: + key: + description: The key of the secret to select + from. Must be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or + its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + credentialsFile: + description: File with value for authorization + type: string + type: + description: Type of authorization, default to + bearer + type: string + type: object + basic_auth: + description: BasicAuth for the client. + properties: + password: + description: |- + Password defines reference for secret with password value + The secret needs to be in the same namespace as scrape object + properties: + key: + description: The key of the secret to select + from. Must be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or + its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + password_file: + description: |- + PasswordFile defines path to password file at disk + must be pre-mounted + type: string + username: + description: |- + Username defines reference for secret with username value + The secret needs to be in the same namespace as scrape object + properties: + key: + description: The key of the secret to select + from. Must be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or + its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + bearer_token_file: + description: BearerTokenFile defines filename for + bearer token, it must be mounted to pod. + type: string + bearer_token_secret: + description: |- + The secret's key that contains the bearer token + It must be at them same namespace as CRD + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its + key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + oauth2: + description: OAuth2 client credentials used to fetch + a token for the targets. + properties: + client_id: + description: The secret or configmap containing + the OAuth2 client id + properties: + configMap: + description: ConfigMap containing data to + use for the targets. + properties: + key: + description: The key to select. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the ConfigMap + or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + secret: + description: Secret containing data to use + for the targets. + properties: + key: + description: The key of the secret to + select from. Must be a valid secret + key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret + or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + client_secret: + description: The secret containing the OAuth2 + client secret + properties: + key: + description: The key of the secret to select + from. Must be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or + its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + client_secret_file: + description: ClientSecretFile defines path for + client secret file. + type: string + endpoint_params: + additionalProperties: + type: string + description: Parameters to append to the token + URL + type: object + proxy_url: + description: |- + The proxy URL for token_url connection + ( available from v0.55.0). + Is only supported by Scrape objects family + type: string + scopes: + description: OAuth2 scopes used for the token + request + items: + type: string + type: array + tls_config: + description: |- + TLSConfig for token_url connection + ( available from v0.55.0). + Is only supported by Scrape objects family + x-kubernetes-preserve-unknown-fields: true + token_url: + description: The URL to fetch the token from + minLength: 1 + type: string + required: + - client_id + - token_url + type: object + proxyURL: + description: Optional proxy URL. + type: string + tls_config: + description: TLS configuration for the client. + properties: + ca: + description: Struct containing the CA cert to + use for the targets. + properties: + configMap: + description: ConfigMap containing data to + use for the targets. + properties: + key: + description: The key to select. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the ConfigMap + or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + secret: + description: Secret containing data to use + for the targets. + properties: + key: + description: The key of the secret to + select from. Must be a valid secret + key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret + or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + caFile: + description: Path to the CA cert in the container + to use for the targets. + type: string + cert: + description: Struct containing the client cert + file for the targets. + properties: + configMap: + description: ConfigMap containing data to + use for the targets. + properties: + key: + description: The key to select. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the ConfigMap + or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + secret: + description: Secret containing data to use + for the targets. + properties: + key: + description: The key of the secret to + select from. Must be a valid secret + key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret + or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + certFile: + description: Path to the client cert file in the + container for the targets. + type: string + insecureSkipVerify: + description: Disable target certificate validation. + type: boolean + keyFile: + description: Path to the client key file in the + container for the targets. + type: string + keySecret: + description: Secret containing the client key + file for the targets. + properties: + key: + description: The key of the secret to select + from. Must be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or + its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + serverName: + description: Used to verify the hostname for the + targets. + type: string + type: object + type: object + message: + description: API request data as defined by the WeChat + API. + type: string + message_type: + type: string + send_resolved: + description: SendResolved controls notify about resolved + alerts. + type: boolean + to_party: + type: string + to_tag: + type: string + to_user: + type: string + type: object + type: array + required: + - name + type: object + type: array + route: + description: Route definition for alertmanager, may include nested + routes. + properties: + active_time_intervals: + description: |- + ActiveTimeIntervals Times when the route should be active + These must match the name at time_intervals + items: + type: string + type: array + continue: + description: |- + Continue indicating whether an alert should continue matching subsequent + sibling nodes. It will always be true for the first-level route if disableRouteContinueEnforce for vmalertmanager not set. + type: boolean + group_by: + description: List of labels to group by. + items: + type: string + type: array + group_interval: + description: How long to wait before sending an updated notification. + pattern: '[0-9]+(ms|s|m|h)' + type: string + group_wait: + description: How long to wait before sending the initial notification. + pattern: '[0-9]+(ms|s|m|h)' + type: string + matchers: + description: |- + List of matchers that the alert’s labels should match. For the first + level route, the operator adds a namespace: "CRD_NS" matcher. + https://prometheus.io/docs/alerting/latest/configuration/#matcher + items: + type: string + type: array + mute_time_intervals: + description: MuteTimeIntervals is a list of interval names that + will mute matched alert + items: + type: string + type: array + receiver: + description: Name of the receiver for this route. + type: string + repeat_interval: + description: How long to wait before repeating the last notification. + pattern: '[0-9]+(ms|s|m|h)' + type: string + routes: + description: |- + Child routes. + https://prometheus.io/docs/alerting/latest/configuration/#route + items: + x-kubernetes-preserve-unknown-fields: true + type: array + required: + - receiver + type: object + time_intervals: + description: |- + TimeIntervals defines named interval for active/mute notifications interval + See https://prometheus.io/docs/alerting/latest/configuration/#time_interval + items: + description: TimeIntervals for alerts + properties: + name: + description: Name of interval + type: string + time_intervals: + description: TimeIntervals interval configuration + items: + description: TimeInterval defines intervals of time + properties: + days_of_month: + description: |- + DayOfMonth defines list of numerical days in the month. Days begin at 1. Negative values are also accepted. + for example, ['1:5', '-3:-1'] + items: + type: string + type: array + location: + description: Location in golang time location form, e.g. + UTC + type: string + months: + description: |- + Months defines list of calendar months identified by a case-insensitive name (e.g. ‘January’) or numeric 1. + For example, ['1:3', 'may:august', 'december'] + items: + type: string + type: array + times: + description: Times defines time range for mute + items: + description: TimeRange ranges inclusive of the starting + time and exclusive of the end time + properties: + end_time: + description: EndTime for example HH:MM + type: string + start_time: + description: StartTime for example HH:MM + type: string + required: + - end_time + - start_time + type: object + type: array + weekdays: + description: Weekdays defines list of days of the week, + where the week begins on Sunday and ends on Saturday. + items: + type: string + type: array + years: + description: |- + Years defines numerical list of years, ranges are accepted. + For example, ['2020:2022', '2030'] + items: + type: string + type: array + type: object + type: array + required: + - name + - time_intervals + type: object + type: array + required: + - receivers + - route + type: object + status: + description: VMAlertmanagerConfigStatus defines the observed state of + VMAlertmanagerConfig + properties: + conditions: + description: 'Known .status.conditions.type are: "Available", "Progressing", + and "Degraded"' + items: + description: Condition defines status condition of the resource + properties: + lastTransitionTime: + description: lastTransitionTime is the last time the condition + transitioned from one status to another. + format: date-time + type: string + lastUpdateTime: + description: |- + LastUpdateTime is the last time of given type update. + This value is used for status TTL update and removal + format: date-time + type: string + message: + description: |- + message is a human readable message indicating details about the transition. + This may be an empty string. + maxLength: 32768 + type: string + observedGeneration: + description: |- + observedGeneration represents the .metadata.generation that the condition was set based upon. + For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date + with respect to the current state of the instance. + format: int64 + minimum: 0 + type: integer + reason: + description: |- + reason contains a programmatic identifier indicating the reason for the condition's last transition. + Producers of specific condition types may define expected values and meanings for this field, + and whether the values are considered a guaranteed API. + The value should be a CamelCase string. + This field may not be empty. + maxLength: 1024 + minLength: 1 + type: string + status: + description: status of the condition, one of True, False, Unknown. + enum: + - "True" + - "False" + - Unknown + type: string + type: + description: Type of condition in CamelCase or in name.namespace.resource.victoriametrics.com/CamelCase. + maxLength: 316 + type: string + required: + - lastTransitionTime + - lastUpdateTime + - reason + - status + - type + type: object + type: array + x-kubernetes-list-map-keys: + - type + x-kubernetes-list-type: map + lastErrorParentAlertmanagerName: + type: string + observedGeneration: + description: |- + ObservedGeneration defines current generation picked by operator for the + reconcile + format: int64 + type: integer + reason: + description: Reason defines human readable error reason + type: string + updateStatus: + description: UpdateStatus defines a status for update rollout + type: string + type: object + type: object + served: true + storage: true + subresources: + status: {} +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.18.0 + name: vmalertmanagers.operator.victoriametrics.com +spec: + group: operator.victoriametrics.com + names: + kind: VMAlertmanager + listKind: VMAlertmanagerList + plural: vmalertmanagers + shortNames: + - vma + singular: vmalertmanager + scope: Namespaced + versions: + - additionalPrinterColumns: + - description: The desired replicas number of Alertmanagers + jsonPath: .spec.replicaCount + name: ReplicaCount + type: integer + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + - description: Current update status + jsonPath: .status.updateStatus + name: Update Status + type: string + name: v1beta1 + schema: + openAPIV3Schema: + description: VMAlertmanager represents Victoria-Metrics deployment for Alertmanager. + properties: + apiVersion: + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + type: string + kind: + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + type: string + metadata: + type: object + spec: + description: |- + Specification of the desired behavior of the VMAlertmanager cluster. More info: + https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#spec-and-status + properties: + additionalPeers: + description: AdditionalPeers allows injecting a set of additional + Alertmanagers to peer with to form a highly available cluster. + items: + type: string + type: array + affinity: + description: Affinity If specified, the pod's scheduling constraints. + type: object + x-kubernetes-preserve-unknown-fields: true + claimTemplates: + description: ClaimTemplates allows adding additional VolumeClaimTemplates + for StatefulSet + items: + description: PersistentVolumeClaim is a user's request for and claim + to a persistent volume + properties: + apiVersion: + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + type: string + kind: + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + type: string + metadata: + description: |- + Standard object's metadata. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata + type: object + x-kubernetes-preserve-unknown-fields: true + spec: + description: |- + spec defines the desired characteristics of a volume requested by a pod author. + More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims + properties: + accessModes: + description: |- + accessModes contains the desired access modes the volume should have. + More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1 + items: + type: string + type: array + x-kubernetes-list-type: atomic + dataSource: + description: |- + dataSource field can be used to specify either: + * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot) + * An existing PVC (PersistentVolumeClaim) + If the provisioner or an external controller can support the specified data source, + it will create a new volume based on the contents of the specified data source. + When the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef, + and dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified. + If the namespace is specified, then dataSourceRef will not be copied to dataSource. + properties: + apiGroup: + description: |- + APIGroup is the group for the resource being referenced. + If APIGroup is not specified, the specified Kind must be in the core API group. + For any other third-party types, APIGroup is required. + type: string + kind: + description: Kind is the type of resource being referenced + type: string + name: + description: Name is the name of resource being referenced + type: string + required: + - kind + - name + type: object + x-kubernetes-map-type: atomic + dataSourceRef: + description: |- + dataSourceRef specifies the object from which to populate the volume with data, if a non-empty + volume is desired. This may be any object from a non-empty API group (non + core object) or a PersistentVolumeClaim object. + When this field is specified, volume binding will only succeed if the type of + the specified object matches some installed volume populator or dynamic + provisioner. + This field will replace the functionality of the dataSource field and as such + if both fields are non-empty, they must have the same value. For backwards + compatibility, when namespace isn't specified in dataSourceRef, + both fields (dataSource and dataSourceRef) will be set to the same + value automatically if one of them is empty and the other is non-empty. + When namespace is specified in dataSourceRef, + dataSource isn't set to the same value and must be empty. + There are three important differences between dataSource and dataSourceRef: + * While dataSource only allows two specific types of objects, dataSourceRef + allows any non-core object, as well as PersistentVolumeClaim objects. + * While dataSource ignores disallowed values (dropping them), dataSourceRef + preserves all values, and generates an error if a disallowed value is + specified. + * While dataSource only allows local objects, dataSourceRef allows objects + in any namespaces. + (Beta) Using this field requires the AnyVolumeDataSource feature gate to be enabled. + (Alpha) Using the namespace field of dataSourceRef requires the CrossNamespaceVolumeDataSource feature gate to be enabled. + properties: + apiGroup: + description: |- + APIGroup is the group for the resource being referenced. + If APIGroup is not specified, the specified Kind must be in the core API group. + For any other third-party types, APIGroup is required. + type: string + kind: + description: Kind is the type of resource being referenced + type: string + name: + description: Name is the name of resource being referenced + type: string + namespace: + description: |- + Namespace is the namespace of resource being referenced + Note that when a namespace is specified, a gateway.networking.k8s.io/ReferenceGrant object is required in the referent namespace to allow that namespace's owner to accept the reference. See the ReferenceGrant documentation for details. + (Alpha) This field requires the CrossNamespaceVolumeDataSource feature gate to be enabled. + type: string + required: + - kind + - name + type: object + resources: + description: |- + resources represents the minimum resources the volume should have. + If RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements + that are lower than previous value but must still be higher than capacity recorded in the + status field of the claim. + More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources + properties: + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: |- + Limits describes the maximum amount of compute resources allowed. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: |- + Requests describes the minimum amount of compute resources required. + If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, + otherwise to an implementation-defined value. Requests cannot exceed Limits. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + type: object + type: object + selector: + description: selector is a label query over volumes to consider + for binding. + properties: + matchExpressions: + description: matchExpressions is a list of label selector + requirements. The requirements are ANDed. + items: + description: |- + A label selector requirement is a selector that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: key is the label key that the selector + applies to. + type: string + operator: + description: |- + operator represents a key's relationship to a set of values. + Valid operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: |- + values is an array of string values. If the operator is In or NotIn, + the values array must be non-empty. If the operator is Exists or DoesNotExist, + the values array must be empty. This array is replaced during a strategic + merge patch. + items: + type: string + type: array + x-kubernetes-list-type: atomic + required: + - key + - operator + type: object + type: array + x-kubernetes-list-type: atomic + matchLabels: + additionalProperties: + type: string + description: |- + matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, whose key field is "key", the + operator is "In", and the values array contains only "value". The requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + storageClassName: + description: |- + storageClassName is the name of the StorageClass required by the claim. + More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1 + type: string + volumeAttributesClassName: + description: |- + volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim. + If specified, the CSI driver will create or update the volume with the attributes defined + in the corresponding VolumeAttributesClass. This has a different purpose than storageClassName, + it can be changed after the claim is created. An empty string value means that no VolumeAttributesClass + will be applied to the claim but it's not allowed to reset this field to empty string once it is set. + If unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass + will be set by the persistentvolume controller if it exists. + If the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be + set to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource + exists. + More info: https://kubernetes.io/docs/concepts/storage/volume-attributes-classes/ + (Beta) Using this field requires the VolumeAttributesClass feature gate to be enabled (off by default). + type: string + volumeMode: + description: |- + volumeMode defines what type of volume is required by the claim. + Value of Filesystem is implied when not included in claim spec. + type: string + volumeName: + description: volumeName is the binding reference to the + PersistentVolume backing this claim. + type: string + type: object + status: + description: |- + status represents the current information/status of a persistent volume claim. + Read-only. + More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims + properties: + accessModes: + description: |- + accessModes contains the actual access modes the volume backing the PVC has. + More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1 + items: + type: string + type: array + x-kubernetes-list-type: atomic + allocatedResourceStatuses: + additionalProperties: + description: |- + When a controller receives persistentvolume claim update with ClaimResourceStatus for a resource + that it does not recognizes, then it should ignore that update and let other controllers + handle it. + type: string + description: "allocatedResourceStatuses stores status of + resource being resized for the given PVC.\nKey names follow + standard Kubernetes label syntax. Valid values are either:\n\t* + Un-prefixed keys:\n\t\t- storage - the capacity of the + volume.\n\t* Custom resources must use implementation-defined + prefixed names such as \"example.com/my-custom-resource\"\nApart + from above values - keys that are unprefixed or have kubernetes.io + prefix are considered\nreserved and hence may not be used.\n\nClaimResourceStatus + can be in any of following states:\n\t- ControllerResizeInProgress:\n\t\tState + set when resize controller starts resizing the volume + in control-plane.\n\t- ControllerResizeFailed:\n\t\tState + set when resize has failed in resize controller with a + terminal error.\n\t- NodeResizePending:\n\t\tState set + when resize controller has finished resizing the volume + but further resizing of\n\t\tvolume is needed on the node.\n\t- + NodeResizeInProgress:\n\t\tState set when kubelet starts + resizing the volume.\n\t- NodeResizeFailed:\n\t\tState + set when resizing has failed in kubelet with a terminal + error. Transient errors don't set\n\t\tNodeResizeFailed.\nFor + example: if expanding a PVC for more capacity - this field + can be one of the following states:\n\t- pvc.status.allocatedResourceStatus['storage'] + = \"ControllerResizeInProgress\"\n - pvc.status.allocatedResourceStatus['storage'] + = \"ControllerResizeFailed\"\n - pvc.status.allocatedResourceStatus['storage'] + = \"NodeResizePending\"\n - pvc.status.allocatedResourceStatus['storage'] + = \"NodeResizeInProgress\"\n - pvc.status.allocatedResourceStatus['storage'] + = \"NodeResizeFailed\"\nWhen this field is not set, it + means that no resize operation is in progress for the + given PVC.\n\nA controller that receives PVC update with + previously unknown resourceName or ClaimResourceStatus\nshould + ignore the update for the purpose it was designed. For + example - a controller that\nonly is responsible for resizing + capacity of the volume, should ignore PVC updates that + change other valid\nresources associated with PVC.\n\nThis + is an alpha field and requires enabling RecoverVolumeExpansionFailure + feature." + type: object + x-kubernetes-map-type: granular + allocatedResources: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: "allocatedResources tracks the resources allocated + to a PVC including its capacity.\nKey names follow standard + Kubernetes label syntax. Valid values are either:\n\t* + Un-prefixed keys:\n\t\t- storage - the capacity of the + volume.\n\t* Custom resources must use implementation-defined + prefixed names such as \"example.com/my-custom-resource\"\nApart + from above values - keys that are unprefixed or have kubernetes.io + prefix are considered\nreserved and hence may not be used.\n\nCapacity + reported here may be larger than the actual capacity when + a volume expansion operation\nis requested.\nFor storage + quota, the larger value from allocatedResources and PVC.spec.resources + is used.\nIf allocatedResources is not set, PVC.spec.resources + alone is used for quota calculation.\nIf a volume expansion + capacity request is lowered, allocatedResources is only\nlowered + if there are no expansion operations in progress and if + the actual volume capacity\nis equal or lower than the + requested capacity.\n\nA controller that receives PVC + update with previously unknown resourceName\nshould ignore + the update for the purpose it was designed. For example + - a controller that\nonly is responsible for resizing + capacity of the volume, should ignore PVC updates that + change other valid\nresources associated with PVC.\n\nThis + is an alpha field and requires enabling RecoverVolumeExpansionFailure + feature." + type: object + capacity: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: capacity represents the actual resources of + the underlying volume. + type: object + conditions: + description: |- + conditions is the current Condition of persistent volume claim. If underlying persistent volume is being + resized then the Condition will be set to 'Resizing'. + items: + description: PersistentVolumeClaimCondition contains details + about state of pvc + properties: + lastProbeTime: + description: lastProbeTime is the time we probed the + condition. + format: date-time + type: string + lastTransitionTime: + description: lastTransitionTime is the time the condition + transitioned from one status to another. + format: date-time + type: string + message: + description: message is the human-readable message + indicating details about last transition. + type: string + reason: + description: |- + reason is a unique, this should be a short, machine understandable string that gives the reason + for condition's last transition. If it reports "Resizing" that means the underlying + persistent volume is being resized. + type: string + status: + description: |- + Status is the status of the condition. + Can be True, False, Unknown. + More info: https://kubernetes.io/docs/reference/kubernetes-api/config-and-storage-resources/persistent-volume-claim-v1/#:~:text=state%20of%20pvc-,conditions.status,-(string)%2C%20required + type: string + type: + description: |- + Type is the type of the condition. + More info: https://kubernetes.io/docs/reference/kubernetes-api/config-and-storage-resources/persistent-volume-claim-v1/#:~:text=set%20to%20%27ResizeStarted%27.-,PersistentVolumeClaimCondition,-contains%20details%20about + type: string + required: + - status + - type + type: object + type: array + x-kubernetes-list-map-keys: + - type + x-kubernetes-list-type: map + currentVolumeAttributesClassName: + description: |- + currentVolumeAttributesClassName is the current name of the VolumeAttributesClass the PVC is using. + When unset, there is no VolumeAttributeClass applied to this PersistentVolumeClaim + This is a beta field and requires enabling VolumeAttributesClass feature (off by default). + type: string + modifyVolumeStatus: + description: |- + ModifyVolumeStatus represents the status object of ControllerModifyVolume operation. + When this is unset, there is no ModifyVolume operation being attempted. + This is a beta field and requires enabling VolumeAttributesClass feature (off by default). + properties: + status: + description: "status is the status of the ControllerModifyVolume + operation. It can be in any of following states:\n + - Pending\n Pending indicates that the PersistentVolumeClaim + cannot be modified due to unmet requirements, such + as\n the specified VolumeAttributesClass not existing.\n + - InProgress\n InProgress indicates that the volume + is being modified.\n - Infeasible\n Infeasible indicates + that the request has been rejected as invalid by the + CSI driver. To\n\t resolve the error, a valid VolumeAttributesClass + needs to be specified.\nNote: New statuses can be + added in the future. Consumers should check for unknown + statuses and fail appropriately." + type: string + targetVolumeAttributesClassName: + description: targetVolumeAttributesClassName is the + name of the VolumeAttributesClass the PVC currently + being reconciled + type: string + required: + - status + type: object + phase: + description: phase represents the current phase of PersistentVolumeClaim. + type: string + type: object + type: object + type: array + clusterAdvertiseAddress: + description: |- + ClusterAdvertiseAddress is the explicit address to advertise in cluster. + Needs to be provided for non RFC1918 [1] (public) addresses. + [1] RFC1918: https://tools.ietf.org/html/rfc1918 + type: string + clusterDomainName: + description: |- + ClusterDomainName defines domain name suffix for in-cluster dns addresses + aka .cluster.local + used to build pod peer addresses for in-cluster communication + type: string + configMaps: + description: |- + ConfigMaps is a list of ConfigMaps in the same namespace as the Application + object, which shall be mounted into the Application container + at /etc/vm/configs/CONFIGMAP_NAME folder + items: + type: string + type: array + configNamespaceSelector: + description: |2- + ConfigNamespaceSelector defines namespace selector for VMAlertmanagerConfig. + Works in combination with Selector. + NamespaceSelector nil - only objects at VMAlertmanager namespace. + Selector nil - only objects at NamespaceSelector namespaces. + If both nil - behaviour controlled by selectAllByDefault + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. + The requirements are ANDed. + items: + description: |- + A label selector requirement is a selector that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: key is the label key that the selector applies + to. + type: string + operator: + description: |- + operator represents a key's relationship to a set of values. + Valid operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: |- + values is an array of string values. If the operator is In or NotIn, + the values array must be non-empty. If the operator is Exists or DoesNotExist, + the values array must be empty. This array is replaced during a strategic + merge patch. + items: + type: string + type: array + x-kubernetes-list-type: atomic + required: + - key + - operator + type: object + type: array + x-kubernetes-list-type: atomic + matchLabels: + additionalProperties: + type: string + description: |- + matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, whose key field is "key", the + operator is "In", and the values array contains only "value". The requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + configRawYaml: + description: |- + ConfigRawYaml - raw configuration for alertmanager, + it helps it to start without secret. + priority -> hardcoded ConfigRaw -> ConfigRaw, provided by user -> ConfigSecret. + type: string + configReloadAuthKeySecret: + description: |- + ConfigReloadAuthKeySecret defines optional secret reference authKey for /-/reload API requests. + Given secret reference will be added to the application and vm-config-reloader as volume + available since v0.57.0 version + properties: + key: + description: The key of the secret to select from. Must be a + valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + configReloaderExtraArgs: + additionalProperties: + type: string + description: |- + ConfigReloaderExtraArgs that will be passed to VMAuths config-reloader container + for example resyncInterval: "30s" + type: object + configReloaderImageTag: + description: ConfigReloaderImageTag defines image:tag for config-reloader + container + type: string + configReloaderResources: + description: |- + ConfigReloaderResources config-reloader container resource request and limits, https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + if not defined default resources from operator config will be used + properties: + claims: + description: |- + Claims lists the names of resources, defined in spec.resourceClaims, + that are used by this container. + + This is an alpha field and requires enabling the + DynamicResourceAllocation feature gate. + + This field is immutable. It can only be set for containers. + items: + description: ResourceClaim references one entry in PodSpec.ResourceClaims. + properties: + name: + description: |- + Name must match the name of one entry in pod.spec.resourceClaims of + the Pod where this field is used. It makes that resource available + inside a container. + type: string + request: + description: |- + Request is the name chosen for a request in the referenced claim. + If empty, everything from the claim is made available, otherwise + only the result of this request. + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: |- + Limits describes the maximum amount of compute resources allowed. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: |- + Requests describes the minimum amount of compute resources required. + If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, + otherwise to an implementation-defined value. Requests cannot exceed Limits. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + type: object + type: object + configSecret: + description: |- + ConfigSecret is the name of a Kubernetes Secret in the same namespace as the + VMAlertmanager object, which contains configuration for this VMAlertmanager, + configuration must be inside secret key: alertmanager.yaml. + It must be created by user. + instance. Defaults to 'vmalertmanager-' + The secret is mounted into /etc/alertmanager/config. + type: string + configSelector: + description: |- + ConfigSelector defines selector for VMAlertmanagerConfig, result config will be merged with with Raw or Secret config. + Works in combination with NamespaceSelector. + NamespaceSelector nil - only objects at VMAlertmanager namespace. + Selector nil - only objects at NamespaceSelector namespaces. + If both nil - behaviour controlled by selectAllByDefault + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. + The requirements are ANDed. + items: + description: |- + A label selector requirement is a selector that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: key is the label key that the selector applies + to. + type: string + operator: + description: |- + operator represents a key's relationship to a set of values. + Valid operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: |- + values is an array of string values. If the operator is In or NotIn, + the values array must be non-empty. If the operator is Exists or DoesNotExist, + the values array must be empty. This array is replaced during a strategic + merge patch. + items: + type: string + type: array + x-kubernetes-list-type: atomic + required: + - key + - operator + type: object + type: array + x-kubernetes-list-type: atomic + matchLabels: + additionalProperties: + type: string + description: |- + matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, whose key field is "key", the + operator is "In", and the values array contains only "value". The requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + containers: + description: |- + Containers property allows to inject additions sidecars or to patch existing containers. + It can be useful for proxies, backup, etc. + items: + description: A single application container that you want to run + within a pod. + required: + - name + type: object + x-kubernetes-preserve-unknown-fields: true + type: array + disableAutomountServiceAccountToken: + description: |- + DisableAutomountServiceAccountToken whether to disable serviceAccount auto mount by Kubernetes (available from v0.54.0). + Operator will conditionally create volumes and volumeMounts for containers if it requires k8s API access. + For example, vmagent and vm-config-reloader requires k8s API access. + Operator creates volumes with name: "kube-api-access", which can be used as volumeMount for extraContainers if needed. + And also adds VolumeMounts at /var/run/secrets/kubernetes.io/serviceaccount. + type: boolean + disableNamespaceMatcher: + description: |- + DisableNamespaceMatcher disables adding top route label matcher "namespace = " for VMAlertmanagerConfig + It may be useful if alert doesn't have namespace label for some reason + type: boolean + disableRouteContinueEnforce: + description: DisableRouteContinueEnforce cancel the behavior for VMAlertmanagerConfig + that always enforce first-level route continue to true + type: boolean + disableSelfServiceScrape: + description: |- + DisableSelfServiceScrape controls creation of VMServiceScrape by operator + for the application. + Has priority over `VM_DISABLESELFSERVICESCRAPECREATION` operator env variable + type: boolean + dnsConfig: + description: |- + Specifies the DNS parameters of a pod. + Parameters specified here will be merged to the generated DNS + configuration based on DNSPolicy. + items: + x-kubernetes-preserve-unknown-fields: true + properties: + nameservers: + description: |- + A list of DNS name server IP addresses. + This will be appended to the base nameservers generated from DNSPolicy. + Duplicated nameservers will be removed. + items: + type: string + type: array + x-kubernetes-list-type: atomic + options: + description: |- + A list of DNS resolver options. + This will be merged with the base options generated from DNSPolicy. + Duplicated entries will be removed. Resolution options given in Options + will override those that appear in the base DNSPolicy. + items: + description: PodDNSConfigOption defines DNS resolver options + of a pod. + properties: + name: + description: |- + Name is this DNS resolver option's name. + Required. + type: string + value: + description: Value is this DNS resolver option's value. + type: string + type: object + type: array + x-kubernetes-list-type: atomic + searches: + description: |- + A list of DNS search domains for host-name lookup. + This will be appended to the base search paths generated from DNSPolicy. + Duplicated search paths will be removed. + items: + type: string + type: array + x-kubernetes-list-type: atomic + type: object + dnsPolicy: + description: DNSPolicy sets DNS policy for the pod + type: string + enforcedNamespaceLabel: + description: |- + EnforcedNamespaceLabel defines the namespace label key for top route matcher for VMAlertmanagerConfig + Default is "namespace" + type: string + enforcedTopRouteMatchers: + description: |- + EnforcedTopRouteMatchers defines label matchers to be added for the top route + of VMAlertmanagerConfig + It allows to make some set of labels required for alerts. + https://prometheus.io/docs/alerting/latest/configuration/#matcher + items: + type: string + type: array + externalURL: + description: |- + ExternalURL the VMAlertmanager instances will be available under. This is + necessary to generate correct URLs. This is necessary if VMAlertmanager is not + served from root of a DNS name. + type: string + extraArgs: + additionalProperties: + type: string + description: |- + ExtraArgs that will be passed to the application container + for example remoteWrite.tmpDataPath: /tmp + type: object + extraEnvs: + description: ExtraEnvs that will be passed to the application container + items: + description: EnvVar represents an environment variable present in + a Container. + properties: + name: + description: Name of the environment variable. Must be a C_IDENTIFIER. + type: string + value: + description: |- + Variable references $(VAR_NAME) are expanded + using the previously defined environment variables in the container and + any service environment variables. If a variable cannot be resolved, + the reference in the input string will be unchanged. Double $$ are reduced + to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. + "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". + Escaped references will never be expanded, regardless of whether the variable + exists or not. + Defaults to "". + type: string + required: + - name + type: object + x-kubernetes-preserve-unknown-fields: true + type: array + extraEnvsFrom: + description: |- + ExtraEnvsFrom defines source of env variables for the application container + could either be secret or configmap + items: + description: EnvFromSource represents the source of a set of ConfigMaps + properties: + configMapRef: + description: The ConfigMap to select from + properties: + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the ConfigMap must be defined + type: boolean + type: object + x-kubernetes-map-type: atomic + prefix: + description: An optional identifier to prepend to each key in + the ConfigMap. Must be a C_IDENTIFIER. + type: string + secretRef: + description: The Secret to select from + properties: + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret must be defined + type: boolean + type: object + x-kubernetes-map-type: atomic + type: object + type: array + gossipConfig: + description: GossipConfig defines gossip TLS configuration for Alertmanager + cluster + properties: + tls_client_config: + description: TLSClientConfig defines client TLS configuration + for alertmanager + properties: + ca_file: + description: |- + CAFile defines path to the pre-mounted file with CA + mutually exclusive with CASecretRef + type: string + ca_secret_ref: + description: |- + CA defines reference for secret with CA content under given key + mutually exclusive with CAFile + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + cert_file: + description: |- + CertFile defines path to the pre-mounted file with certificate + mutually exclusive with CertSecretRef + type: string + cert_secret_ref: + description: |- + CertSecretRef defines reference for secret with certificate content under given key + mutually exclusive with CertFile + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + insecure_skip_verify: + description: |- + Cert defines reference for secret with CA content under given key + mutually exclusive with CertFile + type: boolean + key_file: + description: |- + KeyFile defines path to the pre-mounted file with certificate key + mutually exclusive with KeySecretRef + type: string + key_secret_ref: + description: |- + Key defines reference for secret with certificate key content under given key + mutually exclusive with KeyFile + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + server_name: + description: ServerName indicates a name of a server + type: string + type: object + tls_server_config: + description: TLSServerConfig defines server TLS configuration + for alertmanager + properties: + cert_file: + description: |- + CertFile defines path to the pre-mounted file with certificate + mutually exclusive with CertSecretRef + type: string + cert_secret_ref: + description: |- + CertSecretRef defines reference for secret with certificate content under given key + mutually exclusive with CertFile + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + cipher_suites: + description: |- + CipherSuites defines list of supported cipher suites for TLS versions up to TLS 1.2 + https://golang.org/pkg/crypto/tls/#pkg-constants + items: + type: string + type: array + client_auth_type: + description: |- + Cert defines reference for secret with CA content under given key + mutually exclusive with CertFile + ClientAuthType defines server policy for client authentication + If you want to enable client authentication (aka mTLS), you need to use RequireAndVerifyClientCert + Note, mTLS is supported only at enterprise version of VictoriaMetrics components + enum: + - NoClientCert + - RequireAndVerifyClientCert + type: string + client_ca_file: + description: |- + ClientCAFile defines path to the pre-mounted file with CA + mutually exclusive with ClientCASecretRef + type: string + client_ca_secret_ref: + description: |- + ClientCASecretRef defines reference for secret with CA content under given key + mutually exclusive with ClientCAFile + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + curve_preferences: + description: |- + CurvePreferences defines elliptic curves that will be used in an ECDHE handshake, in preference order. + https://golang.org/pkg/crypto/tls/#CurveID + items: + type: string + type: array + key_file: + description: |- + KeyFile defines path to the pre-mounted file with certificate key + mutually exclusive with KeySecretRef + type: string + key_secret_ref: + description: |- + Key defines reference for secret with certificate key content under given key + mutually exclusive with KeyFile + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + max_version: + description: MaxVersion maximum TLS version that is acceptable. + enum: + - TLS10 + - TLS11 + - TLS12 + - TLS13 + type: string + min_version: + description: MinVersion minimum TLS version that is acceptable. + enum: + - TLS10 + - TLS11 + - TLS12 + - TLS13 + type: string + prefer_server_cipher_suites: + description: |- + PreferServerCipherSuites controls whether the server selects the + client's most preferred ciphersuite + type: boolean + type: object + type: object + host_aliases: + description: |- + HostAliasesUnderScore provides mapping for ip and hostname, + that would be propagated to pod, + cannot be used with HostNetwork. + Has Priority over hostAliases field + items: + description: |- + HostAlias holds the mapping between IP and hostnames that will be injected as an entry in the + pod's hosts file. + properties: + hostnames: + description: Hostnames for the above IP address. + items: + type: string + type: array + x-kubernetes-list-type: atomic + ip: + description: IP address of the host file entry. + type: string + required: + - ip + type: object + type: array + hostAliases: + description: |- + HostAliases provides mapping for ip and hostname, + that would be propagated to pod, + cannot be used with HostNetwork. + items: + description: |- + HostAlias holds the mapping between IP and hostnames that will be injected as an entry in the + pod's hosts file. + properties: + hostnames: + description: Hostnames for the above IP address. + items: + type: string + type: array + x-kubernetes-list-type: atomic + ip: + description: IP address of the host file entry. + type: string + required: + - ip + type: object + type: array + hostNetwork: + description: HostNetwork controls whether the pod may use the node + network namespace + type: boolean + image: + description: |- + Image - docker image settings + if no specified operator uses default version from operator config + properties: + pullPolicy: + description: PullPolicy describes how to pull docker image + type: string + repository: + description: Repository contains name of docker image + it's repository + if needed + type: string + tag: + description: Tag contains desired docker image version + type: string + type: object + imagePullSecrets: + description: |- + ImagePullSecrets An optional list of references to secrets in the same namespace + to use for pulling images from registries + see https://kubernetes.io/docs/concepts/containers/images/#referring-to-an-imagepullsecrets-on-a-pod + items: + description: |- + LocalObjectReference contains enough information to let you locate the + referenced object inside the same namespace. + properties: + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + type: object + x-kubernetes-map-type: atomic + type: array + initContainers: + description: |- + InitContainers allows adding initContainers to the pod definition. + Any errors during the execution of an initContainer will lead to a restart of the Pod. + More info: https://kubernetes.io/docs/concepts/workloads/pods/init-containers/ + items: + description: A single application container that you want to run + within a pod. + required: + - name + type: object + x-kubernetes-preserve-unknown-fields: true + type: array + listenLocal: + description: |- + ListenLocal makes the VMAlertmanager server listen on loopback, so that it + does not bind against the Pod IP. Note this is only for the VMAlertmanager + UI, not the gossip communication. + type: boolean + livenessProbe: + description: LivenessProbe that will be added CRD pod + type: object + x-kubernetes-preserve-unknown-fields: true + logFormat: + description: LogFormat for VMAlertmanager to be configured with. + enum: + - logfmt + - json + type: string + logLevel: + description: Log level for VMAlertmanager to be configured with. + enum: + - debug + - info + - warn + - error + - DEBUG + - INFO + - WARN + - ERROR + type: string + managedMetadata: + description: |- + ManagedMetadata defines metadata that will be added to the all objects + created by operator for the given CustomResource + properties: + annotations: + additionalProperties: + type: string + description: |- + Annotations is an unstructured key value map stored with a resource that may be + set by external tools to store and retrieve arbitrary metadata. They are not + queryable and should be preserved when modifying objects. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations + type: object + labels: + additionalProperties: + type: string + description: |- + Labels Map of string keys and values that can be used to organize and categorize + (scope and select) objects. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels + type: object + type: object + minReadySeconds: + description: |- + MinReadySeconds defines a minimum number of seconds to wait before starting update next pod + if previous in healthy state + Has no effect for VLogs and VMSingle + format: int32 + type: integer + nodeSelector: + additionalProperties: + type: string + description: NodeSelector Define which Nodes the Pods are scheduled + on. + type: object + paused: + description: |- + Paused If set to true all actions on the underlying managed objects are not + going to be performed, except for delete actions. + type: boolean + persistentVolumeClaimRetentionPolicy: + description: PersistentVolumeClaimRetentionPolicy allows configuration + of PVC retention policy + properties: + whenDeleted: + description: |- + WhenDeleted specifies what happens to PVCs created from StatefulSet + VolumeClaimTemplates when the StatefulSet is deleted. The default policy + of `Retain` causes PVCs to not be affected by StatefulSet deletion. The + `Delete` policy causes those PVCs to be deleted. + type: string + whenScaled: + description: |- + WhenScaled specifies what happens to PVCs created from StatefulSet + VolumeClaimTemplates when the StatefulSet is scaled down. The default + policy of `Retain` causes PVCs to not be affected by a scaledown. The + `Delete` policy causes the associated PVCs for any excess pods above + the replica count to be deleted. + type: string + type: object + podDisruptionBudget: + description: PodDisruptionBudget created by operator + properties: + maxUnavailable: + anyOf: + - type: integer + - type: string + description: |- + An eviction is allowed if at most "maxUnavailable" pods selected by + "selector" are unavailable after the eviction, i.e. even in absence of + the evicted pod. For example, one can prevent all voluntary evictions + by specifying 0. This is a mutually exclusive setting with "minAvailable". + x-kubernetes-int-or-string: true + minAvailable: + anyOf: + - type: integer + - type: string + description: |- + An eviction is allowed if at least "minAvailable" pods selected by + "selector" will still be available after the eviction, i.e. even in the + absence of the evicted pod. So for example you can prevent all voluntary + evictions by specifying "100%". + x-kubernetes-int-or-string: true + selectorLabels: + additionalProperties: + type: string + description: |- + replaces default labels selector generated by operator + it's useful when you need to create custom budget + type: object + type: object + podMetadata: + description: PodMetadata configures Labels and Annotations which are + propagated to the alertmanager pods. + properties: + annotations: + additionalProperties: + type: string + description: |- + Annotations is an unstructured key value map stored with a resource that may be + set by external tools to store and retrieve arbitrary metadata. They are not + queryable and should be preserved when modifying objects. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations + type: object + labels: + additionalProperties: + type: string + description: |- + Labels Map of string keys and values that can be used to organize and categorize + (scope and select) objects. May match selectors of replication controllers + and services. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels + type: object + name: + description: |- + Name must be unique within a namespace. Is required when creating resources, although + some resources may allow a client to request the generation of an appropriate name + automatically. Name is primarily intended for creation idempotence and configuration + definition. + Cannot be updated. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names#names + type: string + type: object + port: + description: Port listen address + type: string + portName: + description: |- + PortName used for the pods and governing service. + This defaults to web + type: string + priorityClassName: + description: PriorityClassName class assigned to the Pods + type: string + readinessGates: + description: ReadinessGates defines pod readiness gates + items: + description: PodReadinessGate contains the reference to a pod condition + properties: + conditionType: + description: ConditionType refers to a condition in the pod's + condition list with matching type. + type: string + required: + - conditionType + type: object + type: array + readinessProbe: + description: ReadinessProbe that will be added CRD pod + type: object + x-kubernetes-preserve-unknown-fields: true + replicaCount: + description: ReplicaCount is the expected size of the Application. + format: int32 + type: integer + resources: + description: |- + Resources container resource request and limits, https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + if not defined default resources from operator config will be used + properties: + claims: + description: |- + Claims lists the names of resources, defined in spec.resourceClaims, + that are used by this container. + + This is an alpha field and requires enabling the + DynamicResourceAllocation feature gate. + + This field is immutable. It can only be set for containers. + items: + description: ResourceClaim references one entry in PodSpec.ResourceClaims. + properties: + name: + description: |- + Name must match the name of one entry in pod.spec.resourceClaims of + the Pod where this field is used. It makes that resource available + inside a container. + type: string + request: + description: |- + Request is the name chosen for a request in the referenced claim. + If empty, everything from the claim is made available, otherwise + only the result of this request. + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: |- + Limits describes the maximum amount of compute resources allowed. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: |- + Requests describes the minimum amount of compute resources required. + If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, + otherwise to an implementation-defined value. Requests cannot exceed Limits. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + type: object + type: object + retention: + description: |- + Retention Time duration VMAlertmanager shall retain data for. Default is '120h', + and must match the regular expression `[0-9]+(ms|s|m|h)` (milliseconds seconds minutes hours). + pattern: '[0-9]+(ms|s|m|h)' + type: string + revisionHistoryLimitCount: + description: |- + The number of old ReplicaSets to retain to allow rollback in deployment or + maximum number of revisions that will be maintained in the Deployment revision history. + Has no effect at StatefulSets + Defaults to 10. + format: int32 + type: integer + rollingUpdateStrategy: + description: |- + RollingUpdateStrategy defines strategy for application updates + Default is OnDelete, in this case operator handles update process + Can be changed for RollingUpdate + type: string + routePrefix: + description: |- + RoutePrefix VMAlertmanager registers HTTP handlers for. This is useful, + if using ExternalURL and a proxy is rewriting HTTP routes of a request, + and the actual ExternalURL is still true, but the server serves requests + under a different route prefix. For example for use with `kubectl proxy`. + type: string + runtimeClassName: + description: |- + RuntimeClassName - defines runtime class for kubernetes pod. + https://kubernetes.io/docs/concepts/containers/runtime-class/ + type: string + schedulerName: + description: SchedulerName - defines kubernetes scheduler name + type: string + secrets: + description: |- + Secrets is a list of Secrets in the same namespace as the Application + object, which shall be mounted into the Application container + at /etc/vm/secrets/SECRET_NAME folder + items: + type: string + type: array + securityContext: + description: |- + SecurityContext holds pod-level security attributes and common container settings. + This defaults to the default PodSecurityContext. + type: object + x-kubernetes-preserve-unknown-fields: true + selectAllByDefault: + description: |- + SelectAllByDefault changes default behavior for empty CRD selectors, such ConfigSelector. + with selectAllByDefault: true and undefined ConfigSelector and ConfigNamespaceSelector + Operator selects all exist alertManagerConfigs + with selectAllByDefault: false - selects nothing + type: boolean + serviceAccountName: + description: ServiceAccountName is the name of the ServiceAccount + to use to run the pods + type: string + serviceScrapeSpec: + description: ServiceScrapeSpec that will be added to vmalertmanager + VMServiceScrape spec + required: + - endpoints + type: object + x-kubernetes-preserve-unknown-fields: true + serviceSpec: + description: ServiceSpec that will be added to vmalertmanager service + spec + properties: + metadata: + description: EmbeddedObjectMetadata defines objectMeta for additional + service. + properties: + annotations: + additionalProperties: + type: string + description: |- + Annotations is an unstructured key value map stored with a resource that may be + set by external tools to store and retrieve arbitrary metadata. They are not + queryable and should be preserved when modifying objects. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations + type: object + labels: + additionalProperties: + type: string + description: |- + Labels Map of string keys and values that can be used to organize and categorize + (scope and select) objects. May match selectors of replication controllers + and services. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels + type: object + name: + description: |- + Name must be unique within a namespace. Is required when creating resources, although + some resources may allow a client to request the generation of an appropriate name + automatically. Name is primarily intended for creation idempotence and configuration + definition. + Cannot be updated. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names#names + type: string + type: object + spec: + description: |- + ServiceSpec describes the attributes that a user creates on a service. + More info: https://kubernetes.io/docs/concepts/services-networking/service/ + type: object + x-kubernetes-preserve-unknown-fields: true + useAsDefault: + description: |- + UseAsDefault applies changes from given service definition to the main object Service + Changing from headless service to clusterIP or loadbalancer may break cross-component communication + type: boolean + required: + - spec + type: object + startupProbe: + description: StartupProbe that will be added to CRD pod + type: object + x-kubernetes-preserve-unknown-fields: true + storage: + description: |- + Storage is the definition of how storage will be used by the VMAlertmanager + instances. + properties: + disableMountSubPath: + description: |- + Deprecated: subPath usage will be disabled by default in a future release, this option will become unnecessary. + DisableMountSubPath allows to remove any subPath usage in volume mounts. + type: boolean + emptyDir: + description: |- + EmptyDirVolumeSource to be used by the Prometheus StatefulSets. If specified, used in place of any volumeClaimTemplate. More + info: https://kubernetes.io/docs/concepts/storage/volumes/#emptydir + properties: + medium: + description: |- + medium represents what type of storage medium should back this directory. + The default is "" which means to use the node's default medium. + Must be an empty string (default) or Memory. + More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir + type: string + sizeLimit: + anyOf: + - type: integer + - type: string + description: |- + sizeLimit is the total amount of local storage required for this EmptyDir volume. + The size limit is also applicable for memory medium. + The maximum usage on memory medium EmptyDir would be the minimum value between + the SizeLimit specified here and the sum of memory limits of all containers in a pod. + The default is nil which means that the limit is undefined. + More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + volumeClaimTemplate: + description: A PVC spec to be used by the StatefulSets/Deployments. + properties: + apiVersion: + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + type: string + kind: + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + type: string + metadata: + description: EmbeddedMetadata contains metadata relevant to + an EmbeddedResource. + properties: + annotations: + additionalProperties: + type: string + description: |- + Annotations is an unstructured key value map stored with a resource that may be + set by external tools to store and retrieve arbitrary metadata. They are not + queryable and should be preserved when modifying objects. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations + type: object + labels: + additionalProperties: + type: string + description: |- + Labels Map of string keys and values that can be used to organize and categorize + (scope and select) objects. May match selectors of replication controllers + and services. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels + type: object + name: + description: |- + Name must be unique within a namespace. Is required when creating resources, although + some resources may allow a client to request the generation of an appropriate name + automatically. Name is primarily intended for creation idempotence and configuration + definition. + Cannot be updated. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names#names + type: string + type: object + spec: + description: |- + Spec defines the desired characteristics of a volume requested by a pod author. + More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims + properties: + accessModes: + description: |- + accessModes contains the desired access modes the volume should have. + More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1 + items: + type: string + type: array + x-kubernetes-list-type: atomic + dataSource: + description: |- + dataSource field can be used to specify either: + * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot) + * An existing PVC (PersistentVolumeClaim) + If the provisioner or an external controller can support the specified data source, + it will create a new volume based on the contents of the specified data source. + When the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef, + and dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified. + If the namespace is specified, then dataSourceRef will not be copied to dataSource. + properties: + apiGroup: + description: |- + APIGroup is the group for the resource being referenced. + If APIGroup is not specified, the specified Kind must be in the core API group. + For any other third-party types, APIGroup is required. + type: string + kind: + description: Kind is the type of resource being referenced + type: string + name: + description: Name is the name of resource being referenced + type: string + required: + - kind + - name + type: object + x-kubernetes-map-type: atomic + dataSourceRef: + description: |- + dataSourceRef specifies the object from which to populate the volume with data, if a non-empty + volume is desired. This may be any object from a non-empty API group (non + core object) or a PersistentVolumeClaim object. + When this field is specified, volume binding will only succeed if the type of + the specified object matches some installed volume populator or dynamic + provisioner. + This field will replace the functionality of the dataSource field and as such + if both fields are non-empty, they must have the same value. For backwards + compatibility, when namespace isn't specified in dataSourceRef, + both fields (dataSource and dataSourceRef) will be set to the same + value automatically if one of them is empty and the other is non-empty. + When namespace is specified in dataSourceRef, + dataSource isn't set to the same value and must be empty. + There are three important differences between dataSource and dataSourceRef: + * While dataSource only allows two specific types of objects, dataSourceRef + allows any non-core object, as well as PersistentVolumeClaim objects. + * While dataSource ignores disallowed values (dropping them), dataSourceRef + preserves all values, and generates an error if a disallowed value is + specified. + * While dataSource only allows local objects, dataSourceRef allows objects + in any namespaces. + (Beta) Using this field requires the AnyVolumeDataSource feature gate to be enabled. + (Alpha) Using the namespace field of dataSourceRef requires the CrossNamespaceVolumeDataSource feature gate to be enabled. + properties: + apiGroup: + description: |- + APIGroup is the group for the resource being referenced. + If APIGroup is not specified, the specified Kind must be in the core API group. + For any other third-party types, APIGroup is required. + type: string + kind: + description: Kind is the type of resource being referenced + type: string + name: + description: Name is the name of resource being referenced + type: string + namespace: + description: |- + Namespace is the namespace of resource being referenced + Note that when a namespace is specified, a gateway.networking.k8s.io/ReferenceGrant object is required in the referent namespace to allow that namespace's owner to accept the reference. See the ReferenceGrant documentation for details. + (Alpha) This field requires the CrossNamespaceVolumeDataSource feature gate to be enabled. + type: string + required: + - kind + - name + type: object + resources: + description: |- + resources represents the minimum resources the volume should have. + If RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements + that are lower than previous value but must still be higher than capacity recorded in the + status field of the claim. + More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources + properties: + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: |- + Limits describes the maximum amount of compute resources allowed. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: |- + Requests describes the minimum amount of compute resources required. + If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, + otherwise to an implementation-defined value. Requests cannot exceed Limits. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + type: object + type: object + selector: + description: selector is a label query over volumes to + consider for binding. + properties: + matchExpressions: + description: matchExpressions is a list of label selector + requirements. The requirements are ANDed. + items: + description: |- + A label selector requirement is a selector that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: key is the label key that the selector + applies to. + type: string + operator: + description: |- + operator represents a key's relationship to a set of values. + Valid operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: |- + values is an array of string values. If the operator is In or NotIn, + the values array must be non-empty. If the operator is Exists or DoesNotExist, + the values array must be empty. This array is replaced during a strategic + merge patch. + items: + type: string + type: array + x-kubernetes-list-type: atomic + required: + - key + - operator + type: object + type: array + x-kubernetes-list-type: atomic + matchLabels: + additionalProperties: + type: string + description: |- + matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, whose key field is "key", the + operator is "In", and the values array contains only "value". The requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + storageClassName: + description: |- + storageClassName is the name of the StorageClass required by the claim. + More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1 + type: string + volumeAttributesClassName: + description: |- + volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim. + If specified, the CSI driver will create or update the volume with the attributes defined + in the corresponding VolumeAttributesClass. This has a different purpose than storageClassName, + it can be changed after the claim is created. An empty string value means that no VolumeAttributesClass + will be applied to the claim but it's not allowed to reset this field to empty string once it is set. + If unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass + will be set by the persistentvolume controller if it exists. + If the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be + set to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource + exists. + More info: https://kubernetes.io/docs/concepts/storage/volume-attributes-classes/ + (Beta) Using this field requires the VolumeAttributesClass feature gate to be enabled (off by default). + type: string + volumeMode: + description: |- + volumeMode defines what type of volume is required by the claim. + Value of Filesystem is implied when not included in claim spec. + type: string + volumeName: + description: volumeName is the binding reference to the + PersistentVolume backing this claim. + type: string + type: object + status: + description: |- + Status represents the current information/status of a persistent volume claim. + Read-only. + More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims + properties: + accessModes: + description: |- + accessModes contains the actual access modes the volume backing the PVC has. + More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1 + items: + type: string + type: array + x-kubernetes-list-type: atomic + allocatedResourceStatuses: + additionalProperties: + description: |- + When a controller receives persistentvolume claim update with ClaimResourceStatus for a resource + that it does not recognizes, then it should ignore that update and let other controllers + handle it. + type: string + description: "allocatedResourceStatuses stores status + of resource being resized for the given PVC.\nKey names + follow standard Kubernetes label syntax. Valid values + are either:\n\t* Un-prefixed keys:\n\t\t- storage - + the capacity of the volume.\n\t* Custom resources must + use implementation-defined prefixed names such as \"example.com/my-custom-resource\"\nApart + from above values - keys that are unprefixed or have + kubernetes.io prefix are considered\nreserved and hence + may not be used.\n\nClaimResourceStatus can be in any + of following states:\n\t- ControllerResizeInProgress:\n\t\tState + set when resize controller starts resizing the volume + in control-plane.\n\t- ControllerResizeFailed:\n\t\tState + set when resize has failed in resize controller with + a terminal error.\n\t- NodeResizePending:\n\t\tState + set when resize controller has finished resizing the + volume but further resizing of\n\t\tvolume is needed + on the node.\n\t- NodeResizeInProgress:\n\t\tState set + when kubelet starts resizing the volume.\n\t- NodeResizeFailed:\n\t\tState + set when resizing has failed in kubelet with a terminal + error. Transient errors don't set\n\t\tNodeResizeFailed.\nFor + example: if expanding a PVC for more capacity - this + field can be one of the following states:\n\t- pvc.status.allocatedResourceStatus['storage'] + = \"ControllerResizeInProgress\"\n - pvc.status.allocatedResourceStatus['storage'] + = \"ControllerResizeFailed\"\n - pvc.status.allocatedResourceStatus['storage'] + = \"NodeResizePending\"\n - pvc.status.allocatedResourceStatus['storage'] + = \"NodeResizeInProgress\"\n - pvc.status.allocatedResourceStatus['storage'] + = \"NodeResizeFailed\"\nWhen this field is not set, + it means that no resize operation is in progress for + the given PVC.\n\nA controller that receives PVC update + with previously unknown resourceName or ClaimResourceStatus\nshould + ignore the update for the purpose it was designed. For + example - a controller that\nonly is responsible for + resizing capacity of the volume, should ignore PVC updates + that change other valid\nresources associated with PVC.\n\nThis + is an alpha field and requires enabling RecoverVolumeExpansionFailure + feature." + type: object + x-kubernetes-map-type: granular + allocatedResources: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: "allocatedResources tracks the resources + allocated to a PVC including its capacity.\nKey names + follow standard Kubernetes label syntax. Valid values + are either:\n\t* Un-prefixed keys:\n\t\t- storage - + the capacity of the volume.\n\t* Custom resources must + use implementation-defined prefixed names such as \"example.com/my-custom-resource\"\nApart + from above values - keys that are unprefixed or have + kubernetes.io prefix are considered\nreserved and hence + may not be used.\n\nCapacity reported here may be larger + than the actual capacity when a volume expansion operation\nis + requested.\nFor storage quota, the larger value from + allocatedResources and PVC.spec.resources is used.\nIf + allocatedResources is not set, PVC.spec.resources alone + is used for quota calculation.\nIf a volume expansion + capacity request is lowered, allocatedResources is only\nlowered + if there are no expansion operations in progress and + if the actual volume capacity\nis equal or lower than + the requested capacity.\n\nA controller that receives + PVC update with previously unknown resourceName\nshould + ignore the update for the purpose it was designed. For + example - a controller that\nonly is responsible for + resizing capacity of the volume, should ignore PVC updates + that change other valid\nresources associated with PVC.\n\nThis + is an alpha field and requires enabling RecoverVolumeExpansionFailure + feature." + type: object + capacity: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: capacity represents the actual resources + of the underlying volume. + type: object + conditions: + description: |- + conditions is the current Condition of persistent volume claim. If underlying persistent volume is being + resized then the Condition will be set to 'Resizing'. + items: + description: PersistentVolumeClaimCondition contains + details about state of pvc + properties: + lastProbeTime: + description: lastProbeTime is the time we probed + the condition. + format: date-time + type: string + lastTransitionTime: + description: lastTransitionTime is the time the + condition transitioned from one status to another. + format: date-time + type: string + message: + description: message is the human-readable message + indicating details about last transition. + type: string + reason: + description: |- + reason is a unique, this should be a short, machine understandable string that gives the reason + for condition's last transition. If it reports "Resizing" that means the underlying + persistent volume is being resized. + type: string + status: + description: |- + Status is the status of the condition. + Can be True, False, Unknown. + More info: https://kubernetes.io/docs/reference/kubernetes-api/config-and-storage-resources/persistent-volume-claim-v1/#:~:text=state%20of%20pvc-,conditions.status,-(string)%2C%20required + type: string + type: + description: |- + Type is the type of the condition. + More info: https://kubernetes.io/docs/reference/kubernetes-api/config-and-storage-resources/persistent-volume-claim-v1/#:~:text=set%20to%20%27ResizeStarted%27.-,PersistentVolumeClaimCondition,-contains%20details%20about + type: string + required: + - status + - type + type: object + type: array + x-kubernetes-list-map-keys: + - type + x-kubernetes-list-type: map + currentVolumeAttributesClassName: + description: |- + currentVolumeAttributesClassName is the current name of the VolumeAttributesClass the PVC is using. + When unset, there is no VolumeAttributeClass applied to this PersistentVolumeClaim + This is a beta field and requires enabling VolumeAttributesClass feature (off by default). + type: string + modifyVolumeStatus: + description: |- + ModifyVolumeStatus represents the status object of ControllerModifyVolume operation. + When this is unset, there is no ModifyVolume operation being attempted. + This is a beta field and requires enabling VolumeAttributesClass feature (off by default). + properties: + status: + description: "status is the status of the ControllerModifyVolume + operation. It can be in any of following states:\n + - Pending\n Pending indicates that the PersistentVolumeClaim + cannot be modified due to unmet requirements, such + as\n the specified VolumeAttributesClass not existing.\n + - InProgress\n InProgress indicates that the volume + is being modified.\n - Infeasible\n Infeasible + indicates that the request has been rejected as + invalid by the CSI driver. To\n\t resolve the error, + a valid VolumeAttributesClass needs to be specified.\nNote: + New statuses can be added in the future. Consumers + should check for unknown statuses and fail appropriately." + type: string + targetVolumeAttributesClassName: + description: targetVolumeAttributesClassName is the + name of the VolumeAttributesClass the PVC currently + being reconciled + type: string + required: + - status + type: object + phase: + description: phase represents the current phase of PersistentVolumeClaim. + type: string + type: object + type: object + type: object + templates: + description: |- + Templates is a list of ConfigMap key references for ConfigMaps in the same namespace as the VMAlertmanager + object, which shall be mounted into the VMAlertmanager Pods. + The Templates are mounted into /etc/vm/templates//. + items: + description: ConfigMapKeyReference refers to a key in a ConfigMap. + properties: + key: + description: The ConfigMap key to refer to. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + required: + - key + type: object + x-kubernetes-map-type: atomic + type: array + terminationGracePeriodSeconds: + description: TerminationGracePeriodSeconds period for container graceful + termination + format: int64 + type: integer + tolerations: + description: Tolerations If specified, the pod's tolerations. + items: + description: |- + The pod this Toleration is attached to tolerates any taint that matches + the triple using the matching operator . + properties: + effect: + description: |- + Effect indicates the taint effect to match. Empty means match all taint effects. + When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute. + type: string + key: + description: |- + Key is the taint key that the toleration applies to. Empty means match all taint keys. + If the key is empty, operator must be Exists; this combination means to match all values and all keys. + type: string + operator: + description: |- + Operator represents a key's relationship to the value. + Valid operators are Exists and Equal. Defaults to Equal. + Exists is equivalent to wildcard for value, so that a pod can + tolerate all taints of a particular category. + type: string + tolerationSeconds: + description: |- + TolerationSeconds represents the period of time the toleration (which must be + of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, + it is not set, which means tolerate the taint forever (do not evict). Zero and + negative values will be treated as 0 (evict immediately) by the system. + format: int64 + type: integer + value: + description: |- + Value is the taint value the toleration matches to. + If the operator is Exists, the value should be empty, otherwise just a regular string. + type: string + type: object + type: array + topologySpreadConstraints: + description: |- + TopologySpreadConstraints embedded kubernetes pod configuration option, + controls how pods are spread across your cluster among failure-domains + such as regions, zones, nodes, and other user-defined topology domains + https://kubernetes.io/docs/concepts/workloads/pods/pod-topology-spread-constraints/ + items: + description: TopologySpreadConstraint specifies how to spread matching + pods among the given topology. + required: + - maxSkew + - topologyKey + - whenUnsatisfiable + type: object + x-kubernetes-preserve-unknown-fields: true + type: array + useDefaultResources: + description: |- + UseDefaultResources controls resource settings + By default, operator sets built-in resource requirements + type: boolean + useStrictSecurity: + description: |- + UseStrictSecurity enables strict security mode for component + it restricts disk writes access + uses non-root user out of the box + drops not needed security permissions + type: boolean + useVMConfigReloader: + description: |- + UseVMConfigReloader replaces prometheus-like config-reloader + with vm one. It uses secrets watch instead of file watch + which greatly increases speed of config updates + type: boolean + volumeMounts: + description: |- + VolumeMounts allows configuration of additional VolumeMounts on the output Deployment/StatefulSet definition. + VolumeMounts specified will be appended to other VolumeMounts in the Application container + items: + description: VolumeMount describes a mounting of a Volume within + a container. + properties: + mountPath: + description: |- + Path within the container at which the volume should be mounted. Must + not contain ':'. + type: string + mountPropagation: + description: |- + mountPropagation determines how mounts are propagated from the host + to container and the other way around. + When not set, MountPropagationNone is used. + This field is beta in 1.10. + When RecursiveReadOnly is set to IfPossible or to Enabled, MountPropagation must be None or unspecified + (which defaults to None). + type: string + name: + description: This must match the Name of a Volume. + type: string + readOnly: + description: |- + Mounted read-only if true, read-write otherwise (false or unspecified). + Defaults to false. + type: boolean + recursiveReadOnly: + description: |- + RecursiveReadOnly specifies whether read-only mounts should be handled + recursively. + + If ReadOnly is false, this field has no meaning and must be unspecified. + + If ReadOnly is true, and this field is set to Disabled, the mount is not made + recursively read-only. If this field is set to IfPossible, the mount is made + recursively read-only, if it is supported by the container runtime. If this + field is set to Enabled, the mount is made recursively read-only if it is + supported by the container runtime, otherwise the pod will not be started and + an error will be generated to indicate the reason. + + If this field is set to IfPossible or Enabled, MountPropagation must be set to + None (or be unspecified, which defaults to None). + + If this field is not specified, it is treated as an equivalent of Disabled. + type: string + subPath: + description: |- + Path within the volume from which the container's volume should be mounted. + Defaults to "" (volume's root). + type: string + subPathExpr: + description: |- + Expanded path within the volume from which the container's volume should be mounted. + Behaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment. + Defaults to "" (volume's root). + SubPathExpr and SubPath are mutually exclusive. + type: string + required: + - mountPath + - name + type: object + type: array + volumes: + description: |- + Volumes allows configuration of additional volumes on the output Deployment/StatefulSet definition. + Volumes specified will be appended to other volumes that are generated. + / +optional + items: + description: Volume represents a named volume in a pod that may + be accessed by any container in the pod. + required: + - name + type: object + x-kubernetes-preserve-unknown-fields: true + type: array + webConfig: + description: |- + WebConfig defines configuration for webserver + https://github.com/prometheus/alertmanager/blob/main/docs/https.md + properties: + basic_auth_users: + additionalProperties: + type: string + description: |- + BasicAuthUsers Usernames and hashed passwords that have full access to the web server + Passwords must be hashed with bcrypt + type: object + http_server_config: + description: HTTPServerConfig defines http server configuration + for alertmanager web server + properties: + headers: + additionalProperties: + type: string + description: Headers defines list of headers that can be added + to HTTP responses. + type: object + http2: + description: |- + HTTP2 enables HTTP/2 support. Note that HTTP/2 is only supported with TLS. + This can not be changed on the fly. + type: boolean + type: object + tls_server_config: + description: TLSServerConfig defines server TLS configuration + for alertmanager + properties: + cert_file: + description: |- + CertFile defines path to the pre-mounted file with certificate + mutually exclusive with CertSecretRef + type: string + cert_secret_ref: + description: |- + CertSecretRef defines reference for secret with certificate content under given key + mutually exclusive with CertFile + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + cipher_suites: + description: |- + CipherSuites defines list of supported cipher suites for TLS versions up to TLS 1.2 + https://golang.org/pkg/crypto/tls/#pkg-constants + items: + type: string + type: array + client_auth_type: + description: |- + Cert defines reference for secret with CA content under given key + mutually exclusive with CertFile + ClientAuthType defines server policy for client authentication + If you want to enable client authentication (aka mTLS), you need to use RequireAndVerifyClientCert + Note, mTLS is supported only at enterprise version of VictoriaMetrics components + enum: + - NoClientCert + - RequireAndVerifyClientCert + type: string + client_ca_file: + description: |- + ClientCAFile defines path to the pre-mounted file with CA + mutually exclusive with ClientCASecretRef + type: string + client_ca_secret_ref: + description: |- + ClientCASecretRef defines reference for secret with CA content under given key + mutually exclusive with ClientCAFile + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + curve_preferences: + description: |- + CurvePreferences defines elliptic curves that will be used in an ECDHE handshake, in preference order. + https://golang.org/pkg/crypto/tls/#CurveID + items: + type: string + type: array + key_file: + description: |- + KeyFile defines path to the pre-mounted file with certificate key + mutually exclusive with KeySecretRef + type: string + key_secret_ref: + description: |- + Key defines reference for secret with certificate key content under given key + mutually exclusive with KeyFile + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + max_version: + description: MaxVersion maximum TLS version that is acceptable. + enum: + - TLS10 + - TLS11 + - TLS12 + - TLS13 + type: string + min_version: + description: MinVersion minimum TLS version that is acceptable. + enum: + - TLS10 + - TLS11 + - TLS12 + - TLS13 + type: string + prefer_server_cipher_suites: + description: |- + PreferServerCipherSuites controls whether the server selects the + client's most preferred ciphersuite + type: boolean + type: object + type: object + type: object + status: + description: |- + Most recent observed status of the VMAlertmanager cluster. + Operator API itself. More info: + https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#spec-and-status + properties: + conditions: + description: 'Known .status.conditions.type are: "Available", "Progressing", + and "Degraded"' + items: + description: Condition defines status condition of the resource + properties: + lastTransitionTime: + description: lastTransitionTime is the last time the condition + transitioned from one status to another. + format: date-time + type: string + lastUpdateTime: + description: |- + LastUpdateTime is the last time of given type update. + This value is used for status TTL update and removal + format: date-time + type: string + message: + description: |- + message is a human readable message indicating details about the transition. + This may be an empty string. + maxLength: 32768 + type: string + observedGeneration: + description: |- + observedGeneration represents the .metadata.generation that the condition was set based upon. + For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date + with respect to the current state of the instance. + format: int64 + minimum: 0 + type: integer + reason: + description: |- + reason contains a programmatic identifier indicating the reason for the condition's last transition. + Producers of specific condition types may define expected values and meanings for this field, + and whether the values are considered a guaranteed API. + The value should be a CamelCase string. + This field may not be empty. + maxLength: 1024 + minLength: 1 + type: string + status: + description: status of the condition, one of True, False, Unknown. + enum: + - "True" + - "False" + - Unknown + type: string + type: + description: Type of condition in CamelCase or in name.namespace.resource.victoriametrics.com/CamelCase. + maxLength: 316 + type: string + required: + - lastTransitionTime + - lastUpdateTime + - reason + - status + - type + type: object + type: array + x-kubernetes-list-map-keys: + - type + x-kubernetes-list-type: map + observedGeneration: + description: |- + ObservedGeneration defines current generation picked by operator for the + reconcile + format: int64 + type: integer + reason: + description: Reason defines human readable error reason + type: string + updateStatus: + description: UpdateStatus defines a status for update rollout + type: string + type: object + required: + - spec + type: object + served: true + storage: true + subresources: + status: {} +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.18.0 + name: vmalerts.operator.victoriametrics.com +spec: + group: operator.victoriametrics.com + names: + kind: VMAlert + listKind: VMAlertList + plural: vmalerts + singular: vmalert + scope: Namespaced + versions: + - additionalPrinterColumns: + - description: Current status of update rollout + jsonPath: .status.updateStatus + name: Status + type: string + - description: The desired replicas number of Alertmanagers + jsonPath: .spec.replicaCount + name: ReplicaCount + type: integer + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + name: v1beta1 + schema: + openAPIV3Schema: + description: VMAlert executes a list of given alerting or recording rules + against configured address. + properties: + apiVersion: + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + type: string + kind: + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + type: string + metadata: + type: object + spec: + description: VMAlertSpec defines the desired state of VMAlert + properties: + affinity: + description: Affinity If specified, the pod's scheduling constraints. + type: object + x-kubernetes-preserve-unknown-fields: true + configMaps: + description: |- + ConfigMaps is a list of ConfigMaps in the same namespace as the Application + object, which shall be mounted into the Application container + at /etc/vm/configs/CONFIGMAP_NAME folder + items: + type: string + type: array + configReloadAuthKeySecret: + description: |- + ConfigReloadAuthKeySecret defines optional secret reference authKey for /-/reload API requests. + Given secret reference will be added to the application and vm-config-reloader as volume + available since v0.57.0 version + properties: + key: + description: The key of the secret to select from. Must be a + valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + configReloaderExtraArgs: + additionalProperties: + type: string + description: |- + ConfigReloaderExtraArgs that will be passed to VMAuths config-reloader container + for example resyncInterval: "30s" + type: object + configReloaderImageTag: + description: ConfigReloaderImageTag defines image:tag for config-reloader + container + type: string + configReloaderResources: + description: |- + ConfigReloaderResources config-reloader container resource request and limits, https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + if not defined default resources from operator config will be used + properties: + claims: + description: |- + Claims lists the names of resources, defined in spec.resourceClaims, + that are used by this container. + + This is an alpha field and requires enabling the + DynamicResourceAllocation feature gate. + + This field is immutable. It can only be set for containers. + items: + description: ResourceClaim references one entry in PodSpec.ResourceClaims. + properties: + name: + description: |- + Name must match the name of one entry in pod.spec.resourceClaims of + the Pod where this field is used. It makes that resource available + inside a container. + type: string + request: + description: |- + Request is the name chosen for a request in the referenced claim. + If empty, everything from the claim is made available, otherwise + only the result of this request. + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: |- + Limits describes the maximum amount of compute resources allowed. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: |- + Requests describes the minimum amount of compute resources required. + If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, + otherwise to an implementation-defined value. Requests cannot exceed Limits. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + type: object + type: object + containers: + description: |- + Containers property allows to inject additions sidecars or to patch existing containers. + It can be useful for proxies, backup, etc. + items: + description: A single application container that you want to run + within a pod. + required: + - name + type: object + x-kubernetes-preserve-unknown-fields: true + type: array + datasource: + description: Datasource Victoria Metrics or VMSelect url. Required + parameter. e.g. http://127.0.0.1:8428 + properties: + basicAuth: + description: BasicAuth allow an endpoint to authenticate over + basic authentication + properties: + password: + description: |- + Password defines reference for secret with password value + The secret needs to be in the same namespace as scrape object + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + password_file: + description: |- + PasswordFile defines path to password file at disk + must be pre-mounted + type: string + username: + description: |- + Username defines reference for secret with username value + The secret needs to be in the same namespace as scrape object + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + bearerTokenFile: + description: Path to bearer token file + type: string + bearerTokenSecret: + description: Optional bearer auth token to use for -remoteWrite.url + properties: + key: + description: The key of the secret to select from. Must be + a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must be + defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + headers: + description: |- + Headers allow configuring custom http headers + Must be in form of semicolon separated header with value + e.g. + headerName:headerValue + vmalert supports it since 1.79.0 version + items: + type: string + type: array + oauth2: + description: OAuth2 defines OAuth2 configuration + required: + - client_id + - token_url + type: object + x-kubernetes-preserve-unknown-fields: true + tlsConfig: + description: TLSConfig specifies TLSConfig configuration parameters. + type: object + x-kubernetes-preserve-unknown-fields: true + url: + description: Victoria Metrics or VMSelect url. Required parameter. + E.g. http://127.0.0.1:8428 + type: string + required: + - url + type: object + disableAutomountServiceAccountToken: + description: |- + DisableAutomountServiceAccountToken whether to disable serviceAccount auto mount by Kubernetes (available from v0.54.0). + Operator will conditionally create volumes and volumeMounts for containers if it requires k8s API access. + For example, vmagent and vm-config-reloader requires k8s API access. + Operator creates volumes with name: "kube-api-access", which can be used as volumeMount for extraContainers if needed. + And also adds VolumeMounts at /var/run/secrets/kubernetes.io/serviceaccount. + type: boolean + disableSelfServiceScrape: + description: |- + DisableSelfServiceScrape controls creation of VMServiceScrape by operator + for the application. + Has priority over `VM_DISABLESELFSERVICESCRAPECREATION` operator env variable + type: boolean + dnsConfig: + description: |- + Specifies the DNS parameters of a pod. + Parameters specified here will be merged to the generated DNS + configuration based on DNSPolicy. + items: + x-kubernetes-preserve-unknown-fields: true + properties: + nameservers: + description: |- + A list of DNS name server IP addresses. + This will be appended to the base nameservers generated from DNSPolicy. + Duplicated nameservers will be removed. + items: + type: string + type: array + x-kubernetes-list-type: atomic + options: + description: |- + A list of DNS resolver options. + This will be merged with the base options generated from DNSPolicy. + Duplicated entries will be removed. Resolution options given in Options + will override those that appear in the base DNSPolicy. + items: + description: PodDNSConfigOption defines DNS resolver options + of a pod. + properties: + name: + description: |- + Name is this DNS resolver option's name. + Required. + type: string + value: + description: Value is this DNS resolver option's value. + type: string + type: object + type: array + x-kubernetes-list-type: atomic + searches: + description: |- + A list of DNS search domains for host-name lookup. + This will be appended to the base search paths generated from DNSPolicy. + Duplicated search paths will be removed. + items: + type: string + type: array + x-kubernetes-list-type: atomic + type: object + dnsPolicy: + description: DNSPolicy sets DNS policy for the pod + type: string + enforcedNamespaceLabel: + description: |- + EnforcedNamespaceLabel enforces adding a namespace label of origin for each alert + and metric that is user created. The label value will always be the namespace of the object that is + being created. + type: string + evaluationInterval: + description: EvaluationInterval defines how often to evaluate rules + by default + pattern: '[0-9]+(ms|s|m|h)' + type: string + externalLabels: + additionalProperties: + type: string + description: 'ExternalLabels in the form ''name: value'' to add to + all generated recording rules and alerts.' + type: object + extraArgs: + additionalProperties: + type: string + description: |- + ExtraArgs that will be passed to the application container + for example remoteWrite.tmpDataPath: /tmp + type: object + extraEnvs: + description: ExtraEnvs that will be passed to the application container + items: + description: EnvVar represents an environment variable present in + a Container. + properties: + name: + description: Name of the environment variable. Must be a C_IDENTIFIER. + type: string + value: + description: |- + Variable references $(VAR_NAME) are expanded + using the previously defined environment variables in the container and + any service environment variables. If a variable cannot be resolved, + the reference in the input string will be unchanged. Double $$ are reduced + to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. + "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". + Escaped references will never be expanded, regardless of whether the variable + exists or not. + Defaults to "". + type: string + required: + - name + type: object + x-kubernetes-preserve-unknown-fields: true + type: array + extraEnvsFrom: + description: |- + ExtraEnvsFrom defines source of env variables for the application container + could either be secret or configmap + items: + description: EnvFromSource represents the source of a set of ConfigMaps + properties: + configMapRef: + description: The ConfigMap to select from + properties: + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the ConfigMap must be defined + type: boolean + type: object + x-kubernetes-map-type: atomic + prefix: + description: An optional identifier to prepend to each key in + the ConfigMap. Must be a C_IDENTIFIER. + type: string + secretRef: + description: The Secret to select from + properties: + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret must be defined + type: boolean + type: object + x-kubernetes-map-type: atomic + type: object + type: array + host_aliases: + description: |- + HostAliasesUnderScore provides mapping for ip and hostname, + that would be propagated to pod, + cannot be used with HostNetwork. + Has Priority over hostAliases field + items: + description: |- + HostAlias holds the mapping between IP and hostnames that will be injected as an entry in the + pod's hosts file. + properties: + hostnames: + description: Hostnames for the above IP address. + items: + type: string + type: array + x-kubernetes-list-type: atomic + ip: + description: IP address of the host file entry. + type: string + required: + - ip + type: object + type: array + hostAliases: + description: |- + HostAliases provides mapping for ip and hostname, + that would be propagated to pod, + cannot be used with HostNetwork. + items: + description: |- + HostAlias holds the mapping between IP and hostnames that will be injected as an entry in the + pod's hosts file. + properties: + hostnames: + description: Hostnames for the above IP address. + items: + type: string + type: array + x-kubernetes-list-type: atomic + ip: + description: IP address of the host file entry. + type: string + required: + - ip + type: object + type: array + hostNetwork: + description: HostNetwork controls whether the pod may use the node + network namespace + type: boolean + image: + description: |- + Image - docker image settings + if no specified operator uses default version from operator config + properties: + pullPolicy: + description: PullPolicy describes how to pull docker image + type: string + repository: + description: Repository contains name of docker image + it's repository + if needed + type: string + tag: + description: Tag contains desired docker image version + type: string + type: object + imagePullSecrets: + description: |- + ImagePullSecrets An optional list of references to secrets in the same namespace + to use for pulling images from registries + see https://kubernetes.io/docs/concepts/containers/images/#referring-to-an-imagepullsecrets-on-a-pod + items: + description: |- + LocalObjectReference contains enough information to let you locate the + referenced object inside the same namespace. + properties: + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + type: object + x-kubernetes-map-type: atomic + type: array + initContainers: + description: |- + InitContainers allows adding initContainers to the pod definition. + Any errors during the execution of an initContainer will lead to a restart of the Pod. + More info: https://kubernetes.io/docs/concepts/workloads/pods/init-containers/ + items: + description: A single application container that you want to run + within a pod. + required: + - name + type: object + x-kubernetes-preserve-unknown-fields: true + type: array + license: + description: |- + License allows to configure license key to be used for enterprise features. + Using license key is supported starting from VictoriaMetrics v1.94.0. + See [here](https://docs.victoriametrics.com/victoriametrics/enterprise/) + properties: + forceOffline: + description: Enforce offline verification of the license key. + type: boolean + key: + description: |- + Enterprise license key. This flag is available only in [VictoriaMetrics enterprise](https://docs.victoriametrics.com/victoriametrics/enterprise/). + To request a trial license, [go to](https://victoriametrics.com/products/enterprise/trial) + type: string + keyRef: + description: KeyRef is reference to secret with license key for + enterprise features. + properties: + key: + description: The key of the secret to select from. Must be + a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must be + defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + reloadInterval: + description: Interval to be used for checking for license key + changes. Note that this is only applicable when using KeyRef. + type: string + type: object + livenessProbe: + description: LivenessProbe that will be added CRD pod + type: object + x-kubernetes-preserve-unknown-fields: true + logFormat: + description: |- + LogFormat for VMAlert to be configured with. + default or json + enum: + - default + - json + type: string + logLevel: + description: LogLevel for VMAlert to be configured with. + enum: + - INFO + - WARN + - ERROR + - FATAL + - PANIC + type: string + managedMetadata: + description: |- + ManagedMetadata defines metadata that will be added to the all objects + created by operator for the given CustomResource + properties: + annotations: + additionalProperties: + type: string + description: |- + Annotations is an unstructured key value map stored with a resource that may be + set by external tools to store and retrieve arbitrary metadata. They are not + queryable and should be preserved when modifying objects. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations + type: object + labels: + additionalProperties: + type: string + description: |- + Labels Map of string keys and values that can be used to organize and categorize + (scope and select) objects. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels + type: object + type: object + minReadySeconds: + description: |- + MinReadySeconds defines a minimum number of seconds to wait before starting update next pod + if previous in healthy state + Has no effect for VLogs and VMSingle + format: int32 + type: integer + nodeSelector: + additionalProperties: + type: string + description: NodeSelector Define which Nodes the Pods are scheduled + on. + type: object + notifier: + description: |- + Notifier prometheus alertmanager endpoint spec. Required at least one of notifier or notifiers when there are alerting rules. e.g. http://127.0.0.1:9093 + If specified both notifier and notifiers, notifier will be added as last element to notifiers. + only one of notifier options could be chosen: notifierConfigRef or notifiers + notifier + properties: + basicAuth: + description: BasicAuth allow an endpoint to authenticate over + basic authentication + properties: + password: + description: |- + Password defines reference for secret with password value + The secret needs to be in the same namespace as scrape object + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + password_file: + description: |- + PasswordFile defines path to password file at disk + must be pre-mounted + type: string + username: + description: |- + Username defines reference for secret with username value + The secret needs to be in the same namespace as scrape object + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + bearerTokenFile: + description: Path to bearer token file + type: string + bearerTokenSecret: + description: Optional bearer auth token to use for -remoteWrite.url + properties: + key: + description: The key of the secret to select from. Must be + a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must be + defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + headers: + description: |- + Headers allow configuring custom http headers + Must be in form of semicolon separated header with value + e.g. + headerName:headerValue + vmalert supports it since 1.79.0 version + items: + type: string + type: array + oauth2: + description: OAuth2 defines OAuth2 configuration + required: + - client_id + - token_url + type: object + x-kubernetes-preserve-unknown-fields: true + selector: + description: |- + Selector allows service discovery for alertmanager + in this case all matched vmalertmanager replicas will be added into vmalert notifier.url + as statefulset pod.fqdn + properties: + labelSelector: + description: |- + A label selector is a label query over a set of resources. The result of matchLabels and + matchExpressions are ANDed. An empty label selector matches all objects. A null + label selector matches no objects. + properties: + matchExpressions: + description: matchExpressions is a list of label selector + requirements. The requirements are ANDed. + items: + description: |- + A label selector requirement is a selector that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: key is the label key that the selector + applies to. + type: string + operator: + description: |- + operator represents a key's relationship to a set of values. + Valid operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: |- + values is an array of string values. If the operator is In or NotIn, + the values array must be non-empty. If the operator is Exists or DoesNotExist, + the values array must be empty. This array is replaced during a strategic + merge patch. + items: + type: string + type: array + x-kubernetes-list-type: atomic + required: + - key + - operator + type: object + type: array + x-kubernetes-list-type: atomic + matchLabels: + additionalProperties: + type: string + description: |- + matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, whose key field is "key", the + operator is "In", and the values array contains only "value". The requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + namespaceSelector: + description: |- + NamespaceSelector is a selector for selecting either all namespaces or a + list of namespaces. + properties: + any: + description: |- + Boolean describing whether all namespaces are selected in contrast to a + list restricting them. + type: boolean + matchNames: + description: List of namespace names. + items: + type: string + type: array + type: object + type: object + tlsConfig: + description: TLSConfig specifies TLSConfig configuration parameters. + type: object + x-kubernetes-preserve-unknown-fields: true + url: + description: AlertManager url. E.g. http://127.0.0.1:9093 + type: string + type: object + notifierConfigRef: + description: |- + NotifierConfigRef reference for secret with notifier configuration for vmalert + only one of notifier options could be chosen: notifierConfigRef or notifiers + notifier + properties: + key: + description: The key of the secret to select from. Must be a + valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + notifiers: + description: |- + Notifiers prometheus alertmanager endpoints. Required at least one of notifier or notifiers when there are alerting rules. e.g. http://127.0.0.1:9093 + If specified both notifier and notifiers, notifier will be added as last element to notifiers. + only one of notifier options could be chosen: notifierConfigRef or notifiers + notifier + items: + description: VMAlertNotifierSpec defines the notifier url for sending + information about alerts + properties: + basicAuth: + description: BasicAuth allow an endpoint to authenticate over + basic authentication + properties: + password: + description: |- + Password defines reference for secret with password value + The secret needs to be in the same namespace as scrape object + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + password_file: + description: |- + PasswordFile defines path to password file at disk + must be pre-mounted + type: string + username: + description: |- + Username defines reference for secret with username value + The secret needs to be in the same namespace as scrape object + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + bearerTokenFile: + description: Path to bearer token file + type: string + bearerTokenSecret: + description: Optional bearer auth token to use for -remoteWrite.url + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + headers: + description: |- + Headers allow configuring custom http headers + Must be in form of semicolon separated header with value + e.g. + headerName:headerValue + vmalert supports it since 1.79.0 version + items: + type: string + type: array + oauth2: + description: OAuth2 defines OAuth2 configuration + required: + - client_id + - token_url + type: object + x-kubernetes-preserve-unknown-fields: true + selector: + description: |- + Selector allows service discovery for alertmanager + in this case all matched vmalertmanager replicas will be added into vmalert notifier.url + as statefulset pod.fqdn + properties: + labelSelector: + description: |- + A label selector is a label query over a set of resources. The result of matchLabels and + matchExpressions are ANDed. An empty label selector matches all objects. A null + label selector matches no objects. + properties: + matchExpressions: + description: matchExpressions is a list of label selector + requirements. The requirements are ANDed. + items: + description: |- + A label selector requirement is a selector that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: key is the label key that the selector + applies to. + type: string + operator: + description: |- + operator represents a key's relationship to a set of values. + Valid operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: |- + values is an array of string values. If the operator is In or NotIn, + the values array must be non-empty. If the operator is Exists or DoesNotExist, + the values array must be empty. This array is replaced during a strategic + merge patch. + items: + type: string + type: array + x-kubernetes-list-type: atomic + required: + - key + - operator + type: object + type: array + x-kubernetes-list-type: atomic + matchLabels: + additionalProperties: + type: string + description: |- + matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, whose key field is "key", the + operator is "In", and the values array contains only "value". The requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + namespaceSelector: + description: |- + NamespaceSelector is a selector for selecting either all namespaces or a + list of namespaces. + properties: + any: + description: |- + Boolean describing whether all namespaces are selected in contrast to a + list restricting them. + type: boolean + matchNames: + description: List of namespace names. + items: + type: string + type: array + type: object + type: object + tlsConfig: + description: TLSConfig specifies TLSConfig configuration parameters. + type: object + x-kubernetes-preserve-unknown-fields: true + url: + description: AlertManager url. E.g. http://127.0.0.1:9093 + type: string + type: object + type: array + paused: + description: |- + Paused If set to true all actions on the underlying managed objects are not + going to be performed, except for delete actions. + type: boolean + podDisruptionBudget: + description: PodDisruptionBudget created by operator + properties: + maxUnavailable: + anyOf: + - type: integer + - type: string + description: |- + An eviction is allowed if at most "maxUnavailable" pods selected by + "selector" are unavailable after the eviction, i.e. even in absence of + the evicted pod. For example, one can prevent all voluntary evictions + by specifying 0. This is a mutually exclusive setting with "minAvailable". + x-kubernetes-int-or-string: true + minAvailable: + anyOf: + - type: integer + - type: string + description: |- + An eviction is allowed if at least "minAvailable" pods selected by + "selector" will still be available after the eviction, i.e. even in the + absence of the evicted pod. So for example you can prevent all voluntary + evictions by specifying "100%". + x-kubernetes-int-or-string: true + selectorLabels: + additionalProperties: + type: string + description: |- + replaces default labels selector generated by operator + it's useful when you need to create custom budget + type: object + type: object + podMetadata: + description: PodMetadata configures Labels and Annotations which are + propagated to the VMAlert pods. + properties: + annotations: + additionalProperties: + type: string + description: |- + Annotations is an unstructured key value map stored with a resource that may be + set by external tools to store and retrieve arbitrary metadata. They are not + queryable and should be preserved when modifying objects. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations + type: object + labels: + additionalProperties: + type: string + description: |- + Labels Map of string keys and values that can be used to organize and categorize + (scope and select) objects. May match selectors of replication controllers + and services. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels + type: object + name: + description: |- + Name must be unique within a namespace. Is required when creating resources, although + some resources may allow a client to request the generation of an appropriate name + automatically. Name is primarily intended for creation idempotence and configuration + definition. + Cannot be updated. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names#names + type: string + type: object + port: + description: Port listen address + type: string + priorityClassName: + description: PriorityClassName class assigned to the Pods + type: string + readinessGates: + description: ReadinessGates defines pod readiness gates + items: + description: PodReadinessGate contains the reference to a pod condition + properties: + conditionType: + description: ConditionType refers to a condition in the pod's + condition list with matching type. + type: string + required: + - conditionType + type: object + type: array + readinessProbe: + description: ReadinessProbe that will be added CRD pod + type: object + x-kubernetes-preserve-unknown-fields: true + remoteRead: + description: |- + RemoteRead Optional URL to read vmalert state (persisted via RemoteWrite) + This configuration only makes sense if alerts state has been successfully + persisted (via RemoteWrite) before. + see -remoteRead.url docs in vmalerts for details. + E.g. http://127.0.0.1:8428 + properties: + basicAuth: + description: BasicAuth allow an endpoint to authenticate over + basic authentication + properties: + password: + description: |- + Password defines reference for secret with password value + The secret needs to be in the same namespace as scrape object + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + password_file: + description: |- + PasswordFile defines path to password file at disk + must be pre-mounted + type: string + username: + description: |- + Username defines reference for secret with username value + The secret needs to be in the same namespace as scrape object + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + bearerTokenFile: + description: Path to bearer token file + type: string + bearerTokenSecret: + description: Optional bearer auth token to use for -remoteWrite.url + properties: + key: + description: The key of the secret to select from. Must be + a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must be + defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + headers: + description: |- + Headers allow configuring custom http headers + Must be in form of semicolon separated header with value + e.g. + headerName:headerValue + vmalert supports it since 1.79.0 version + items: + type: string + type: array + lookback: + description: |- + Lookback defines how far to look into past for alerts timeseries. For example, if lookback=1h then range from now() to now()-1h will be scanned. (default 1h0m0s) + Applied only to RemoteReadSpec + type: string + oauth2: + description: OAuth2 defines OAuth2 configuration + required: + - client_id + - token_url + type: object + x-kubernetes-preserve-unknown-fields: true + tlsConfig: + description: TLSConfig specifies TLSConfig configuration parameters. + type: object + x-kubernetes-preserve-unknown-fields: true + url: + description: URL of the endpoint to send samples to. + type: string + required: + - url + type: object + remoteWrite: + description: |- + RemoteWrite Optional URL to remote-write compatible storage to persist + vmalert state and rule results to. + Rule results will be persisted according to each rule. + Alerts state will be persisted in the form of time series named ALERTS and ALERTS_FOR_STATE + see -remoteWrite.url docs in vmalerts for details. + E.g. http://127.0.0.1:8428 + properties: + basicAuth: + description: BasicAuth allow an endpoint to authenticate over + basic authentication + properties: + password: + description: |- + Password defines reference for secret with password value + The secret needs to be in the same namespace as scrape object + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + password_file: + description: |- + PasswordFile defines path to password file at disk + must be pre-mounted + type: string + username: + description: |- + Username defines reference for secret with username value + The secret needs to be in the same namespace as scrape object + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + bearerTokenFile: + description: Path to bearer token file + type: string + bearerTokenSecret: + description: Optional bearer auth token to use for -remoteWrite.url + properties: + key: + description: The key of the secret to select from. Must be + a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must be + defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + concurrency: + description: Defines number of readers that concurrently write + into remote storage (default 1) + format: int32 + type: integer + flushInterval: + description: Defines interval of flushes to remote write endpoint + (default 5s) + pattern: '[0-9]+(ms|s|m|h)' + type: string + headers: + description: |- + Headers allow configuring custom http headers + Must be in form of semicolon separated header with value + e.g. + headerName:headerValue + vmalert supports it since 1.79.0 version + items: + type: string + type: array + maxBatchSize: + description: Defines defines max number of timeseries to be flushed + at once (default 1000) + format: int32 + type: integer + maxQueueSize: + description: Defines the max number of pending datapoints to remote + write endpoint (default 100000) + format: int32 + type: integer + oauth2: + description: OAuth2 defines OAuth2 configuration + required: + - client_id + - token_url + type: object + x-kubernetes-preserve-unknown-fields: true + tlsConfig: + description: TLSConfig specifies TLSConfig configuration parameters. + type: object + x-kubernetes-preserve-unknown-fields: true + url: + description: URL of the endpoint to send samples to. + type: string + required: + - url + type: object + replicaCount: + description: ReplicaCount is the expected size of the Application. + format: int32 + type: integer + resources: + description: |- + Resources container resource request and limits, https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + if not defined default resources from operator config will be used + properties: + claims: + description: |- + Claims lists the names of resources, defined in spec.resourceClaims, + that are used by this container. + + This is an alpha field and requires enabling the + DynamicResourceAllocation feature gate. + + This field is immutable. It can only be set for containers. + items: + description: ResourceClaim references one entry in PodSpec.ResourceClaims. + properties: + name: + description: |- + Name must match the name of one entry in pod.spec.resourceClaims of + the Pod where this field is used. It makes that resource available + inside a container. + type: string + request: + description: |- + Request is the name chosen for a request in the referenced claim. + If empty, everything from the claim is made available, otherwise + only the result of this request. + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: |- + Limits describes the maximum amount of compute resources allowed. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: |- + Requests describes the minimum amount of compute resources required. + If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, + otherwise to an implementation-defined value. Requests cannot exceed Limits. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + type: object + type: object + revisionHistoryLimitCount: + description: |- + The number of old ReplicaSets to retain to allow rollback in deployment or + maximum number of revisions that will be maintained in the Deployment revision history. + Has no effect at StatefulSets + Defaults to 10. + format: int32 + type: integer + rollingUpdate: + description: RollingUpdate - overrides deployment update params. + properties: + maxSurge: + anyOf: + - type: integer + - type: string + description: |- + The maximum number of pods that can be scheduled above the desired number of + pods. + Value can be an absolute number (ex: 5) or a percentage of desired pods (ex: 10%). + This can not be 0 if MaxUnavailable is 0. + Absolute number is calculated from percentage by rounding up. + Defaults to 25%. + Example: when this is set to 30%, the new ReplicaSet can be scaled up immediately when + the rolling update starts, such that the total number of old and new pods do not exceed + 130% of desired pods. Once old pods have been killed, + new ReplicaSet can be scaled up further, ensuring that total number of pods running + at any time during the update is at most 130% of desired pods. + x-kubernetes-int-or-string: true + maxUnavailable: + anyOf: + - type: integer + - type: string + description: |- + The maximum number of pods that can be unavailable during the update. + Value can be an absolute number (ex: 5) or a percentage of desired pods (ex: 10%). + Absolute number is calculated from percentage by rounding down. + This can not be 0 if MaxSurge is 0. + Defaults to 25%. + Example: when this is set to 30%, the old ReplicaSet can be scaled down to 70% of desired pods + immediately when the rolling update starts. Once new pods are ready, old ReplicaSet + can be scaled down further, followed by scaling up the new ReplicaSet, ensuring + that the total number of pods available at all times during the update is at + least 70% of desired pods. + x-kubernetes-int-or-string: true + type: object + ruleNamespaceSelector: + description: |- + RuleNamespaceSelector to be selected for VMRules discovery. + Works in combination with Selector. + If both nil - behaviour controlled by selectAllByDefault + NamespaceSelector nil - only objects at VMAlert namespace. + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. + The requirements are ANDed. + items: + description: |- + A label selector requirement is a selector that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: key is the label key that the selector applies + to. + type: string + operator: + description: |- + operator represents a key's relationship to a set of values. + Valid operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: |- + values is an array of string values. If the operator is In or NotIn, + the values array must be non-empty. If the operator is Exists or DoesNotExist, + the values array must be empty. This array is replaced during a strategic + merge patch. + items: + type: string + type: array + x-kubernetes-list-type: atomic + required: + - key + - operator + type: object + type: array + x-kubernetes-list-type: atomic + matchLabels: + additionalProperties: + type: string + description: |- + matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, whose key field is "key", the + operator is "In", and the values array contains only "value". The requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + rulePath: + description: |- + RulePath to the file with alert rules. + Supports patterns. Flag can be specified multiple times. + Examples: + -rule /path/to/file. Path to a single file with alerting rules + -rule dir/*.yaml -rule /*.yaml. Relative path to all .yaml files in folder, + absolute path to all .yaml files in root. + by default operator adds /etc/vmalert/configs/base/vmalert.yaml + items: + type: string + type: array + ruleSelector: + description: |- + RuleSelector selector to select which VMRules to mount for loading alerting + rules from. + Works in combination with NamespaceSelector. + If both nil - behaviour controlled by selectAllByDefault + NamespaceSelector nil - only objects at VMAlert namespace. + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. + The requirements are ANDed. + items: + description: |- + A label selector requirement is a selector that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: key is the label key that the selector applies + to. + type: string + operator: + description: |- + operator represents a key's relationship to a set of values. + Valid operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: |- + values is an array of string values. If the operator is In or NotIn, + the values array must be non-empty. If the operator is Exists or DoesNotExist, + the values array must be empty. This array is replaced during a strategic + merge patch. + items: + type: string + type: array + x-kubernetes-list-type: atomic + required: + - key + - operator + type: object + type: array + x-kubernetes-list-type: atomic + matchLabels: + additionalProperties: + type: string + description: |- + matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, whose key field is "key", the + operator is "In", and the values array contains only "value". The requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + runtimeClassName: + description: |- + RuntimeClassName - defines runtime class for kubernetes pod. + https://kubernetes.io/docs/concepts/containers/runtime-class/ + type: string + schedulerName: + description: SchedulerName - defines kubernetes scheduler name + type: string + secrets: + description: |- + Secrets is a list of Secrets in the same namespace as the Application + object, which shall be mounted into the Application container + at /etc/vm/secrets/SECRET_NAME folder + items: + type: string + type: array + securityContext: + description: |- + SecurityContext holds pod-level security attributes and common container settings. + This defaults to the default PodSecurityContext. + type: object + x-kubernetes-preserve-unknown-fields: true + selectAllByDefault: + description: |- + SelectAllByDefault changes default behavior for empty CRD selectors, such RuleSelector. + with selectAllByDefault: true and empty serviceScrapeSelector and RuleNamespaceSelector + Operator selects all exist serviceScrapes + with selectAllByDefault: false - selects nothing + type: boolean + serviceAccountName: + description: ServiceAccountName is the name of the ServiceAccount + to use to run the pods + type: string + serviceScrapeSpec: + description: ServiceScrapeSpec that will be added to vmalert VMServiceScrape + spec + required: + - endpoints + type: object + x-kubernetes-preserve-unknown-fields: true + serviceSpec: + description: ServiceSpec that will be added to vmalert service spec + properties: + metadata: + description: EmbeddedObjectMetadata defines objectMeta for additional + service. + properties: + annotations: + additionalProperties: + type: string + description: |- + Annotations is an unstructured key value map stored with a resource that may be + set by external tools to store and retrieve arbitrary metadata. They are not + queryable and should be preserved when modifying objects. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations + type: object + labels: + additionalProperties: + type: string + description: |- + Labels Map of string keys and values that can be used to organize and categorize + (scope and select) objects. May match selectors of replication controllers + and services. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels + type: object + name: + description: |- + Name must be unique within a namespace. Is required when creating resources, although + some resources may allow a client to request the generation of an appropriate name + automatically. Name is primarily intended for creation idempotence and configuration + definition. + Cannot be updated. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names#names + type: string + type: object + spec: + description: |- + ServiceSpec describes the attributes that a user creates on a service. + More info: https://kubernetes.io/docs/concepts/services-networking/service/ + type: object + x-kubernetes-preserve-unknown-fields: true + useAsDefault: + description: |- + UseAsDefault applies changes from given service definition to the main object Service + Changing from headless service to clusterIP or loadbalancer may break cross-component communication + type: boolean + required: + - spec + type: object + startupProbe: + description: StartupProbe that will be added to CRD pod + type: object + x-kubernetes-preserve-unknown-fields: true + terminationGracePeriodSeconds: + description: TerminationGracePeriodSeconds period for container graceful + termination + format: int64 + type: integer + tolerations: + description: Tolerations If specified, the pod's tolerations. + items: + description: |- + The pod this Toleration is attached to tolerates any taint that matches + the triple using the matching operator . + properties: + effect: + description: |- + Effect indicates the taint effect to match. Empty means match all taint effects. + When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute. + type: string + key: + description: |- + Key is the taint key that the toleration applies to. Empty means match all taint keys. + If the key is empty, operator must be Exists; this combination means to match all values and all keys. + type: string + operator: + description: |- + Operator represents a key's relationship to the value. + Valid operators are Exists and Equal. Defaults to Equal. + Exists is equivalent to wildcard for value, so that a pod can + tolerate all taints of a particular category. + type: string + tolerationSeconds: + description: |- + TolerationSeconds represents the period of time the toleration (which must be + of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, + it is not set, which means tolerate the taint forever (do not evict). Zero and + negative values will be treated as 0 (evict immediately) by the system. + format: int64 + type: integer + value: + description: |- + Value is the taint value the toleration matches to. + If the operator is Exists, the value should be empty, otherwise just a regular string. + type: string + type: object + type: array + topologySpreadConstraints: + description: |- + TopologySpreadConstraints embedded kubernetes pod configuration option, + controls how pods are spread across your cluster among failure-domains + such as regions, zones, nodes, and other user-defined topology domains + https://kubernetes.io/docs/concepts/workloads/pods/pod-topology-spread-constraints/ + items: + description: TopologySpreadConstraint specifies how to spread matching + pods among the given topology. + required: + - maxSkew + - topologyKey + - whenUnsatisfiable + type: object + x-kubernetes-preserve-unknown-fields: true + type: array + updateStrategy: + description: UpdateStrategy - overrides default update strategy. + enum: + - Recreate + - RollingUpdate + type: string + useDefaultResources: + description: |- + UseDefaultResources controls resource settings + By default, operator sets built-in resource requirements + type: boolean + useStrictSecurity: + description: |- + UseStrictSecurity enables strict security mode for component + it restricts disk writes access + uses non-root user out of the box + drops not needed security permissions + type: boolean + useVMConfigReloader: + description: |- + UseVMConfigReloader replaces prometheus-like config-reloader + with vm one. It uses secrets watch instead of file watch + which greatly increases speed of config updates + type: boolean + volumeMounts: + description: |- + VolumeMounts allows configuration of additional VolumeMounts on the output Deployment/StatefulSet definition. + VolumeMounts specified will be appended to other VolumeMounts in the Application container + items: + description: VolumeMount describes a mounting of a Volume within + a container. + properties: + mountPath: + description: |- + Path within the container at which the volume should be mounted. Must + not contain ':'. + type: string + mountPropagation: + description: |- + mountPropagation determines how mounts are propagated from the host + to container and the other way around. + When not set, MountPropagationNone is used. + This field is beta in 1.10. + When RecursiveReadOnly is set to IfPossible or to Enabled, MountPropagation must be None or unspecified + (which defaults to None). + type: string + name: + description: This must match the Name of a Volume. + type: string + readOnly: + description: |- + Mounted read-only if true, read-write otherwise (false or unspecified). + Defaults to false. + type: boolean + recursiveReadOnly: + description: |- + RecursiveReadOnly specifies whether read-only mounts should be handled + recursively. + + If ReadOnly is false, this field has no meaning and must be unspecified. + + If ReadOnly is true, and this field is set to Disabled, the mount is not made + recursively read-only. If this field is set to IfPossible, the mount is made + recursively read-only, if it is supported by the container runtime. If this + field is set to Enabled, the mount is made recursively read-only if it is + supported by the container runtime, otherwise the pod will not be started and + an error will be generated to indicate the reason. + + If this field is set to IfPossible or Enabled, MountPropagation must be set to + None (or be unspecified, which defaults to None). + + If this field is not specified, it is treated as an equivalent of Disabled. + type: string + subPath: + description: |- + Path within the volume from which the container's volume should be mounted. + Defaults to "" (volume's root). + type: string + subPathExpr: + description: |- + Expanded path within the volume from which the container's volume should be mounted. + Behaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment. + Defaults to "" (volume's root). + SubPathExpr and SubPath are mutually exclusive. + type: string + required: + - mountPath + - name + type: object + type: array + volumes: + description: |- + Volumes allows configuration of additional volumes on the output Deployment/StatefulSet definition. + Volumes specified will be appended to other volumes that are generated. + / +optional + items: + description: Volume represents a named volume in a pod that may + be accessed by any container in the pod. + required: + - name + type: object + x-kubernetes-preserve-unknown-fields: true + type: array + required: + - datasource + type: object + status: + description: VMAlertStatus defines the observed state of VMAlert + properties: + conditions: + description: 'Known .status.conditions.type are: "Available", "Progressing", + and "Degraded"' + items: + description: Condition defines status condition of the resource + properties: + lastTransitionTime: + description: lastTransitionTime is the last time the condition + transitioned from one status to another. + format: date-time + type: string + lastUpdateTime: + description: |- + LastUpdateTime is the last time of given type update. + This value is used for status TTL update and removal + format: date-time + type: string + message: + description: |- + message is a human readable message indicating details about the transition. + This may be an empty string. + maxLength: 32768 + type: string + observedGeneration: + description: |- + observedGeneration represents the .metadata.generation that the condition was set based upon. + For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date + with respect to the current state of the instance. + format: int64 + minimum: 0 + type: integer + reason: + description: |- + reason contains a programmatic identifier indicating the reason for the condition's last transition. + Producers of specific condition types may define expected values and meanings for this field, + and whether the values are considered a guaranteed API. + The value should be a CamelCase string. + This field may not be empty. + maxLength: 1024 + minLength: 1 + type: string + status: + description: status of the condition, one of True, False, Unknown. + enum: + - "True" + - "False" + - Unknown + type: string + type: + description: Type of condition in CamelCase or in name.namespace.resource.victoriametrics.com/CamelCase. + maxLength: 316 + type: string + required: + - lastTransitionTime + - lastUpdateTime + - reason + - status + - type + type: object + type: array + x-kubernetes-list-map-keys: + - type + x-kubernetes-list-type: map + observedGeneration: + description: |- + ObservedGeneration defines current generation picked by operator for the + reconcile + format: int64 + type: integer + reason: + description: Reason defines human readable error reason + type: string + updateStatus: + description: UpdateStatus defines a status for update rollout + type: string + type: object + type: object + served: true + storage: true + subresources: + status: {} +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.18.0 + name: vmanomalies.operator.victoriametrics.com +spec: + group: operator.victoriametrics.com + names: + kind: VMAnomaly + listKind: VMAnomalyList + plural: vmanomalies + singular: vmanomaly + scope: Namespaced + versions: + - additionalPrinterColumns: + - description: current number of shards + jsonPath: .status.shards + name: Shards Count + type: integer + - description: Current status of update rollout + jsonPath: .status.updateStatus + name: Status + type: string + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + name: v1 + schema: + openAPIV3Schema: + description: VMAnomaly is the Schema for the vmanomalies API. + properties: + apiVersion: + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + type: string + kind: + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + type: string + metadata: + type: object + spec: + description: VMAnomalySpec defines the desired state of VMAnomaly. + properties: + affinity: + description: Affinity If specified, the pod's scheduling constraints. + type: object + x-kubernetes-preserve-unknown-fields: true + claimTemplates: + description: ClaimTemplates allows adding additional VolumeClaimTemplates + for VMAnomaly + items: + description: PersistentVolumeClaim is a user's request for and claim + to a persistent volume + properties: + apiVersion: + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + type: string + kind: + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + type: string + metadata: + description: |- + Standard object's metadata. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata + type: object + x-kubernetes-preserve-unknown-fields: true + spec: + description: |- + spec defines the desired characteristics of a volume requested by a pod author. + More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims + properties: + accessModes: + description: |- + accessModes contains the desired access modes the volume should have. + More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1 + items: + type: string + type: array + x-kubernetes-list-type: atomic + dataSource: + description: |- + dataSource field can be used to specify either: + * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot) + * An existing PVC (PersistentVolumeClaim) + If the provisioner or an external controller can support the specified data source, + it will create a new volume based on the contents of the specified data source. + When the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef, + and dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified. + If the namespace is specified, then dataSourceRef will not be copied to dataSource. + properties: + apiGroup: + description: |- + APIGroup is the group for the resource being referenced. + If APIGroup is not specified, the specified Kind must be in the core API group. + For any other third-party types, APIGroup is required. + type: string + kind: + description: Kind is the type of resource being referenced + type: string + name: + description: Name is the name of resource being referenced + type: string + required: + - kind + - name + type: object + x-kubernetes-map-type: atomic + dataSourceRef: + description: |- + dataSourceRef specifies the object from which to populate the volume with data, if a non-empty + volume is desired. This may be any object from a non-empty API group (non + core object) or a PersistentVolumeClaim object. + When this field is specified, volume binding will only succeed if the type of + the specified object matches some installed volume populator or dynamic + provisioner. + This field will replace the functionality of the dataSource field and as such + if both fields are non-empty, they must have the same value. For backwards + compatibility, when namespace isn't specified in dataSourceRef, + both fields (dataSource and dataSourceRef) will be set to the same + value automatically if one of them is empty and the other is non-empty. + When namespace is specified in dataSourceRef, + dataSource isn't set to the same value and must be empty. + There are three important differences between dataSource and dataSourceRef: + * While dataSource only allows two specific types of objects, dataSourceRef + allows any non-core object, as well as PersistentVolumeClaim objects. + * While dataSource ignores disallowed values (dropping them), dataSourceRef + preserves all values, and generates an error if a disallowed value is + specified. + * While dataSource only allows local objects, dataSourceRef allows objects + in any namespaces. + (Beta) Using this field requires the AnyVolumeDataSource feature gate to be enabled. + (Alpha) Using the namespace field of dataSourceRef requires the CrossNamespaceVolumeDataSource feature gate to be enabled. + properties: + apiGroup: + description: |- + APIGroup is the group for the resource being referenced. + If APIGroup is not specified, the specified Kind must be in the core API group. + For any other third-party types, APIGroup is required. + type: string + kind: + description: Kind is the type of resource being referenced + type: string + name: + description: Name is the name of resource being referenced + type: string + namespace: + description: |- + Namespace is the namespace of resource being referenced + Note that when a namespace is specified, a gateway.networking.k8s.io/ReferenceGrant object is required in the referent namespace to allow that namespace's owner to accept the reference. See the ReferenceGrant documentation for details. + (Alpha) This field requires the CrossNamespaceVolumeDataSource feature gate to be enabled. + type: string + required: + - kind + - name + type: object + resources: + description: |- + resources represents the minimum resources the volume should have. + If RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements + that are lower than previous value but must still be higher than capacity recorded in the + status field of the claim. + More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources + properties: + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: |- + Limits describes the maximum amount of compute resources allowed. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: |- + Requests describes the minimum amount of compute resources required. + If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, + otherwise to an implementation-defined value. Requests cannot exceed Limits. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + type: object + type: object + selector: + description: selector is a label query over volumes to consider + for binding. + properties: + matchExpressions: + description: matchExpressions is a list of label selector + requirements. The requirements are ANDed. + items: + description: |- + A label selector requirement is a selector that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: key is the label key that the selector + applies to. + type: string + operator: + description: |- + operator represents a key's relationship to a set of values. + Valid operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: |- + values is an array of string values. If the operator is In or NotIn, + the values array must be non-empty. If the operator is Exists or DoesNotExist, + the values array must be empty. This array is replaced during a strategic + merge patch. + items: + type: string + type: array + x-kubernetes-list-type: atomic + required: + - key + - operator + type: object + type: array + x-kubernetes-list-type: atomic + matchLabels: + additionalProperties: + type: string + description: |- + matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, whose key field is "key", the + operator is "In", and the values array contains only "value". The requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + storageClassName: + description: |- + storageClassName is the name of the StorageClass required by the claim. + More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1 + type: string + volumeAttributesClassName: + description: |- + volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim. + If specified, the CSI driver will create or update the volume with the attributes defined + in the corresponding VolumeAttributesClass. This has a different purpose than storageClassName, + it can be changed after the claim is created. An empty string value means that no VolumeAttributesClass + will be applied to the claim but it's not allowed to reset this field to empty string once it is set. + If unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass + will be set by the persistentvolume controller if it exists. + If the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be + set to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource + exists. + More info: https://kubernetes.io/docs/concepts/storage/volume-attributes-classes/ + (Beta) Using this field requires the VolumeAttributesClass feature gate to be enabled (off by default). + type: string + volumeMode: + description: |- + volumeMode defines what type of volume is required by the claim. + Value of Filesystem is implied when not included in claim spec. + type: string + volumeName: + description: volumeName is the binding reference to the + PersistentVolume backing this claim. + type: string + type: object + status: + description: |- + status represents the current information/status of a persistent volume claim. + Read-only. + More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims + properties: + accessModes: + description: |- + accessModes contains the actual access modes the volume backing the PVC has. + More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1 + items: + type: string + type: array + x-kubernetes-list-type: atomic + allocatedResourceStatuses: + additionalProperties: + description: |- + When a controller receives persistentvolume claim update with ClaimResourceStatus for a resource + that it does not recognizes, then it should ignore that update and let other controllers + handle it. + type: string + description: "allocatedResourceStatuses stores status of + resource being resized for the given PVC.\nKey names follow + standard Kubernetes label syntax. Valid values are either:\n\t* + Un-prefixed keys:\n\t\t- storage - the capacity of the + volume.\n\t* Custom resources must use implementation-defined + prefixed names such as \"example.com/my-custom-resource\"\nApart + from above values - keys that are unprefixed or have kubernetes.io + prefix are considered\nreserved and hence may not be used.\n\nClaimResourceStatus + can be in any of following states:\n\t- ControllerResizeInProgress:\n\t\tState + set when resize controller starts resizing the volume + in control-plane.\n\t- ControllerResizeFailed:\n\t\tState + set when resize has failed in resize controller with a + terminal error.\n\t- NodeResizePending:\n\t\tState set + when resize controller has finished resizing the volume + but further resizing of\n\t\tvolume is needed on the node.\n\t- + NodeResizeInProgress:\n\t\tState set when kubelet starts + resizing the volume.\n\t- NodeResizeFailed:\n\t\tState + set when resizing has failed in kubelet with a terminal + error. Transient errors don't set\n\t\tNodeResizeFailed.\nFor + example: if expanding a PVC for more capacity - this field + can be one of the following states:\n\t- pvc.status.allocatedResourceStatus['storage'] + = \"ControllerResizeInProgress\"\n - pvc.status.allocatedResourceStatus['storage'] + = \"ControllerResizeFailed\"\n - pvc.status.allocatedResourceStatus['storage'] + = \"NodeResizePending\"\n - pvc.status.allocatedResourceStatus['storage'] + = \"NodeResizeInProgress\"\n - pvc.status.allocatedResourceStatus['storage'] + = \"NodeResizeFailed\"\nWhen this field is not set, it + means that no resize operation is in progress for the + given PVC.\n\nA controller that receives PVC update with + previously unknown resourceName or ClaimResourceStatus\nshould + ignore the update for the purpose it was designed. For + example - a controller that\nonly is responsible for resizing + capacity of the volume, should ignore PVC updates that + change other valid\nresources associated with PVC.\n\nThis + is an alpha field and requires enabling RecoverVolumeExpansionFailure + feature." + type: object + x-kubernetes-map-type: granular + allocatedResources: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: "allocatedResources tracks the resources allocated + to a PVC including its capacity.\nKey names follow standard + Kubernetes label syntax. Valid values are either:\n\t* + Un-prefixed keys:\n\t\t- storage - the capacity of the + volume.\n\t* Custom resources must use implementation-defined + prefixed names such as \"example.com/my-custom-resource\"\nApart + from above values - keys that are unprefixed or have kubernetes.io + prefix are considered\nreserved and hence may not be used.\n\nCapacity + reported here may be larger than the actual capacity when + a volume expansion operation\nis requested.\nFor storage + quota, the larger value from allocatedResources and PVC.spec.resources + is used.\nIf allocatedResources is not set, PVC.spec.resources + alone is used for quota calculation.\nIf a volume expansion + capacity request is lowered, allocatedResources is only\nlowered + if there are no expansion operations in progress and if + the actual volume capacity\nis equal or lower than the + requested capacity.\n\nA controller that receives PVC + update with previously unknown resourceName\nshould ignore + the update for the purpose it was designed. For example + - a controller that\nonly is responsible for resizing + capacity of the volume, should ignore PVC updates that + change other valid\nresources associated with PVC.\n\nThis + is an alpha field and requires enabling RecoverVolumeExpansionFailure + feature." + type: object + capacity: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: capacity represents the actual resources of + the underlying volume. + type: object + conditions: + description: |- + conditions is the current Condition of persistent volume claim. If underlying persistent volume is being + resized then the Condition will be set to 'Resizing'. + items: + description: PersistentVolumeClaimCondition contains details + about state of pvc + properties: + lastProbeTime: + description: lastProbeTime is the time we probed the + condition. + format: date-time + type: string + lastTransitionTime: + description: lastTransitionTime is the time the condition + transitioned from one status to another. + format: date-time + type: string + message: + description: message is the human-readable message + indicating details about last transition. + type: string + reason: + description: |- + reason is a unique, this should be a short, machine understandable string that gives the reason + for condition's last transition. If it reports "Resizing" that means the underlying + persistent volume is being resized. + type: string + status: + description: |- + Status is the status of the condition. + Can be True, False, Unknown. + More info: https://kubernetes.io/docs/reference/kubernetes-api/config-and-storage-resources/persistent-volume-claim-v1/#:~:text=state%20of%20pvc-,conditions.status,-(string)%2C%20required + type: string + type: + description: |- + Type is the type of the condition. + More info: https://kubernetes.io/docs/reference/kubernetes-api/config-and-storage-resources/persistent-volume-claim-v1/#:~:text=set%20to%20%27ResizeStarted%27.-,PersistentVolumeClaimCondition,-contains%20details%20about + type: string + required: + - status + - type + type: object + type: array + x-kubernetes-list-map-keys: + - type + x-kubernetes-list-type: map + currentVolumeAttributesClassName: + description: |- + currentVolumeAttributesClassName is the current name of the VolumeAttributesClass the PVC is using. + When unset, there is no VolumeAttributeClass applied to this PersistentVolumeClaim + This is a beta field and requires enabling VolumeAttributesClass feature (off by default). + type: string + modifyVolumeStatus: + description: |- + ModifyVolumeStatus represents the status object of ControllerModifyVolume operation. + When this is unset, there is no ModifyVolume operation being attempted. + This is a beta field and requires enabling VolumeAttributesClass feature (off by default). + properties: + status: + description: "status is the status of the ControllerModifyVolume + operation. It can be in any of following states:\n + - Pending\n Pending indicates that the PersistentVolumeClaim + cannot be modified due to unmet requirements, such + as\n the specified VolumeAttributesClass not existing.\n + - InProgress\n InProgress indicates that the volume + is being modified.\n - Infeasible\n Infeasible indicates + that the request has been rejected as invalid by the + CSI driver. To\n\t resolve the error, a valid VolumeAttributesClass + needs to be specified.\nNote: New statuses can be + added in the future. Consumers should check for unknown + statuses and fail appropriately." + type: string + targetVolumeAttributesClassName: + description: targetVolumeAttributesClassName is the + name of the VolumeAttributesClass the PVC currently + being reconciled + type: string + required: + - status + type: object + phase: + description: phase represents the current phase of PersistentVolumeClaim. + type: string + type: object + type: object + type: array + configMaps: + description: |- + ConfigMaps is a list of ConfigMaps in the same namespace as the Application + object, which shall be mounted into the Application container + at /etc/vm/configs/CONFIGMAP_NAME folder + items: + type: string + type: array + configRawYaml: + description: |- + ConfigRawYaml - raw configuration for anomaly, + it helps it to start without secret. + priority -> hardcoded ConfigRaw -> ConfigRaw, provided by user -> ConfigSecret. + type: string + configSecret: + description: |- + ConfigSecret is the name of a Kubernetes Secret in the same namespace as the + VMAnomaly object, which contains configuration for this VMAnomaly, + configuration must be inside secret key: anomaly.yaml. + It must be created by user. + instance. Defaults to 'vmanomaly-' + The secret is mounted into /etc/anomaly/config. + properties: + key: + description: The key of the secret to select from. Must be a + valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + containers: + description: |- + Containers property allows to inject additions sidecars or to patch existing containers. + It can be useful for proxies, backup, etc. + items: + description: A single application container that you want to run + within a pod. + required: + - name + type: object + x-kubernetes-preserve-unknown-fields: true + type: array + disableAutomountServiceAccountToken: + description: |- + DisableAutomountServiceAccountToken whether to disable serviceAccount auto mount by Kubernetes (available from v0.54.0). + Operator will conditionally create volumes and volumeMounts for containers if it requires k8s API access. + For example, vmagent and vm-config-reloader requires k8s API access. + Operator creates volumes with name: "kube-api-access", which can be used as volumeMount for extraContainers if needed. + And also adds VolumeMounts at /var/run/secrets/kubernetes.io/serviceaccount. + type: boolean + disableSelfServiceScrape: + description: |- + DisableSelfServiceScrape controls creation of VMServiceScrape by operator + for the application. + Has priority over `VM_DISABLESELFSERVICESCRAPECREATION` operator env variable + type: boolean + dnsConfig: + description: |- + Specifies the DNS parameters of a pod. + Parameters specified here will be merged to the generated DNS + configuration based on DNSPolicy. + items: + x-kubernetes-preserve-unknown-fields: true + properties: + nameservers: + description: |- + A list of DNS name server IP addresses. + This will be appended to the base nameservers generated from DNSPolicy. + Duplicated nameservers will be removed. + items: + type: string + type: array + x-kubernetes-list-type: atomic + options: + description: |- + A list of DNS resolver options. + This will be merged with the base options generated from DNSPolicy. + Duplicated entries will be removed. Resolution options given in Options + will override those that appear in the base DNSPolicy. + items: + description: PodDNSConfigOption defines DNS resolver options + of a pod. + properties: + name: + description: |- + Name is this DNS resolver option's name. + Required. + type: string + value: + description: Value is this DNS resolver option's value. + type: string + type: object + type: array + x-kubernetes-list-type: atomic + searches: + description: |- + A list of DNS search domains for host-name lookup. + This will be appended to the base search paths generated from DNSPolicy. + Duplicated search paths will be removed. + items: + type: string + type: array + x-kubernetes-list-type: atomic + type: object + dnsPolicy: + description: DNSPolicy sets DNS policy for the pod + type: string + extraArgs: + additionalProperties: + type: string + description: |- + ExtraArgs that will be passed to the application container + for example remoteWrite.tmpDataPath: /tmp + type: object + extraEnvs: + description: ExtraEnvs that will be passed to the application container + items: + description: EnvVar represents an environment variable present in + a Container. + properties: + name: + description: Name of the environment variable. Must be a C_IDENTIFIER. + type: string + value: + description: |- + Variable references $(VAR_NAME) are expanded + using the previously defined environment variables in the container and + any service environment variables. If a variable cannot be resolved, + the reference in the input string will be unchanged. Double $$ are reduced + to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. + "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". + Escaped references will never be expanded, regardless of whether the variable + exists or not. + Defaults to "". + type: string + required: + - name + type: object + x-kubernetes-preserve-unknown-fields: true + type: array + extraEnvsFrom: + description: |- + ExtraEnvsFrom defines source of env variables for the application container + could either be secret or configmap + items: + description: EnvFromSource represents the source of a set of ConfigMaps + properties: + configMapRef: + description: The ConfigMap to select from + properties: + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the ConfigMap must be defined + type: boolean + type: object + x-kubernetes-map-type: atomic + prefix: + description: An optional identifier to prepend to each key in + the ConfigMap. Must be a C_IDENTIFIER. + type: string + secretRef: + description: The Secret to select from + properties: + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret must be defined + type: boolean + type: object + x-kubernetes-map-type: atomic + type: object + type: array + host_aliases: + description: |- + HostAliasesUnderScore provides mapping for ip and hostname, + that would be propagated to pod, + cannot be used with HostNetwork. + Has Priority over hostAliases field + items: + description: |- + HostAlias holds the mapping between IP and hostnames that will be injected as an entry in the + pod's hosts file. + properties: + hostnames: + description: Hostnames for the above IP address. + items: + type: string + type: array + x-kubernetes-list-type: atomic + ip: + description: IP address of the host file entry. + type: string + required: + - ip + type: object + type: array + hostAliases: + description: |- + HostAliases provides mapping for ip and hostname, + that would be propagated to pod, + cannot be used with HostNetwork. + items: + description: |- + HostAlias holds the mapping between IP and hostnames that will be injected as an entry in the + pod's hosts file. + properties: + hostnames: + description: Hostnames for the above IP address. + items: + type: string + type: array + x-kubernetes-list-type: atomic + ip: + description: IP address of the host file entry. + type: string + required: + - ip + type: object + type: array + hostNetwork: + description: HostNetwork controls whether the pod may use the node + network namespace + type: boolean + image: + description: |- + Image - docker image settings + if no specified operator uses default version from operator config + properties: + pullPolicy: + description: PullPolicy describes how to pull docker image + type: string + repository: + description: Repository contains name of docker image + it's repository + if needed + type: string + tag: + description: Tag contains desired docker image version + type: string + type: object + imagePullSecrets: + description: |- + ImagePullSecrets An optional list of references to secrets in the same namespace + to use for pulling images from registries + see https://kubernetes.io/docs/concepts/containers/images/#referring-to-an-imagepullsecrets-on-a-pod + items: + description: |- + LocalObjectReference contains enough information to let you locate the + referenced object inside the same namespace. + properties: + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + type: object + x-kubernetes-map-type: atomic + type: array + initContainers: + description: |- + InitContainers allows adding initContainers to the pod definition. + Any errors during the execution of an initContainer will lead to a restart of the Pod. + More info: https://kubernetes.io/docs/concepts/workloads/pods/init-containers/ + items: + description: A single application container that you want to run + within a pod. + required: + - name + type: object + x-kubernetes-preserve-unknown-fields: true + type: array + license: + description: |- + License allows to configure license key to be used for enterprise features. + Using license key is supported starting from VictoriaMetrics v1.94.0. + See [here](https://docs.victoriametrics.com/victoriametrics/enterprise/) + properties: + forceOffline: + description: Enforce offline verification of the license key. + type: boolean + key: + description: |- + Enterprise license key. This flag is available only in [VictoriaMetrics enterprise](https://docs.victoriametrics.com/victoriametrics/enterprise/). + To request a trial license, [go to](https://victoriametrics.com/products/enterprise/trial) + type: string + keyRef: + description: KeyRef is reference to secret with license key for + enterprise features. + properties: + key: + description: The key of the secret to select from. Must be + a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must be + defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + reloadInterval: + description: Interval to be used for checking for license key + changes. Note that this is only applicable when using KeyRef. + type: string + type: object + livenessProbe: + description: LivenessProbe that will be added CRD pod + type: object + x-kubernetes-preserve-unknown-fields: true + logLevel: + description: |- + LogLevel for VMAnomaly to be configured with. + INFO, WARN, ERROR, FATAL, PANIC + enum: + - INFO + - WARN + - ERROR + - FATAL + - PANIC + type: string + managedMetadata: + description: |- + ManagedMetadata defines metadata that will be added to the all objects + created by operator for the given CustomResource + properties: + annotations: + additionalProperties: + type: string + description: |- + Annotations is an unstructured key value map stored with a resource that may be + set by external tools to store and retrieve arbitrary metadata. They are not + queryable and should be preserved when modifying objects. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations + type: object + labels: + additionalProperties: + type: string + description: |- + Labels Map of string keys and values that can be used to organize and categorize + (scope and select) objects. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels + type: object + type: object + minReadySeconds: + description: |- + MinReadySeconds defines a minimum number of seconds to wait before starting update next pod + if previous in healthy state + Has no effect for VLogs and VMSingle + format: int32 + type: integer + monitoring: + description: |- + Monitoring configures how expose anomaly metrics + See https://docs.victoriametrics.com/anomaly-detection/components/monitoring/ + properties: + pull: + description: |- + VMAnomalyMonitoringPullSpec defines pull monitoring configuration + which is enabled by default and served at POD_IP:8490/metrics + properties: + addr: + description: Addr changes listen addr, default is 0.0.0.0 + type: string + port: + description: Port defines a port for metrics scrape + type: string + required: + - port + type: object + push: + description: |- + VMAnomalyMonitoringPushSpec defines metrics push configuration + + VMAnomaly uses prometheus text exposition format + properties: + basicAuth: + description: Basic auth defines basic authorization configuration + properties: + password: + description: |- + Password defines reference for secret with password value + The secret needs to be in the same namespace as scrape object + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key + must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + password_file: + description: |- + PasswordFile defines path to password file at disk + must be pre-mounted + type: string + username: + description: |- + Username defines reference for secret with username value + The secret needs to be in the same namespace as scrape object + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key + must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + bearer: + description: 'BearerAuth defines authorization with Authorization: + Bearer header' + properties: + bearerTokenFile: + description: Path to bearer token file + type: string + bearerTokenSecret: + description: Optional bearer auth token to use for -remoteWrite.url + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key + must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + extraLabels: + additionalProperties: + type: string + description: ExtraLabels defines a set of labels to attach + to the pushed metrics + type: object + healthPath: + description: HealthPath defines absolute or relative URL address + where to check availability of the remote webserver + type: string + pushFrequency: + description: PushFrequency defines push interval + type: string + tenantID: + description: TenantID defines for VictoriaMetrics Cluster + version only, tenants are identified by accountID, accountID:projectID + or multitenant. + type: string + timeout: + description: Timeout for the requests, passed as a string + type: string + tlsConfig: + description: TLSConfig defines tls connection configuration + properties: + ca: + description: Struct containing the CA cert to use for + the targets. + properties: + configMap: + description: ConfigMap containing data to use for + the targets. + properties: + key: + description: The key to select. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the ConfigMap or + its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + secret: + description: Secret containing data to use for the + targets. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its + key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + caFile: + description: Path to the CA cert in the container to use + for the targets. + type: string + cert: + description: Struct containing the client cert file for + the targets. + properties: + configMap: + description: ConfigMap containing data to use for + the targets. + properties: + key: + description: The key to select. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the ConfigMap or + its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + secret: + description: Secret containing data to use for the + targets. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its + key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + certFile: + description: Path to the client cert file in the container + for the targets. + type: string + insecureSkipVerify: + description: Disable target certificate validation. + type: boolean + keyFile: + description: Path to the client key file in the container + for the targets. + type: string + keySecret: + description: Secret containing the client key file for + the targets. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key + must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + serverName: + description: Used to verify the hostname for the targets. + type: string + type: object + url: + description: defines target url for push requests + type: string + required: + - url + type: object + type: object + nodeSelector: + additionalProperties: + type: string + description: NodeSelector Define which Nodes the Pods are scheduled + on. + type: object + paused: + description: |- + Paused If set to true all actions on the underlying managed objects are not + going to be performed, except for delete actions. + type: boolean + persistentVolumeClaimRetentionPolicy: + description: PersistentVolumeClaimRetentionPolicy allows configuration + of PVC retention policy + properties: + whenDeleted: + description: |- + WhenDeleted specifies what happens to PVCs created from StatefulSet + VolumeClaimTemplates when the StatefulSet is deleted. The default policy + of `Retain` causes PVCs to not be affected by StatefulSet deletion. The + `Delete` policy causes those PVCs to be deleted. + type: string + whenScaled: + description: |- + WhenScaled specifies what happens to PVCs created from StatefulSet + VolumeClaimTemplates when the StatefulSet is scaled down. The default + policy of `Retain` causes PVCs to not be affected by a scaledown. The + `Delete` policy causes the associated PVCs for any excess pods above + the replica count to be deleted. + type: string + type: object + podDisruptionBudget: + description: PodDisruptionBudget created by operator + properties: + maxUnavailable: + anyOf: + - type: integer + - type: string + description: |- + An eviction is allowed if at most "maxUnavailable" pods selected by + "selector" are unavailable after the eviction, i.e. even in absence of + the evicted pod. For example, one can prevent all voluntary evictions + by specifying 0. This is a mutually exclusive setting with "minAvailable". + x-kubernetes-int-or-string: true + minAvailable: + anyOf: + - type: integer + - type: string + description: |- + An eviction is allowed if at least "minAvailable" pods selected by + "selector" will still be available after the eviction, i.e. even in the + absence of the evicted pod. So for example you can prevent all voluntary + evictions by specifying "100%". + x-kubernetes-int-or-string: true + selectorLabels: + additionalProperties: + type: string + description: |- + replaces default labels selector generated by operator + it's useful when you need to create custom budget + type: object + type: object + podMetadata: + description: PodMetadata configures Labels and Annotations which are + propagated to the vmanomaly pods. + properties: + annotations: + additionalProperties: + type: string + description: |- + Annotations is an unstructured key value map stored with a resource that may be + set by external tools to store and retrieve arbitrary metadata. They are not + queryable and should be preserved when modifying objects. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations + type: object + labels: + additionalProperties: + type: string + description: |- + Labels Map of string keys and values that can be used to organize and categorize + (scope and select) objects. May match selectors of replication controllers + and services. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels + type: object + name: + description: |- + Name must be unique within a namespace. Is required when creating resources, although + some resources may allow a client to request the generation of an appropriate name + automatically. Name is primarily intended for creation idempotence and configuration + definition. + Cannot be updated. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names#names + type: string + type: object + port: + description: Port listen address + type: string + priorityClassName: + description: PriorityClassName class assigned to the Pods + type: string + reader: + description: |- + Metrics source for VMAnomaly + See https://docs.victoriametrics.com/anomaly-detection/components/reader/ + properties: + basicAuth: + description: Basic auth defines basic authorization configuration + properties: + password: + description: |- + Password defines reference for secret with password value + The secret needs to be in the same namespace as scrape object + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + password_file: + description: |- + PasswordFile defines path to password file at disk + must be pre-mounted + type: string + username: + description: |- + Username defines reference for secret with username value + The secret needs to be in the same namespace as scrape object + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + bearer: + description: 'BearerAuth defines authorization with Authorization: + Bearer header' + properties: + bearerTokenFile: + description: Path to bearer token file + type: string + bearerTokenSecret: + description: Optional bearer auth token to use for -remoteWrite.url + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + dataRange: + description: Optional argumentallows defining valid data ranges + for input of all the queries in queries + items: + type: string + type: array + datasourceURL: + description: |- + DatasourceURL address + datasource must serve /api/v1/query and /api/v1/query_range APIs + type: string + extraFilters: + description: List of strings with series selector. + items: + type: string + type: array + healthPath: + description: HealthPath defines absolute or relative URL address + where to check availability of the remote webserver + type: string + latencyOffset: + description: It allows overriding the default -search.latencyOffsetflag + of VictoriaMetrics + type: string + maxPointsPerQuery: + description: Optional argoverrides how search.maxPointsPerTimeseries + flagimpacts vmanomaly on splitting long fitWindow queries into + smaller sub-intervals + type: integer + queryFromLastSeenTimestamp: + description: If True, then query will be performed from the last + seen timestamp for a given series. + type: boolean + queryRangePath: + description: Performs PromQL/MetricsQL range query + type: string + samplingPeriod: + description: Frequency of the points returned + type: string + tenantID: + description: TenantID defines for VictoriaMetrics Cluster version + only, tenants are identified by accountID, accountID:projectID + or multitenant. + type: string + timeout: + description: Timeout for the requests, passed as a string + type: string + tlsConfig: + description: TLSConfig defines tls connection configuration + properties: + ca: + description: Struct containing the CA cert to use for the + targets. + properties: + configMap: + description: ConfigMap containing data to use for the + targets. + properties: + key: + description: The key to select. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the ConfigMap or its + key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + secret: + description: Secret containing data to use for the targets. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key + must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + caFile: + description: Path to the CA cert in the container to use for + the targets. + type: string + cert: + description: Struct containing the client cert file for the + targets. + properties: + configMap: + description: ConfigMap containing data to use for the + targets. + properties: + key: + description: The key to select. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the ConfigMap or its + key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + secret: + description: Secret containing data to use for the targets. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key + must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + certFile: + description: Path to the client cert file in the container + for the targets. + type: string + insecureSkipVerify: + description: Disable target certificate validation. + type: boolean + keyFile: + description: Path to the client key file in the container + for the targets. + type: string + keySecret: + description: Secret containing the client key file for the + targets. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + serverName: + description: Used to verify the hostname for the targets. + type: string + type: object + tz: + description: Optional argumentspecifies the IANA timezone to account + for local shifts, like DST, in models sensitive to seasonal + patterns + type: string + required: + - datasourceURL + - samplingPeriod + type: object + readinessGates: + description: ReadinessGates defines pod readiness gates + items: + description: PodReadinessGate contains the reference to a pod condition + properties: + conditionType: + description: ConditionType refers to a condition in the pod's + condition list with matching type. + type: string + required: + - conditionType + type: object + type: array + readinessProbe: + description: ReadinessProbe that will be added CRD pod + type: object + x-kubernetes-preserve-unknown-fields: true + replicaCount: + description: ReplicaCount is the expected size of the Application. + format: int32 + type: integer + resources: + description: |- + Resources container resource request and limits, https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + if not defined default resources from operator config will be used + properties: + claims: + description: |- + Claims lists the names of resources, defined in spec.resourceClaims, + that are used by this container. + + This is an alpha field and requires enabling the + DynamicResourceAllocation feature gate. + + This field is immutable. It can only be set for containers. + items: + description: ResourceClaim references one entry in PodSpec.ResourceClaims. + properties: + name: + description: |- + Name must match the name of one entry in pod.spec.resourceClaims of + the Pod where this field is used. It makes that resource available + inside a container. + type: string + request: + description: |- + Request is the name chosen for a request in the referenced claim. + If empty, everything from the claim is made available, otherwise + only the result of this request. + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: |- + Limits describes the maximum amount of compute resources allowed. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: |- + Requests describes the minimum amount of compute resources required. + If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, + otherwise to an implementation-defined value. Requests cannot exceed Limits. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + type: object + type: object + revisionHistoryLimitCount: + description: |- + The number of old ReplicaSets to retain to allow rollback in deployment or + maximum number of revisions that will be maintained in the Deployment revision history. + Has no effect at StatefulSets + Defaults to 10. + format: int32 + type: integer + rollingUpdateStrategy: + description: |- + RollingUpdateStrategy allows configuration for strategyType + set it to RollingUpdate for disabling operator statefulSet rollingUpdate + type: string + runtimeClassName: + description: |- + RuntimeClassName - defines runtime class for kubernetes pod. + https://kubernetes.io/docs/concepts/containers/runtime-class/ + type: string + schedulerName: + description: SchedulerName - defines kubernetes scheduler name + type: string + secrets: + description: |- + Secrets is a list of Secrets in the same namespace as the Application + object, which shall be mounted into the Application container + at /etc/vm/secrets/SECRET_NAME folder + items: + type: string + type: array + securityContext: + description: |- + SecurityContext holds pod-level security attributes and common container settings. + This defaults to the default PodSecurityContext. + type: object + x-kubernetes-preserve-unknown-fields: true + serviceAccountName: + description: ServiceAccountName is the name of the ServiceAccount + to use to run the pods + type: string + serviceScrapeSpec: + description: ServiceScrapeSpec that will be added to vmanomaly VMPodScrape + spec + required: + - endpoints + type: object + x-kubernetes-preserve-unknown-fields: true + shardCount: + description: |- + ShardCount - numbers of shards of VMAnomaly + in this case operator will use 1 sts per shard with + replicas count according to spec.replicas. + type: integer + startupProbe: + description: StartupProbe that will be added to CRD pod + type: object + x-kubernetes-preserve-unknown-fields: true + storage: + description: Storage configures storage for StatefulSet + properties: + disableMountSubPath: + description: |- + Deprecated: subPath usage will be disabled by default in a future release, this option will become unnecessary. + DisableMountSubPath allows to remove any subPath usage in volume mounts. + type: boolean + emptyDir: + description: |- + EmptyDirVolumeSource to be used by the Prometheus StatefulSets. If specified, used in place of any volumeClaimTemplate. More + info: https://kubernetes.io/docs/concepts/storage/volumes/#emptydir + properties: + medium: + description: |- + medium represents what type of storage medium should back this directory. + The default is "" which means to use the node's default medium. + Must be an empty string (default) or Memory. + More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir + type: string + sizeLimit: + anyOf: + - type: integer + - type: string + description: |- + sizeLimit is the total amount of local storage required for this EmptyDir volume. + The size limit is also applicable for memory medium. + The maximum usage on memory medium EmptyDir would be the minimum value between + the SizeLimit specified here and the sum of memory limits of all containers in a pod. + The default is nil which means that the limit is undefined. + More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + volumeClaimTemplate: + description: A PVC spec to be used by the StatefulSets/Deployments. + properties: + apiVersion: + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + type: string + kind: + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + type: string + metadata: + description: EmbeddedMetadata contains metadata relevant to + an EmbeddedResource. + properties: + annotations: + additionalProperties: + type: string + description: |- + Annotations is an unstructured key value map stored with a resource that may be + set by external tools to store and retrieve arbitrary metadata. They are not + queryable and should be preserved when modifying objects. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations + type: object + labels: + additionalProperties: + type: string + description: |- + Labels Map of string keys and values that can be used to organize and categorize + (scope and select) objects. May match selectors of replication controllers + and services. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels + type: object + name: + description: |- + Name must be unique within a namespace. Is required when creating resources, although + some resources may allow a client to request the generation of an appropriate name + automatically. Name is primarily intended for creation idempotence and configuration + definition. + Cannot be updated. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names#names + type: string + type: object + spec: + description: |- + Spec defines the desired characteristics of a volume requested by a pod author. + More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims + properties: + accessModes: + description: |- + accessModes contains the desired access modes the volume should have. + More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1 + items: + type: string + type: array + x-kubernetes-list-type: atomic + dataSource: + description: |- + dataSource field can be used to specify either: + * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot) + * An existing PVC (PersistentVolumeClaim) + If the provisioner or an external controller can support the specified data source, + it will create a new volume based on the contents of the specified data source. + When the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef, + and dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified. + If the namespace is specified, then dataSourceRef will not be copied to dataSource. + properties: + apiGroup: + description: |- + APIGroup is the group for the resource being referenced. + If APIGroup is not specified, the specified Kind must be in the core API group. + For any other third-party types, APIGroup is required. + type: string + kind: + description: Kind is the type of resource being referenced + type: string + name: + description: Name is the name of resource being referenced + type: string + required: + - kind + - name + type: object + x-kubernetes-map-type: atomic + dataSourceRef: + description: |- + dataSourceRef specifies the object from which to populate the volume with data, if a non-empty + volume is desired. This may be any object from a non-empty API group (non + core object) or a PersistentVolumeClaim object. + When this field is specified, volume binding will only succeed if the type of + the specified object matches some installed volume populator or dynamic + provisioner. + This field will replace the functionality of the dataSource field and as such + if both fields are non-empty, they must have the same value. For backwards + compatibility, when namespace isn't specified in dataSourceRef, + both fields (dataSource and dataSourceRef) will be set to the same + value automatically if one of them is empty and the other is non-empty. + When namespace is specified in dataSourceRef, + dataSource isn't set to the same value and must be empty. + There are three important differences between dataSource and dataSourceRef: + * While dataSource only allows two specific types of objects, dataSourceRef + allows any non-core object, as well as PersistentVolumeClaim objects. + * While dataSource ignores disallowed values (dropping them), dataSourceRef + preserves all values, and generates an error if a disallowed value is + specified. + * While dataSource only allows local objects, dataSourceRef allows objects + in any namespaces. + (Beta) Using this field requires the AnyVolumeDataSource feature gate to be enabled. + (Alpha) Using the namespace field of dataSourceRef requires the CrossNamespaceVolumeDataSource feature gate to be enabled. + properties: + apiGroup: + description: |- + APIGroup is the group for the resource being referenced. + If APIGroup is not specified, the specified Kind must be in the core API group. + For any other third-party types, APIGroup is required. + type: string + kind: + description: Kind is the type of resource being referenced + type: string + name: + description: Name is the name of resource being referenced + type: string + namespace: + description: |- + Namespace is the namespace of resource being referenced + Note that when a namespace is specified, a gateway.networking.k8s.io/ReferenceGrant object is required in the referent namespace to allow that namespace's owner to accept the reference. See the ReferenceGrant documentation for details. + (Alpha) This field requires the CrossNamespaceVolumeDataSource feature gate to be enabled. + type: string + required: + - kind + - name + type: object + resources: + description: |- + resources represents the minimum resources the volume should have. + If RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements + that are lower than previous value but must still be higher than capacity recorded in the + status field of the claim. + More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources + properties: + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: |- + Limits describes the maximum amount of compute resources allowed. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: |- + Requests describes the minimum amount of compute resources required. + If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, + otherwise to an implementation-defined value. Requests cannot exceed Limits. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + type: object + type: object + selector: + description: selector is a label query over volumes to + consider for binding. + properties: + matchExpressions: + description: matchExpressions is a list of label selector + requirements. The requirements are ANDed. + items: + description: |- + A label selector requirement is a selector that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: key is the label key that the selector + applies to. + type: string + operator: + description: |- + operator represents a key's relationship to a set of values. + Valid operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: |- + values is an array of string values. If the operator is In or NotIn, + the values array must be non-empty. If the operator is Exists or DoesNotExist, + the values array must be empty. This array is replaced during a strategic + merge patch. + items: + type: string + type: array + x-kubernetes-list-type: atomic + required: + - key + - operator + type: object + type: array + x-kubernetes-list-type: atomic + matchLabels: + additionalProperties: + type: string + description: |- + matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, whose key field is "key", the + operator is "In", and the values array contains only "value". The requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + storageClassName: + description: |- + storageClassName is the name of the StorageClass required by the claim. + More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1 + type: string + volumeAttributesClassName: + description: |- + volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim. + If specified, the CSI driver will create or update the volume with the attributes defined + in the corresponding VolumeAttributesClass. This has a different purpose than storageClassName, + it can be changed after the claim is created. An empty string value means that no VolumeAttributesClass + will be applied to the claim but it's not allowed to reset this field to empty string once it is set. + If unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass + will be set by the persistentvolume controller if it exists. + If the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be + set to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource + exists. + More info: https://kubernetes.io/docs/concepts/storage/volume-attributes-classes/ + (Beta) Using this field requires the VolumeAttributesClass feature gate to be enabled (off by default). + type: string + volumeMode: + description: |- + volumeMode defines what type of volume is required by the claim. + Value of Filesystem is implied when not included in claim spec. + type: string + volumeName: + description: volumeName is the binding reference to the + PersistentVolume backing this claim. + type: string + type: object + status: + description: |- + Status represents the current information/status of a persistent volume claim. + Read-only. + More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims + properties: + accessModes: + description: |- + accessModes contains the actual access modes the volume backing the PVC has. + More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1 + items: + type: string + type: array + x-kubernetes-list-type: atomic + allocatedResourceStatuses: + additionalProperties: + description: |- + When a controller receives persistentvolume claim update with ClaimResourceStatus for a resource + that it does not recognizes, then it should ignore that update and let other controllers + handle it. + type: string + description: "allocatedResourceStatuses stores status + of resource being resized for the given PVC.\nKey names + follow standard Kubernetes label syntax. Valid values + are either:\n\t* Un-prefixed keys:\n\t\t- storage - + the capacity of the volume.\n\t* Custom resources must + use implementation-defined prefixed names such as \"example.com/my-custom-resource\"\nApart + from above values - keys that are unprefixed or have + kubernetes.io prefix are considered\nreserved and hence + may not be used.\n\nClaimResourceStatus can be in any + of following states:\n\t- ControllerResizeInProgress:\n\t\tState + set when resize controller starts resizing the volume + in control-plane.\n\t- ControllerResizeFailed:\n\t\tState + set when resize has failed in resize controller with + a terminal error.\n\t- NodeResizePending:\n\t\tState + set when resize controller has finished resizing the + volume but further resizing of\n\t\tvolume is needed + on the node.\n\t- NodeResizeInProgress:\n\t\tState set + when kubelet starts resizing the volume.\n\t- NodeResizeFailed:\n\t\tState + set when resizing has failed in kubelet with a terminal + error. Transient errors don't set\n\t\tNodeResizeFailed.\nFor + example: if expanding a PVC for more capacity - this + field can be one of the following states:\n\t- pvc.status.allocatedResourceStatus['storage'] + = \"ControllerResizeInProgress\"\n - pvc.status.allocatedResourceStatus['storage'] + = \"ControllerResizeFailed\"\n - pvc.status.allocatedResourceStatus['storage'] + = \"NodeResizePending\"\n - pvc.status.allocatedResourceStatus['storage'] + = \"NodeResizeInProgress\"\n - pvc.status.allocatedResourceStatus['storage'] + = \"NodeResizeFailed\"\nWhen this field is not set, + it means that no resize operation is in progress for + the given PVC.\n\nA controller that receives PVC update + with previously unknown resourceName or ClaimResourceStatus\nshould + ignore the update for the purpose it was designed. For + example - a controller that\nonly is responsible for + resizing capacity of the volume, should ignore PVC updates + that change other valid\nresources associated with PVC.\n\nThis + is an alpha field and requires enabling RecoverVolumeExpansionFailure + feature." + type: object + x-kubernetes-map-type: granular + allocatedResources: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: "allocatedResources tracks the resources + allocated to a PVC including its capacity.\nKey names + follow standard Kubernetes label syntax. Valid values + are either:\n\t* Un-prefixed keys:\n\t\t- storage - + the capacity of the volume.\n\t* Custom resources must + use implementation-defined prefixed names such as \"example.com/my-custom-resource\"\nApart + from above values - keys that are unprefixed or have + kubernetes.io prefix are considered\nreserved and hence + may not be used.\n\nCapacity reported here may be larger + than the actual capacity when a volume expansion operation\nis + requested.\nFor storage quota, the larger value from + allocatedResources and PVC.spec.resources is used.\nIf + allocatedResources is not set, PVC.spec.resources alone + is used for quota calculation.\nIf a volume expansion + capacity request is lowered, allocatedResources is only\nlowered + if there are no expansion operations in progress and + if the actual volume capacity\nis equal or lower than + the requested capacity.\n\nA controller that receives + PVC update with previously unknown resourceName\nshould + ignore the update for the purpose it was designed. For + example - a controller that\nonly is responsible for + resizing capacity of the volume, should ignore PVC updates + that change other valid\nresources associated with PVC.\n\nThis + is an alpha field and requires enabling RecoverVolumeExpansionFailure + feature." + type: object + capacity: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: capacity represents the actual resources + of the underlying volume. + type: object + conditions: + description: |- + conditions is the current Condition of persistent volume claim. If underlying persistent volume is being + resized then the Condition will be set to 'Resizing'. + items: + description: PersistentVolumeClaimCondition contains + details about state of pvc + properties: + lastProbeTime: + description: lastProbeTime is the time we probed + the condition. + format: date-time + type: string + lastTransitionTime: + description: lastTransitionTime is the time the + condition transitioned from one status to another. + format: date-time + type: string + message: + description: message is the human-readable message + indicating details about last transition. + type: string + reason: + description: |- + reason is a unique, this should be a short, machine understandable string that gives the reason + for condition's last transition. If it reports "Resizing" that means the underlying + persistent volume is being resized. + type: string + status: + description: |- + Status is the status of the condition. + Can be True, False, Unknown. + More info: https://kubernetes.io/docs/reference/kubernetes-api/config-and-storage-resources/persistent-volume-claim-v1/#:~:text=state%20of%20pvc-,conditions.status,-(string)%2C%20required + type: string + type: + description: |- + Type is the type of the condition. + More info: https://kubernetes.io/docs/reference/kubernetes-api/config-and-storage-resources/persistent-volume-claim-v1/#:~:text=set%20to%20%27ResizeStarted%27.-,PersistentVolumeClaimCondition,-contains%20details%20about + type: string + required: + - status + - type + type: object + type: array + x-kubernetes-list-map-keys: + - type + x-kubernetes-list-type: map + currentVolumeAttributesClassName: + description: |- + currentVolumeAttributesClassName is the current name of the VolumeAttributesClass the PVC is using. + When unset, there is no VolumeAttributeClass applied to this PersistentVolumeClaim + This is a beta field and requires enabling VolumeAttributesClass feature (off by default). + type: string + modifyVolumeStatus: + description: |- + ModifyVolumeStatus represents the status object of ControllerModifyVolume operation. + When this is unset, there is no ModifyVolume operation being attempted. + This is a beta field and requires enabling VolumeAttributesClass feature (off by default). + properties: + status: + description: "status is the status of the ControllerModifyVolume + operation. It can be in any of following states:\n + - Pending\n Pending indicates that the PersistentVolumeClaim + cannot be modified due to unmet requirements, such + as\n the specified VolumeAttributesClass not existing.\n + - InProgress\n InProgress indicates that the volume + is being modified.\n - Infeasible\n Infeasible + indicates that the request has been rejected as + invalid by the CSI driver. To\n\t resolve the error, + a valid VolumeAttributesClass needs to be specified.\nNote: + New statuses can be added in the future. Consumers + should check for unknown statuses and fail appropriately." + type: string + targetVolumeAttributesClassName: + description: targetVolumeAttributesClassName is the + name of the VolumeAttributesClass the PVC currently + being reconciled + type: string + required: + - status + type: object + phase: + description: phase represents the current phase of PersistentVolumeClaim. + type: string + type: object + type: object + type: object + terminationGracePeriodSeconds: + description: TerminationGracePeriodSeconds period for container graceful + termination + format: int64 + type: integer + tolerations: + description: Tolerations If specified, the pod's tolerations. + items: + description: |- + The pod this Toleration is attached to tolerates any taint that matches + the triple using the matching operator . + properties: + effect: + description: |- + Effect indicates the taint effect to match. Empty means match all taint effects. + When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute. + type: string + key: + description: |- + Key is the taint key that the toleration applies to. Empty means match all taint keys. + If the key is empty, operator must be Exists; this combination means to match all values and all keys. + type: string + operator: + description: |- + Operator represents a key's relationship to the value. + Valid operators are Exists and Equal. Defaults to Equal. + Exists is equivalent to wildcard for value, so that a pod can + tolerate all taints of a particular category. + type: string + tolerationSeconds: + description: |- + TolerationSeconds represents the period of time the toleration (which must be + of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, + it is not set, which means tolerate the taint forever (do not evict). Zero and + negative values will be treated as 0 (evict immediately) by the system. + format: int64 + type: integer + value: + description: |- + Value is the taint value the toleration matches to. + If the operator is Exists, the value should be empty, otherwise just a regular string. + type: string + type: object + type: array + topologySpreadConstraints: + description: |- + TopologySpreadConstraints embedded kubernetes pod configuration option, + controls how pods are spread across your cluster among failure-domains + such as regions, zones, nodes, and other user-defined topology domains + https://kubernetes.io/docs/concepts/workloads/pods/pod-topology-spread-constraints/ + items: + description: TopologySpreadConstraint specifies how to spread matching + pods among the given topology. + required: + - maxSkew + - topologyKey + - whenUnsatisfiable + type: object + x-kubernetes-preserve-unknown-fields: true + type: array + useDefaultResources: + description: |- + UseDefaultResources controls resource settings + By default, operator sets built-in resource requirements + type: boolean + useStrictSecurity: + description: |- + UseStrictSecurity enables strict security mode for component + it restricts disk writes access + uses non-root user out of the box + drops not needed security permissions + type: boolean + volumeMounts: + description: |- + VolumeMounts allows configuration of additional VolumeMounts on the output Deployment/StatefulSet definition. + VolumeMounts specified will be appended to other VolumeMounts in the Application container + items: + description: VolumeMount describes a mounting of a Volume within + a container. + properties: + mountPath: + description: |- + Path within the container at which the volume should be mounted. Must + not contain ':'. + type: string + mountPropagation: + description: |- + mountPropagation determines how mounts are propagated from the host + to container and the other way around. + When not set, MountPropagationNone is used. + This field is beta in 1.10. + When RecursiveReadOnly is set to IfPossible or to Enabled, MountPropagation must be None or unspecified + (which defaults to None). + type: string + name: + description: This must match the Name of a Volume. + type: string + readOnly: + description: |- + Mounted read-only if true, read-write otherwise (false or unspecified). + Defaults to false. + type: boolean + recursiveReadOnly: + description: |- + RecursiveReadOnly specifies whether read-only mounts should be handled + recursively. + + If ReadOnly is false, this field has no meaning and must be unspecified. + + If ReadOnly is true, and this field is set to Disabled, the mount is not made + recursively read-only. If this field is set to IfPossible, the mount is made + recursively read-only, if it is supported by the container runtime. If this + field is set to Enabled, the mount is made recursively read-only if it is + supported by the container runtime, otherwise the pod will not be started and + an error will be generated to indicate the reason. + + If this field is set to IfPossible or Enabled, MountPropagation must be set to + None (or be unspecified, which defaults to None). + + If this field is not specified, it is treated as an equivalent of Disabled. + type: string + subPath: + description: |- + Path within the volume from which the container's volume should be mounted. + Defaults to "" (volume's root). + type: string + subPathExpr: + description: |- + Expanded path within the volume from which the container's volume should be mounted. + Behaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment. + Defaults to "" (volume's root). + SubPathExpr and SubPath are mutually exclusive. + type: string + required: + - mountPath + - name + type: object + type: array + volumes: + description: |- + Volumes allows configuration of additional volumes on the output Deployment/StatefulSet definition. + Volumes specified will be appended to other volumes that are generated. + / +optional + items: + description: Volume represents a named volume in a pod that may + be accessed by any container in the pod. + required: + - name + type: object + x-kubernetes-preserve-unknown-fields: true + type: array + writer: + description: |- + Metrics destination for VMAnomaly + See https://docs.victoriametrics.com/anomaly-detection/components/writer/ + properties: + basicAuth: + description: Basic auth defines basic authorization configuration + properties: + password: + description: |- + Password defines reference for secret with password value + The secret needs to be in the same namespace as scrape object + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + password_file: + description: |- + PasswordFile defines path to password file at disk + must be pre-mounted + type: string + username: + description: |- + Username defines reference for secret with username value + The secret needs to be in the same namespace as scrape object + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + bearer: + description: 'BearerAuth defines authorization with Authorization: + Bearer header' + properties: + bearerTokenFile: + description: Path to bearer token file + type: string + bearerTokenSecret: + description: Optional bearer auth token to use for -remoteWrite.url + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + datasourceURL: + description: |- + DatasourceURL defines remote write url for write requests + provided endpoint must serve /api/v1/import path + vmanomaly joins datasourceURL + "/api/v1/import" + type: string + healthPath: + description: HealthPath defines absolute or relative URL address + where to check availability of the remote webserver + type: string + metricFormat: + description: Metrics to save the output (in metric names or labels) + properties: + __name__: + description: |- + Name of result metric + Must have a value with $VAR placeholder in it to distinguish between resulting metrics + type: string + extraLabels: + additionalProperties: + type: string + description: ExtraLabels defines additional labels to be added + to the resulting metrics + type: object + for: + description: For is a special label with $QUERY_KEY placeholder + type: string + required: + - __name__ + - for + type: object + tenantID: + description: TenantID defines for VictoriaMetrics Cluster version + only, tenants are identified by accountID, accountID:projectID + or multitenant. + type: string + timeout: + description: Timeout for the requests, passed as a string + type: string + tlsConfig: + description: TLSConfig defines tls connection configuration + properties: + ca: + description: Struct containing the CA cert to use for the + targets. + properties: + configMap: + description: ConfigMap containing data to use for the + targets. + properties: + key: + description: The key to select. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the ConfigMap or its + key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + secret: + description: Secret containing data to use for the targets. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key + must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + caFile: + description: Path to the CA cert in the container to use for + the targets. + type: string + cert: + description: Struct containing the client cert file for the + targets. + properties: + configMap: + description: ConfigMap containing data to use for the + targets. + properties: + key: + description: The key to select. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the ConfigMap or its + key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + secret: + description: Secret containing data to use for the targets. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key + must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + certFile: + description: Path to the client cert file in the container + for the targets. + type: string + insecureSkipVerify: + description: Disable target certificate validation. + type: boolean + keyFile: + description: Path to the client key file in the container + for the targets. + type: string + keySecret: + description: Secret containing the client key file for the + targets. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + serverName: + description: Used to verify the hostname for the targets. + type: string + type: object + required: + - datasourceURL + type: object + required: + - reader + - writer + type: object + status: + description: VMAnomalyStatus defines the observed state of VMAnomaly. + properties: + conditions: + description: 'Known .status.conditions.type are: "Available", "Progressing", + and "Degraded"' + items: + description: Condition defines status condition of the resource + properties: + lastTransitionTime: + description: lastTransitionTime is the last time the condition + transitioned from one status to another. + format: date-time + type: string + lastUpdateTime: + description: |- + LastUpdateTime is the last time of given type update. + This value is used for status TTL update and removal + format: date-time + type: string + message: + description: |- + message is a human readable message indicating details about the transition. + This may be an empty string. + maxLength: 32768 + type: string + observedGeneration: + description: |- + observedGeneration represents the .metadata.generation that the condition was set based upon. + For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date + with respect to the current state of the instance. + format: int64 + minimum: 0 + type: integer + reason: + description: |- + reason contains a programmatic identifier indicating the reason for the condition's last transition. + Producers of specific condition types may define expected values and meanings for this field, + and whether the values are considered a guaranteed API. + The value should be a CamelCase string. + This field may not be empty. + maxLength: 1024 + minLength: 1 + type: string + status: + description: status of the condition, one of True, False, Unknown. + enum: + - "True" + - "False" + - Unknown + type: string + type: + description: Type of condition in CamelCase or in name.namespace.resource.victoriametrics.com/CamelCase. + maxLength: 316 + type: string + required: + - lastTransitionTime + - lastUpdateTime + - reason + - status + - type + type: object + type: array + x-kubernetes-list-map-keys: + - type + x-kubernetes-list-type: map + observedGeneration: + description: |- + ObservedGeneration defines current generation picked by operator for the + reconcile + format: int64 + type: integer + reason: + description: Reason defines human readable error reason + type: string + shards: + description: Shards represents total number of vmanomaly statefulsets + with uniq scrape targets + format: int32 + type: integer + updateStatus: + description: UpdateStatus defines a status for update rollout + type: string + type: object + type: object + served: true + storage: true + subresources: + scale: + labelSelectorPath: .status.selector + specReplicasPath: .spec.shardCount + statusReplicasPath: .status.shards + status: {} +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.18.0 + name: vmauths.operator.victoriametrics.com +spec: + group: operator.victoriametrics.com + names: + kind: VMAuth + listKind: VMAuthList + plural: vmauths + singular: vmauth + scope: Namespaced + versions: + - additionalPrinterColumns: + - description: Current status of update rollout + jsonPath: .status.updateStatus + name: Status + type: string + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + - description: The desired replicas number of Alertmanagers + jsonPath: .spec.replicaCount + name: ReplicaCount + type: integer + name: v1beta1 + schema: + openAPIV3Schema: + description: VMAuth is the Schema for the vmauths API + properties: + apiVersion: + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + type: string + kind: + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + type: string + metadata: + type: object + spec: + description: VMAuthSpec defines the desired state of VMAuth + properties: + affinity: + description: Affinity If specified, the pod's scheduling constraints. + type: object + x-kubernetes-preserve-unknown-fields: true + configMaps: + description: |- + ConfigMaps is a list of ConfigMaps in the same namespace as the Application + object, which shall be mounted into the Application container + at /etc/vm/configs/CONFIGMAP_NAME folder + items: + type: string + type: array + configReloadAuthKeySecret: + description: |- + ConfigReloadAuthKeySecret defines optional secret reference authKey for /-/reload API requests. + Given secret reference will be added to the application and vm-config-reloader as volume + available since v0.57.0 version + properties: + key: + description: The key of the secret to select from. Must be a + valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + configReloaderExtraArgs: + additionalProperties: + type: string + description: |- + ConfigReloaderExtraArgs that will be passed to VMAuths config-reloader container + for example resyncInterval: "30s" + type: object + configReloaderImageTag: + description: ConfigReloaderImageTag defines image:tag for config-reloader + container + type: string + configReloaderResources: + description: |- + ConfigReloaderResources config-reloader container resource request and limits, https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + if not defined default resources from operator config will be used + properties: + claims: + description: |- + Claims lists the names of resources, defined in spec.resourceClaims, + that are used by this container. + + This is an alpha field and requires enabling the + DynamicResourceAllocation feature gate. + + This field is immutable. It can only be set for containers. + items: + description: ResourceClaim references one entry in PodSpec.ResourceClaims. + properties: + name: + description: |- + Name must match the name of one entry in pod.spec.resourceClaims of + the Pod where this field is used. It makes that resource available + inside a container. + type: string + request: + description: |- + Request is the name chosen for a request in the referenced claim. + If empty, everything from the claim is made available, otherwise + only the result of this request. + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: |- + Limits describes the maximum amount of compute resources allowed. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: |- + Requests describes the minimum amount of compute resources required. + If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, + otherwise to an implementation-defined value. Requests cannot exceed Limits. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + type: object + type: object + configSecret: + description: |- + ConfigSecret is the name of a Kubernetes Secret in the same namespace as the + VMAuth object, which contains auth configuration for vmauth, + configuration must be inside secret key: config.yaml. + It must be created and managed manually. + If it's defined, configuration for vmauth becomes unmanaged and operator'll not create any related secrets/config-reloaders + Deprecated: use externalConfig.secretRef instead + type: string + containers: + description: |- + Containers property allows to inject additions sidecars or to patch existing containers. + It can be useful for proxies, backup, etc. + items: + description: A single application container that you want to run + within a pod. + required: + - name + type: object + x-kubernetes-preserve-unknown-fields: true + type: array + disableAutomountServiceAccountToken: + description: |- + DisableAutomountServiceAccountToken whether to disable serviceAccount auto mount by Kubernetes (available from v0.54.0). + Operator will conditionally create volumes and volumeMounts for containers if it requires k8s API access. + For example, vmagent and vm-config-reloader requires k8s API access. + Operator creates volumes with name: "kube-api-access", which can be used as volumeMount for extraContainers if needed. + And also adds VolumeMounts at /var/run/secrets/kubernetes.io/serviceaccount. + type: boolean + disableSelfServiceScrape: + description: |- + DisableSelfServiceScrape controls creation of VMServiceScrape by operator + for the application. + Has priority over `VM_DISABLESELFSERVICESCRAPECREATION` operator env variable + type: boolean + dnsConfig: + description: |- + Specifies the DNS parameters of a pod. + Parameters specified here will be merged to the generated DNS + configuration based on DNSPolicy. + items: + x-kubernetes-preserve-unknown-fields: true + properties: + nameservers: + description: |- + A list of DNS name server IP addresses. + This will be appended to the base nameservers generated from DNSPolicy. + Duplicated nameservers will be removed. + items: + type: string + type: array + x-kubernetes-list-type: atomic + options: + description: |- + A list of DNS resolver options. + This will be merged with the base options generated from DNSPolicy. + Duplicated entries will be removed. Resolution options given in Options + will override those that appear in the base DNSPolicy. + items: + description: PodDNSConfigOption defines DNS resolver options + of a pod. + properties: + name: + description: |- + Name is this DNS resolver option's name. + Required. + type: string + value: + description: Value is this DNS resolver option's value. + type: string + type: object + type: array + x-kubernetes-list-type: atomic + searches: + description: |- + A list of DNS search domains for host-name lookup. + This will be appended to the base search paths generated from DNSPolicy. + Duplicated search paths will be removed. + items: + type: string + type: array + x-kubernetes-list-type: atomic + type: object + dnsPolicy: + description: DNSPolicy sets DNS policy for the pod + type: string + externalConfig: + description: |- + ExternalConfig defines a source of external VMAuth configuration. + If it's defined, configuration for vmauth becomes unmanaged and operator'll not create any related secrets/config-reloaders + properties: + localPath: + description: |- + LocalPath contains static path to a config, which is managed externally for cases + when using secrets is not applicable, e.g.: Vault sidecar. + type: string + secretRef: + description: SecretRef defines selector for externally managed + secret which contains configuration + properties: + key: + description: The key of the secret to select from. Must be + a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must be + defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + extraArgs: + additionalProperties: + type: string + description: |- + ExtraArgs that will be passed to the application container + for example remoteWrite.tmpDataPath: /tmp + type: object + extraEnvs: + description: ExtraEnvs that will be passed to the application container + items: + description: EnvVar represents an environment variable present in + a Container. + properties: + name: + description: Name of the environment variable. Must be a C_IDENTIFIER. + type: string + value: + description: |- + Variable references $(VAR_NAME) are expanded + using the previously defined environment variables in the container and + any service environment variables. If a variable cannot be resolved, + the reference in the input string will be unchanged. Double $$ are reduced + to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. + "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". + Escaped references will never be expanded, regardless of whether the variable + exists or not. + Defaults to "". + type: string + required: + - name + type: object + x-kubernetes-preserve-unknown-fields: true + type: array + extraEnvsFrom: + description: |- + ExtraEnvsFrom defines source of env variables for the application container + could either be secret or configmap + items: + description: EnvFromSource represents the source of a set of ConfigMaps + properties: + configMapRef: + description: The ConfigMap to select from + properties: + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the ConfigMap must be defined + type: boolean + type: object + x-kubernetes-map-type: atomic + prefix: + description: An optional identifier to prepend to each key in + the ConfigMap. Must be a C_IDENTIFIER. + type: string + secretRef: + description: The Secret to select from + properties: + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret must be defined + type: boolean + type: object + x-kubernetes-map-type: atomic + type: object + type: array + host_aliases: + description: |- + HostAliasesUnderScore provides mapping for ip and hostname, + that would be propagated to pod, + cannot be used with HostNetwork. + Has Priority over hostAliases field + items: + description: |- + HostAlias holds the mapping between IP and hostnames that will be injected as an entry in the + pod's hosts file. + properties: + hostnames: + description: Hostnames for the above IP address. + items: + type: string + type: array + x-kubernetes-list-type: atomic + ip: + description: IP address of the host file entry. + type: string + required: + - ip + type: object + type: array + hostAliases: + description: |- + HostAliases provides mapping for ip and hostname, + that would be propagated to pod, + cannot be used with HostNetwork. + items: + description: |- + HostAlias holds the mapping between IP and hostnames that will be injected as an entry in the + pod's hosts file. + properties: + hostnames: + description: Hostnames for the above IP address. + items: + type: string + type: array + x-kubernetes-list-type: atomic + ip: + description: IP address of the host file entry. + type: string + required: + - ip + type: object + type: array + hostNetwork: + description: HostNetwork controls whether the pod may use the node + network namespace + type: boolean + image: + description: |- + Image - docker image settings + if no specified operator uses default version from operator config + properties: + pullPolicy: + description: PullPolicy describes how to pull docker image + type: string + repository: + description: Repository contains name of docker image + it's repository + if needed + type: string + tag: + description: Tag contains desired docker image version + type: string + type: object + imagePullSecrets: + description: |- + ImagePullSecrets An optional list of references to secrets in the same namespace + to use for pulling images from registries + see https://kubernetes.io/docs/concepts/containers/images/#referring-to-an-imagepullsecrets-on-a-pod + items: + description: |- + LocalObjectReference contains enough information to let you locate the + referenced object inside the same namespace. + properties: + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + type: object + x-kubernetes-map-type: atomic + type: array + ingress: + description: Ingress enables ingress configuration for VMAuth. + properties: + annotations: + additionalProperties: + type: string + description: |- + Annotations is an unstructured key value map stored with a resource that may be + set by external tools to store and retrieve arbitrary metadata. They are not + queryable and should be preserved when modifying objects. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations + type: object + class_name: + description: ClassName defines ingress class name for VMAuth + type: string + extraRules: + description: |- + ExtraRules - additional rules for ingress, + must be checked for correctness by user. + items: + description: |- + IngressRule represents the rules mapping the paths under a specified host to + the related backend services. Incoming requests are first evaluated for a host + match, then routed to the backend associated with the matching IngressRuleValue. + properties: + host: + description: "host is the fully qualified domain name of + a network host, as defined by RFC 3986.\nNote the following + deviations from the \"host\" part of the\nURI as defined + in RFC 3986:\n1. IPs are not allowed. Currently an IngressRuleValue + can only apply to\n the IP in the Spec of the parent + Ingress.\n2. The `:` delimiter is not respected because + ports are not allowed.\n\t Currently the port of an Ingress + is implicitly :80 for http and\n\t :443 for https.\nBoth + these may change in the future.\nIncoming requests are + matched against the host before the\nIngressRuleValue. + If the host is unspecified, the Ingress routes all\ntraffic + based on the specified IngressRuleValue.\n\nhost can be + \"precise\" which is a domain name without the terminating + dot of\na network host (e.g. \"foo.bar.com\") or \"wildcard\", + which is a domain name\nprefixed with a single wildcard + label (e.g. \"*.foo.com\").\nThe wildcard character '*' + must appear by itself as the first DNS label and\nmatches + only a single label. You cannot have a wildcard label + by itself (e.g. Host == \"*\").\nRequests will be matched + against the Host field in the following way:\n1. If host + is precise, the request matches this rule if the http + host header is equal to Host.\n2. If host is a wildcard, + then the request matches this rule if the http host header\nis + to equal to the suffix (removing the first label) of the + wildcard rule." + type: string + http: + description: |- + HTTPIngressRuleValue is a list of http selectors pointing to backends. + In the example: http:///? -> backend where + where parts of the url correspond to RFC 3986, this resource will be used + to match against everything after the last '/' and before the first '?' + or '#'. + properties: + paths: + description: paths is a collection of paths that map + requests to backends. + items: + description: |- + HTTPIngressPath associates a path with a backend. Incoming urls matching the + path are forwarded to the backend. + properties: + backend: + description: |- + backend defines the referenced service endpoint to which the traffic + will be forwarded to. + properties: + resource: + description: |- + resource is an ObjectRef to another Kubernetes resource in the namespace + of the Ingress object. If resource is specified, a service.Name and + service.Port must not be specified. + This is a mutually exclusive setting with "Service". + properties: + apiGroup: + description: |- + APIGroup is the group for the resource being referenced. + If APIGroup is not specified, the specified Kind must be in the core API group. + For any other third-party types, APIGroup is required. + type: string + kind: + description: Kind is the type of resource + being referenced + type: string + name: + description: Name is the name of resource + being referenced + type: string + required: + - kind + - name + type: object + x-kubernetes-map-type: atomic + service: + description: |- + service references a service as a backend. + This is a mutually exclusive setting with "Resource". + properties: + name: + description: |- + name is the referenced service. The service must exist in + the same namespace as the Ingress object. + type: string + port: + description: |- + port of the referenced service. A port name or port number + is required for a IngressServiceBackend. + properties: + name: + description: |- + name is the name of the port on the Service. + This is a mutually exclusive setting with "Number". + type: string + number: + description: |- + number is the numerical port number (e.g. 80) on the Service. + This is a mutually exclusive setting with "Name". + format: int32 + type: integer + type: object + x-kubernetes-map-type: atomic + required: + - name + type: object + type: object + path: + description: |- + path is matched against the path of an incoming request. Currently it can + contain characters disallowed from the conventional "path" part of a URL + as defined by RFC 3986. Paths must begin with a '/' and must be present + when using PathType with value "Exact" or "Prefix". + type: string + pathType: + description: |- + pathType determines the interpretation of the path matching. PathType can + be one of the following values: + * Exact: Matches the URL path exactly. + * Prefix: Matches based on a URL path prefix split by '/'. Matching is + done on a path element by element basis. A path element refers is the + list of labels in the path split by the '/' separator. A request is a + match for path p if every p is an element-wise prefix of p of the + request path. Note that if the last element of the path is a substring + of the last element in request path, it is not a match (e.g. /foo/bar + matches /foo/bar/baz, but does not match /foo/barbaz). + * ImplementationSpecific: Interpretation of the Path matching is up to + the IngressClass. Implementations can treat this as a separate PathType + or treat it identically to Prefix or Exact path types. + Implementations are required to support all path types. + type: string + required: + - backend + - pathType + type: object + type: array + x-kubernetes-list-type: atomic + required: + - paths + type: object + type: object + type: array + extraTls: + description: |- + ExtraTLS - additional TLS configuration for ingress + must be checked for correctness by user. + items: + description: IngressTLS describes the transport layer security + associated with an ingress. + properties: + hosts: + description: |- + hosts is a list of hosts included in the TLS certificate. The values in + this list must match the name/s used in the tlsSecret. Defaults to the + wildcard host setting for the loadbalancer controller fulfilling this + Ingress, if left unspecified. + items: + type: string + type: array + x-kubernetes-list-type: atomic + secretName: + description: |- + secretName is the name of the secret used to terminate TLS traffic on + port 443. Field is left optional to allow TLS routing based on SNI + hostname alone. If the SNI host in a listener conflicts with the "Host" + header field used by an IngressRule, the SNI host is used for termination + and value of the "Host" header is used for routing. + type: string + type: object + type: array + host: + description: |- + Host defines ingress host parameter for default rule + It will be used, only if TlsHosts is empty + type: string + labels: + additionalProperties: + type: string + description: |- + Labels Map of string keys and values that can be used to organize and categorize + (scope and select) objects. May match selectors of replication controllers + and services. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels + type: object + name: + description: |- + Name must be unique within a namespace. Is required when creating resources, although + some resources may allow a client to request the generation of an appropriate name + automatically. Name is primarily intended for creation idempotence and configuration + definition. + Cannot be updated. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names#names + type: string + tlsHosts: + description: TlsHosts configures TLS access for ingress, tlsSecretName + must be defined for it. + items: + type: string + type: array + tlsSecretName: + description: |- + TlsSecretName defines secretname at the VMAuth namespace with cert and key + https://kubernetes.io/docs/concepts/services-networking/ingress/#tls + type: string + type: object + initContainers: + description: |- + InitContainers allows adding initContainers to the pod definition. + Any errors during the execution of an initContainer will lead to a restart of the Pod. + More info: https://kubernetes.io/docs/concepts/workloads/pods/init-containers/ + items: + description: A single application container that you want to run + within a pod. + required: + - name + type: object + x-kubernetes-preserve-unknown-fields: true + type: array + internalListenPort: + description: |- + InternalListenPort instructs vmauth to serve internal routes at given port + available from v0.56.0 operator + and v1.111.0 vmauth version + related doc https://docs.victoriametrics.com/victoriametrics/vmauth/#security + type: string + license: + description: |- + License allows to configure license key to be used for enterprise features. + Using license key is supported starting from VictoriaMetrics v1.94.0. + See [here](https://docs.victoriametrics.com/victoriametrics/enterprise/) + properties: + forceOffline: + description: Enforce offline verification of the license key. + type: boolean + key: + description: |- + Enterprise license key. This flag is available only in [VictoriaMetrics enterprise](https://docs.victoriametrics.com/victoriametrics/enterprise/). + To request a trial license, [go to](https://victoriametrics.com/products/enterprise/trial) + type: string + keyRef: + description: KeyRef is reference to secret with license key for + enterprise features. + properties: + key: + description: The key of the secret to select from. Must be + a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must be + defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + reloadInterval: + description: Interval to be used for checking for license key + changes. Note that this is only applicable when using KeyRef. + type: string + type: object + livenessProbe: + description: LivenessProbe that will be added CRD pod + type: object + x-kubernetes-preserve-unknown-fields: true + logFormat: + description: LogFormat for VMAuth to be configured with. + enum: + - default + - json + type: string + logLevel: + description: LogLevel for victoria metrics single to be configured + with. + enum: + - INFO + - WARN + - ERROR + - FATAL + - PANIC + type: string + managedMetadata: + description: |- + ManagedMetadata defines metadata that will be added to the all objects + created by operator for the given CustomResource + properties: + annotations: + additionalProperties: + type: string + description: |- + Annotations is an unstructured key value map stored with a resource that may be + set by external tools to store and retrieve arbitrary metadata. They are not + queryable and should be preserved when modifying objects. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations + type: object + labels: + additionalProperties: + type: string + description: |- + Labels Map of string keys and values that can be used to organize and categorize + (scope and select) objects. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels + type: object + type: object + minReadySeconds: + description: |- + MinReadySeconds defines a minimum number of seconds to wait before starting update next pod + if previous in healthy state + Has no effect for VLogs and VMSingle + format: int32 + type: integer + nodeSelector: + additionalProperties: + type: string + description: NodeSelector Define which Nodes the Pods are scheduled + on. + type: object + paused: + description: |- + Paused If set to true all actions on the underlying managed objects are not + going to be performed, except for delete actions. + type: boolean + podDisruptionBudget: + description: PodDisruptionBudget created by operator + properties: + maxUnavailable: + anyOf: + - type: integer + - type: string + description: |- + An eviction is allowed if at most "maxUnavailable" pods selected by + "selector" are unavailable after the eviction, i.e. even in absence of + the evicted pod. For example, one can prevent all voluntary evictions + by specifying 0. This is a mutually exclusive setting with "minAvailable". + x-kubernetes-int-or-string: true + minAvailable: + anyOf: + - type: integer + - type: string + description: |- + An eviction is allowed if at least "minAvailable" pods selected by + "selector" will still be available after the eviction, i.e. even in the + absence of the evicted pod. So for example you can prevent all voluntary + evictions by specifying "100%". + x-kubernetes-int-or-string: true + selectorLabels: + additionalProperties: + type: string + description: |- + replaces default labels selector generated by operator + it's useful when you need to create custom budget + type: object + type: object + podMetadata: + description: PodMetadata configures Labels and Annotations which are + propagated to the VMAuth pods. + properties: + annotations: + additionalProperties: + type: string + description: |- + Annotations is an unstructured key value map stored with a resource that may be + set by external tools to store and retrieve arbitrary metadata. They are not + queryable and should be preserved when modifying objects. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations + type: object + labels: + additionalProperties: + type: string + description: |- + Labels Map of string keys and values that can be used to organize and categorize + (scope and select) objects. May match selectors of replication controllers + and services. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels + type: object + name: + description: |- + Name must be unique within a namespace. Is required when creating resources, although + some resources may allow a client to request the generation of an appropriate name + automatically. Name is primarily intended for creation idempotence and configuration + definition. + Cannot be updated. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names#names + type: string + type: object + port: + description: Port listen address + type: string + priorityClassName: + description: PriorityClassName class assigned to the Pods + type: string + readinessGates: + description: ReadinessGates defines pod readiness gates + items: + description: PodReadinessGate contains the reference to a pod condition + properties: + conditionType: + description: ConditionType refers to a condition in the pod's + condition list with matching type. + type: string + required: + - conditionType + type: object + type: array + readinessProbe: + description: ReadinessProbe that will be added CRD pod + type: object + x-kubernetes-preserve-unknown-fields: true + replicaCount: + description: ReplicaCount is the expected size of the Application. + format: int32 + type: integer + resources: + description: |- + Resources container resource request and limits, https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + if not defined default resources from operator config will be used + properties: + claims: + description: |- + Claims lists the names of resources, defined in spec.resourceClaims, + that are used by this container. + + This is an alpha field and requires enabling the + DynamicResourceAllocation feature gate. + + This field is immutable. It can only be set for containers. + items: + description: ResourceClaim references one entry in PodSpec.ResourceClaims. + properties: + name: + description: |- + Name must match the name of one entry in pod.spec.resourceClaims of + the Pod where this field is used. It makes that resource available + inside a container. + type: string + request: + description: |- + Request is the name chosen for a request in the referenced claim. + If empty, everything from the claim is made available, otherwise + only the result of this request. + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: |- + Limits describes the maximum amount of compute resources allowed. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: |- + Requests describes the minimum amount of compute resources required. + If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, + otherwise to an implementation-defined value. Requests cannot exceed Limits. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + type: object + type: object + revisionHistoryLimitCount: + description: |- + The number of old ReplicaSets to retain to allow rollback in deployment or + maximum number of revisions that will be maintained in the Deployment revision history. + Has no effect at StatefulSets + Defaults to 10. + format: int32 + type: integer + runtimeClassName: + description: |- + RuntimeClassName - defines runtime class for kubernetes pod. + https://kubernetes.io/docs/concepts/containers/runtime-class/ + type: string + schedulerName: + description: SchedulerName - defines kubernetes scheduler name + type: string + secrets: + description: |- + Secrets is a list of Secrets in the same namespace as the Application + object, which shall be mounted into the Application container + at /etc/vm/secrets/SECRET_NAME folder + items: + type: string + type: array + securityContext: + description: |- + SecurityContext holds pod-level security attributes and common container settings. + This defaults to the default PodSecurityContext. + type: object + x-kubernetes-preserve-unknown-fields: true + selectAllByDefault: + description: |- + SelectAllByDefault changes default behavior for empty CRD selectors, such userSelector. + with selectAllByDefault: true and empty userSelector and userNamespaceSelector + Operator selects all exist users + with selectAllByDefault: false - selects nothing + type: boolean + serviceAccountName: + description: ServiceAccountName is the name of the ServiceAccount + to use to run the pods + type: string + serviceScrapeSpec: + description: ServiceScrapeSpec that will be added to vmauth VMServiceScrape + spec + required: + - endpoints + type: object + x-kubernetes-preserve-unknown-fields: true + serviceSpec: + description: ServiceSpec that will be added to vmsingle service spec + properties: + metadata: + description: EmbeddedObjectMetadata defines objectMeta for additional + service. + properties: + annotations: + additionalProperties: + type: string + description: |- + Annotations is an unstructured key value map stored with a resource that may be + set by external tools to store and retrieve arbitrary metadata. They are not + queryable and should be preserved when modifying objects. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations + type: object + labels: + additionalProperties: + type: string + description: |- + Labels Map of string keys and values that can be used to organize and categorize + (scope and select) objects. May match selectors of replication controllers + and services. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels + type: object + name: + description: |- + Name must be unique within a namespace. Is required when creating resources, although + some resources may allow a client to request the generation of an appropriate name + automatically. Name is primarily intended for creation idempotence and configuration + definition. + Cannot be updated. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names#names + type: string + type: object + spec: + description: |- + ServiceSpec describes the attributes that a user creates on a service. + More info: https://kubernetes.io/docs/concepts/services-networking/service/ + type: object + x-kubernetes-preserve-unknown-fields: true + useAsDefault: + description: |- + UseAsDefault applies changes from given service definition to the main object Service + Changing from headless service to clusterIP or loadbalancer may break cross-component communication + type: boolean + required: + - spec + type: object + startupProbe: + description: StartupProbe that will be added to CRD pod + type: object + x-kubernetes-preserve-unknown-fields: true + terminationGracePeriodSeconds: + description: TerminationGracePeriodSeconds period for container graceful + termination + format: int64 + type: integer + tolerations: + description: Tolerations If specified, the pod's tolerations. + items: + description: |- + The pod this Toleration is attached to tolerates any taint that matches + the triple using the matching operator . + properties: + effect: + description: |- + Effect indicates the taint effect to match. Empty means match all taint effects. + When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute. + type: string + key: + description: |- + Key is the taint key that the toleration applies to. Empty means match all taint keys. + If the key is empty, operator must be Exists; this combination means to match all values and all keys. + type: string + operator: + description: |- + Operator represents a key's relationship to the value. + Valid operators are Exists and Equal. Defaults to Equal. + Exists is equivalent to wildcard for value, so that a pod can + tolerate all taints of a particular category. + type: string + tolerationSeconds: + description: |- + TolerationSeconds represents the period of time the toleration (which must be + of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, + it is not set, which means tolerate the taint forever (do not evict). Zero and + negative values will be treated as 0 (evict immediately) by the system. + format: int64 + type: integer + value: + description: |- + Value is the taint value the toleration matches to. + If the operator is Exists, the value should be empty, otherwise just a regular string. + type: string + type: object + type: array + topologySpreadConstraints: + description: |- + TopologySpreadConstraints embedded kubernetes pod configuration option, + controls how pods are spread across your cluster among failure-domains + such as regions, zones, nodes, and other user-defined topology domains + https://kubernetes.io/docs/concepts/workloads/pods/pod-topology-spread-constraints/ + items: + description: TopologySpreadConstraint specifies how to spread matching + pods among the given topology. + required: + - maxSkew + - topologyKey + - whenUnsatisfiable + type: object + x-kubernetes-preserve-unknown-fields: true + type: array + unauthorizedAccessConfig: + description: |- + UnauthorizedAccessConfig configures access for un authorized users + + Deprecated: use unauthorizedUserAccessSpec instead + will be removed at v1.0 release + x-kubernetes-preserve-unknown-fields: true + unauthorizedUserAccessSpec: + description: UnauthorizedUserAccessSpec defines unauthorized_user + config section of vmauth config + properties: + default_url: + description: |- + DefaultURLs backend url for non-matching paths filter + usually used for default backend with error message + items: + type: string + type: array + discover_backend_ips: + description: DiscoverBackendIPs instructs discovering URLPrefix + backend IPs via DNS. + type: boolean + drop_src_path_prefix_parts: + description: |- + DropSrcPathPrefixParts is the number of `/`-delimited request path prefix parts to drop before proxying the request to backend. + See [here](https://docs.victoriametrics.com/victoriametrics/vmauth/#dropping-request-path-prefix) for more details. + type: integer + dump_request_on_errors: + description: |- + DumpRequestOnErrors instructs vmauth to return detailed request params to the client + if routing rules don't allow to forward request to the backends. + Useful for debugging `src_hosts` and `src_headers` based routing rules + + available since v1.107.0 vmauth version + type: boolean + headers: + description: |- + Headers represent additional http headers, that vmauth uses + in form of ["header_key: header_value"] + multiple values for header key: + ["header_key: value1,value2"] + it's available since 1.68.0 version of vmauth + items: + type: string + type: array + ip_filters: + description: |- + IPFilters defines per target src ip filters + supported only with enterprise version of [vmauth](https://docs.victoriametrics.com/victoriametrics/vmauth/#ip-filters) + properties: + allow_list: + items: + type: string + type: array + deny_list: + items: + type: string + type: array + type: object + load_balancing_policy: + description: |- + LoadBalancingPolicy defines load balancing policy to use for backend urls. + Supported policies: least_loaded, first_available. + See [here](https://docs.victoriametrics.com/victoriametrics/vmauth/#load-balancing) for more details (default "least_loaded") + enum: + - least_loaded + - first_available + type: string + max_concurrent_requests: + description: |- + MaxConcurrentRequests defines max concurrent requests per user + 300 is default value for vmauth + type: integer + metric_labels: + additionalProperties: + type: string + description: MetricLabels - additional labels for metrics exported + by vmauth for given user. + type: object + response_headers: + description: |- + ResponseHeaders represent additional http headers, that vmauth adds for request response + in form of ["header_key: header_value"] + multiple values for header key: + ["header_key: value1,value2"] + it's available since 1.93.0 version of vmauth + items: + type: string + type: array + retry_status_codes: + description: |- + RetryStatusCodes defines http status codes in numeric format for request retries + e.g. [429,503] + items: + type: integer + type: array + tlsConfig: + description: TLSConfig defines tls configuration for the backend + connection + properties: + ca: + description: Struct containing the CA cert to use for the + targets. + properties: + configMap: + description: ConfigMap containing data to use for the + targets. + properties: + key: + description: The key to select. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the ConfigMap or its + key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + secret: + description: Secret containing data to use for the targets. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key + must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + caFile: + description: Path to the CA cert in the container to use for + the targets. + type: string + cert: + description: Struct containing the client cert file for the + targets. + properties: + configMap: + description: ConfigMap containing data to use for the + targets. + properties: + key: + description: The key to select. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the ConfigMap or its + key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + secret: + description: Secret containing data to use for the targets. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key + must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + certFile: + description: Path to the client cert file in the container + for the targets. + type: string + insecureSkipVerify: + description: Disable target certificate validation. + type: boolean + keyFile: + description: Path to the client key file in the container + for the targets. + type: string + keySecret: + description: Secret containing the client key file for the + targets. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + serverName: + description: Used to verify the hostname for the targets. + type: string + type: object + url_map: + items: + description: |- + UnauthorizedAccessConfigURLMap defines element of url_map routing configuration + For UnauthorizedAccessConfig and VMAuthUnauthorizedUserAccessSpec.URLMap + properties: + discover_backend_ips: + description: DiscoverBackendIPs instructs discovering URLPrefix + backend IPs via DNS. + type: boolean + drop_src_path_prefix_parts: + description: |- + DropSrcPathPrefixParts is the number of `/`-delimited request path prefix parts to drop before proxying the request to backend. + See [here](https://docs.victoriametrics.com/victoriametrics/vmauth/#dropping-request-path-prefix) for more details. + type: integer + headers: + description: |- + RequestHeaders represent additional http headers, that vmauth uses + in form of ["header_key: header_value"] + multiple values for header key: + ["header_key: value1,value2"] + it's available since 1.68.0 version of vmauth + items: + type: string + type: array + load_balancing_policy: + description: |- + LoadBalancingPolicy defines load balancing policy to use for backend urls. + Supported policies: least_loaded, first_available. + See [here](https://docs.victoriametrics.com/victoriametrics/vmauth/#load-balancing) for more details (default "least_loaded") + enum: + - least_loaded + - first_available + type: string + response_headers: + description: |- + ResponseHeaders represent additional http headers, that vmauth adds for request response + in form of ["header_key: header_value"] + multiple values for header key: + ["header_key: value1,value2"] + it's available since 1.93.0 version of vmauth + items: + type: string + type: array + retry_status_codes: + description: |- + RetryStatusCodes defines http status codes in numeric format for request retries + Can be defined per target or at VMUser.spec level + e.g. [429,503] + items: + type: integer + type: array + src_headers: + description: SrcHeaders is an optional list of headers, + which must match request headers. + items: + type: string + type: array + src_hosts: + description: SrcHosts is an optional list of regular expressions, + which must match the request hostname. + items: + type: string + type: array + src_paths: + description: SrcPaths is an optional list of regular expressions, + which must match the request path. + items: + type: string + type: array + src_query_args: + description: SrcQueryArgs is an optional list of query args, + which must match request URL query args. + items: + type: string + type: array + url_prefix: + description: |- + UrlPrefix contains backend url prefixes for the proxied request url. + URLPrefix defines prefix prefix for destination + x-kubernetes-preserve-unknown-fields: true + type: object + type: array + url_prefix: + description: URLPrefix defines prefix prefix for destination + x-kubernetes-preserve-unknown-fields: true + type: object + useDefaultResources: + description: |- + UseDefaultResources controls resource settings + By default, operator sets built-in resource requirements + type: boolean + useProxyProtocol: + description: |- + UseProxyProtocol enables proxy protocol for vmauth + https://www.haproxy.org/download/2.3/doc/proxy-protocol.txt + type: boolean + useStrictSecurity: + description: |- + UseStrictSecurity enables strict security mode for component + it restricts disk writes access + uses non-root user out of the box + drops not needed security permissions + type: boolean + useVMConfigReloader: + description: |- + UseVMConfigReloader replaces prometheus-like config-reloader + with vm one. It uses secrets watch instead of file watch + which greatly increases speed of config updates + type: boolean + userNamespaceSelector: + description: |- + UserNamespaceSelector Namespaces to be selected for VMAuth discovery. + Works in combination with Selector. + NamespaceSelector nil - only objects at VMAuth namespace. + Selector nil - only objects at NamespaceSelector namespaces. + If both nil - behaviour controlled by selectAllByDefault + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. + The requirements are ANDed. + items: + description: |- + A label selector requirement is a selector that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: key is the label key that the selector applies + to. + type: string + operator: + description: |- + operator represents a key's relationship to a set of values. + Valid operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: |- + values is an array of string values. If the operator is In or NotIn, + the values array must be non-empty. If the operator is Exists or DoesNotExist, + the values array must be empty. This array is replaced during a strategic + merge patch. + items: + type: string + type: array + x-kubernetes-list-type: atomic + required: + - key + - operator + type: object + type: array + x-kubernetes-list-type: atomic + matchLabels: + additionalProperties: + type: string + description: |- + matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, whose key field is "key", the + operator is "In", and the values array contains only "value". The requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + userSelector: + description: |- + UserSelector defines VMUser to be selected for config file generation. + Works in combination with NamespaceSelector. + NamespaceSelector nil - only objects at VMAuth namespace. + If both nil - behaviour controlled by selectAllByDefault + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. + The requirements are ANDed. + items: + description: |- + A label selector requirement is a selector that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: key is the label key that the selector applies + to. + type: string + operator: + description: |- + operator represents a key's relationship to a set of values. + Valid operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: |- + values is an array of string values. If the operator is In or NotIn, + the values array must be non-empty. If the operator is Exists or DoesNotExist, + the values array must be empty. This array is replaced during a strategic + merge patch. + items: + type: string + type: array + x-kubernetes-list-type: atomic + required: + - key + - operator + type: object + type: array + x-kubernetes-list-type: atomic + matchLabels: + additionalProperties: + type: string + description: |- + matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, whose key field is "key", the + operator is "In", and the values array contains only "value". The requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + volumeMounts: + description: |- + VolumeMounts allows configuration of additional VolumeMounts on the output Deployment/StatefulSet definition. + VolumeMounts specified will be appended to other VolumeMounts in the Application container + items: + description: VolumeMount describes a mounting of a Volume within + a container. + properties: + mountPath: + description: |- + Path within the container at which the volume should be mounted. Must + not contain ':'. + type: string + mountPropagation: + description: |- + mountPropagation determines how mounts are propagated from the host + to container and the other way around. + When not set, MountPropagationNone is used. + This field is beta in 1.10. + When RecursiveReadOnly is set to IfPossible or to Enabled, MountPropagation must be None or unspecified + (which defaults to None). + type: string + name: + description: This must match the Name of a Volume. + type: string + readOnly: + description: |- + Mounted read-only if true, read-write otherwise (false or unspecified). + Defaults to false. + type: boolean + recursiveReadOnly: + description: |- + RecursiveReadOnly specifies whether read-only mounts should be handled + recursively. + + If ReadOnly is false, this field has no meaning and must be unspecified. + + If ReadOnly is true, and this field is set to Disabled, the mount is not made + recursively read-only. If this field is set to IfPossible, the mount is made + recursively read-only, if it is supported by the container runtime. If this + field is set to Enabled, the mount is made recursively read-only if it is + supported by the container runtime, otherwise the pod will not be started and + an error will be generated to indicate the reason. + + If this field is set to IfPossible or Enabled, MountPropagation must be set to + None (or be unspecified, which defaults to None). + + If this field is not specified, it is treated as an equivalent of Disabled. + type: string + subPath: + description: |- + Path within the volume from which the container's volume should be mounted. + Defaults to "" (volume's root). + type: string + subPathExpr: + description: |- + Expanded path within the volume from which the container's volume should be mounted. + Behaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment. + Defaults to "" (volume's root). + SubPathExpr and SubPath are mutually exclusive. + type: string + required: + - mountPath + - name + type: object + type: array + volumes: + description: |- + Volumes allows configuration of additional volumes on the output Deployment/StatefulSet definition. + Volumes specified will be appended to other volumes that are generated. + / +optional + items: + description: Volume represents a named volume in a pod that may + be accessed by any container in the pod. + required: + - name + type: object + x-kubernetes-preserve-unknown-fields: true + type: array + type: object + x-kubernetes-preserve-unknown-fields: true + status: + description: VMAuthStatus defines the observed state of VMAuth + properties: + conditions: + description: 'Known .status.conditions.type are: "Available", "Progressing", + and "Degraded"' + items: + description: Condition defines status condition of the resource + properties: + lastTransitionTime: + description: lastTransitionTime is the last time the condition + transitioned from one status to another. + format: date-time + type: string + lastUpdateTime: + description: |- + LastUpdateTime is the last time of given type update. + This value is used for status TTL update and removal + format: date-time + type: string + message: + description: |- + message is a human readable message indicating details about the transition. + This may be an empty string. + maxLength: 32768 + type: string + observedGeneration: + description: |- + observedGeneration represents the .metadata.generation that the condition was set based upon. + For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date + with respect to the current state of the instance. + format: int64 + minimum: 0 + type: integer + reason: + description: |- + reason contains a programmatic identifier indicating the reason for the condition's last transition. + Producers of specific condition types may define expected values and meanings for this field, + and whether the values are considered a guaranteed API. + The value should be a CamelCase string. + This field may not be empty. + maxLength: 1024 + minLength: 1 + type: string + status: + description: status of the condition, one of True, False, Unknown. + enum: + - "True" + - "False" + - Unknown + type: string + type: + description: Type of condition in CamelCase or in name.namespace.resource.victoriametrics.com/CamelCase. + maxLength: 316 + type: string + required: + - lastTransitionTime + - lastUpdateTime + - reason + - status + - type + type: object + type: array + x-kubernetes-list-map-keys: + - type + x-kubernetes-list-type: map + observedGeneration: + description: |- + ObservedGeneration defines current generation picked by operator for the + reconcile + format: int64 + type: integer + reason: + description: Reason defines human readable error reason + type: string + updateStatus: + description: UpdateStatus defines a status for update rollout + type: string + type: object + type: object + served: true + storage: true + subresources: + status: {} +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.18.0 + name: vmclusters.operator.victoriametrics.com +spec: + group: operator.victoriametrics.com + names: + kind: VMCluster + listKind: VMClusterList + plural: vmclusters + singular: vmcluster + scope: Namespaced + versions: + - additionalPrinterColumns: + - description: replicas of VMInsert + jsonPath: .spec.vminsert.replicaCount + name: Insert Count + type: string + - description: replicas of VMStorage + jsonPath: .spec.vmstorage.replicaCount + name: Storage Count + type: string + - description: replicas of VMSelect + jsonPath: .spec.vmselect.replicaCount + name: Select Count + type: string + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + - description: Current status of cluster + jsonPath: .status.updateStatus + name: Status + type: string + name: v1beta1 + schema: + openAPIV3Schema: + description: |- + VMCluster is fast, cost-effective and scalable time-series database. + Cluster version with + properties: + apiVersion: + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + type: string + kind: + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + type: string + metadata: + type: object + spec: + description: VMClusterSpec defines the desired state of VMCluster + properties: + clusterDomainName: + description: |- + ClusterDomainName defines domain name suffix for in-cluster dns addresses + aka .cluster.local + used by vminsert and vmselect to build vmstorage address + type: string + clusterVersion: + description: |- + ClusterVersion defines default images tag for all components. + it can be overwritten with component specific image.tag value. + type: string + imagePullSecrets: + description: |- + ImagePullSecrets An optional list of references to secrets in the same namespace + to use for pulling images from registries + see https://kubernetes.io/docs/concepts/containers/images/#referring-to-an-imagepullsecrets-on-a-pod + items: + description: |- + LocalObjectReference contains enough information to let you locate the + referenced object inside the same namespace. + properties: + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + type: object + x-kubernetes-map-type: atomic + type: array + license: + description: |- + License allows to configure license key to be used for enterprise features. + Using license key is supported starting from VictoriaMetrics v1.94.0. + See [here](https://docs.victoriametrics.com/victoriametrics/enterprise/) + properties: + forceOffline: + description: Enforce offline verification of the license key. + type: boolean + key: + description: |- + Enterprise license key. This flag is available only in [VictoriaMetrics enterprise](https://docs.victoriametrics.com/victoriametrics/enterprise/). + To request a trial license, [go to](https://victoriametrics.com/products/enterprise/trial) + type: string + keyRef: + description: KeyRef is reference to secret with license key for + enterprise features. + properties: + key: + description: The key of the secret to select from. Must be + a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must be + defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + reloadInterval: + description: Interval to be used for checking for license key + changes. Note that this is only applicable when using KeyRef. + type: string + type: object + managedMetadata: + description: |- + ManagedMetadata defines metadata that will be added to the all objects + created by operator for the given CustomResource + properties: + annotations: + additionalProperties: + type: string + description: |- + Annotations is an unstructured key value map stored with a resource that may be + set by external tools to store and retrieve arbitrary metadata. They are not + queryable and should be preserved when modifying objects. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations + type: object + labels: + additionalProperties: + type: string + description: |- + Labels Map of string keys and values that can be used to organize and categorize + (scope and select) objects. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels + type: object + type: object + paused: + description: |- + Paused If set to true all actions on the underlying managed objects are not + going to be performed, except for delete actions. + type: boolean + replicationFactor: + description: |- + ReplicationFactor defines how many copies of data make among + distinct storage nodes + format: int32 + type: integer + requestsLoadBalancer: + description: |- + RequestsLoadBalancer configures load-balancing for vminsert and vmselect requests. + It helps to evenly spread load across pods. + Usually it's not possible with Kubernetes TCP-based services. + See more [here](https://docs.victoriametrics.com/operator/resources/vmcluster/#requests-load-balancing) + properties: + disableInsertBalancing: + type: boolean + disableSelectBalancing: + type: boolean + enabled: + type: boolean + spec: + description: |- + VMAuthLoadBalancerSpec defines configuration spec for VMAuth used as load-balancer + for VMCluster component + type: object + x-kubernetes-preserve-unknown-fields: true + type: object + retentionPeriod: + description: |- + RetentionPeriod defines how long to retain stored metrics, specified as a duration (e.g., "1d", "1w", "1m"). + Data with timestamps outside the RetentionPeriod is automatically deleted. The minimum allowed value is 1d, or 24h. + The default value is 1 (one month). + See [retention](https://docs.victoriametrics.com/victoriametrics/single-server-victoriametrics/#retention) docs for details. + pattern: ^[0-9]+(h|d|w|y)?$ + type: string + serviceAccountName: + description: |- + ServiceAccountName is the name of the ServiceAccount to use to run the + VMSelect, VMStorage and VMInsert Pods. + type: string + useStrictSecurity: + description: |- + UseStrictSecurity enables strict security mode for component + it restricts disk writes access + uses non-root user out of the box + drops not needed security permissions + type: boolean + vminsert: + properties: + affinity: + description: Affinity If specified, the pod's scheduling constraints. + type: object + x-kubernetes-preserve-unknown-fields: true + clusterNativeListenPort: + description: |- + ClusterNativePort for multi-level cluster setup. + More [details](https://docs.victoriametrics.com/victoriametrics/cluster-victoriametrics/#multi-level-cluster-setup) + type: string + configMaps: + description: |- + ConfigMaps is a list of ConfigMaps in the same namespace as the Application + object, which shall be mounted into the Application container + at /etc/vm/configs/CONFIGMAP_NAME folder + items: + type: string + type: array + containers: + description: |- + Containers property allows to inject additions sidecars or to patch existing containers. + It can be useful for proxies, backup, etc. + items: + description: A single application container that you want to + run within a pod. + required: + - name + type: object + x-kubernetes-preserve-unknown-fields: true + type: array + disableAutomountServiceAccountToken: + description: |- + DisableAutomountServiceAccountToken whether to disable serviceAccount auto mount by Kubernetes (available from v0.54.0). + Operator will conditionally create volumes and volumeMounts for containers if it requires k8s API access. + For example, vmagent and vm-config-reloader requires k8s API access. + Operator creates volumes with name: "kube-api-access", which can be used as volumeMount for extraContainers if needed. + And also adds VolumeMounts at /var/run/secrets/kubernetes.io/serviceaccount. + type: boolean + disableSelfServiceScrape: + description: |- + DisableSelfServiceScrape controls creation of VMServiceScrape by operator + for the application. + Has priority over `VM_DISABLESELFSERVICESCRAPECREATION` operator env variable + type: boolean + dnsConfig: + description: |- + Specifies the DNS parameters of a pod. + Parameters specified here will be merged to the generated DNS + configuration based on DNSPolicy. + items: + x-kubernetes-preserve-unknown-fields: true + properties: + nameservers: + description: |- + A list of DNS name server IP addresses. + This will be appended to the base nameservers generated from DNSPolicy. + Duplicated nameservers will be removed. + items: + type: string + type: array + x-kubernetes-list-type: atomic + options: + description: |- + A list of DNS resolver options. + This will be merged with the base options generated from DNSPolicy. + Duplicated entries will be removed. Resolution options given in Options + will override those that appear in the base DNSPolicy. + items: + description: PodDNSConfigOption defines DNS resolver options + of a pod. + properties: + name: + description: |- + Name is this DNS resolver option's name. + Required. + type: string + value: + description: Value is this DNS resolver option's value. + type: string + type: object + type: array + x-kubernetes-list-type: atomic + searches: + description: |- + A list of DNS search domains for host-name lookup. + This will be appended to the base search paths generated from DNSPolicy. + Duplicated search paths will be removed. + items: + type: string + type: array + x-kubernetes-list-type: atomic + type: object + dnsPolicy: + description: DNSPolicy sets DNS policy for the pod + type: string + extraArgs: + additionalProperties: + type: string + description: |- + ExtraArgs that will be passed to the application container + for example remoteWrite.tmpDataPath: /tmp + type: object + extraEnvs: + description: ExtraEnvs that will be passed to the application + container + items: + description: EnvVar represents an environment variable present + in a Container. + properties: + name: + description: Name of the environment variable. Must be a + C_IDENTIFIER. + type: string + value: + description: |- + Variable references $(VAR_NAME) are expanded + using the previously defined environment variables in the container and + any service environment variables. If a variable cannot be resolved, + the reference in the input string will be unchanged. Double $$ are reduced + to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. + "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". + Escaped references will never be expanded, regardless of whether the variable + exists or not. + Defaults to "". + type: string + required: + - name + type: object + x-kubernetes-preserve-unknown-fields: true + type: array + extraEnvsFrom: + description: |- + ExtraEnvsFrom defines source of env variables for the application container + could either be secret or configmap + items: + description: EnvFromSource represents the source of a set of + ConfigMaps + properties: + configMapRef: + description: The ConfigMap to select from + properties: + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the ConfigMap must be defined + type: boolean + type: object + x-kubernetes-map-type: atomic + prefix: + description: An optional identifier to prepend to each key + in the ConfigMap. Must be a C_IDENTIFIER. + type: string + secretRef: + description: The Secret to select from + properties: + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret must be defined + type: boolean + type: object + x-kubernetes-map-type: atomic + type: object + type: array + host_aliases: + description: |- + HostAliasesUnderScore provides mapping for ip and hostname, + that would be propagated to pod, + cannot be used with HostNetwork. + Has Priority over hostAliases field + items: + description: |- + HostAlias holds the mapping between IP and hostnames that will be injected as an entry in the + pod's hosts file. + properties: + hostnames: + description: Hostnames for the above IP address. + items: + type: string + type: array + x-kubernetes-list-type: atomic + ip: + description: IP address of the host file entry. + type: string + required: + - ip + type: object + type: array + hostAliases: + description: |- + HostAliases provides mapping for ip and hostname, + that would be propagated to pod, + cannot be used with HostNetwork. + items: + description: |- + HostAlias holds the mapping between IP and hostnames that will be injected as an entry in the + pod's hosts file. + properties: + hostnames: + description: Hostnames for the above IP address. + items: + type: string + type: array + x-kubernetes-list-type: atomic + ip: + description: IP address of the host file entry. + type: string + required: + - ip + type: object + type: array + hostNetwork: + description: HostNetwork controls whether the pod may use the + node network namespace + type: boolean + hpa: + description: HPA defines kubernetes PodAutoScaling configuration + version 2. + type: object + x-kubernetes-preserve-unknown-fields: true + image: + description: |- + Image - docker image settings + if no specified operator uses default version from operator config + properties: + pullPolicy: + description: PullPolicy describes how to pull docker image + type: string + repository: + description: Repository contains name of docker image + it's + repository if needed + type: string + tag: + description: Tag contains desired docker image version + type: string + type: object + imagePullSecrets: + description: |- + ImagePullSecrets An optional list of references to secrets in the same namespace + to use for pulling images from registries + see https://kubernetes.io/docs/concepts/containers/images/#referring-to-an-imagepullsecrets-on-a-pod + items: + description: |- + LocalObjectReference contains enough information to let you locate the + referenced object inside the same namespace. + properties: + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + type: object + x-kubernetes-map-type: atomic + type: array + initContainers: + description: |- + InitContainers allows adding initContainers to the pod definition. + Any errors during the execution of an initContainer will lead to a restart of the Pod. + More info: https://kubernetes.io/docs/concepts/workloads/pods/init-containers/ + items: + description: A single application container that you want to + run within a pod. + required: + - name + type: object + x-kubernetes-preserve-unknown-fields: true + type: array + insertPorts: + description: InsertPorts - additional listen ports for data ingestion. + properties: + graphitePort: + description: GraphitePort listen port + type: string + influxPort: + description: InfluxPort listen port + type: string + openTSDBHTTPPort: + description: OpenTSDBHTTPPort for http connections. + type: string + openTSDBPort: + description: OpenTSDBPort for tcp and udp listen + type: string + type: object + livenessProbe: + description: LivenessProbe that will be added CRD pod + type: object + x-kubernetes-preserve-unknown-fields: true + logFormat: + description: |- + LogFormat for VMInsert to be configured with. + default or json + enum: + - default + - json + type: string + logLevel: + description: LogLevel for VMInsert to be configured with. + enum: + - INFO + - WARN + - ERROR + - FATAL + - PANIC + type: string + minReadySeconds: + description: |- + MinReadySeconds defines a minimum number of seconds to wait before starting update next pod + if previous in healthy state + Has no effect for VLogs and VMSingle + format: int32 + type: integer + nodeSelector: + additionalProperties: + type: string + description: NodeSelector Define which Nodes the Pods are scheduled + on. + type: object + paused: + description: |- + Paused If set to true all actions on the underlying managed objects are not + going to be performed, except for delete actions. + type: boolean + podDisruptionBudget: + description: PodDisruptionBudget created by operator + properties: + maxUnavailable: + anyOf: + - type: integer + - type: string + description: |- + An eviction is allowed if at most "maxUnavailable" pods selected by + "selector" are unavailable after the eviction, i.e. even in absence of + the evicted pod. For example, one can prevent all voluntary evictions + by specifying 0. This is a mutually exclusive setting with "minAvailable". + x-kubernetes-int-or-string: true + minAvailable: + anyOf: + - type: integer + - type: string + description: |- + An eviction is allowed if at least "minAvailable" pods selected by + "selector" will still be available after the eviction, i.e. even in the + absence of the evicted pod. So for example you can prevent all voluntary + evictions by specifying "100%". + x-kubernetes-int-or-string: true + selectorLabels: + additionalProperties: + type: string + description: |- + replaces default labels selector generated by operator + it's useful when you need to create custom budget + type: object + type: object + podMetadata: + description: PodMetadata configures Labels and Annotations which + are propagated to the VMInsert pods. + properties: + annotations: + additionalProperties: + type: string + description: |- + Annotations is an unstructured key value map stored with a resource that may be + set by external tools to store and retrieve arbitrary metadata. They are not + queryable and should be preserved when modifying objects. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations + type: object + labels: + additionalProperties: + type: string + description: |- + Labels Map of string keys and values that can be used to organize and categorize + (scope and select) objects. May match selectors of replication controllers + and services. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels + type: object + name: + description: |- + Name must be unique within a namespace. Is required when creating resources, although + some resources may allow a client to request the generation of an appropriate name + automatically. Name is primarily intended for creation idempotence and configuration + definition. + Cannot be updated. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names#names + type: string + type: object + port: + description: Port listen address + type: string + priorityClassName: + description: PriorityClassName class assigned to the Pods + type: string + readinessGates: + description: ReadinessGates defines pod readiness gates + items: + description: PodReadinessGate contains the reference to a pod + condition + properties: + conditionType: + description: ConditionType refers to a condition in the + pod's condition list with matching type. + type: string + required: + - conditionType + type: object + type: array + readinessProbe: + description: ReadinessProbe that will be added CRD pod + type: object + x-kubernetes-preserve-unknown-fields: true + replicaCount: + description: ReplicaCount is the expected size of the Application. + format: int32 + type: integer + resources: + description: |- + Resources container resource request and limits, https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + if not defined default resources from operator config will be used + properties: + claims: + description: |- + Claims lists the names of resources, defined in spec.resourceClaims, + that are used by this container. + + This is an alpha field and requires enabling the + DynamicResourceAllocation feature gate. + + This field is immutable. It can only be set for containers. + items: + description: ResourceClaim references one entry in PodSpec.ResourceClaims. + properties: + name: + description: |- + Name must match the name of one entry in pod.spec.resourceClaims of + the Pod where this field is used. It makes that resource available + inside a container. + type: string + request: + description: |- + Request is the name chosen for a request in the referenced claim. + If empty, everything from the claim is made available, otherwise + only the result of this request. + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: |- + Limits describes the maximum amount of compute resources allowed. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: |- + Requests describes the minimum amount of compute resources required. + If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, + otherwise to an implementation-defined value. Requests cannot exceed Limits. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + type: object + type: object + revisionHistoryLimitCount: + description: |- + The number of old ReplicaSets to retain to allow rollback in deployment or + maximum number of revisions that will be maintained in the Deployment revision history. + Has no effect at StatefulSets + Defaults to 10. + format: int32 + type: integer + rollingUpdate: + description: RollingUpdate - overrides deployment update params. + properties: + maxSurge: + anyOf: + - type: integer + - type: string + description: |- + The maximum number of pods that can be scheduled above the desired number of + pods. + Value can be an absolute number (ex: 5) or a percentage of desired pods (ex: 10%). + This can not be 0 if MaxUnavailable is 0. + Absolute number is calculated from percentage by rounding up. + Defaults to 25%. + Example: when this is set to 30%, the new ReplicaSet can be scaled up immediately when + the rolling update starts, such that the total number of old and new pods do not exceed + 130% of desired pods. Once old pods have been killed, + new ReplicaSet can be scaled up further, ensuring that total number of pods running + at any time during the update is at most 130% of desired pods. + x-kubernetes-int-or-string: true + maxUnavailable: + anyOf: + - type: integer + - type: string + description: |- + The maximum number of pods that can be unavailable during the update. + Value can be an absolute number (ex: 5) or a percentage of desired pods (ex: 10%). + Absolute number is calculated from percentage by rounding down. + This can not be 0 if MaxSurge is 0. + Defaults to 25%. + Example: when this is set to 30%, the old ReplicaSet can be scaled down to 70% of desired pods + immediately when the rolling update starts. Once new pods are ready, old ReplicaSet + can be scaled down further, followed by scaling up the new ReplicaSet, ensuring + that the total number of pods available at all times during the update is at + least 70% of desired pods. + x-kubernetes-int-or-string: true + type: object + runtimeClassName: + description: |- + RuntimeClassName - defines runtime class for kubernetes pod. + https://kubernetes.io/docs/concepts/containers/runtime-class/ + type: string + schedulerName: + description: SchedulerName - defines kubernetes scheduler name + type: string + secrets: + description: |- + Secrets is a list of Secrets in the same namespace as the Application + object, which shall be mounted into the Application container + at /etc/vm/secrets/SECRET_NAME folder + items: + type: string + type: array + securityContext: + description: |- + SecurityContext holds pod-level security attributes and common container settings. + This defaults to the default PodSecurityContext. + type: object + x-kubernetes-preserve-unknown-fields: true + serviceScrapeSpec: + description: ServiceScrapeSpec that will be added to vminsert + VMServiceScrape spec + required: + - endpoints + type: object + x-kubernetes-preserve-unknown-fields: true + serviceSpec: + description: ServiceSpec that will be added to vminsert service + spec + properties: + metadata: + description: EmbeddedObjectMetadata defines objectMeta for + additional service. + properties: + annotations: + additionalProperties: + type: string + description: |- + Annotations is an unstructured key value map stored with a resource that may be + set by external tools to store and retrieve arbitrary metadata. They are not + queryable and should be preserved when modifying objects. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations + type: object + labels: + additionalProperties: + type: string + description: |- + Labels Map of string keys and values that can be used to organize and categorize + (scope and select) objects. May match selectors of replication controllers + and services. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels + type: object + name: + description: |- + Name must be unique within a namespace. Is required when creating resources, although + some resources may allow a client to request the generation of an appropriate name + automatically. Name is primarily intended for creation idempotence and configuration + definition. + Cannot be updated. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names#names + type: string + type: object + spec: + description: |- + ServiceSpec describes the attributes that a user creates on a service. + More info: https://kubernetes.io/docs/concepts/services-networking/service/ + type: object + x-kubernetes-preserve-unknown-fields: true + useAsDefault: + description: |- + UseAsDefault applies changes from given service definition to the main object Service + Changing from headless service to clusterIP or loadbalancer may break cross-component communication + type: boolean + required: + - spec + type: object + startupProbe: + description: StartupProbe that will be added to CRD pod + type: object + x-kubernetes-preserve-unknown-fields: true + terminationGracePeriodSeconds: + description: TerminationGracePeriodSeconds period for container + graceful termination + format: int64 + type: integer + tolerations: + description: Tolerations If specified, the pod's tolerations. + items: + description: |- + The pod this Toleration is attached to tolerates any taint that matches + the triple using the matching operator . + properties: + effect: + description: |- + Effect indicates the taint effect to match. Empty means match all taint effects. + When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute. + type: string + key: + description: |- + Key is the taint key that the toleration applies to. Empty means match all taint keys. + If the key is empty, operator must be Exists; this combination means to match all values and all keys. + type: string + operator: + description: |- + Operator represents a key's relationship to the value. + Valid operators are Exists and Equal. Defaults to Equal. + Exists is equivalent to wildcard for value, so that a pod can + tolerate all taints of a particular category. + type: string + tolerationSeconds: + description: |- + TolerationSeconds represents the period of time the toleration (which must be + of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, + it is not set, which means tolerate the taint forever (do not evict). Zero and + negative values will be treated as 0 (evict immediately) by the system. + format: int64 + type: integer + value: + description: |- + Value is the taint value the toleration matches to. + If the operator is Exists, the value should be empty, otherwise just a regular string. + type: string + type: object + type: array + topologySpreadConstraints: + description: |- + TopologySpreadConstraints embedded kubernetes pod configuration option, + controls how pods are spread across your cluster among failure-domains + such as regions, zones, nodes, and other user-defined topology domains + https://kubernetes.io/docs/concepts/workloads/pods/pod-topology-spread-constraints/ + items: + description: TopologySpreadConstraint specifies how to spread + matching pods among the given topology. + required: + - maxSkew + - topologyKey + - whenUnsatisfiable + type: object + x-kubernetes-preserve-unknown-fields: true + type: array + updateStrategy: + description: UpdateStrategy - overrides default update strategy. + enum: + - Recreate + - RollingUpdate + type: string + useDefaultResources: + description: |- + UseDefaultResources controls resource settings + By default, operator sets built-in resource requirements + type: boolean + useStrictSecurity: + description: |- + UseStrictSecurity enables strict security mode for component + it restricts disk writes access + uses non-root user out of the box + drops not needed security permissions + type: boolean + volumeMounts: + description: |- + VolumeMounts allows configuration of additional VolumeMounts on the output Deployment/StatefulSet definition. + VolumeMounts specified will be appended to other VolumeMounts in the Application container + items: + description: VolumeMount describes a mounting of a Volume within + a container. + properties: + mountPath: + description: |- + Path within the container at which the volume should be mounted. Must + not contain ':'. + type: string + mountPropagation: + description: |- + mountPropagation determines how mounts are propagated from the host + to container and the other way around. + When not set, MountPropagationNone is used. + This field is beta in 1.10. + When RecursiveReadOnly is set to IfPossible or to Enabled, MountPropagation must be None or unspecified + (which defaults to None). + type: string + name: + description: This must match the Name of a Volume. + type: string + readOnly: + description: |- + Mounted read-only if true, read-write otherwise (false or unspecified). + Defaults to false. + type: boolean + recursiveReadOnly: + description: |- + RecursiveReadOnly specifies whether read-only mounts should be handled + recursively. + + If ReadOnly is false, this field has no meaning and must be unspecified. + + If ReadOnly is true, and this field is set to Disabled, the mount is not made + recursively read-only. If this field is set to IfPossible, the mount is made + recursively read-only, if it is supported by the container runtime. If this + field is set to Enabled, the mount is made recursively read-only if it is + supported by the container runtime, otherwise the pod will not be started and + an error will be generated to indicate the reason. + + If this field is set to IfPossible or Enabled, MountPropagation must be set to + None (or be unspecified, which defaults to None). + + If this field is not specified, it is treated as an equivalent of Disabled. + type: string + subPath: + description: |- + Path within the volume from which the container's volume should be mounted. + Defaults to "" (volume's root). + type: string + subPathExpr: + description: |- + Expanded path within the volume from which the container's volume should be mounted. + Behaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment. + Defaults to "" (volume's root). + SubPathExpr and SubPath are mutually exclusive. + type: string + required: + - mountPath + - name + type: object + type: array + volumes: + description: |- + Volumes allows configuration of additional volumes on the output Deployment/StatefulSet definition. + Volumes specified will be appended to other volumes that are generated. + / +optional + items: + description: Volume represents a named volume in a pod that + may be accessed by any container in the pod. + required: + - name + type: object + x-kubernetes-preserve-unknown-fields: true + type: array + type: object + vmselect: + description: VMSelect defines configuration section for vmselect components + of the victoria-metrics cluster + properties: + affinity: + description: Affinity If specified, the pod's scheduling constraints. + type: object + x-kubernetes-preserve-unknown-fields: true + cacheMountPath: + description: |- + CacheMountPath allows to add cache persistent for VMSelect, + will use "/cache" as default if not specified. + type: string + claimTemplates: + description: ClaimTemplates allows adding additional VolumeClaimTemplates + for StatefulSet + items: + description: PersistentVolumeClaim is a user's request for and + claim to a persistent volume + type: object + type: array + clusterNativeListenPort: + description: |- + ClusterNativePort for multi-level cluster setup. + More [details](https://docs.victoriametrics.com/victoriametrics/cluster-victoriametrics/#multi-level-cluster-setup) + type: string + configMaps: + description: |- + ConfigMaps is a list of ConfigMaps in the same namespace as the Application + object, which shall be mounted into the Application container + at /etc/vm/configs/CONFIGMAP_NAME folder + items: + type: string + type: array + containers: + description: |- + Containers property allows to inject additions sidecars or to patch existing containers. + It can be useful for proxies, backup, etc. + items: + description: A single application container that you want to + run within a pod. + required: + - name + type: object + x-kubernetes-preserve-unknown-fields: true + type: array + disableAutomountServiceAccountToken: + description: |- + DisableAutomountServiceAccountToken whether to disable serviceAccount auto mount by Kubernetes (available from v0.54.0). + Operator will conditionally create volumes and volumeMounts for containers if it requires k8s API access. + For example, vmagent and vm-config-reloader requires k8s API access. + Operator creates volumes with name: "kube-api-access", which can be used as volumeMount for extraContainers if needed. + And also adds VolumeMounts at /var/run/secrets/kubernetes.io/serviceaccount. + type: boolean + disableSelfServiceScrape: + description: |- + DisableSelfServiceScrape controls creation of VMServiceScrape by operator + for the application. + Has priority over `VM_DISABLESELFSERVICESCRAPECREATION` operator env variable + type: boolean + dnsConfig: + description: |- + Specifies the DNS parameters of a pod. + Parameters specified here will be merged to the generated DNS + configuration based on DNSPolicy. + items: + x-kubernetes-preserve-unknown-fields: true + properties: + nameservers: + description: |- + A list of DNS name server IP addresses. + This will be appended to the base nameservers generated from DNSPolicy. + Duplicated nameservers will be removed. + items: + type: string + type: array + x-kubernetes-list-type: atomic + options: + description: |- + A list of DNS resolver options. + This will be merged with the base options generated from DNSPolicy. + Duplicated entries will be removed. Resolution options given in Options + will override those that appear in the base DNSPolicy. + items: + description: PodDNSConfigOption defines DNS resolver options + of a pod. + properties: + name: + description: |- + Name is this DNS resolver option's name. + Required. + type: string + value: + description: Value is this DNS resolver option's value. + type: string + type: object + type: array + x-kubernetes-list-type: atomic + searches: + description: |- + A list of DNS search domains for host-name lookup. + This will be appended to the base search paths generated from DNSPolicy. + Duplicated search paths will be removed. + items: + type: string + type: array + x-kubernetes-list-type: atomic + type: object + dnsPolicy: + description: DNSPolicy sets DNS policy for the pod + type: string + extraArgs: + additionalProperties: + type: string + description: |- + ExtraArgs that will be passed to the application container + for example remoteWrite.tmpDataPath: /tmp + type: object + extraEnvs: + description: ExtraEnvs that will be passed to the application + container + items: + description: EnvVar represents an environment variable present + in a Container. + properties: + name: + description: Name of the environment variable. Must be a + C_IDENTIFIER. + type: string + value: + description: |- + Variable references $(VAR_NAME) are expanded + using the previously defined environment variables in the container and + any service environment variables. If a variable cannot be resolved, + the reference in the input string will be unchanged. Double $$ are reduced + to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. + "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". + Escaped references will never be expanded, regardless of whether the variable + exists or not. + Defaults to "". + type: string + required: + - name + type: object + x-kubernetes-preserve-unknown-fields: true + type: array + extraEnvsFrom: + description: |- + ExtraEnvsFrom defines source of env variables for the application container + could either be secret or configmap + items: + description: EnvFromSource represents the source of a set of + ConfigMaps + properties: + configMapRef: + description: The ConfigMap to select from + properties: + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the ConfigMap must be defined + type: boolean + type: object + x-kubernetes-map-type: atomic + prefix: + description: An optional identifier to prepend to each key + in the ConfigMap. Must be a C_IDENTIFIER. + type: string + secretRef: + description: The Secret to select from + properties: + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret must be defined + type: boolean + type: object + x-kubernetes-map-type: atomic + type: object + type: array + host_aliases: + description: |- + HostAliasesUnderScore provides mapping for ip and hostname, + that would be propagated to pod, + cannot be used with HostNetwork. + Has Priority over hostAliases field + items: + description: |- + HostAlias holds the mapping between IP and hostnames that will be injected as an entry in the + pod's hosts file. + properties: + hostnames: + description: Hostnames for the above IP address. + items: + type: string + type: array + x-kubernetes-list-type: atomic + ip: + description: IP address of the host file entry. + type: string + required: + - ip + type: object + type: array + hostAliases: + description: |- + HostAliases provides mapping for ip and hostname, + that would be propagated to pod, + cannot be used with HostNetwork. + items: + description: |- + HostAlias holds the mapping between IP and hostnames that will be injected as an entry in the + pod's hosts file. + properties: + hostnames: + description: Hostnames for the above IP address. + items: + type: string + type: array + x-kubernetes-list-type: atomic + ip: + description: IP address of the host file entry. + type: string + required: + - ip + type: object + type: array + hostNetwork: + description: HostNetwork controls whether the pod may use the + node network namespace + type: boolean + hpa: + description: |- + Configures horizontal pod autoscaling. + Note, enabling this option disables vmselect to vmselect communication. In most cases it's not an issue. + type: object + x-kubernetes-preserve-unknown-fields: true + image: + description: |- + Image - docker image settings + if no specified operator uses default version from operator config + properties: + pullPolicy: + description: PullPolicy describes how to pull docker image + type: string + repository: + description: Repository contains name of docker image + it's + repository if needed + type: string + tag: + description: Tag contains desired docker image version + type: string + type: object + imagePullSecrets: + description: |- + ImagePullSecrets An optional list of references to secrets in the same namespace + to use for pulling images from registries + see https://kubernetes.io/docs/concepts/containers/images/#referring-to-an-imagepullsecrets-on-a-pod + items: + description: |- + LocalObjectReference contains enough information to let you locate the + referenced object inside the same namespace. + properties: + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + type: object + x-kubernetes-map-type: atomic + type: array + initContainers: + description: |- + InitContainers allows adding initContainers to the pod definition. + Any errors during the execution of an initContainer will lead to a restart of the Pod. + More info: https://kubernetes.io/docs/concepts/workloads/pods/init-containers/ + items: + description: A single application container that you want to + run within a pod. + required: + - name + type: object + x-kubernetes-preserve-unknown-fields: true + type: array + livenessProbe: + description: LivenessProbe that will be added CRD pod + type: object + x-kubernetes-preserve-unknown-fields: true + logFormat: + description: |- + LogFormat for VMSelect to be configured with. + default or json + enum: + - default + - json + type: string + logLevel: + description: LogLevel for VMSelect to be configured with. + enum: + - INFO + - WARN + - ERROR + - FATAL + - PANIC + type: string + minReadySeconds: + description: |- + MinReadySeconds defines a minimum number of seconds to wait before starting update next pod + if previous in healthy state + Has no effect for VLogs and VMSingle + format: int32 + type: integer + nodeSelector: + additionalProperties: + type: string + description: NodeSelector Define which Nodes the Pods are scheduled + on. + type: object + paused: + description: |- + Paused If set to true all actions on the underlying managed objects are not + going to be performed, except for delete actions. + type: boolean + persistentVolume: + description: |- + Storage - add persistent volume for cacheMountPath + its useful for persistent cache + use storage instead of persistentVolume. + properties: + disableMountSubPath: + description: |- + Deprecated: subPath usage will be disabled by default in a future release, this option will become unnecessary. + DisableMountSubPath allows to remove any subPath usage in volume mounts. + type: boolean + emptyDir: + description: |- + EmptyDirVolumeSource to be used by the Prometheus StatefulSets. If specified, used in place of any volumeClaimTemplate. More + info: https://kubernetes.io/docs/concepts/storage/volumes/#emptydir + properties: + medium: + description: |- + medium represents what type of storage medium should back this directory. + The default is "" which means to use the node's default medium. + Must be an empty string (default) or Memory. + More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir + type: string + sizeLimit: + anyOf: + - type: integer + - type: string + description: |- + sizeLimit is the total amount of local storage required for this EmptyDir volume. + The size limit is also applicable for memory medium. + The maximum usage on memory medium EmptyDir would be the minimum value between + the SizeLimit specified here and the sum of memory limits of all containers in a pod. + The default is nil which means that the limit is undefined. + More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + volumeClaimTemplate: + description: A PVC spec to be used by the StatefulSets/Deployments. + type: object + x-kubernetes-preserve-unknown-fields: true + type: object + persistentVolumeClaimRetentionPolicy: + description: PersistentVolumeClaimRetentionPolicy allows configuration + of PVC retention policy + properties: + whenDeleted: + description: |- + WhenDeleted specifies what happens to PVCs created from StatefulSet + VolumeClaimTemplates when the StatefulSet is deleted. The default policy + of `Retain` causes PVCs to not be affected by StatefulSet deletion. The + `Delete` policy causes those PVCs to be deleted. + type: string + whenScaled: + description: |- + WhenScaled specifies what happens to PVCs created from StatefulSet + VolumeClaimTemplates when the StatefulSet is scaled down. The default + policy of `Retain` causes PVCs to not be affected by a scaledown. The + `Delete` policy causes the associated PVCs for any excess pods above + the replica count to be deleted. + type: string + type: object + podDisruptionBudget: + description: PodDisruptionBudget created by operator + properties: + maxUnavailable: + anyOf: + - type: integer + - type: string + description: |- + An eviction is allowed if at most "maxUnavailable" pods selected by + "selector" are unavailable after the eviction, i.e. even in absence of + the evicted pod. For example, one can prevent all voluntary evictions + by specifying 0. This is a mutually exclusive setting with "minAvailable". + x-kubernetes-int-or-string: true + minAvailable: + anyOf: + - type: integer + - type: string + description: |- + An eviction is allowed if at least "minAvailable" pods selected by + "selector" will still be available after the eviction, i.e. even in the + absence of the evicted pod. So for example you can prevent all voluntary + evictions by specifying "100%". + x-kubernetes-int-or-string: true + selectorLabels: + additionalProperties: + type: string + description: |- + replaces default labels selector generated by operator + it's useful when you need to create custom budget + type: object + type: object + podMetadata: + description: PodMetadata configures Labels and Annotations which + are propagated to the VMSelect pods. + properties: + annotations: + additionalProperties: + type: string + description: |- + Annotations is an unstructured key value map stored with a resource that may be + set by external tools to store and retrieve arbitrary metadata. They are not + queryable and should be preserved when modifying objects. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations + type: object + labels: + additionalProperties: + type: string + description: |- + Labels Map of string keys and values that can be used to organize and categorize + (scope and select) objects. May match selectors of replication controllers + and services. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels + type: object + name: + description: |- + Name must be unique within a namespace. Is required when creating resources, although + some resources may allow a client to request the generation of an appropriate name + automatically. Name is primarily intended for creation idempotence and configuration + definition. + Cannot be updated. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names#names + type: string + type: object + port: + description: Port listen address + type: string + priorityClassName: + description: PriorityClassName class assigned to the Pods + type: string + readinessGates: + description: ReadinessGates defines pod readiness gates + items: + description: PodReadinessGate contains the reference to a pod + condition + properties: + conditionType: + description: ConditionType refers to a condition in the + pod's condition list with matching type. + type: string + required: + - conditionType + type: object + type: array + readinessProbe: + description: ReadinessProbe that will be added CRD pod + type: object + x-kubernetes-preserve-unknown-fields: true + replicaCount: + description: ReplicaCount is the expected size of the Application. + format: int32 + type: integer + resources: + description: |- + Resources container resource request and limits, https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + if not defined default resources from operator config will be used + properties: + claims: + description: |- + Claims lists the names of resources, defined in spec.resourceClaims, + that are used by this container. + + This is an alpha field and requires enabling the + DynamicResourceAllocation feature gate. + + This field is immutable. It can only be set for containers. + items: + description: ResourceClaim references one entry in PodSpec.ResourceClaims. + properties: + name: + description: |- + Name must match the name of one entry in pod.spec.resourceClaims of + the Pod where this field is used. It makes that resource available + inside a container. + type: string + request: + description: |- + Request is the name chosen for a request in the referenced claim. + If empty, everything from the claim is made available, otherwise + only the result of this request. + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: |- + Limits describes the maximum amount of compute resources allowed. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: |- + Requests describes the minimum amount of compute resources required. + If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, + otherwise to an implementation-defined value. Requests cannot exceed Limits. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + type: object + type: object + revisionHistoryLimitCount: + description: |- + The number of old ReplicaSets to retain to allow rollback in deployment or + maximum number of revisions that will be maintained in the Deployment revision history. + Has no effect at StatefulSets + Defaults to 10. + format: int32 + type: integer + rollingUpdateStrategy: + description: |- + RollingUpdateStrategy defines strategy for application updates + Default is OnDelete, in this case operator handles update process + Can be changed for RollingUpdate + type: string + rollingUpdateStrategyBehavior: + description: |- + RollingUpdateStrategyBehavior defines customized behavior for rolling updates. + It applies if the RollingUpdateStrategy is set to OnDelete, which is the default. + properties: + maxUnavailable: + anyOf: + - type: integer + - type: string + description: |- + MaxUnavailable defines the maximum number of pods that can be unavailable during the update. + It can be specified as an absolute number (e.g. 2) or a percentage of the total pods (e.g. "50%"). + For example, if set to 100%, all pods will be upgraded at once, minimizing downtime when needed. + x-kubernetes-int-or-string: true + type: object + runtimeClassName: + description: |- + RuntimeClassName - defines runtime class for kubernetes pod. + https://kubernetes.io/docs/concepts/containers/runtime-class/ + type: string + schedulerName: + description: SchedulerName - defines kubernetes scheduler name + type: string + secrets: + description: |- + Secrets is a list of Secrets in the same namespace as the Application + object, which shall be mounted into the Application container + at /etc/vm/secrets/SECRET_NAME folder + items: + type: string + type: array + securityContext: + description: |- + SecurityContext holds pod-level security attributes and common container settings. + This defaults to the default PodSecurityContext. + type: object + x-kubernetes-preserve-unknown-fields: true + serviceScrapeSpec: + description: ServiceScrapeSpec that will be added to vmselect + VMServiceScrape spec + required: + - endpoints + type: object + x-kubernetes-preserve-unknown-fields: true + serviceSpec: + description: ServiceSpec that will be added to vmselect service + spec + properties: + metadata: + description: EmbeddedObjectMetadata defines objectMeta for + additional service. + properties: + annotations: + additionalProperties: + type: string + description: |- + Annotations is an unstructured key value map stored with a resource that may be + set by external tools to store and retrieve arbitrary metadata. They are not + queryable and should be preserved when modifying objects. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations + type: object + labels: + additionalProperties: + type: string + description: |- + Labels Map of string keys and values that can be used to organize and categorize + (scope and select) objects. May match selectors of replication controllers + and services. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels + type: object + name: + description: |- + Name must be unique within a namespace. Is required when creating resources, although + some resources may allow a client to request the generation of an appropriate name + automatically. Name is primarily intended for creation idempotence and configuration + definition. + Cannot be updated. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names#names + type: string + type: object + spec: + description: |- + ServiceSpec describes the attributes that a user creates on a service. + More info: https://kubernetes.io/docs/concepts/services-networking/service/ + type: object + x-kubernetes-preserve-unknown-fields: true + useAsDefault: + description: |- + UseAsDefault applies changes from given service definition to the main object Service + Changing from headless service to clusterIP or loadbalancer may break cross-component communication + type: boolean + required: + - spec + type: object + startupProbe: + description: StartupProbe that will be added to CRD pod + type: object + x-kubernetes-preserve-unknown-fields: true + storage: + description: |- + StorageSpec - add persistent volume claim for cacheMountPath + its needed for persistent cache + properties: + disableMountSubPath: + description: |- + Deprecated: subPath usage will be disabled by default in a future release, this option will become unnecessary. + DisableMountSubPath allows to remove any subPath usage in volume mounts. + type: boolean + emptyDir: + description: |- + EmptyDirVolumeSource to be used by the Prometheus StatefulSets. If specified, used in place of any volumeClaimTemplate. More + info: https://kubernetes.io/docs/concepts/storage/volumes/#emptydir + properties: + medium: + description: |- + medium represents what type of storage medium should back this directory. + The default is "" which means to use the node's default medium. + Must be an empty string (default) or Memory. + More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir + type: string + sizeLimit: + anyOf: + - type: integer + - type: string + description: |- + sizeLimit is the total amount of local storage required for this EmptyDir volume. + The size limit is also applicable for memory medium. + The maximum usage on memory medium EmptyDir would be the minimum value between + the SizeLimit specified here and the sum of memory limits of all containers in a pod. + The default is nil which means that the limit is undefined. + More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + volumeClaimTemplate: + description: A PVC spec to be used by the StatefulSets/Deployments. + properties: + apiVersion: + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + type: string + kind: + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + type: string + metadata: + description: EmbeddedMetadata contains metadata relevant + to an EmbeddedResource. + properties: + annotations: + additionalProperties: + type: string + description: |- + Annotations is an unstructured key value map stored with a resource that may be + set by external tools to store and retrieve arbitrary metadata. They are not + queryable and should be preserved when modifying objects. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations + type: object + labels: + additionalProperties: + type: string + description: |- + Labels Map of string keys and values that can be used to organize and categorize + (scope and select) objects. May match selectors of replication controllers + and services. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels + type: object + name: + description: |- + Name must be unique within a namespace. Is required when creating resources, although + some resources may allow a client to request the generation of an appropriate name + automatically. Name is primarily intended for creation idempotence and configuration + definition. + Cannot be updated. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names#names + type: string + type: object + spec: + description: |- + Spec defines the desired characteristics of a volume requested by a pod author. + More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims + properties: + accessModes: + description: |- + accessModes contains the desired access modes the volume should have. + More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1 + items: + type: string + type: array + x-kubernetes-list-type: atomic + dataSource: + description: |- + dataSource field can be used to specify either: + * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot) + * An existing PVC (PersistentVolumeClaim) + If the provisioner or an external controller can support the specified data source, + it will create a new volume based on the contents of the specified data source. + When the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef, + and dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified. + If the namespace is specified, then dataSourceRef will not be copied to dataSource. + properties: + apiGroup: + description: |- + APIGroup is the group for the resource being referenced. + If APIGroup is not specified, the specified Kind must be in the core API group. + For any other third-party types, APIGroup is required. + type: string + kind: + description: Kind is the type of resource being + referenced + type: string + name: + description: Name is the name of resource being + referenced + type: string + required: + - kind + - name + type: object + x-kubernetes-map-type: atomic + dataSourceRef: + description: |- + dataSourceRef specifies the object from which to populate the volume with data, if a non-empty + volume is desired. This may be any object from a non-empty API group (non + core object) or a PersistentVolumeClaim object. + When this field is specified, volume binding will only succeed if the type of + the specified object matches some installed volume populator or dynamic + provisioner. + This field will replace the functionality of the dataSource field and as such + if both fields are non-empty, they must have the same value. For backwards + compatibility, when namespace isn't specified in dataSourceRef, + both fields (dataSource and dataSourceRef) will be set to the same + value automatically if one of them is empty and the other is non-empty. + When namespace is specified in dataSourceRef, + dataSource isn't set to the same value and must be empty. + There are three important differences between dataSource and dataSourceRef: + * While dataSource only allows two specific types of objects, dataSourceRef + allows any non-core object, as well as PersistentVolumeClaim objects. + * While dataSource ignores disallowed values (dropping them), dataSourceRef + preserves all values, and generates an error if a disallowed value is + specified. + * While dataSource only allows local objects, dataSourceRef allows objects + in any namespaces. + (Beta) Using this field requires the AnyVolumeDataSource feature gate to be enabled. + (Alpha) Using the namespace field of dataSourceRef requires the CrossNamespaceVolumeDataSource feature gate to be enabled. + properties: + apiGroup: + description: |- + APIGroup is the group for the resource being referenced. + If APIGroup is not specified, the specified Kind must be in the core API group. + For any other third-party types, APIGroup is required. + type: string + kind: + description: Kind is the type of resource being + referenced + type: string + name: + description: Name is the name of resource being + referenced + type: string + namespace: + description: |- + Namespace is the namespace of resource being referenced + Note that when a namespace is specified, a gateway.networking.k8s.io/ReferenceGrant object is required in the referent namespace to allow that namespace's owner to accept the reference. See the ReferenceGrant documentation for details. + (Alpha) This field requires the CrossNamespaceVolumeDataSource feature gate to be enabled. + type: string + required: + - kind + - name + type: object + resources: + description: |- + resources represents the minimum resources the volume should have. + If RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements + that are lower than previous value but must still be higher than capacity recorded in the + status field of the claim. + More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources + properties: + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: |- + Limits describes the maximum amount of compute resources allowed. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: |- + Requests describes the minimum amount of compute resources required. + If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, + otherwise to an implementation-defined value. Requests cannot exceed Limits. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + type: object + type: object + selector: + description: selector is a label query over volumes + to consider for binding. + properties: + matchExpressions: + description: matchExpressions is a list of label + selector requirements. The requirements are + ANDed. + items: + description: |- + A label selector requirement is a selector that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: key is the label key that the + selector applies to. + type: string + operator: + description: |- + operator represents a key's relationship to a set of values. + Valid operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: |- + values is an array of string values. If the operator is In or NotIn, + the values array must be non-empty. If the operator is Exists or DoesNotExist, + the values array must be empty. This array is replaced during a strategic + merge patch. + items: + type: string + type: array + x-kubernetes-list-type: atomic + required: + - key + - operator + type: object + type: array + x-kubernetes-list-type: atomic + matchLabels: + additionalProperties: + type: string + description: |- + matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, whose key field is "key", the + operator is "In", and the values array contains only "value". The requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + storageClassName: + description: |- + storageClassName is the name of the StorageClass required by the claim. + More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1 + type: string + volumeAttributesClassName: + description: |- + volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim. + If specified, the CSI driver will create or update the volume with the attributes defined + in the corresponding VolumeAttributesClass. This has a different purpose than storageClassName, + it can be changed after the claim is created. An empty string value means that no VolumeAttributesClass + will be applied to the claim but it's not allowed to reset this field to empty string once it is set. + If unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass + will be set by the persistentvolume controller if it exists. + If the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be + set to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource + exists. + More info: https://kubernetes.io/docs/concepts/storage/volume-attributes-classes/ + (Beta) Using this field requires the VolumeAttributesClass feature gate to be enabled (off by default). + type: string + volumeMode: + description: |- + volumeMode defines what type of volume is required by the claim. + Value of Filesystem is implied when not included in claim spec. + type: string + volumeName: + description: volumeName is the binding reference to + the PersistentVolume backing this claim. + type: string + type: object + status: + description: |- + Status represents the current information/status of a persistent volume claim. + Read-only. + More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims + properties: + accessModes: + description: |- + accessModes contains the actual access modes the volume backing the PVC has. + More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1 + items: + type: string + type: array + x-kubernetes-list-type: atomic + allocatedResourceStatuses: + additionalProperties: + description: |- + When a controller receives persistentvolume claim update with ClaimResourceStatus for a resource + that it does not recognizes, then it should ignore that update and let other controllers + handle it. + type: string + description: "allocatedResourceStatuses stores status + of resource being resized for the given PVC.\nKey + names follow standard Kubernetes label syntax. Valid + values are either:\n\t* Un-prefixed keys:\n\t\t- + storage - the capacity of the volume.\n\t* Custom + resources must use implementation-defined prefixed + names such as \"example.com/my-custom-resource\"\nApart + from above values - keys that are unprefixed or + have kubernetes.io prefix are considered\nreserved + and hence may not be used.\n\nClaimResourceStatus + can be in any of following states:\n\t- ControllerResizeInProgress:\n\t\tState + set when resize controller starts resizing the volume + in control-plane.\n\t- ControllerResizeFailed:\n\t\tState + set when resize has failed in resize controller + with a terminal error.\n\t- NodeResizePending:\n\t\tState + set when resize controller has finished resizing + the volume but further resizing of\n\t\tvolume is + needed on the node.\n\t- NodeResizeInProgress:\n\t\tState + set when kubelet starts resizing the volume.\n\t- + NodeResizeFailed:\n\t\tState set when resizing has + failed in kubelet with a terminal error. Transient + errors don't set\n\t\tNodeResizeFailed.\nFor example: + if expanding a PVC for more capacity - this field + can be one of the following states:\n\t- pvc.status.allocatedResourceStatus['storage'] + = \"ControllerResizeInProgress\"\n - pvc.status.allocatedResourceStatus['storage'] + = \"ControllerResizeFailed\"\n - pvc.status.allocatedResourceStatus['storage'] + = \"NodeResizePending\"\n - pvc.status.allocatedResourceStatus['storage'] + = \"NodeResizeInProgress\"\n - pvc.status.allocatedResourceStatus['storage'] + = \"NodeResizeFailed\"\nWhen this field is not set, + it means that no resize operation is in progress + for the given PVC.\n\nA controller that receives + PVC update with previously unknown resourceName + or ClaimResourceStatus\nshould ignore the update + for the purpose it was designed. For example - a + controller that\nonly is responsible for resizing + capacity of the volume, should ignore PVC updates + that change other valid\nresources associated with + PVC.\n\nThis is an alpha field and requires enabling + RecoverVolumeExpansionFailure feature." + type: object + x-kubernetes-map-type: granular + allocatedResources: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: "allocatedResources tracks the resources + allocated to a PVC including its capacity.\nKey + names follow standard Kubernetes label syntax. Valid + values are either:\n\t* Un-prefixed keys:\n\t\t- + storage - the capacity of the volume.\n\t* Custom + resources must use implementation-defined prefixed + names such as \"example.com/my-custom-resource\"\nApart + from above values - keys that are unprefixed or + have kubernetes.io prefix are considered\nreserved + and hence may not be used.\n\nCapacity reported + here may be larger than the actual capacity when + a volume expansion operation\nis requested.\nFor + storage quota, the larger value from allocatedResources + and PVC.spec.resources is used.\nIf allocatedResources + is not set, PVC.spec.resources alone is used for + quota calculation.\nIf a volume expansion capacity + request is lowered, allocatedResources is only\nlowered + if there are no expansion operations in progress + and if the actual volume capacity\nis equal or lower + than the requested capacity.\n\nA controller that + receives PVC update with previously unknown resourceName\nshould + ignore the update for the purpose it was designed. + For example - a controller that\nonly is responsible + for resizing capacity of the volume, should ignore + PVC updates that change other valid\nresources associated + with PVC.\n\nThis is an alpha field and requires + enabling RecoverVolumeExpansionFailure feature." + type: object + capacity: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: capacity represents the actual resources + of the underlying volume. + type: object + conditions: + description: |- + conditions is the current Condition of persistent volume claim. If underlying persistent volume is being + resized then the Condition will be set to 'Resizing'. + items: + description: PersistentVolumeClaimCondition contains + details about state of pvc + properties: + lastProbeTime: + description: lastProbeTime is the time we probed + the condition. + format: date-time + type: string + lastTransitionTime: + description: lastTransitionTime is the time + the condition transitioned from one status + to another. + format: date-time + type: string + message: + description: message is the human-readable message + indicating details about last transition. + type: string + reason: + description: |- + reason is a unique, this should be a short, machine understandable string that gives the reason + for condition's last transition. If it reports "Resizing" that means the underlying + persistent volume is being resized. + type: string + status: + description: |- + Status is the status of the condition. + Can be True, False, Unknown. + More info: https://kubernetes.io/docs/reference/kubernetes-api/config-and-storage-resources/persistent-volume-claim-v1/#:~:text=state%20of%20pvc-,conditions.status,-(string)%2C%20required + type: string + type: + description: |- + Type is the type of the condition. + More info: https://kubernetes.io/docs/reference/kubernetes-api/config-and-storage-resources/persistent-volume-claim-v1/#:~:text=set%20to%20%27ResizeStarted%27.-,PersistentVolumeClaimCondition,-contains%20details%20about + type: string + required: + - status + - type + type: object + type: array + x-kubernetes-list-map-keys: + - type + x-kubernetes-list-type: map + currentVolumeAttributesClassName: + description: |- + currentVolumeAttributesClassName is the current name of the VolumeAttributesClass the PVC is using. + When unset, there is no VolumeAttributeClass applied to this PersistentVolumeClaim + This is a beta field and requires enabling VolumeAttributesClass feature (off by default). + type: string + modifyVolumeStatus: + description: |- + ModifyVolumeStatus represents the status object of ControllerModifyVolume operation. + When this is unset, there is no ModifyVolume operation being attempted. + This is a beta field and requires enabling VolumeAttributesClass feature (off by default). + properties: + status: + description: "status is the status of the ControllerModifyVolume + operation. It can be in any of following states:\n + - Pending\n Pending indicates that the PersistentVolumeClaim + cannot be modified due to unmet requirements, + such as\n the specified VolumeAttributesClass + not existing.\n - InProgress\n InProgress + indicates that the volume is being modified.\n + - Infeasible\n Infeasible indicates that the + request has been rejected as invalid by the + CSI driver. To\n\t resolve the error, a valid + VolumeAttributesClass needs to be specified.\nNote: + New statuses can be added in the future. Consumers + should check for unknown statuses and fail appropriately." + type: string + targetVolumeAttributesClassName: + description: targetVolumeAttributesClassName is + the name of the VolumeAttributesClass the PVC + currently being reconciled + type: string + required: + - status + type: object + phase: + description: phase represents the current phase of + PersistentVolumeClaim. + type: string + type: object + type: object + type: object + terminationGracePeriodSeconds: + description: TerminationGracePeriodSeconds period for container + graceful termination + format: int64 + type: integer + tolerations: + description: Tolerations If specified, the pod's tolerations. + items: + description: |- + The pod this Toleration is attached to tolerates any taint that matches + the triple using the matching operator . + properties: + effect: + description: |- + Effect indicates the taint effect to match. Empty means match all taint effects. + When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute. + type: string + key: + description: |- + Key is the taint key that the toleration applies to. Empty means match all taint keys. + If the key is empty, operator must be Exists; this combination means to match all values and all keys. + type: string + operator: + description: |- + Operator represents a key's relationship to the value. + Valid operators are Exists and Equal. Defaults to Equal. + Exists is equivalent to wildcard for value, so that a pod can + tolerate all taints of a particular category. + type: string + tolerationSeconds: + description: |- + TolerationSeconds represents the period of time the toleration (which must be + of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, + it is not set, which means tolerate the taint forever (do not evict). Zero and + negative values will be treated as 0 (evict immediately) by the system. + format: int64 + type: integer + value: + description: |- + Value is the taint value the toleration matches to. + If the operator is Exists, the value should be empty, otherwise just a regular string. + type: string + type: object + type: array + topologySpreadConstraints: + description: |- + TopologySpreadConstraints embedded kubernetes pod configuration option, + controls how pods are spread across your cluster among failure-domains + such as regions, zones, nodes, and other user-defined topology domains + https://kubernetes.io/docs/concepts/workloads/pods/pod-topology-spread-constraints/ + items: + description: TopologySpreadConstraint specifies how to spread + matching pods among the given topology. + required: + - maxSkew + - topologyKey + - whenUnsatisfiable + type: object + x-kubernetes-preserve-unknown-fields: true + type: array + useDefaultResources: + description: |- + UseDefaultResources controls resource settings + By default, operator sets built-in resource requirements + type: boolean + useStrictSecurity: + description: |- + UseStrictSecurity enables strict security mode for component + it restricts disk writes access + uses non-root user out of the box + drops not needed security permissions + type: boolean + volumeMounts: + description: |- + VolumeMounts allows configuration of additional VolumeMounts on the output Deployment/StatefulSet definition. + VolumeMounts specified will be appended to other VolumeMounts in the Application container + items: + description: VolumeMount describes a mounting of a Volume within + a container. + properties: + mountPath: + description: |- + Path within the container at which the volume should be mounted. Must + not contain ':'. + type: string + mountPropagation: + description: |- + mountPropagation determines how mounts are propagated from the host + to container and the other way around. + When not set, MountPropagationNone is used. + This field is beta in 1.10. + When RecursiveReadOnly is set to IfPossible or to Enabled, MountPropagation must be None or unspecified + (which defaults to None). + type: string + name: + description: This must match the Name of a Volume. + type: string + readOnly: + description: |- + Mounted read-only if true, read-write otherwise (false or unspecified). + Defaults to false. + type: boolean + recursiveReadOnly: + description: |- + RecursiveReadOnly specifies whether read-only mounts should be handled + recursively. + + If ReadOnly is false, this field has no meaning and must be unspecified. + + If ReadOnly is true, and this field is set to Disabled, the mount is not made + recursively read-only. If this field is set to IfPossible, the mount is made + recursively read-only, if it is supported by the container runtime. If this + field is set to Enabled, the mount is made recursively read-only if it is + supported by the container runtime, otherwise the pod will not be started and + an error will be generated to indicate the reason. + + If this field is set to IfPossible or Enabled, MountPropagation must be set to + None (or be unspecified, which defaults to None). + + If this field is not specified, it is treated as an equivalent of Disabled. + type: string + subPath: + description: |- + Path within the volume from which the container's volume should be mounted. + Defaults to "" (volume's root). + type: string + subPathExpr: + description: |- + Expanded path within the volume from which the container's volume should be mounted. + Behaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment. + Defaults to "" (volume's root). + SubPathExpr and SubPath are mutually exclusive. + type: string + required: + - mountPath + - name + type: object + type: array + volumes: + description: |- + Volumes allows configuration of additional volumes on the output Deployment/StatefulSet definition. + Volumes specified will be appended to other volumes that are generated. + / +optional + items: + description: Volume represents a named volume in a pod that + may be accessed by any container in the pod. + required: + - name + type: object + x-kubernetes-preserve-unknown-fields: true + type: array + type: object + vmstorage: + properties: + affinity: + description: Affinity If specified, the pod's scheduling constraints. + type: object + x-kubernetes-preserve-unknown-fields: true + claimTemplates: + description: ClaimTemplates allows adding additional VolumeClaimTemplates + for StatefulSet + items: + description: PersistentVolumeClaim is a user's request for and + claim to a persistent volume + type: object + x-kubernetes-preserve-unknown-fields: true + type: array + configMaps: + description: |- + ConfigMaps is a list of ConfigMaps in the same namespace as the Application + object, which shall be mounted into the Application container + at /etc/vm/configs/CONFIGMAP_NAME folder + items: + type: string + type: array + containers: + description: |- + Containers property allows to inject additions sidecars or to patch existing containers. + It can be useful for proxies, backup, etc. + items: + description: A single application container that you want to + run within a pod. + required: + - name + type: object + x-kubernetes-preserve-unknown-fields: true + type: array + disableAutomountServiceAccountToken: + description: |- + DisableAutomountServiceAccountToken whether to disable serviceAccount auto mount by Kubernetes (available from v0.54.0). + Operator will conditionally create volumes and volumeMounts for containers if it requires k8s API access. + For example, vmagent and vm-config-reloader requires k8s API access. + Operator creates volumes with name: "kube-api-access", which can be used as volumeMount for extraContainers if needed. + And also adds VolumeMounts at /var/run/secrets/kubernetes.io/serviceaccount. + type: boolean + disableSelfServiceScrape: + description: |- + DisableSelfServiceScrape controls creation of VMServiceScrape by operator + for the application. + Has priority over `VM_DISABLESELFSERVICESCRAPECREATION` operator env variable + type: boolean + dnsConfig: + description: |- + Specifies the DNS parameters of a pod. + Parameters specified here will be merged to the generated DNS + configuration based on DNSPolicy. + items: + x-kubernetes-preserve-unknown-fields: true + properties: + nameservers: + description: |- + A list of DNS name server IP addresses. + This will be appended to the base nameservers generated from DNSPolicy. + Duplicated nameservers will be removed. + items: + type: string + type: array + x-kubernetes-list-type: atomic + options: + description: |- + A list of DNS resolver options. + This will be merged with the base options generated from DNSPolicy. + Duplicated entries will be removed. Resolution options given in Options + will override those that appear in the base DNSPolicy. + items: + description: PodDNSConfigOption defines DNS resolver options + of a pod. + properties: + name: + description: |- + Name is this DNS resolver option's name. + Required. + type: string + value: + description: Value is this DNS resolver option's value. + type: string + type: object + type: array + x-kubernetes-list-type: atomic + searches: + description: |- + A list of DNS search domains for host-name lookup. + This will be appended to the base search paths generated from DNSPolicy. + Duplicated search paths will be removed. + items: + type: string + type: array + x-kubernetes-list-type: atomic + type: object + dnsPolicy: + description: DNSPolicy sets DNS policy for the pod + type: string + extraArgs: + additionalProperties: + type: string + description: |- + ExtraArgs that will be passed to the application container + for example remoteWrite.tmpDataPath: /tmp + type: object + extraEnvs: + description: ExtraEnvs that will be passed to the application + container + items: + description: EnvVar represents an environment variable present + in a Container. + properties: + name: + description: Name of the environment variable. Must be a + C_IDENTIFIER. + type: string + value: + description: |- + Variable references $(VAR_NAME) are expanded + using the previously defined environment variables in the container and + any service environment variables. If a variable cannot be resolved, + the reference in the input string will be unchanged. Double $$ are reduced + to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. + "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". + Escaped references will never be expanded, regardless of whether the variable + exists or not. + Defaults to "". + type: string + required: + - name + type: object + x-kubernetes-preserve-unknown-fields: true + type: array + extraEnvsFrom: + description: |- + ExtraEnvsFrom defines source of env variables for the application container + could either be secret or configmap + items: + description: EnvFromSource represents the source of a set of + ConfigMaps + properties: + configMapRef: + description: The ConfigMap to select from + properties: + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the ConfigMap must be defined + type: boolean + type: object + x-kubernetes-map-type: atomic + prefix: + description: An optional identifier to prepend to each key + in the ConfigMap. Must be a C_IDENTIFIER. + type: string + secretRef: + description: The Secret to select from + properties: + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret must be defined + type: boolean + type: object + x-kubernetes-map-type: atomic + type: object + type: array + host_aliases: + description: |- + HostAliasesUnderScore provides mapping for ip and hostname, + that would be propagated to pod, + cannot be used with HostNetwork. + Has Priority over hostAliases field + items: + description: |- + HostAlias holds the mapping between IP and hostnames that will be injected as an entry in the + pod's hosts file. + properties: + hostnames: + description: Hostnames for the above IP address. + items: + type: string + type: array + x-kubernetes-list-type: atomic + ip: + description: IP address of the host file entry. + type: string + required: + - ip + type: object + type: array + hostAliases: + description: |- + HostAliases provides mapping for ip and hostname, + that would be propagated to pod, + cannot be used with HostNetwork. + items: + description: |- + HostAlias holds the mapping between IP and hostnames that will be injected as an entry in the + pod's hosts file. + properties: + hostnames: + description: Hostnames for the above IP address. + items: + type: string + type: array + x-kubernetes-list-type: atomic + ip: + description: IP address of the host file entry. + type: string + required: + - ip + type: object + type: array + hostNetwork: + description: HostNetwork controls whether the pod may use the + node network namespace + type: boolean + image: + description: |- + Image - docker image settings + if no specified operator uses default version from operator config + properties: + pullPolicy: + description: PullPolicy describes how to pull docker image + type: string + repository: + description: Repository contains name of docker image + it's + repository if needed + type: string + tag: + description: Tag contains desired docker image version + type: string + type: object + imagePullSecrets: + description: |- + ImagePullSecrets An optional list of references to secrets in the same namespace + to use for pulling images from registries + see https://kubernetes.io/docs/concepts/containers/images/#referring-to-an-imagepullsecrets-on-a-pod + items: + description: |- + LocalObjectReference contains enough information to let you locate the + referenced object inside the same namespace. + properties: + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + type: object + x-kubernetes-map-type: atomic + type: array + initContainers: + description: |- + InitContainers allows adding initContainers to the pod definition. + Any errors during the execution of an initContainer will lead to a restart of the Pod. + More info: https://kubernetes.io/docs/concepts/workloads/pods/init-containers/ + items: + description: A single application container that you want to + run within a pod. + required: + - name + type: object + x-kubernetes-preserve-unknown-fields: true + type: array + livenessProbe: + description: LivenessProbe that will be added CRD pod + type: object + x-kubernetes-preserve-unknown-fields: true + logFormat: + description: |- + LogFormat for VMStorage to be configured with. + default or json + enum: + - default + - json + type: string + logLevel: + description: LogLevel for VMStorage to be configured with. + enum: + - INFO + - WARN + - ERROR + - FATAL + - PANIC + type: string + maintenanceInsertNodeIDs: + description: |- + MaintenanceInsertNodeIDs - excludes given node ids from insert requests routing, must contain pod suffixes - for pod-0, id will be 0 and etc. + lets say, you have pod-0, pod-1, pod-2, pod-3. to exclude pod-0 and pod-3 from insert routing, define nodeIDs: [0,3]. + Useful at storage expanding, when you want to rebalance some data at cluster. + items: + format: int32 + type: integer + type: array + maintenanceSelectNodeIDs: + description: MaintenanceInsertNodeIDs - excludes given node ids + from select requests routing, must contain pod suffixes - for + pod-0, id will be 0 and etc. + items: + format: int32 + type: integer + type: array + minReadySeconds: + description: |- + MinReadySeconds defines a minimum number of seconds to wait before starting update next pod + if previous in healthy state + Has no effect for VLogs and VMSingle + format: int32 + type: integer + nodeSelector: + additionalProperties: + type: string + description: NodeSelector Define which Nodes the Pods are scheduled + on. + type: object + paused: + description: |- + Paused If set to true all actions on the underlying managed objects are not + going to be performed, except for delete actions. + type: boolean + persistentVolumeClaimRetentionPolicy: + description: PersistentVolumeClaimRetentionPolicy allows configuration + of PVC retention policy + properties: + whenDeleted: + description: |- + WhenDeleted specifies what happens to PVCs created from StatefulSet + VolumeClaimTemplates when the StatefulSet is deleted. The default policy + of `Retain` causes PVCs to not be affected by StatefulSet deletion. The + `Delete` policy causes those PVCs to be deleted. + type: string + whenScaled: + description: |- + WhenScaled specifies what happens to PVCs created from StatefulSet + VolumeClaimTemplates when the StatefulSet is scaled down. The default + policy of `Retain` causes PVCs to not be affected by a scaledown. The + `Delete` policy causes the associated PVCs for any excess pods above + the replica count to be deleted. + type: string + type: object + podDisruptionBudget: + description: PodDisruptionBudget created by operator + properties: + maxUnavailable: + anyOf: + - type: integer + - type: string + description: |- + An eviction is allowed if at most "maxUnavailable" pods selected by + "selector" are unavailable after the eviction, i.e. even in absence of + the evicted pod. For example, one can prevent all voluntary evictions + by specifying 0. This is a mutually exclusive setting with "minAvailable". + x-kubernetes-int-or-string: true + minAvailable: + anyOf: + - type: integer + - type: string + description: |- + An eviction is allowed if at least "minAvailable" pods selected by + "selector" will still be available after the eviction, i.e. even in the + absence of the evicted pod. So for example you can prevent all voluntary + evictions by specifying "100%". + x-kubernetes-int-or-string: true + selectorLabels: + additionalProperties: + type: string + description: |- + replaces default labels selector generated by operator + it's useful when you need to create custom budget + type: object + type: object + podMetadata: + description: PodMetadata configures Labels and Annotations which + are propagated to the VMStorage pods. + properties: + annotations: + additionalProperties: + type: string + description: |- + Annotations is an unstructured key value map stored with a resource that may be + set by external tools to store and retrieve arbitrary metadata. They are not + queryable and should be preserved when modifying objects. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations + type: object + labels: + additionalProperties: + type: string + description: |- + Labels Map of string keys and values that can be used to organize and categorize + (scope and select) objects. May match selectors of replication controllers + and services. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels + type: object + name: + description: |- + Name must be unique within a namespace. Is required when creating resources, although + some resources may allow a client to request the generation of an appropriate name + automatically. Name is primarily intended for creation idempotence and configuration + definition. + Cannot be updated. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names#names + type: string + type: object + port: + description: Port listen address + type: string + priorityClassName: + description: PriorityClassName class assigned to the Pods + type: string + readinessGates: + description: ReadinessGates defines pod readiness gates + items: + description: PodReadinessGate contains the reference to a pod + condition + properties: + conditionType: + description: ConditionType refers to a condition in the + pod's condition list with matching type. + type: string + required: + - conditionType + type: object + type: array + readinessProbe: + description: ReadinessProbe that will be added CRD pod + type: object + x-kubernetes-preserve-unknown-fields: true + replicaCount: + description: ReplicaCount is the expected size of the Application. + format: int32 + type: integer + resources: + description: |- + Resources container resource request and limits, https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + if not defined default resources from operator config will be used + properties: + claims: + description: |- + Claims lists the names of resources, defined in spec.resourceClaims, + that are used by this container. + + This is an alpha field and requires enabling the + DynamicResourceAllocation feature gate. + + This field is immutable. It can only be set for containers. + items: + description: ResourceClaim references one entry in PodSpec.ResourceClaims. + properties: + name: + description: |- + Name must match the name of one entry in pod.spec.resourceClaims of + the Pod where this field is used. It makes that resource available + inside a container. + type: string + request: + description: |- + Request is the name chosen for a request in the referenced claim. + If empty, everything from the claim is made available, otherwise + only the result of this request. + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: |- + Limits describes the maximum amount of compute resources allowed. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: |- + Requests describes the minimum amount of compute resources required. + If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, + otherwise to an implementation-defined value. Requests cannot exceed Limits. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + type: object + type: object + revisionHistoryLimitCount: + description: |- + The number of old ReplicaSets to retain to allow rollback in deployment or + maximum number of revisions that will be maintained in the Deployment revision history. + Has no effect at StatefulSets + Defaults to 10. + format: int32 + type: integer + rollingUpdateStrategy: + description: |- + RollingUpdateStrategy defines strategy for application updates + Default is OnDelete, in this case operator handles update process + Can be changed for RollingUpdate + type: string + rollingUpdateStrategyBehavior: + description: |- + RollingUpdateStrategyBehavior defines customized behavior for rolling updates. + It applies if the RollingUpdateStrategy is set to OnDelete, which is the default. + properties: + maxUnavailable: + anyOf: + - type: integer + - type: string + description: |- + MaxUnavailable defines the maximum number of pods that can be unavailable during the update. + It can be specified as an absolute number (e.g. 2) or a percentage of the total pods (e.g. "50%"). + For example, if set to 100%, all pods will be upgraded at once, minimizing downtime when needed. + x-kubernetes-int-or-string: true + type: object + runtimeClassName: + description: |- + RuntimeClassName - defines runtime class for kubernetes pod. + https://kubernetes.io/docs/concepts/containers/runtime-class/ + type: string + schedulerName: + description: SchedulerName - defines kubernetes scheduler name + type: string + secrets: + description: |- + Secrets is a list of Secrets in the same namespace as the Application + object, which shall be mounted into the Application container + at /etc/vm/secrets/SECRET_NAME folder + items: + type: string + type: array + securityContext: + description: |- + SecurityContext holds pod-level security attributes and common container settings. + This defaults to the default PodSecurityContext. + type: object + x-kubernetes-preserve-unknown-fields: true + serviceScrapeSpec: + description: ServiceScrapeSpec that will be added to vmstorage + VMServiceScrape spec + required: + - endpoints + type: object + x-kubernetes-preserve-unknown-fields: true + serviceSpec: + description: ServiceSpec that will be create additional service + for vmstorage + properties: + metadata: + description: EmbeddedObjectMetadata defines objectMeta for + additional service. + properties: + annotations: + additionalProperties: + type: string + description: |- + Annotations is an unstructured key value map stored with a resource that may be + set by external tools to store and retrieve arbitrary metadata. They are not + queryable and should be preserved when modifying objects. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations + type: object + labels: + additionalProperties: + type: string + description: |- + Labels Map of string keys and values that can be used to organize and categorize + (scope and select) objects. May match selectors of replication controllers + and services. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels + type: object + name: + description: |- + Name must be unique within a namespace. Is required when creating resources, although + some resources may allow a client to request the generation of an appropriate name + automatically. Name is primarily intended for creation idempotence and configuration + definition. + Cannot be updated. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names#names + type: string + type: object + spec: + description: |- + ServiceSpec describes the attributes that a user creates on a service. + More info: https://kubernetes.io/docs/concepts/services-networking/service/ + type: object + x-kubernetes-preserve-unknown-fields: true + useAsDefault: + description: |- + UseAsDefault applies changes from given service definition to the main object Service + Changing from headless service to clusterIP or loadbalancer may break cross-component communication + type: boolean + required: + - spec + type: object + startupProbe: + description: StartupProbe that will be added to CRD pod + type: object + x-kubernetes-preserve-unknown-fields: true + storage: + description: |- + Storage - add persistent volume for StorageDataPath + its useful for persistent cache + properties: + disableMountSubPath: + description: |- + Deprecated: subPath usage will be disabled by default in a future release, this option will become unnecessary. + DisableMountSubPath allows to remove any subPath usage in volume mounts. + type: boolean + emptyDir: + description: |- + EmptyDirVolumeSource to be used by the Prometheus StatefulSets. If specified, used in place of any volumeClaimTemplate. More + info: https://kubernetes.io/docs/concepts/storage/volumes/#emptydir + properties: + medium: + description: |- + medium represents what type of storage medium should back this directory. + The default is "" which means to use the node's default medium. + Must be an empty string (default) or Memory. + More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir + type: string + sizeLimit: + anyOf: + - type: integer + - type: string + description: |- + sizeLimit is the total amount of local storage required for this EmptyDir volume. + The size limit is also applicable for memory medium. + The maximum usage on memory medium EmptyDir would be the minimum value between + the SizeLimit specified here and the sum of memory limits of all containers in a pod. + The default is nil which means that the limit is undefined. + More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + volumeClaimTemplate: + description: A PVC spec to be used by the StatefulSets/Deployments. + type: object + x-kubernetes-preserve-unknown-fields: true + type: object + storageDataPath: + description: StorageDataPath - path to storage data + type: string + terminationGracePeriodSeconds: + description: TerminationGracePeriodSeconds period for container + graceful termination + format: int64 + type: integer + tolerations: + description: Tolerations If specified, the pod's tolerations. + items: + description: |- + The pod this Toleration is attached to tolerates any taint that matches + the triple using the matching operator . + properties: + effect: + description: |- + Effect indicates the taint effect to match. Empty means match all taint effects. + When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute. + type: string + key: + description: |- + Key is the taint key that the toleration applies to. Empty means match all taint keys. + If the key is empty, operator must be Exists; this combination means to match all values and all keys. + type: string + operator: + description: |- + Operator represents a key's relationship to the value. + Valid operators are Exists and Equal. Defaults to Equal. + Exists is equivalent to wildcard for value, so that a pod can + tolerate all taints of a particular category. + type: string + tolerationSeconds: + description: |- + TolerationSeconds represents the period of time the toleration (which must be + of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, + it is not set, which means tolerate the taint forever (do not evict). Zero and + negative values will be treated as 0 (evict immediately) by the system. + format: int64 + type: integer + value: + description: |- + Value is the taint value the toleration matches to. + If the operator is Exists, the value should be empty, otherwise just a regular string. + type: string + type: object + type: array + topologySpreadConstraints: + description: |- + TopologySpreadConstraints embedded kubernetes pod configuration option, + controls how pods are spread across your cluster among failure-domains + such as regions, zones, nodes, and other user-defined topology domains + https://kubernetes.io/docs/concepts/workloads/pods/pod-topology-spread-constraints/ + items: + description: TopologySpreadConstraint specifies how to spread + matching pods among the given topology. + required: + - maxSkew + - topologyKey + - whenUnsatisfiable + type: object + x-kubernetes-preserve-unknown-fields: true + type: array + useDefaultResources: + description: |- + UseDefaultResources controls resource settings + By default, operator sets built-in resource requirements + type: boolean + useStrictSecurity: + description: |- + UseStrictSecurity enables strict security mode for component + it restricts disk writes access + uses non-root user out of the box + drops not needed security permissions + type: boolean + vmBackup: + description: VMBackup configuration for backup + properties: + acceptEULA: + description: |- + AcceptEULA accepts enterprise feature usage, must be set to true. + otherwise backupmanager cannot be added to single/cluster version. + https://victoriametrics.com/legal/esa/ + Deprecated: use license.key or license.keyRef instead + type: boolean + concurrency: + description: Defines number of concurrent workers. Higher + concurrency may reduce backup duration (default 10) + format: int32 + type: integer + credentialsSecret: + description: |- + CredentialsSecret is secret in the same namespace for access to remote storage + The secret is mounted into /etc/vm/creds. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + customS3Endpoint: + description: Custom S3 endpoint for use with S3-compatible + storages (e.g. MinIO). S3 is used if not set + type: string + destination: + description: Defines destination for backup + type: string + destinationDisableSuffixAdd: + description: |- + DestinationDisableSuffixAdd - disables suffix adding for cluster version backups + each vmstorage backup must have unique backup folder + so operator adds POD_NAME as suffix for backup destination folder. + type: boolean + disableDaily: + description: Defines if daily backups disabled (default false) + type: boolean + disableHourly: + description: Defines if hourly backups disabled (default false) + type: boolean + disableMonthly: + description: Defines if monthly backups disabled (default + false) + type: boolean + disableWeekly: + description: Defines if weekly backups disabled (default false) + type: boolean + extraArgs: + additionalProperties: + type: string + description: extra args like maxBytesPerSecond default 0 + type: object + extraEnvs: + items: + description: EnvVar represents an environment variable present + in a Container. + properties: + name: + description: Name of the environment variable. Must + be a C_IDENTIFIER. + type: string + value: + description: |- + Variable references $(VAR_NAME) are expanded + using the previously defined environment variables in the container and + any service environment variables. If a variable cannot be resolved, + the reference in the input string will be unchanged. Double $$ are reduced + to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. + "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". + Escaped references will never be expanded, regardless of whether the variable + exists or not. + Defaults to "". + type: string + valueFrom: + description: Source for the environment variable's value. + Cannot be used if value is not empty. + properties: + configMapKeyRef: + description: Selects a key of a ConfigMap. + properties: + key: + description: The key to select. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the ConfigMap or + its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + fieldRef: + description: |- + Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, + spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs. + properties: + apiVersion: + description: Version of the schema the FieldPath + is written in terms of, defaults to "v1". + type: string + fieldPath: + description: Path of the field to select in + the specified API version. + type: string + required: + - fieldPath + type: object + x-kubernetes-map-type: atomic + resourceFieldRef: + description: |- + Selects a resource of the container: only resources limits and requests + (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported. + properties: + containerName: + description: 'Container name: required for volumes, + optional for env vars' + type: string + divisor: + anyOf: + - type: integer + - type: string + description: Specifies the output format of + the exposed resources, defaults to "1" + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + resource: + description: 'Required: resource to select' + type: string + required: + - resource + type: object + x-kubernetes-map-type: atomic + secretKeyRef: + description: Selects a key of a secret in the pod's + namespace + properties: + key: + description: The key of the secret to select + from. Must be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its + key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + required: + - name + type: object + type: array + extraEnvsFrom: + description: |- + ExtraEnvsFrom defines source of env variables for the application container + could either be secret or configmap + items: + description: EnvFromSource represents the source of a set + of ConfigMaps + properties: + configMapRef: + description: The ConfigMap to select from + properties: + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the ConfigMap must + be defined + type: boolean + type: object + x-kubernetes-map-type: atomic + prefix: + description: An optional identifier to prepend to each + key in the ConfigMap. Must be a C_IDENTIFIER. + type: string + secretRef: + description: The Secret to select from + properties: + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret must be + defined + type: boolean + type: object + x-kubernetes-map-type: atomic + type: object + type: array + image: + description: Image - docker image settings for VMBackuper + properties: + pullPolicy: + description: PullPolicy describes how to pull docker image + type: string + repository: + description: Repository contains name of docker image + + it's repository if needed + type: string + tag: + description: Tag contains desired docker image version + type: string + type: object + logFormat: + description: |- + LogFormat for VMBackup to be configured with. + default or json + enum: + - default + - json + type: string + logLevel: + description: LogLevel for VMBackup to be configured with. + enum: + - INFO + - WARN + - ERROR + - FATAL + - PANIC + type: string + port: + description: Port for health check connections + type: string + resources: + description: |- + Resources container resource request and limits, https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + if not defined default resources from operator config will be used + properties: + claims: + description: |- + Claims lists the names of resources, defined in spec.resourceClaims, + that are used by this container. + + This is an alpha field and requires enabling the + DynamicResourceAllocation feature gate. + + This field is immutable. It can only be set for containers. + items: + description: ResourceClaim references one entry in PodSpec.ResourceClaims. + properties: + name: + description: |- + Name must match the name of one entry in pod.spec.resourceClaims of + the Pod where this field is used. It makes that resource available + inside a container. + type: string + request: + description: |- + Request is the name chosen for a request in the referenced claim. + If empty, everything from the claim is made available, otherwise + only the result of this request. + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: |- + Limits describes the maximum amount of compute resources allowed. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: |- + Requests describes the minimum amount of compute resources required. + If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, + otherwise to an implementation-defined value. Requests cannot exceed Limits. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + type: object + type: object + restore: + description: |- + Restore Allows to enable restore options for pod + Read [more](https://docs.victoriametrics.com/victoriametrics/vmbackupmanager/#restore-commands) + properties: + onStart: + description: OnStart defines configuration for restore + on pod start + properties: + enabled: + description: Enabled defines if restore on start enabled + type: boolean + type: object + type: object + snapshotCreateURL: + description: SnapshotCreateURL overwrites url for snapshot + create + type: string + snapshotDeleteURL: + description: SnapShotDeleteURL overwrites url for snapshot + delete + type: string + volumeMounts: + description: |- + VolumeMounts allows configuration of additional VolumeMounts on the output Deployment definition. + VolumeMounts specified will be appended to other VolumeMounts in the vmbackupmanager container, + that are generated as a result of StorageSpec objects. + items: + description: VolumeMount describes a mounting of a Volume + within a container. + properties: + mountPath: + description: |- + Path within the container at which the volume should be mounted. Must + not contain ':'. + type: string + mountPropagation: + description: |- + mountPropagation determines how mounts are propagated from the host + to container and the other way around. + When not set, MountPropagationNone is used. + This field is beta in 1.10. + When RecursiveReadOnly is set to IfPossible or to Enabled, MountPropagation must be None or unspecified + (which defaults to None). + type: string + name: + description: This must match the Name of a Volume. + type: string + readOnly: + description: |- + Mounted read-only if true, read-write otherwise (false or unspecified). + Defaults to false. + type: boolean + recursiveReadOnly: + description: |- + RecursiveReadOnly specifies whether read-only mounts should be handled + recursively. + + If ReadOnly is false, this field has no meaning and must be unspecified. + + If ReadOnly is true, and this field is set to Disabled, the mount is not made + recursively read-only. If this field is set to IfPossible, the mount is made + recursively read-only, if it is supported by the container runtime. If this + field is set to Enabled, the mount is made recursively read-only if it is + supported by the container runtime, otherwise the pod will not be started and + an error will be generated to indicate the reason. + + If this field is set to IfPossible or Enabled, MountPropagation must be set to + None (or be unspecified, which defaults to None). + + If this field is not specified, it is treated as an equivalent of Disabled. + type: string + subPath: + description: |- + Path within the volume from which the container's volume should be mounted. + Defaults to "" (volume's root). + type: string + subPathExpr: + description: |- + Expanded path within the volume from which the container's volume should be mounted. + Behaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment. + Defaults to "" (volume's root). + SubPathExpr and SubPath are mutually exclusive. + type: string + required: + - mountPath + - name + type: object + type: array + type: object + vmInsertPort: + description: VMInsertPort for VMInsert connections + type: string + vmSelectPort: + description: VMSelectPort for VMSelect connections + type: string + volumeMounts: + description: |- + VolumeMounts allows configuration of additional VolumeMounts on the output Deployment/StatefulSet definition. + VolumeMounts specified will be appended to other VolumeMounts in the Application container + items: + description: VolumeMount describes a mounting of a Volume within + a container. + properties: + mountPath: + description: |- + Path within the container at which the volume should be mounted. Must + not contain ':'. + type: string + mountPropagation: + description: |- + mountPropagation determines how mounts are propagated from the host + to container and the other way around. + When not set, MountPropagationNone is used. + This field is beta in 1.10. + When RecursiveReadOnly is set to IfPossible or to Enabled, MountPropagation must be None or unspecified + (which defaults to None). + type: string + name: + description: This must match the Name of a Volume. + type: string + readOnly: + description: |- + Mounted read-only if true, read-write otherwise (false or unspecified). + Defaults to false. + type: boolean + recursiveReadOnly: + description: |- + RecursiveReadOnly specifies whether read-only mounts should be handled + recursively. + + If ReadOnly is false, this field has no meaning and must be unspecified. + + If ReadOnly is true, and this field is set to Disabled, the mount is not made + recursively read-only. If this field is set to IfPossible, the mount is made + recursively read-only, if it is supported by the container runtime. If this + field is set to Enabled, the mount is made recursively read-only if it is + supported by the container runtime, otherwise the pod will not be started and + an error will be generated to indicate the reason. + + If this field is set to IfPossible or Enabled, MountPropagation must be set to + None (or be unspecified, which defaults to None). + + If this field is not specified, it is treated as an equivalent of Disabled. + type: string + subPath: + description: |- + Path within the volume from which the container's volume should be mounted. + Defaults to "" (volume's root). + type: string + subPathExpr: + description: |- + Expanded path within the volume from which the container's volume should be mounted. + Behaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment. + Defaults to "" (volume's root). + SubPathExpr and SubPath are mutually exclusive. + type: string + required: + - mountPath + - name + type: object + type: array + volumes: + description: |- + Volumes allows configuration of additional volumes on the output Deployment/StatefulSet definition. + Volumes specified will be appended to other volumes that are generated. + / +optional + items: + description: Volume represents a named volume in a pod that + may be accessed by any container in the pod. + required: + - name + type: object + x-kubernetes-preserve-unknown-fields: true + type: array + type: object + type: object + status: + description: VMClusterStatus defines the observed state of VMCluster + properties: + clusterStatus: + description: LegacyStatus is deprecated and will be removed at v0.52.0 + version + type: string + conditions: + description: 'Known .status.conditions.type are: "Available", "Progressing", + and "Degraded"' + items: + description: Condition defines status condition of the resource + properties: + lastTransitionTime: + description: lastTransitionTime is the last time the condition + transitioned from one status to another. + format: date-time + type: string + lastUpdateTime: + description: |- + LastUpdateTime is the last time of given type update. + This value is used for status TTL update and removal + format: date-time + type: string + message: + description: |- + message is a human readable message indicating details about the transition. + This may be an empty string. + maxLength: 32768 + type: string + observedGeneration: + description: |- + observedGeneration represents the .metadata.generation that the condition was set based upon. + For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date + with respect to the current state of the instance. + format: int64 + minimum: 0 + type: integer + reason: + description: |- + reason contains a programmatic identifier indicating the reason for the condition's last transition. + Producers of specific condition types may define expected values and meanings for this field, + and whether the values are considered a guaranteed API. + The value should be a CamelCase string. + This field may not be empty. + maxLength: 1024 + minLength: 1 + type: string + status: + description: status of the condition, one of True, False, Unknown. + enum: + - "True" + - "False" + - Unknown + type: string + type: + description: Type of condition in CamelCase or in name.namespace.resource.victoriametrics.com/CamelCase. + maxLength: 316 + type: string + required: + - lastTransitionTime + - lastUpdateTime + - reason + - status + - type + type: object + type: array + x-kubernetes-list-map-keys: + - type + x-kubernetes-list-type: map + observedGeneration: + description: |- + ObservedGeneration defines current generation picked by operator for the + reconcile + format: int64 + type: integer + reason: + description: Reason defines human readable error reason + type: string + updateStatus: + description: UpdateStatus defines a status for update rollout + type: string + type: object + required: + - spec + type: object + served: true + storage: true + subresources: + status: {} +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.18.0 + name: vmnodescrapes.operator.victoriametrics.com +spec: + group: operator.victoriametrics.com + names: + kind: VMNodeScrape + listKind: VMNodeScrapeList + plural: vmnodescrapes + singular: vmnodescrape + scope: Namespaced + versions: + - additionalPrinterColumns: + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + - jsonPath: .status.updateStatus + name: Status + type: string + - jsonPath: .status.reason + name: Sync Error + type: string + name: v1beta1 + schema: + openAPIV3Schema: + description: |- + VMNodeScrape defines discovery for targets placed on kubernetes nodes, + usually its node-exporters and other host services. + InternalIP is used as __address__ for scraping. + properties: + apiVersion: + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + type: string + kind: + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + type: string + metadata: + type: object + spec: + description: VMNodeScrapeSpec defines specification for VMNodeScrape. + properties: + authorization: + description: Authorization with http header Authorization + properties: + credentials: + description: Reference to the secret with value for authorization + properties: + key: + description: The key of the secret to select from. Must be + a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must be + defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + credentialsFile: + description: File with value for authorization + type: string + type: + description: Type of authorization, default to bearer + type: string + type: object + basicAuth: + description: BasicAuth allow an endpoint to authenticate over basic + authentication + properties: + password: + description: |- + Password defines reference for secret with password value + The secret needs to be in the same namespace as scrape object + properties: + key: + description: The key of the secret to select from. Must be + a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must be + defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + password_file: + description: |- + PasswordFile defines path to password file at disk + must be pre-mounted + type: string + username: + description: |- + Username defines reference for secret with username value + The secret needs to be in the same namespace as scrape object + properties: + key: + description: The key of the secret to select from. Must be + a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must be + defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + bearerTokenFile: + description: File to read bearer token for scraping targets. + type: string + bearerTokenSecret: + description: |- + Secret to mount to read bearer token for scraping targets. The secret + needs to be in the same namespace as the scrape object and accessible by + the victoria-metrics operator. + nullable: true + properties: + key: + description: The key of the secret to select from. Must be a + valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + follow_redirects: + description: FollowRedirects controls redirects for scraping. + type: boolean + honorLabels: + description: HonorLabels chooses the metric's labels on collisions + with target labels. + type: boolean + honorTimestamps: + description: HonorTimestamps controls whether vmagent respects the + timestamps present in scraped data. + type: boolean + interval: + description: Interval at which metrics should be scraped + type: string + jobLabel: + description: The label to use to retrieve the job name from. + type: string + max_scrape_size: + description: MaxScrapeSize defines a maximum size of scraped data + for a job + type: string + metricRelabelConfigs: + description: MetricRelabelConfigs to apply to samples after scrapping. + items: + description: |- + RelabelConfig allows dynamic rewriting of the label set + More info: https://docs.victoriametrics.com/victoriametrics/#relabeling + properties: + action: + description: Action to perform based on regex matching. Default + is 'replace' + type: string + if: + description: 'If represents metricsQL match expression (or list + of expressions): ''{__name__=~"foo_.*"}''' + x-kubernetes-preserve-unknown-fields: true + labels: + additionalProperties: + type: string + description: 'Labels is used together with Match for `action: + graphite`' + type: object + match: + description: 'Match is used together with Labels for `action: + graphite`' + type: string + modulus: + description: Modulus to take of the hash of the source label + values. + format: int64 + type: integer + regex: + description: |- + Regular expression against which the extracted value is matched. Default is '(.*)' + victoriaMetrics supports multiline regex joined with | + https://docs.victoriametrics.com/victoriametrics/vmagent/#relabeling-enhancements + x-kubernetes-preserve-unknown-fields: true + replacement: + description: |- + Replacement value against which a regex replace is performed if the + regular expression matches. Regex capture groups are available. Default is '$1' + type: string + separator: + description: Separator placed between concatenated source label + values. default is ';'. + type: string + source_labels: + description: |- + UnderScoreSourceLabels - additional form of source labels source_labels + for compatibility with original relabel config. + if set both sourceLabels and source_labels, sourceLabels has priority. + for details https://github.com/VictoriaMetrics/operator/issues/131 + items: + type: string + type: array + sourceLabels: + description: |- + The source labels select values from existing labels. Their content is concatenated + using the configured separator and matched against the configured regular expression + for the replace, keep, and drop actions. + items: + type: string + type: array + target_label: + description: |- + UnderScoreTargetLabel - additional form of target label - target_label + for compatibility with original relabel config. + if set both targetLabel and target_label, targetLabel has priority. + for details https://github.com/VictoriaMetrics/operator/issues/131 + type: string + targetLabel: + description: |- + Label to which the resulting value is written in a replace action. + It is mandatory for replace actions. Regex capture groups are available. + type: string + type: object + type: array + oauth2: + description: OAuth2 defines auth configuration + properties: + client_id: + description: The secret or configmap containing the OAuth2 client + id + properties: + configMap: + description: ConfigMap containing data to use for the targets. + properties: + key: + description: The key to select. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the ConfigMap or its key + must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + secret: + description: Secret containing data to use for the targets. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + client_secret: + description: The secret containing the OAuth2 client secret + properties: + key: + description: The key of the secret to select from. Must be + a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must be + defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + client_secret_file: + description: ClientSecretFile defines path for client secret file. + type: string + endpoint_params: + additionalProperties: + type: string + description: Parameters to append to the token URL + type: object + proxy_url: + description: |- + The proxy URL for token_url connection + ( available from v0.55.0). + Is only supported by Scrape objects family + type: string + scopes: + description: OAuth2 scopes used for the token request + items: + type: string + type: array + tls_config: + description: |- + TLSConfig for token_url connection + ( available from v0.55.0). + Is only supported by Scrape objects family + x-kubernetes-preserve-unknown-fields: true + token_url: + description: The URL to fetch the token from + minLength: 1 + type: string + required: + - client_id + - token_url + type: object + params: + additionalProperties: + items: + type: string + type: array + description: Optional HTTP URL parameters + type: object + path: + description: HTTP path to scrape for metrics. + type: string + port: + description: Name of the port exposed at Node. + type: string + proxyURL: + description: ProxyURL eg http://proxyserver:2195 Directs scrapes to + proxy through this endpoint. + type: string + relabelConfigs: + description: RelabelConfigs to apply to samples during service discovery. + items: + description: |- + RelabelConfig allows dynamic rewriting of the label set + More info: https://docs.victoriametrics.com/victoriametrics/#relabeling + properties: + action: + description: Action to perform based on regex matching. Default + is 'replace' + type: string + if: + description: 'If represents metricsQL match expression (or list + of expressions): ''{__name__=~"foo_.*"}''' + x-kubernetes-preserve-unknown-fields: true + labels: + additionalProperties: + type: string + description: 'Labels is used together with Match for `action: + graphite`' + type: object + match: + description: 'Match is used together with Labels for `action: + graphite`' + type: string + modulus: + description: Modulus to take of the hash of the source label + values. + format: int64 + type: integer + regex: + description: |- + Regular expression against which the extracted value is matched. Default is '(.*)' + victoriaMetrics supports multiline regex joined with | + https://docs.victoriametrics.com/victoriametrics/vmagent/#relabeling-enhancements + x-kubernetes-preserve-unknown-fields: true + replacement: + description: |- + Replacement value against which a regex replace is performed if the + regular expression matches. Regex capture groups are available. Default is '$1' + type: string + separator: + description: Separator placed between concatenated source label + values. default is ';'. + type: string + source_labels: + description: |- + UnderScoreSourceLabels - additional form of source labels source_labels + for compatibility with original relabel config. + if set both sourceLabels and source_labels, sourceLabels has priority. + for details https://github.com/VictoriaMetrics/operator/issues/131 + items: + type: string + type: array + sourceLabels: + description: |- + The source labels select values from existing labels. Their content is concatenated + using the configured separator and matched against the configured regular expression + for the replace, keep, and drop actions. + items: + type: string + type: array + target_label: + description: |- + UnderScoreTargetLabel - additional form of target label - target_label + for compatibility with original relabel config. + if set both targetLabel and target_label, targetLabel has priority. + for details https://github.com/VictoriaMetrics/operator/issues/131 + type: string + targetLabel: + description: |- + Label to which the resulting value is written in a replace action. + It is mandatory for replace actions. Regex capture groups are available. + type: string + type: object + type: array + sampleLimit: + description: SampleLimit defines per-scrape limit on number of scraped + samples that will be accepted. + format: int64 + type: integer + scheme: + description: HTTP scheme to use for scraping. + enum: + - http + - https + - HTTPS + - HTTP + type: string + scrape_interval: + description: |- + ScrapeInterval is the same as Interval and has priority over it. + one of scrape_interval or interval can be used + type: string + scrapeTimeout: + description: Timeout after which the scrape is ended + type: string + selector: + description: Selector to select kubernetes Nodes. + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. + The requirements are ANDed. + items: + description: |- + A label selector requirement is a selector that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: key is the label key that the selector applies + to. + type: string + operator: + description: |- + operator represents a key's relationship to a set of values. + Valid operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: |- + values is an array of string values. If the operator is In or NotIn, + the values array must be non-empty. If the operator is Exists or DoesNotExist, + the values array must be empty. This array is replaced during a strategic + merge patch. + items: + type: string + type: array + x-kubernetes-list-type: atomic + required: + - key + - operator + type: object + type: array + x-kubernetes-list-type: atomic + matchLabels: + additionalProperties: + type: string + description: |- + matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, whose key field is "key", the + operator is "In", and the values array contains only "value". The requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + seriesLimit: + description: |- + SeriesLimit defines per-scrape limit on number of unique time series + a single target can expose during all the scrapes on the time window of 24h. + format: int64 + type: integer + targetLabels: + description: TargetLabels transfers labels on the Kubernetes Node + onto the target. + items: + type: string + type: array + tlsConfig: + description: TLSConfig configuration to use when scraping the endpoint + properties: + ca: + description: Struct containing the CA cert to use for the targets. + properties: + configMap: + description: ConfigMap containing data to use for the targets. + properties: + key: + description: The key to select. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the ConfigMap or its key + must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + secret: + description: Secret containing data to use for the targets. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + caFile: + description: Path to the CA cert in the container to use for the + targets. + type: string + cert: + description: Struct containing the client cert file for the targets. + properties: + configMap: + description: ConfigMap containing data to use for the targets. + properties: + key: + description: The key to select. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the ConfigMap or its key + must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + secret: + description: Secret containing data to use for the targets. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + certFile: + description: Path to the client cert file in the container for + the targets. + type: string + insecureSkipVerify: + description: Disable target certificate validation. + type: boolean + keyFile: + description: Path to the client key file in the container for + the targets. + type: string + keySecret: + description: Secret containing the client key file for the targets. + properties: + key: + description: The key of the secret to select from. Must be + a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must be + defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + serverName: + description: Used to verify the hostname for the targets. + type: string + type: object + vm_scrape_params: + description: VMScrapeParams defines VictoriaMetrics specific scrape + parameters + properties: + disable_compression: + description: DisableCompression + type: boolean + disable_keep_alive: + description: |- + disable_keepalive allows disabling HTTP keep-alive when scraping targets. + By default, HTTP keep-alive is enabled, so TCP connections to scrape targets + could be reused. + See https://docs.victoriametrics.com/victoriametrics/vmagent/#scrape_config-enhancements + type: boolean + headers: + description: |- + Headers allows sending custom headers to scrape targets + must be in of semicolon separated header with it's value + eg: + headerName: headerValue + vmagent supports since 1.79.0 version + items: + type: string + type: array + no_stale_markers: + type: boolean + proxy_client_config: + description: |- + ProxyClientConfig configures proxy auth settings for scraping + See feature description https://docs.victoriametrics.com/victoriametrics/vmagent/#scraping-targets-via-a-proxy + properties: + basic_auth: + description: BasicAuth allow an endpoint to authenticate over + basic authentication + properties: + password: + description: |- + Password defines reference for secret with password value + The secret needs to be in the same namespace as scrape object + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key + must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + password_file: + description: |- + PasswordFile defines path to password file at disk + must be pre-mounted + type: string + username: + description: |- + Username defines reference for secret with username value + The secret needs to be in the same namespace as scrape object + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key + must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + bearer_token: + description: SecretKeySelector selects a key of a Secret. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + bearer_token_file: + type: string + tls_config: + x-kubernetes-preserve-unknown-fields: true + type: object + scrape_align_interval: + type: string + scrape_offset: + type: string + stream_parse: + type: boolean + type: object + type: object + status: + description: ScrapeObjectStatus defines the observed state of ScrapeObjects + properties: + conditions: + description: 'Known .status.conditions.type are: "Available", "Progressing", + and "Degraded"' + items: + description: Condition defines status condition of the resource + properties: + lastTransitionTime: + description: lastTransitionTime is the last time the condition + transitioned from one status to another. + format: date-time + type: string + lastUpdateTime: + description: |- + LastUpdateTime is the last time of given type update. + This value is used for status TTL update and removal + format: date-time + type: string + message: + description: |- + message is a human readable message indicating details about the transition. + This may be an empty string. + maxLength: 32768 + type: string + observedGeneration: + description: |- + observedGeneration represents the .metadata.generation that the condition was set based upon. + For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date + with respect to the current state of the instance. + format: int64 + minimum: 0 + type: integer + reason: + description: |- + reason contains a programmatic identifier indicating the reason for the condition's last transition. + Producers of specific condition types may define expected values and meanings for this field, + and whether the values are considered a guaranteed API. + The value should be a CamelCase string. + This field may not be empty. + maxLength: 1024 + minLength: 1 + type: string + status: + description: status of the condition, one of True, False, Unknown. + enum: + - "True" + - "False" + - Unknown + type: string + type: + description: Type of condition in CamelCase or in name.namespace.resource.victoriametrics.com/CamelCase. + maxLength: 316 + type: string + required: + - lastTransitionTime + - lastUpdateTime + - reason + - status + - type + type: object + type: array + x-kubernetes-list-map-keys: + - type + x-kubernetes-list-type: map + observedGeneration: + description: |- + ObservedGeneration defines current generation picked by operator for the + reconcile + format: int64 + type: integer + reason: + description: Reason defines human readable error reason + type: string + updateStatus: + description: UpdateStatus defines a status for update rollout + type: string + type: object + type: object + served: true + storage: true + subresources: + status: {} +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.18.0 + name: vmpodscrapes.operator.victoriametrics.com +spec: + group: operator.victoriametrics.com + names: + kind: VMPodScrape + listKind: VMPodScrapeList + plural: vmpodscrapes + singular: vmpodscrape + scope: Namespaced + versions: + - additionalPrinterColumns: + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + - jsonPath: .status.updateStatus + name: Status + type: string + - jsonPath: .status.reason + name: Sync Error + type: string + name: v1beta1 + schema: + openAPIV3Schema: + description: |- + VMPodScrape is scrape configuration for pods, + it generates vmagent's config for scraping pod targets + based on selectors. + properties: + apiVersion: + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + type: string + kind: + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + type: string + metadata: + type: object + spec: + description: VMPodScrapeSpec defines the desired state of VMPodScrape + properties: + attach_metadata: + description: AttachMetadata configures metadata attaching from service + discovery + properties: + node: + description: |- + Node instructs vmagent to add node specific metadata from service discovery + Valid for roles: pod, endpoints, endpointslice. + type: boolean + type: object + jobLabel: + description: The label to use to retrieve the job name from. + type: string + namespaceSelector: + description: Selector to select which namespaces the Endpoints objects + are discovered from. + properties: + any: + description: |- + Boolean describing whether all namespaces are selected in contrast to a + list restricting them. + type: boolean + matchNames: + description: List of namespace names. + items: + type: string + type: array + type: object + podMetricsEndpoints: + description: A list of endpoints allowed as part of this PodMonitor. + items: + description: PodMetricsEndpoint defines a scrapeable endpoint of + a Kubernetes Pod serving metrics. + properties: + attach_metadata: + description: AttachMetadata configures metadata attaching from + service discovery + properties: + node: + description: |- + Node instructs vmagent to add node specific metadata from service discovery + Valid for roles: pod, endpoints, endpointslice. + type: boolean + type: object + authorization: + description: Authorization with http header Authorization + properties: + credentials: + description: Reference to the secret with value for authorization + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + credentialsFile: + description: File with value for authorization + type: string + type: + description: Type of authorization, default to bearer + type: string + type: object + basicAuth: + description: BasicAuth allow an endpoint to authenticate over + basic authentication + properties: + password: + description: |- + Password defines reference for secret with password value + The secret needs to be in the same namespace as scrape object + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + password_file: + description: |- + PasswordFile defines path to password file at disk + must be pre-mounted + type: string + username: + description: |- + Username defines reference for secret with username value + The secret needs to be in the same namespace as scrape object + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + bearerTokenFile: + description: File to read bearer token for scraping targets. + type: string + bearerTokenSecret: + description: |- + Secret to mount to read bearer token for scraping targets. The secret + needs to be in the same namespace as the scrape object and accessible by + the victoria-metrics operator. + nullable: true + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + filterRunning: + description: |- + FilterRunning applies filter with pod status == running + it prevents from scrapping metrics at failed or succeed state pods. + enabled by default + type: boolean + follow_redirects: + description: FollowRedirects controls redirects for scraping. + type: boolean + honorLabels: + description: HonorLabels chooses the metric's labels on collisions + with target labels. + type: boolean + honorTimestamps: + description: HonorTimestamps controls whether vmagent respects + the timestamps present in scraped data. + type: boolean + interval: + description: Interval at which metrics should be scraped + type: string + max_scrape_size: + description: MaxScrapeSize defines a maximum size of scraped + data for a job + type: string + metricRelabelConfigs: + description: MetricRelabelConfigs to apply to samples after + scrapping. + items: + description: |- + RelabelConfig allows dynamic rewriting of the label set + More info: https://docs.victoriametrics.com/victoriametrics/#relabeling + properties: + action: + description: Action to perform based on regex matching. + Default is 'replace' + type: string + if: + description: 'If represents metricsQL match expression + (or list of expressions): ''{__name__=~"foo_.*"}''' + x-kubernetes-preserve-unknown-fields: true + labels: + additionalProperties: + type: string + description: 'Labels is used together with Match for `action: + graphite`' + type: object + match: + description: 'Match is used together with Labels for `action: + graphite`' + type: string + modulus: + description: Modulus to take of the hash of the source + label values. + format: int64 + type: integer + regex: + description: |- + Regular expression against which the extracted value is matched. Default is '(.*)' + victoriaMetrics supports multiline regex joined with | + https://docs.victoriametrics.com/victoriametrics/vmagent/#relabeling-enhancements + x-kubernetes-preserve-unknown-fields: true + replacement: + description: |- + Replacement value against which a regex replace is performed if the + regular expression matches. Regex capture groups are available. Default is '$1' + type: string + separator: + description: Separator placed between concatenated source + label values. default is ';'. + type: string + source_labels: + description: |- + UnderScoreSourceLabels - additional form of source labels source_labels + for compatibility with original relabel config. + if set both sourceLabels and source_labels, sourceLabels has priority. + for details https://github.com/VictoriaMetrics/operator/issues/131 + items: + type: string + type: array + sourceLabels: + description: |- + The source labels select values from existing labels. Their content is concatenated + using the configured separator and matched against the configured regular expression + for the replace, keep, and drop actions. + items: + type: string + type: array + target_label: + description: |- + UnderScoreTargetLabel - additional form of target label - target_label + for compatibility with original relabel config. + if set both targetLabel and target_label, targetLabel has priority. + for details https://github.com/VictoriaMetrics/operator/issues/131 + type: string + targetLabel: + description: |- + Label to which the resulting value is written in a replace action. + It is mandatory for replace actions. Regex capture groups are available. + type: string + type: object + type: array + oauth2: + description: OAuth2 defines auth configuration + properties: + client_id: + description: The secret or configmap containing the OAuth2 + client id + properties: + configMap: + description: ConfigMap containing data to use for the + targets. + properties: + key: + description: The key to select. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the ConfigMap or its + key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + secret: + description: Secret containing data to use for the targets. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key + must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + client_secret: + description: The secret containing the OAuth2 client secret + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + client_secret_file: + description: ClientSecretFile defines path for client secret + file. + type: string + endpoint_params: + additionalProperties: + type: string + description: Parameters to append to the token URL + type: object + proxy_url: + description: |- + The proxy URL for token_url connection + ( available from v0.55.0). + Is only supported by Scrape objects family + type: string + scopes: + description: OAuth2 scopes used for the token request + items: + type: string + type: array + tls_config: + description: |- + TLSConfig for token_url connection + ( available from v0.55.0). + Is only supported by Scrape objects family + x-kubernetes-preserve-unknown-fields: true + token_url: + description: The URL to fetch the token from + minLength: 1 + type: string + required: + - client_id + - token_url + type: object + params: + additionalProperties: + items: + type: string + type: array + description: Optional HTTP URL parameters + type: object + path: + description: HTTP path to scrape for metrics. + type: string + port: + description: Name of the port exposed at Pod. + type: string + portNumber: + description: PortNumber defines the `Pod` port number which + exposes the endpoint. + format: int32 + maximum: 65535 + minimum: 1 + type: integer + proxyURL: + description: ProxyURL eg http://proxyserver:2195 Directs scrapes + to proxy through this endpoint. + type: string + relabelConfigs: + description: RelabelConfigs to apply to samples during service + discovery. + items: + description: |- + RelabelConfig allows dynamic rewriting of the label set + More info: https://docs.victoriametrics.com/victoriametrics/#relabeling + properties: + action: + description: Action to perform based on regex matching. + Default is 'replace' + type: string + if: + description: 'If represents metricsQL match expression + (or list of expressions): ''{__name__=~"foo_.*"}''' + x-kubernetes-preserve-unknown-fields: true + labels: + additionalProperties: + type: string + description: 'Labels is used together with Match for `action: + graphite`' + type: object + match: + description: 'Match is used together with Labels for `action: + graphite`' + type: string + modulus: + description: Modulus to take of the hash of the source + label values. + format: int64 + type: integer + regex: + description: |- + Regular expression against which the extracted value is matched. Default is '(.*)' + victoriaMetrics supports multiline regex joined with | + https://docs.victoriametrics.com/victoriametrics/vmagent/#relabeling-enhancements + x-kubernetes-preserve-unknown-fields: true + replacement: + description: |- + Replacement value against which a regex replace is performed if the + regular expression matches. Regex capture groups are available. Default is '$1' + type: string + separator: + description: Separator placed between concatenated source + label values. default is ';'. + type: string + source_labels: + description: |- + UnderScoreSourceLabels - additional form of source labels source_labels + for compatibility with original relabel config. + if set both sourceLabels and source_labels, sourceLabels has priority. + for details https://github.com/VictoriaMetrics/operator/issues/131 + items: + type: string + type: array + sourceLabels: + description: |- + The source labels select values from existing labels. Their content is concatenated + using the configured separator and matched against the configured regular expression + for the replace, keep, and drop actions. + items: + type: string + type: array + target_label: + description: |- + UnderScoreTargetLabel - additional form of target label - target_label + for compatibility with original relabel config. + if set both targetLabel and target_label, targetLabel has priority. + for details https://github.com/VictoriaMetrics/operator/issues/131 + type: string + targetLabel: + description: |- + Label to which the resulting value is written in a replace action. + It is mandatory for replace actions. Regex capture groups are available. + type: string + type: object + type: array + sampleLimit: + description: SampleLimit defines per-scrape limit on number + of scraped samples that will be accepted. + format: int64 + type: integer + scheme: + description: HTTP scheme to use for scraping. + enum: + - http + - https + - HTTPS + - HTTP + type: string + scrape_interval: + description: |- + ScrapeInterval is the same as Interval and has priority over it. + one of scrape_interval or interval can be used + type: string + scrapeTimeout: + description: Timeout after which the scrape is ended + type: string + seriesLimit: + description: |- + SeriesLimit defines per-scrape limit on number of unique time series + a single target can expose during all the scrapes on the time window of 24h. + format: int64 + type: integer + targetPort: + anyOf: + - type: integer + - type: string + description: |- + TargetPort defines name or number of the pod port this endpoint refers to. + Mutually exclusive with Port and PortNumber. + x-kubernetes-int-or-string: true + tlsConfig: + description: TLSConfig configuration to use when scraping the + endpoint + properties: + ca: + description: Struct containing the CA cert to use for the + targets. + properties: + configMap: + description: ConfigMap containing data to use for the + targets. + properties: + key: + description: The key to select. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the ConfigMap or its + key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + secret: + description: Secret containing data to use for the targets. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key + must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + caFile: + description: Path to the CA cert in the container to use + for the targets. + type: string + cert: + description: Struct containing the client cert file for + the targets. + properties: + configMap: + description: ConfigMap containing data to use for the + targets. + properties: + key: + description: The key to select. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the ConfigMap or its + key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + secret: + description: Secret containing data to use for the targets. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key + must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + certFile: + description: Path to the client cert file in the container + for the targets. + type: string + insecureSkipVerify: + description: Disable target certificate validation. + type: boolean + keyFile: + description: Path to the client key file in the container + for the targets. + type: string + keySecret: + description: Secret containing the client key file for the + targets. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + serverName: + description: Used to verify the hostname for the targets. + type: string + type: object + vm_scrape_params: + description: VMScrapeParams defines VictoriaMetrics specific + scrape parameters + properties: + disable_compression: + description: DisableCompression + type: boolean + disable_keep_alive: + description: |- + disable_keepalive allows disabling HTTP keep-alive when scraping targets. + By default, HTTP keep-alive is enabled, so TCP connections to scrape targets + could be reused. + See https://docs.victoriametrics.com/victoriametrics/vmagent/#scrape_config-enhancements + type: boolean + headers: + description: |- + Headers allows sending custom headers to scrape targets + must be in of semicolon separated header with it's value + eg: + headerName: headerValue + vmagent supports since 1.79.0 version + items: + type: string + type: array + no_stale_markers: + type: boolean + proxy_client_config: + description: |- + ProxyClientConfig configures proxy auth settings for scraping + See feature description https://docs.victoriametrics.com/victoriametrics/vmagent/#scraping-targets-via-a-proxy + properties: + basic_auth: + description: BasicAuth allow an endpoint to authenticate + over basic authentication + properties: + password: + description: |- + Password defines reference for secret with password value + The secret needs to be in the same namespace as scrape object + properties: + key: + description: The key of the secret to select + from. Must be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its + key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + password_file: + description: |- + PasswordFile defines path to password file at disk + must be pre-mounted + type: string + username: + description: |- + Username defines reference for secret with username value + The secret needs to be in the same namespace as scrape object + properties: + key: + description: The key of the secret to select + from. Must be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its + key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + bearer_token: + description: SecretKeySelector selects a key of a Secret. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key + must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + bearer_token_file: + type: string + tls_config: + x-kubernetes-preserve-unknown-fields: true + type: object + scrape_align_interval: + type: string + scrape_offset: + type: string + stream_parse: + type: boolean + type: object + type: object + type: array + podTargetLabels: + description: PodTargetLabels transfers labels on the Kubernetes Pod + onto the target. + items: + type: string + type: array + sampleLimit: + description: SampleLimit defines per-scrape limit on number of scraped + samples that will be accepted. + format: int64 + type: integer + selector: + description: Selector to select Pod objects. + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. + The requirements are ANDed. + items: + description: |- + A label selector requirement is a selector that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: key is the label key that the selector applies + to. + type: string + operator: + description: |- + operator represents a key's relationship to a set of values. + Valid operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: |- + values is an array of string values. If the operator is In or NotIn, + the values array must be non-empty. If the operator is Exists or DoesNotExist, + the values array must be empty. This array is replaced during a strategic + merge patch. + items: + type: string + type: array + x-kubernetes-list-type: atomic + required: + - key + - operator + type: object + type: array + x-kubernetes-list-type: atomic + matchLabels: + additionalProperties: + type: string + description: |- + matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, whose key field is "key", the + operator is "In", and the values array contains only "value". The requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + seriesLimit: + description: |- + SeriesLimit defines per-scrape limit on number of unique time series + a single target can expose during all the scrapes on the time window of 24h. + format: int64 + type: integer + required: + - podMetricsEndpoints + type: object + status: + description: ScrapeObjectStatus defines the observed state of ScrapeObjects + properties: + conditions: + description: 'Known .status.conditions.type are: "Available", "Progressing", + and "Degraded"' + items: + description: Condition defines status condition of the resource + properties: + lastTransitionTime: + description: lastTransitionTime is the last time the condition + transitioned from one status to another. + format: date-time + type: string + lastUpdateTime: + description: |- + LastUpdateTime is the last time of given type update. + This value is used for status TTL update and removal + format: date-time + type: string + message: + description: |- + message is a human readable message indicating details about the transition. + This may be an empty string. + maxLength: 32768 + type: string + observedGeneration: + description: |- + observedGeneration represents the .metadata.generation that the condition was set based upon. + For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date + with respect to the current state of the instance. + format: int64 + minimum: 0 + type: integer + reason: + description: |- + reason contains a programmatic identifier indicating the reason for the condition's last transition. + Producers of specific condition types may define expected values and meanings for this field, + and whether the values are considered a guaranteed API. + The value should be a CamelCase string. + This field may not be empty. + maxLength: 1024 + minLength: 1 + type: string + status: + description: status of the condition, one of True, False, Unknown. + enum: + - "True" + - "False" + - Unknown + type: string + type: + description: Type of condition in CamelCase or in name.namespace.resource.victoriametrics.com/CamelCase. + maxLength: 316 + type: string + required: + - lastTransitionTime + - lastUpdateTime + - reason + - status + - type + type: object + type: array + x-kubernetes-list-map-keys: + - type + x-kubernetes-list-type: map + observedGeneration: + description: |- + ObservedGeneration defines current generation picked by operator for the + reconcile + format: int64 + type: integer + reason: + description: Reason defines human readable error reason + type: string + updateStatus: + description: UpdateStatus defines a status for update rollout + type: string + type: object + type: object + served: true + storage: true + subresources: + status: {} +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.18.0 + name: vmprobes.operator.victoriametrics.com +spec: + group: operator.victoriametrics.com + names: + kind: VMProbe + listKind: VMProbeList + plural: vmprobes + singular: vmprobe + scope: Namespaced + versions: + - additionalPrinterColumns: + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + - jsonPath: .status.updateStatus + name: Status + type: string + - jsonPath: .status.reason + name: Sync Error + type: string + name: v1beta1 + schema: + openAPIV3Schema: + description: |- + VMProbe defines a probe for targets, that will be executed with prober, + like blackbox exporter. + It helps to monitor reachability of target with various checks. + properties: + apiVersion: + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + type: string + kind: + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + type: string + metadata: + type: object + spec: + description: VMProbeSpec contains specification parameters for a Probe. + properties: + authorization: + description: Authorization with http header Authorization + properties: + credentials: + description: Reference to the secret with value for authorization + properties: + key: + description: The key of the secret to select from. Must be + a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must be + defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + credentialsFile: + description: File with value for authorization + type: string + type: + description: Type of authorization, default to bearer + type: string + type: object + basicAuth: + description: BasicAuth allow an endpoint to authenticate over basic + authentication + properties: + password: + description: |- + Password defines reference for secret with password value + The secret needs to be in the same namespace as scrape object + properties: + key: + description: The key of the secret to select from. Must be + a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must be + defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + password_file: + description: |- + PasswordFile defines path to password file at disk + must be pre-mounted + type: string + username: + description: |- + Username defines reference for secret with username value + The secret needs to be in the same namespace as scrape object + properties: + key: + description: The key of the secret to select from. Must be + a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must be + defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + bearerTokenFile: + description: File to read bearer token for scraping targets. + type: string + bearerTokenSecret: + description: |- + Secret to mount to read bearer token for scraping targets. The secret + needs to be in the same namespace as the scrape object and accessible by + the victoria-metrics operator. + nullable: true + properties: + key: + description: The key of the secret to select from. Must be a + valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + follow_redirects: + description: FollowRedirects controls redirects for scraping. + type: boolean + honorLabels: + description: HonorLabels chooses the metric's labels on collisions + with target labels. + type: boolean + honorTimestamps: + description: HonorTimestamps controls whether vmagent respects the + timestamps present in scraped data. + type: boolean + interval: + description: Interval at which metrics should be scraped + type: string + jobName: + description: The job name assigned to scraped metrics by default. + type: string + max_scrape_size: + description: MaxScrapeSize defines a maximum size of scraped data + for a job + type: string + metricRelabelConfigs: + description: MetricRelabelConfigs to apply to samples after scrapping. + items: + description: |- + RelabelConfig allows dynamic rewriting of the label set + More info: https://docs.victoriametrics.com/victoriametrics/#relabeling + properties: + action: + description: Action to perform based on regex matching. Default + is 'replace' + type: string + if: + description: 'If represents metricsQL match expression (or list + of expressions): ''{__name__=~"foo_.*"}''' + x-kubernetes-preserve-unknown-fields: true + labels: + additionalProperties: + type: string + description: 'Labels is used together with Match for `action: + graphite`' + type: object + match: + description: 'Match is used together with Labels for `action: + graphite`' + type: string + modulus: + description: Modulus to take of the hash of the source label + values. + format: int64 + type: integer + regex: + description: |- + Regular expression against which the extracted value is matched. Default is '(.*)' + victoriaMetrics supports multiline regex joined with | + https://docs.victoriametrics.com/victoriametrics/vmagent/#relabeling-enhancements + x-kubernetes-preserve-unknown-fields: true + replacement: + description: |- + Replacement value against which a regex replace is performed if the + regular expression matches. Regex capture groups are available. Default is '$1' + type: string + separator: + description: Separator placed between concatenated source label + values. default is ';'. + type: string + source_labels: + description: |- + UnderScoreSourceLabels - additional form of source labels source_labels + for compatibility with original relabel config. + if set both sourceLabels and source_labels, sourceLabels has priority. + for details https://github.com/VictoriaMetrics/operator/issues/131 + items: + type: string + type: array + sourceLabels: + description: |- + The source labels select values from existing labels. Their content is concatenated + using the configured separator and matched against the configured regular expression + for the replace, keep, and drop actions. + items: + type: string + type: array + target_label: + description: |- + UnderScoreTargetLabel - additional form of target label - target_label + for compatibility with original relabel config. + if set both targetLabel and target_label, targetLabel has priority. + for details https://github.com/VictoriaMetrics/operator/issues/131 + type: string + targetLabel: + description: |- + Label to which the resulting value is written in a replace action. + It is mandatory for replace actions. Regex capture groups are available. + type: string + type: object + type: array + module: + description: |- + The module to use for probing specifying how to probe the target. + Example module configuring in the blackbox exporter: + https://github.com/prometheus/blackbox_exporter/blob/master/example.yml + type: string + oauth2: + description: OAuth2 defines auth configuration + properties: + client_id: + description: The secret or configmap containing the OAuth2 client + id + properties: + configMap: + description: ConfigMap containing data to use for the targets. + properties: + key: + description: The key to select. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the ConfigMap or its key + must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + secret: + description: Secret containing data to use for the targets. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + client_secret: + description: The secret containing the OAuth2 client secret + properties: + key: + description: The key of the secret to select from. Must be + a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must be + defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + client_secret_file: + description: ClientSecretFile defines path for client secret file. + type: string + endpoint_params: + additionalProperties: + type: string + description: Parameters to append to the token URL + type: object + proxy_url: + description: |- + The proxy URL for token_url connection + ( available from v0.55.0). + Is only supported by Scrape objects family + type: string + scopes: + description: OAuth2 scopes used for the token request + items: + type: string + type: array + tls_config: + description: |- + TLSConfig for token_url connection + ( available from v0.55.0). + Is only supported by Scrape objects family + x-kubernetes-preserve-unknown-fields: true + token_url: + description: The URL to fetch the token from + minLength: 1 + type: string + required: + - client_id + - token_url + type: object + params: + additionalProperties: + items: + type: string + type: array + description: Optional HTTP URL parameters + type: object + path: + description: HTTP path to scrape for metrics. + type: string + proxyURL: + description: ProxyURL eg http://proxyserver:2195 Directs scrapes to + proxy through this endpoint. + type: string + sampleLimit: + description: SampleLimit defines per-scrape limit on number of scraped + samples that will be accepted. + format: int64 + type: integer + scheme: + description: HTTP scheme to use for scraping. + enum: + - http + - https + - HTTPS + - HTTP + type: string + scrape_interval: + description: |- + ScrapeInterval is the same as Interval and has priority over it. + one of scrape_interval or interval can be used + type: string + scrapeTimeout: + description: Timeout after which the scrape is ended + type: string + seriesLimit: + description: |- + SeriesLimit defines per-scrape limit on number of unique time series + a single target can expose during all the scrapes on the time window of 24h. + format: int64 + type: integer + targets: + description: Targets defines a set of static and/or dynamically discovered + targets to be probed using the prober. + properties: + ingress: + description: Ingress defines the set of dynamically discovered + ingress objects which hosts are considered for probing. + properties: + namespaceSelector: + description: Select Ingress objects by namespace. + properties: + any: + description: |- + Boolean describing whether all namespaces are selected in contrast to a + list restricting them. + type: boolean + matchNames: + description: List of namespace names. + items: + type: string + type: array + type: object + relabelingConfigs: + description: RelabelConfigs to apply to samples during service + discovery. + items: + description: |- + RelabelConfig allows dynamic rewriting of the label set + More info: https://docs.victoriametrics.com/victoriametrics/#relabeling + properties: + action: + description: Action to perform based on regex matching. + Default is 'replace' + type: string + if: + description: 'If represents metricsQL match expression + (or list of expressions): ''{__name__=~"foo_.*"}''' + x-kubernetes-preserve-unknown-fields: true + labels: + additionalProperties: + type: string + description: 'Labels is used together with Match for + `action: graphite`' + type: object + match: + description: 'Match is used together with Labels for + `action: graphite`' + type: string + modulus: + description: Modulus to take of the hash of the source + label values. + format: int64 + type: integer + regex: + description: |- + Regular expression against which the extracted value is matched. Default is '(.*)' + victoriaMetrics supports multiline regex joined with | + https://docs.victoriametrics.com/victoriametrics/vmagent/#relabeling-enhancements + x-kubernetes-preserve-unknown-fields: true + replacement: + description: |- + Replacement value against which a regex replace is performed if the + regular expression matches. Regex capture groups are available. Default is '$1' + type: string + separator: + description: Separator placed between concatenated source + label values. default is ';'. + type: string + source_labels: + description: |- + UnderScoreSourceLabels - additional form of source labels source_labels + for compatibility with original relabel config. + if set both sourceLabels and source_labels, sourceLabels has priority. + for details https://github.com/VictoriaMetrics/operator/issues/131 + items: + type: string + type: array + sourceLabels: + description: |- + The source labels select values from existing labels. Their content is concatenated + using the configured separator and matched against the configured regular expression + for the replace, keep, and drop actions. + items: + type: string + type: array + target_label: + description: |- + UnderScoreTargetLabel - additional form of target label - target_label + for compatibility with original relabel config. + if set both targetLabel and target_label, targetLabel has priority. + for details https://github.com/VictoriaMetrics/operator/issues/131 + type: string + targetLabel: + description: |- + Label to which the resulting value is written in a replace action. + It is mandatory for replace actions. Regex capture groups are available. + type: string + type: object + type: array + selector: + description: Select Ingress objects by labels. + properties: + matchExpressions: + description: matchExpressions is a list of label selector + requirements. The requirements are ANDed. + items: + description: |- + A label selector requirement is a selector that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: key is the label key that the selector + applies to. + type: string + operator: + description: |- + operator represents a key's relationship to a set of values. + Valid operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: |- + values is an array of string values. If the operator is In or NotIn, + the values array must be non-empty. If the operator is Exists or DoesNotExist, + the values array must be empty. This array is replaced during a strategic + merge patch. + items: + type: string + type: array + x-kubernetes-list-type: atomic + required: + - key + - operator + type: object + type: array + x-kubernetes-list-type: atomic + matchLabels: + additionalProperties: + type: string + description: |- + matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, whose key field is "key", the + operator is "In", and the values array contains only "value". The requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + type: object + staticConfig: + description: StaticConfig defines static targets which are considers + for probing. + properties: + labels: + additionalProperties: + type: string + description: Labels assigned to all metrics scraped from the + targets. + type: object + relabelingConfigs: + description: RelabelConfigs to apply to samples during service + discovery. + items: + description: |- + RelabelConfig allows dynamic rewriting of the label set + More info: https://docs.victoriametrics.com/victoriametrics/#relabeling + properties: + action: + description: Action to perform based on regex matching. + Default is 'replace' + type: string + if: + description: 'If represents metricsQL match expression + (or list of expressions): ''{__name__=~"foo_.*"}''' + x-kubernetes-preserve-unknown-fields: true + labels: + additionalProperties: + type: string + description: 'Labels is used together with Match for + `action: graphite`' + type: object + match: + description: 'Match is used together with Labels for + `action: graphite`' + type: string + modulus: + description: Modulus to take of the hash of the source + label values. + format: int64 + type: integer + regex: + description: |- + Regular expression against which the extracted value is matched. Default is '(.*)' + victoriaMetrics supports multiline regex joined with | + https://docs.victoriametrics.com/victoriametrics/vmagent/#relabeling-enhancements + x-kubernetes-preserve-unknown-fields: true + replacement: + description: |- + Replacement value against which a regex replace is performed if the + regular expression matches. Regex capture groups are available. Default is '$1' + type: string + separator: + description: Separator placed between concatenated source + label values. default is ';'. + type: string + source_labels: + description: |- + UnderScoreSourceLabels - additional form of source labels source_labels + for compatibility with original relabel config. + if set both sourceLabels and source_labels, sourceLabels has priority. + for details https://github.com/VictoriaMetrics/operator/issues/131 + items: + type: string + type: array + sourceLabels: + description: |- + The source labels select values from existing labels. Their content is concatenated + using the configured separator and matched against the configured regular expression + for the replace, keep, and drop actions. + items: + type: string + type: array + target_label: + description: |- + UnderScoreTargetLabel - additional form of target label - target_label + for compatibility with original relabel config. + if set both targetLabel and target_label, targetLabel has priority. + for details https://github.com/VictoriaMetrics/operator/issues/131 + type: string + targetLabel: + description: |- + Label to which the resulting value is written in a replace action. + It is mandatory for replace actions. Regex capture groups are available. + type: string + type: object + type: array + targets: + description: Targets is a list of URLs to probe using the + configured prober. + items: + type: string + type: array + required: + - targets + type: object + type: object + tlsConfig: + description: TLSConfig configuration to use when scraping the endpoint + properties: + ca: + description: Struct containing the CA cert to use for the targets. + properties: + configMap: + description: ConfigMap containing data to use for the targets. + properties: + key: + description: The key to select. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the ConfigMap or its key + must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + secret: + description: Secret containing data to use for the targets. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + caFile: + description: Path to the CA cert in the container to use for the + targets. + type: string + cert: + description: Struct containing the client cert file for the targets. + properties: + configMap: + description: ConfigMap containing data to use for the targets. + properties: + key: + description: The key to select. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the ConfigMap or its key + must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + secret: + description: Secret containing data to use for the targets. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + certFile: + description: Path to the client cert file in the container for + the targets. + type: string + insecureSkipVerify: + description: Disable target certificate validation. + type: boolean + keyFile: + description: Path to the client key file in the container for + the targets. + type: string + keySecret: + description: Secret containing the client key file for the targets. + properties: + key: + description: The key of the secret to select from. Must be + a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must be + defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + serverName: + description: Used to verify the hostname for the targets. + type: string + type: object + vm_scrape_params: + description: VMScrapeParams defines VictoriaMetrics specific scrape + parameters + properties: + disable_compression: + description: DisableCompression + type: boolean + disable_keep_alive: + description: |- + disable_keepalive allows disabling HTTP keep-alive when scraping targets. + By default, HTTP keep-alive is enabled, so TCP connections to scrape targets + could be reused. + See https://docs.victoriametrics.com/victoriametrics/vmagent/#scrape_config-enhancements + type: boolean + headers: + description: |- + Headers allows sending custom headers to scrape targets + must be in of semicolon separated header with it's value + eg: + headerName: headerValue + vmagent supports since 1.79.0 version + items: + type: string + type: array + no_stale_markers: + type: boolean + proxy_client_config: + description: |- + ProxyClientConfig configures proxy auth settings for scraping + See feature description https://docs.victoriametrics.com/victoriametrics/vmagent/#scraping-targets-via-a-proxy + properties: + basic_auth: + description: BasicAuth allow an endpoint to authenticate over + basic authentication + properties: + password: + description: |- + Password defines reference for secret with password value + The secret needs to be in the same namespace as scrape object + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key + must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + password_file: + description: |- + PasswordFile defines path to password file at disk + must be pre-mounted + type: string + username: + description: |- + Username defines reference for secret with username value + The secret needs to be in the same namespace as scrape object + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key + must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + bearer_token: + description: SecretKeySelector selects a key of a Secret. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + bearer_token_file: + type: string + tls_config: + x-kubernetes-preserve-unknown-fields: true + type: object + scrape_align_interval: + type: string + scrape_offset: + type: string + stream_parse: + type: boolean + type: object + vmProberSpec: + description: |- + Specification for the prober to use for probing targets. + The prober.URL parameter is required. Targets cannot be probed if left empty. + properties: + path: + description: |- + Path to collect metrics from. + Defaults to `/probe`. + type: string + scheme: + description: |- + HTTP scheme to use for scraping. + Defaults to `http`. + enum: + - http + - https + type: string + url: + description: Mandatory URL of the prober. + type: string + required: + - url + type: object + required: + - vmProberSpec + type: object + status: + description: ScrapeObjectStatus defines the observed state of ScrapeObjects + properties: + conditions: + description: 'Known .status.conditions.type are: "Available", "Progressing", + and "Degraded"' + items: + description: Condition defines status condition of the resource + properties: + lastTransitionTime: + description: lastTransitionTime is the last time the condition + transitioned from one status to another. + format: date-time + type: string + lastUpdateTime: + description: |- + LastUpdateTime is the last time of given type update. + This value is used for status TTL update and removal + format: date-time + type: string + message: + description: |- + message is a human readable message indicating details about the transition. + This may be an empty string. + maxLength: 32768 + type: string + observedGeneration: + description: |- + observedGeneration represents the .metadata.generation that the condition was set based upon. + For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date + with respect to the current state of the instance. + format: int64 + minimum: 0 + type: integer + reason: + description: |- + reason contains a programmatic identifier indicating the reason for the condition's last transition. + Producers of specific condition types may define expected values and meanings for this field, + and whether the values are considered a guaranteed API. + The value should be a CamelCase string. + This field may not be empty. + maxLength: 1024 + minLength: 1 + type: string + status: + description: status of the condition, one of True, False, Unknown. + enum: + - "True" + - "False" + - Unknown + type: string + type: + description: Type of condition in CamelCase or in name.namespace.resource.victoriametrics.com/CamelCase. + maxLength: 316 + type: string + required: + - lastTransitionTime + - lastUpdateTime + - reason + - status + - type + type: object + type: array + x-kubernetes-list-map-keys: + - type + x-kubernetes-list-type: map + observedGeneration: + description: |- + ObservedGeneration defines current generation picked by operator for the + reconcile + format: int64 + type: integer + reason: + description: Reason defines human readable error reason + type: string + updateStatus: + description: UpdateStatus defines a status for update rollout + type: string + type: object + required: + - spec + type: object + served: true + storage: true + subresources: + status: {} +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.18.0 + name: vmrules.operator.victoriametrics.com +spec: + group: operator.victoriametrics.com + names: + kind: VMRule + listKind: VMRuleList + plural: vmrules + singular: vmrule + scope: Namespaced + versions: + - additionalPrinterColumns: + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + - jsonPath: .status.updateStatus + name: Status + type: string + - jsonPath: .status.reason + name: Sync Error + type: string + name: v1beta1 + schema: + openAPIV3Schema: + description: VMRule defines rule records for vmalert application + properties: + apiVersion: + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + type: string + kind: + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + type: string + metadata: + type: object + spec: + description: VMRuleSpec defines the desired state of VMRule + properties: + groups: + description: Groups list of group rules + items: + description: RuleGroup is a list of sequentially evaluated recording + and alerting rules. + properties: + concurrency: + description: Concurrency defines how many rules execute at once. + type: integer + eval_alignment: + description: |- + Optional + The evaluation timestamp will be aligned with group's interval, + instead of using the actual timestamp that evaluation happens at. + It is enabled by default to get more predictable results + and to visually align with graphs plotted via Grafana or vmui. + type: boolean + eval_delay: + description: |- + Optional + Adjust the `time` parameter of group evaluation requests to compensate intentional query delay from the datasource. + type: string + eval_offset: + description: |- + Optional + Group will be evaluated at the exact offset in the range of [0...interval]. + type: string + extra_filter_labels: + additionalProperties: + type: string + description: |- + ExtraFilterLabels optional list of label filters applied to every rule's + request within a group. Is compatible only with VM datasource. + See more details [here](https://docs.victoriametrics.com/victoriametrics/#prometheus-querying-api-enhancements) + Deprecated: use params instead + type: object + headers: + description: |- + Headers contains optional HTTP headers added to each rule request + Must be in form `header-name: value` + For example: + headers: + - "CustomHeader: foo" + - "CustomHeader2: bar" + items: + type: string + type: array + interval: + description: evaluation interval for group + type: string + labels: + additionalProperties: + type: string + description: |- + Labels optional list of labels added to every rule within a group. + It has priority over the external labels. + Labels are commonly used for adding environment + or tenant-specific tag. + type: object + limit: + description: |- + Limit the number of alerts an alerting rule and series a recording + rule can produce + type: integer + name: + description: Name of group + type: string + notifier_headers: + description: |- + NotifierHeaders contains optional HTTP headers added to each alert request which will send to notifier + Must be in form `header-name: value` + For example: + headers: + - "CustomHeader: foo" + - "CustomHeader2: bar" + items: + type: string + type: array + params: + additionalProperties: + items: + type: string + type: array + description: Params optional HTTP URL parameters added to each + rule request + type: object + rules: + description: Rules list of alert rules + items: + description: Rule describes an alerting or recording rule. + properties: + alert: + description: Alert is a name for alert + type: string + annotations: + additionalProperties: + type: string + description: Annotations will be added to rule configuration + type: object + debug: + description: |- + Debug enables logging for rule + it useful for tracking + type: boolean + expr: + description: Expr is query, that will be evaluated at + dataSource + type: string + for: + description: |- + For evaluation interval in time.Duration format + 30s, 1m, 1h or nanoseconds + type: string + keep_firing_for: + description: |- + KeepFiringFor will make alert continue firing for this long + even when the alerting expression no longer has results. + Use time.Duration format, 30s, 1m, 1h or nanoseconds + type: string + labels: + additionalProperties: + type: string + description: Labels will be added to rule configuration + type: object + record: + description: Record represents a query, that will be recorded + to dataSource + type: string + update_entries_limit: + description: |- + UpdateEntriesLimit defines max number of rule's state updates stored in memory. + Overrides `-rule.updateEntriesLimit` in vmalert. + type: integer + type: object + type: array + tenant: + description: |- + Tenant id for group, can be used only with enterprise version of vmalert. + See more details [here](https://docs.victoriametrics.com/victoriametrics/vmalert/#multitenancy). + type: string + type: + description: |- + Type defines datasource type for enterprise version of vmalert + possible values - prometheus,graphite,vlogs + type: string + required: + - name + - rules + type: object + type: array + required: + - groups + type: object + status: + description: VMRuleStatus defines the observed state of VMRule + properties: + conditions: + description: 'Known .status.conditions.type are: "Available", "Progressing", + and "Degraded"' + items: + description: Condition defines status condition of the resource + properties: + lastTransitionTime: + description: lastTransitionTime is the last time the condition + transitioned from one status to another. + format: date-time + type: string + lastUpdateTime: + description: |- + LastUpdateTime is the last time of given type update. + This value is used for status TTL update and removal + format: date-time + type: string + message: + description: |- + message is a human readable message indicating details about the transition. + This may be an empty string. + maxLength: 32768 + type: string + observedGeneration: + description: |- + observedGeneration represents the .metadata.generation that the condition was set based upon. + For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date + with respect to the current state of the instance. + format: int64 + minimum: 0 + type: integer + reason: + description: |- + reason contains a programmatic identifier indicating the reason for the condition's last transition. + Producers of specific condition types may define expected values and meanings for this field, + and whether the values are considered a guaranteed API. + The value should be a CamelCase string. + This field may not be empty. + maxLength: 1024 + minLength: 1 + type: string + status: + description: status of the condition, one of True, False, Unknown. + enum: + - "True" + - "False" + - Unknown + type: string + type: + description: Type of condition in CamelCase or in name.namespace.resource.victoriametrics.com/CamelCase. + maxLength: 316 + type: string + required: + - lastTransitionTime + - lastUpdateTime + - reason + - status + - type + type: object + type: array + x-kubernetes-list-map-keys: + - type + x-kubernetes-list-type: map + observedGeneration: + description: |- + ObservedGeneration defines current generation picked by operator for the + reconcile + format: int64 + type: integer + reason: + description: Reason defines human readable error reason + type: string + updateStatus: + description: UpdateStatus defines a status for update rollout + type: string + type: object + required: + - spec + type: object + served: true + storage: true + subresources: + status: {} +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.18.0 + name: vmscrapeconfigs.operator.victoriametrics.com +spec: + group: operator.victoriametrics.com + names: + kind: VMScrapeConfig + listKind: VMScrapeConfigList + plural: vmscrapeconfigs + singular: vmscrapeconfig + scope: Namespaced + versions: + - additionalPrinterColumns: + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + - jsonPath: .status.updateStatus + name: Status + type: string + - jsonPath: .status.reason + name: Sync Error + type: string + name: v1beta1 + schema: + openAPIV3Schema: + description: VMScrapeConfig specifies a set of targets and parameters describing + how to scrape them. + properties: + apiVersion: + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + type: string + kind: + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + type: string + metadata: + type: object + spec: + description: VMScrapeConfigSpec defines the desired state of VMScrapeConfig + properties: + authorization: + description: Authorization with http header Authorization + properties: + credentials: + description: Reference to the secret with value for authorization + properties: + key: + description: The key of the secret to select from. Must be + a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must be + defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + credentialsFile: + description: File with value for authorization + type: string + type: + description: Type of authorization, default to bearer + type: string + type: object + azureSDConfigs: + description: AzureSDConfigs defines a list of Azure service discovery + configurations. + items: + description: |- + AzureSDConfig allow retrieving scrape targets from Azure VMs. + See [here](https://docs.victoriametrics.com/victoriametrics/sd_configs/#azure_sd_configs) + properties: + authenticationMethod: + description: |- + # The authentication method, either OAuth or ManagedIdentity. + See https://docs.microsoft.com/en-us/azure/active-directory/managed-identities-azure-resources/overview + enum: + - OAuth + - ManagedIdentity + type: string + clientID: + description: Optional client ID. Only required with the OAuth + authentication method. + type: string + clientSecret: + description: Optional client secret. Only required with the + OAuth authentication method. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + environment: + description: The Azure environment. + type: string + port: + description: |- + The port to scrape metrics from. If using the public IP address, this must + instead be specified in the relabeling rule. + type: integer + resourceGroup: + description: Optional resource group name. Limits discovery + to this resource group. + type: string + subscriptionID: + description: The subscription ID. Always required. + minLength: 1 + type: string + tenantID: + description: Optional tenant ID. Only required with the OAuth + authentication method. + type: string + required: + - subscriptionID + type: object + type: array + basicAuth: + description: BasicAuth allow an endpoint to authenticate over basic + authentication + properties: + password: + description: |- + Password defines reference for secret with password value + The secret needs to be in the same namespace as scrape object + properties: + key: + description: The key of the secret to select from. Must be + a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must be + defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + password_file: + description: |- + PasswordFile defines path to password file at disk + must be pre-mounted + type: string + username: + description: |- + Username defines reference for secret with username value + The secret needs to be in the same namespace as scrape object + properties: + key: + description: The key of the secret to select from. Must be + a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must be + defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + bearerTokenFile: + description: File to read bearer token for scraping targets. + type: string + bearerTokenSecret: + description: |- + Secret to mount to read bearer token for scraping targets. The secret + needs to be in the same namespace as the scrape object and accessible by + the victoria-metrics operator. + nullable: true + properties: + key: + description: The key of the secret to select from. Must be a + valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + consulSDConfigs: + description: ConsulSDConfigs defines a list of Consul service discovery + configurations. + items: + description: |- + ConsulSDConfig defines a Consul service discovery configuration. + See [here](https://docs.victoriametrics.com/victoriametrics/sd_configs/#consul_sd_configs) + properties: + allowStale: + description: |- + Allow stale Consul results (see https://developer.hashicorp.com/consul/api-docs/features/consistency ). Will reduce load on Consul. + If unset, use its default value. + type: boolean + authorization: + description: Authorization header to use on every scrape request. + properties: + credentials: + description: Reference to the secret with value for authorization + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + credentialsFile: + description: File with value for authorization + type: string + type: + description: Type of authorization, default to bearer + type: string + type: object + basicAuth: + description: BasicAuth information to use on every scrape request. + properties: + password: + description: |- + Password defines reference for secret with password value + The secret needs to be in the same namespace as scrape object + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + password_file: + description: |- + PasswordFile defines path to password file at disk + must be pre-mounted + type: string + username: + description: |- + Username defines reference for secret with username value + The secret needs to be in the same namespace as scrape object + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + datacenter: + description: Consul Datacenter name, if not provided it will + use the local Consul Agent Datacenter. + type: string + filter: + description: |- + Filter defines filter for /v1/catalog/services requests + See https://developer.hashicorp.com/consul/api-docs/features/filtering + type: string + followRedirects: + description: |- + Configure whether HTTP requests follow HTTP 3xx redirects. + If unset, use its default value. + type: boolean + namespace: + description: Namespaces are only supported in Consul Enterprise. + type: string + nodeMeta: + additionalProperties: + type: string + description: Node metadata key/value pairs to filter nodes for + a given service. + type: object + x-kubernetes-map-type: atomic + oauth2: + description: OAuth2 defines auth configuration + properties: + client_id: + description: The secret or configmap containing the OAuth2 + client id + properties: + configMap: + description: ConfigMap containing data to use for the + targets. + properties: + key: + description: The key to select. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the ConfigMap or its + key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + secret: + description: Secret containing data to use for the targets. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key + must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + client_secret: + description: The secret containing the OAuth2 client secret + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + client_secret_file: + description: ClientSecretFile defines path for client secret + file. + type: string + endpoint_params: + additionalProperties: + type: string + description: Parameters to append to the token URL + type: object + proxy_url: + description: |- + The proxy URL for token_url connection + ( available from v0.55.0). + Is only supported by Scrape objects family + type: string + scopes: + description: OAuth2 scopes used for the token request + items: + type: string + type: array + tls_config: + description: |- + TLSConfig for token_url connection + ( available from v0.55.0). + Is only supported by Scrape objects family + x-kubernetes-preserve-unknown-fields: true + token_url: + description: The URL to fetch the token from + minLength: 1 + type: string + required: + - client_id + - token_url + type: object + partition: + description: Admin Partitions are only supported in Consul Enterprise. + type: string + proxy_client_config: + description: |- + ProxyClientConfig configures proxy auth settings for scraping + See [feature description](https://docs.victoriametrics.com/victoriametrics/vmagent/#scraping-targets-via-a-proxy) + properties: + basic_auth: + description: BasicAuth allow an endpoint to authenticate + over basic authentication + properties: + password: + description: |- + Password defines reference for secret with password value + The secret needs to be in the same namespace as scrape object + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key + must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + password_file: + description: |- + PasswordFile defines path to password file at disk + must be pre-mounted + type: string + username: + description: |- + Username defines reference for secret with username value + The secret needs to be in the same namespace as scrape object + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key + must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + bearer_token: + description: SecretKeySelector selects a key of a Secret. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + bearer_token_file: + type: string + tls_config: + x-kubernetes-preserve-unknown-fields: true + type: object + proxyURL: + description: ProxyURL eg http://proxyserver:2195 Directs scrapes + to proxy through this endpoint. + type: string + scheme: + description: HTTP Scheme default "http" + enum: + - HTTP + - HTTPS + type: string + server: + description: A valid string consisting of a hostname or IP followed + by an optional port number. + minLength: 1 + type: string + services: + description: A list of services for which targets are retrieved. + If omitted, all services are scraped. + items: + type: string + type: array + x-kubernetes-list-type: atomic + tagSeparator: + description: |- + The string by which Consul tags are joined into the tag label. + If unset, use its default value. + type: string + tags: + description: An optional list of tags used to filter nodes for + a given service. Services must contain all tags in the list. + items: + type: string + type: array + x-kubernetes-list-type: atomic + tlsConfig: + description: TLS configuration to use on every scrape request + properties: + ca: + description: Struct containing the CA cert to use for the + targets. + properties: + configMap: + description: ConfigMap containing data to use for the + targets. + properties: + key: + description: The key to select. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the ConfigMap or its + key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + secret: + description: Secret containing data to use for the targets. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key + must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + caFile: + description: Path to the CA cert in the container to use + for the targets. + type: string + cert: + description: Struct containing the client cert file for + the targets. + properties: + configMap: + description: ConfigMap containing data to use for the + targets. + properties: + key: + description: The key to select. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the ConfigMap or its + key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + secret: + description: Secret containing data to use for the targets. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key + must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + certFile: + description: Path to the client cert file in the container + for the targets. + type: string + insecureSkipVerify: + description: Disable target certificate validation. + type: boolean + keyFile: + description: Path to the client key file in the container + for the targets. + type: string + keySecret: + description: Secret containing the client key file for the + targets. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + serverName: + description: Used to verify the hostname for the targets. + type: string + type: object + tokenRef: + description: Consul ACL TokenRef, if not provided it will use + the ACL from the local Consul Agent. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + required: + - server + type: object + type: array + digitalOceanSDConfigs: + description: DigitalOceanSDConfigs defines a list of DigitalOcean + service discovery configurations. + items: + description: |- + DigitalOceanSDConfig allow retrieving scrape targets from DigitalOcean's Droplets API. + This service discovery uses the public IPv4 address by default, by that can be changed with relabeling. + See [here](https://docs.victoriametrics.com/victoriametrics/sd_configs/#digitalocean_sd_configs) + properties: + authorization: + description: Authorization header to use on every scrape request. + properties: + credentials: + description: Reference to the secret with value for authorization + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + credentialsFile: + description: File with value for authorization + type: string + type: + description: Type of authorization, default to bearer + type: string + type: object + followRedirects: + description: Configure whether HTTP requests follow HTTP 3xx + redirects. + type: boolean + oauth2: + description: OAuth2 defines auth configuration + properties: + client_id: + description: The secret or configmap containing the OAuth2 + client id + properties: + configMap: + description: ConfigMap containing data to use for the + targets. + properties: + key: + description: The key to select. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the ConfigMap or its + key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + secret: + description: Secret containing data to use for the targets. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key + must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + client_secret: + description: The secret containing the OAuth2 client secret + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + client_secret_file: + description: ClientSecretFile defines path for client secret + file. + type: string + endpoint_params: + additionalProperties: + type: string + description: Parameters to append to the token URL + type: object + proxy_url: + description: |- + The proxy URL for token_url connection + ( available from v0.55.0). + Is only supported by Scrape objects family + type: string + scopes: + description: OAuth2 scopes used for the token request + items: + type: string + type: array + tls_config: + description: |- + TLSConfig for token_url connection + ( available from v0.55.0). + Is only supported by Scrape objects family + x-kubernetes-preserve-unknown-fields: true + token_url: + description: The URL to fetch the token from + minLength: 1 + type: string + required: + - client_id + - token_url + type: object + port: + description: The port to scrape metrics from. + type: integer + proxy_client_config: + description: |- + ProxyClientConfig configures proxy auth settings for scraping + See [feature description](https://docs.victoriametrics.com/victoriametrics/vmagent/#scraping-targets-via-a-proxy) + properties: + basic_auth: + description: BasicAuth allow an endpoint to authenticate + over basic authentication + properties: + password: + description: |- + Password defines reference for secret with password value + The secret needs to be in the same namespace as scrape object + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key + must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + password_file: + description: |- + PasswordFile defines path to password file at disk + must be pre-mounted + type: string + username: + description: |- + Username defines reference for secret with username value + The secret needs to be in the same namespace as scrape object + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key + must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + bearer_token: + description: SecretKeySelector selects a key of a Secret. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + bearer_token_file: + type: string + tls_config: + x-kubernetes-preserve-unknown-fields: true + type: object + proxyURL: + description: ProxyURL eg http://proxyserver:2195 Directs scrapes + to proxy through this endpoint. + type: string + tlsConfig: + description: TLS configuration to use on every scrape request + properties: + ca: + description: Struct containing the CA cert to use for the + targets. + properties: + configMap: + description: ConfigMap containing data to use for the + targets. + properties: + key: + description: The key to select. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the ConfigMap or its + key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + secret: + description: Secret containing data to use for the targets. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key + must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + caFile: + description: Path to the CA cert in the container to use + for the targets. + type: string + cert: + description: Struct containing the client cert file for + the targets. + properties: + configMap: + description: ConfigMap containing data to use for the + targets. + properties: + key: + description: The key to select. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the ConfigMap or its + key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + secret: + description: Secret containing data to use for the targets. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key + must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + certFile: + description: Path to the client cert file in the container + for the targets. + type: string + insecureSkipVerify: + description: Disable target certificate validation. + type: boolean + keyFile: + description: Path to the client key file in the container + for the targets. + type: string + keySecret: + description: Secret containing the client key file for the + targets. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + serverName: + description: Used to verify the hostname for the targets. + type: string + type: object + type: object + type: array + dnsSDConfigs: + description: DNSSDConfigs defines a list of DNS service discovery + configurations. + items: + description: |- + DNSSDConfig allows specifying a set of DNS domain names which are periodically queried to discover a list of targets. + The DNS servers to be contacted are read from /etc/resolv.conf. + See [here](https://docs.victoriametrics.com/victoriametrics/sd_configs/#dns_sd_configs) + properties: + names: + description: A list of DNS domain names to be queried. + items: + type: string + minItems: 1 + type: array + port: + description: |- + The port number used if the query type is not SRV + Ignored for SRV records + type: integer + type: + enum: + - SRV + - A + - AAAA + - MX + type: string + required: + - names + type: object + type: array + ec2SDConfigs: + description: EC2SDConfigs defines a list of EC2 service discovery + configurations. + items: + description: |- + EC2SDConfig allow retrieving scrape targets from AWS EC2 instances. + The private IP address is used by default, but may be changed to the public IP address with relabeling. + The IAM credentials used must have the ec2:DescribeInstances permission to discover scrape targets. + See [here](https://docs.victoriametrics.com/victoriametrics/sd_configs/#ec2_sd_configs) + properties: + accessKey: + description: AccessKey is the AWS API key. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + filters: + description: |- + Filters can be used optionally to filter the instance list by other criteria. + Available filter criteria can be found here: + https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeInstances.html + Filter API documentation: https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_Filter.html + items: + description: EC2Filter is the configuration for filtering + EC2 instances. + properties: + name: + type: string + values: + items: + type: string + type: array + required: + - name + - values + type: object + type: array + port: + description: |- + The port to scrape metrics from. If using the public IP address, this must + instead be specified in the relabeling rule. + type: integer + region: + description: The AWS region + type: string + roleARN: + description: AWS Role ARN, an alternative to using AWS API keys. + type: string + secretKey: + description: SecretKey is the AWS API secret. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + type: array + fileSDConfigs: + description: FileSDConfigs defines a list of file service discovery + configurations. + items: + description: |- + FileSDConfig defines a file service discovery configuration. + See [here](https://docs.victoriametrics.com/victoriametrics/sd_configs/#file_sd_configs) + properties: + files: + description: List of files to be used for file discovery. + items: + type: string + minItems: 1 + type: array + required: + - files + type: object + type: array + follow_redirects: + description: FollowRedirects controls redirects for scraping. + type: boolean + gceSDConfigs: + description: GCESDConfigs defines a list of GCE service discovery + configurations. + items: + description: |- + GCESDConfig configures scrape targets from GCP GCE instances. + The private IP address is used by default, but may be changed to + the public IP address with relabeling. + See [here](https://docs.victoriametrics.com/victoriametrics/sd_configs/#gce_sd_configs) + + The GCE service discovery will load the Google Cloud credentials + from the file specified by the GOOGLE_APPLICATION_CREDENTIALS environment variable. + See https://cloud.google.com/kubernetes-engine/docs/tutorials/authenticating-to-cloud-platform + properties: + filter: + description: |- + Filter can be used optionally to filter the instance list by other criteria + Syntax of this filter is described in the filter query parameter section: + https://cloud.google.com/compute/docs/reference/latest/instances/list + type: string + port: + description: |- + The port to scrape metrics from. If using the public IP address, this must + instead be specified in the relabeling rule. + type: integer + project: + description: The Google Cloud Project ID + minLength: 1 + type: string + tagSeparator: + description: The tag separator is used to separate the tags + on concatenation + type: string + zone: + description: The zone of the scrape targets. If you need multiple + zones use multiple GCESDConfigs. + x-kubernetes-preserve-unknown-fields: true + required: + - project + - zone + type: object + type: array + honorLabels: + description: HonorLabels chooses the metric's labels on collisions + with target labels. + type: boolean + honorTimestamps: + description: HonorTimestamps controls whether vmagent respects the + timestamps present in scraped data. + type: boolean + httpSDConfigs: + description: HTTPSDConfigs defines a list of HTTP service discovery + configurations. + items: + description: |- + HTTPSDConfig defines a HTTP service discovery configuration. + See [here](https://docs.victoriametrics.com/victoriametrics/sd_configs/#http_sd_configs) + properties: + authorization: + description: Authorization header to use on every scrape request. + properties: + credentials: + description: Reference to the secret with value for authorization + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + credentialsFile: + description: File with value for authorization + type: string + type: + description: Type of authorization, default to bearer + type: string + type: object + basicAuth: + description: BasicAuth information to use on every scrape request. + properties: + password: + description: |- + Password defines reference for secret with password value + The secret needs to be in the same namespace as scrape object + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + password_file: + description: |- + PasswordFile defines path to password file at disk + must be pre-mounted + type: string + username: + description: |- + Username defines reference for secret with username value + The secret needs to be in the same namespace as scrape object + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + proxy_client_config: + description: |- + ProxyClientConfig configures proxy auth settings for scraping + See [feature description](https://docs.victoriametrics.com/victoriametrics/vmagent/#scraping-targets-via-a-proxy) + properties: + basic_auth: + description: BasicAuth allow an endpoint to authenticate + over basic authentication + properties: + password: + description: |- + Password defines reference for secret with password value + The secret needs to be in the same namespace as scrape object + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key + must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + password_file: + description: |- + PasswordFile defines path to password file at disk + must be pre-mounted + type: string + username: + description: |- + Username defines reference for secret with username value + The secret needs to be in the same namespace as scrape object + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key + must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + bearer_token: + description: SecretKeySelector selects a key of a Secret. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + bearer_token_file: + type: string + tls_config: + x-kubernetes-preserve-unknown-fields: true + type: object + proxyURL: + description: ProxyURL eg http://proxyserver:2195 Directs scrapes + to proxy through this endpoint. + type: string + tlsConfig: + description: TLS configuration to use on every scrape request + properties: + ca: + description: Struct containing the CA cert to use for the + targets. + properties: + configMap: + description: ConfigMap containing data to use for the + targets. + properties: + key: + description: The key to select. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the ConfigMap or its + key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + secret: + description: Secret containing data to use for the targets. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key + must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + caFile: + description: Path to the CA cert in the container to use + for the targets. + type: string + cert: + description: Struct containing the client cert file for + the targets. + properties: + configMap: + description: ConfigMap containing data to use for the + targets. + properties: + key: + description: The key to select. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the ConfigMap or its + key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + secret: + description: Secret containing data to use for the targets. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key + must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + certFile: + description: Path to the client cert file in the container + for the targets. + type: string + insecureSkipVerify: + description: Disable target certificate validation. + type: boolean + keyFile: + description: Path to the client key file in the container + for the targets. + type: string + keySecret: + description: Secret containing the client key file for the + targets. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + serverName: + description: Used to verify the hostname for the targets. + type: string + type: object + url: + description: URL from which the targets are fetched. + minLength: 1 + pattern: ^http(s)?://.+$ + type: string + required: + - url + type: object + type: array + interval: + description: Interval at which metrics should be scraped + type: string + kubernetesSDConfigs: + description: KubernetesSDConfigs defines a list of Kubernetes service + discovery configurations. + items: + description: |- + KubernetesSDConfig allows retrieving scrape targets from Kubernetes' REST API. + See [here](https://docs.victoriametrics.com/victoriametrics/sd_configs/#kubernetes_sd_configs) + properties: + apiServer: + description: |- + The API server address consisting of a hostname or IP address followed + by an optional port number. + If left empty, assuming process is running inside + of the cluster. It will discover API servers automatically and use the pod's + CA certificate and bearer token file at /var/run/secrets/kubernetes.io/serviceaccount/. + type: string + attach_metadata: + description: AttachMetadata configures metadata attaching from + service discovery + properties: + node: + description: |- + Node instructs vmagent to add node specific metadata from service discovery + Valid for roles: pod, endpoints, endpointslice. + type: boolean + type: object + authorization: + description: Authorization header to use on every scrape request. + properties: + credentials: + description: Reference to the secret with value for authorization + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + credentialsFile: + description: File with value for authorization + type: string + type: + description: Type of authorization, default to bearer + type: string + type: object + basicAuth: + description: BasicAuth information to use on every scrape request. + properties: + password: + description: |- + Password defines reference for secret with password value + The secret needs to be in the same namespace as scrape object + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + password_file: + description: |- + PasswordFile defines path to password file at disk + must be pre-mounted + type: string + username: + description: |- + Username defines reference for secret with username value + The secret needs to be in the same namespace as scrape object + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + followRedirects: + description: Configure whether HTTP requests follow HTTP 3xx + redirects. + type: boolean + namespaces: + description: Optional namespace discovery. If omitted, discover + targets across all namespaces. + properties: + names: + description: |- + List of namespaces where to watch for resources. + If empty and `ownNamespace` isn't true, watch for resources in all namespaces. + items: + type: string + type: array + ownNamespace: + description: Includes the namespace in which the pod exists + to the list of watched namespaces. + type: boolean + type: object + oauth2: + description: OAuth2 defines auth configuration + properties: + client_id: + description: The secret or configmap containing the OAuth2 + client id + properties: + configMap: + description: ConfigMap containing data to use for the + targets. + properties: + key: + description: The key to select. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the ConfigMap or its + key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + secret: + description: Secret containing data to use for the targets. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key + must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + client_secret: + description: The secret containing the OAuth2 client secret + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + client_secret_file: + description: ClientSecretFile defines path for client secret + file. + type: string + endpoint_params: + additionalProperties: + type: string + description: Parameters to append to the token URL + type: object + proxy_url: + description: |- + The proxy URL for token_url connection + ( available from v0.55.0). + Is only supported by Scrape objects family + type: string + scopes: + description: OAuth2 scopes used for the token request + items: + type: string + type: array + tls_config: + description: |- + TLSConfig for token_url connection + ( available from v0.55.0). + Is only supported by Scrape objects family + x-kubernetes-preserve-unknown-fields: true + token_url: + description: The URL to fetch the token from + minLength: 1 + type: string + required: + - client_id + - token_url + type: object + proxy_client_config: + description: |- + ProxyClientConfig configures proxy auth settings for scraping + See [feature description](https://docs.victoriametrics.com/victoriametrics/vmagent/#scraping-targets-via-a-proxy) + properties: + basic_auth: + description: BasicAuth allow an endpoint to authenticate + over basic authentication + properties: + password: + description: |- + Password defines reference for secret with password value + The secret needs to be in the same namespace as scrape object + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key + must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + password_file: + description: |- + PasswordFile defines path to password file at disk + must be pre-mounted + type: string + username: + description: |- + Username defines reference for secret with username value + The secret needs to be in the same namespace as scrape object + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key + must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + bearer_token: + description: SecretKeySelector selects a key of a Secret. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + bearer_token_file: + type: string + tls_config: + x-kubernetes-preserve-unknown-fields: true + type: object + proxyURL: + description: ProxyURL eg http://proxyserver:2195 Directs scrapes + to proxy through this endpoint. + type: string + role: + description: Role of the Kubernetes entities that should be + discovered. + type: string + selectors: + description: Selector to select objects. + items: + description: K8SSelectorConfig is Kubernetes Selector Config + properties: + field: + type: string + label: + type: string + role: + type: string + required: + - role + type: object + type: array + x-kubernetes-list-map-keys: + - role + x-kubernetes-list-type: map + tlsConfig: + description: TLS configuration to use on every scrape request + properties: + ca: + description: Struct containing the CA cert to use for the + targets. + properties: + configMap: + description: ConfigMap containing data to use for the + targets. + properties: + key: + description: The key to select. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the ConfigMap or its + key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + secret: + description: Secret containing data to use for the targets. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key + must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + caFile: + description: Path to the CA cert in the container to use + for the targets. + type: string + cert: + description: Struct containing the client cert file for + the targets. + properties: + configMap: + description: ConfigMap containing data to use for the + targets. + properties: + key: + description: The key to select. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the ConfigMap or its + key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + secret: + description: Secret containing data to use for the targets. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key + must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + certFile: + description: Path to the client cert file in the container + for the targets. + type: string + insecureSkipVerify: + description: Disable target certificate validation. + type: boolean + keyFile: + description: Path to the client key file in the container + for the targets. + type: string + keySecret: + description: Secret containing the client key file for the + targets. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + serverName: + description: Used to verify the hostname for the targets. + type: string + type: object + required: + - role + type: object + type: array + max_scrape_size: + description: MaxScrapeSize defines a maximum size of scraped data + for a job + type: string + metricRelabelConfigs: + description: MetricRelabelConfigs to apply to samples after scrapping. + items: + description: |- + RelabelConfig allows dynamic rewriting of the label set + More info: https://docs.victoriametrics.com/victoriametrics/#relabeling + properties: + action: + description: Action to perform based on regex matching. Default + is 'replace' + type: string + if: + description: 'If represents metricsQL match expression (or list + of expressions): ''{__name__=~"foo_.*"}''' + x-kubernetes-preserve-unknown-fields: true + labels: + additionalProperties: + type: string + description: 'Labels is used together with Match for `action: + graphite`' + type: object + match: + description: 'Match is used together with Labels for `action: + graphite`' + type: string + modulus: + description: Modulus to take of the hash of the source label + values. + format: int64 + type: integer + regex: + description: |- + Regular expression against which the extracted value is matched. Default is '(.*)' + victoriaMetrics supports multiline regex joined with | + https://docs.victoriametrics.com/victoriametrics/vmagent/#relabeling-enhancements + x-kubernetes-preserve-unknown-fields: true + replacement: + description: |- + Replacement value against which a regex replace is performed if the + regular expression matches. Regex capture groups are available. Default is '$1' + type: string + separator: + description: Separator placed between concatenated source label + values. default is ';'. + type: string + source_labels: + description: |- + UnderScoreSourceLabels - additional form of source labels source_labels + for compatibility with original relabel config. + if set both sourceLabels and source_labels, sourceLabels has priority. + for details https://github.com/VictoriaMetrics/operator/issues/131 + items: + type: string + type: array + sourceLabels: + description: |- + The source labels select values from existing labels. Their content is concatenated + using the configured separator and matched against the configured regular expression + for the replace, keep, and drop actions. + items: + type: string + type: array + target_label: + description: |- + UnderScoreTargetLabel - additional form of target label - target_label + for compatibility with original relabel config. + if set both targetLabel and target_label, targetLabel has priority. + for details https://github.com/VictoriaMetrics/operator/issues/131 + type: string + targetLabel: + description: |- + Label to which the resulting value is written in a replace action. + It is mandatory for replace actions. Regex capture groups are available. + type: string + type: object + type: array + oauth2: + description: OAuth2 defines auth configuration + properties: + client_id: + description: The secret or configmap containing the OAuth2 client + id + properties: + configMap: + description: ConfigMap containing data to use for the targets. + properties: + key: + description: The key to select. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the ConfigMap or its key + must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + secret: + description: Secret containing data to use for the targets. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + client_secret: + description: The secret containing the OAuth2 client secret + properties: + key: + description: The key of the secret to select from. Must be + a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must be + defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + client_secret_file: + description: ClientSecretFile defines path for client secret file. + type: string + endpoint_params: + additionalProperties: + type: string + description: Parameters to append to the token URL + type: object + proxy_url: + description: |- + The proxy URL for token_url connection + ( available from v0.55.0). + Is only supported by Scrape objects family + type: string + scopes: + description: OAuth2 scopes used for the token request + items: + type: string + type: array + tls_config: + description: |- + TLSConfig for token_url connection + ( available from v0.55.0). + Is only supported by Scrape objects family + x-kubernetes-preserve-unknown-fields: true + token_url: + description: The URL to fetch the token from + minLength: 1 + type: string + required: + - client_id + - token_url + type: object + openstackSDConfigs: + description: OpenStackSDConfigs defines a list of OpenStack service + discovery configurations. + items: + description: |- + OpenStackSDConfig allow retrieving scrape targets from OpenStack Nova instances. + See [here](https://docs.victoriametrics.com/victoriametrics/sd_configs/#openstack_sd_configs) + properties: + allTenants: + description: |- + Whether the service discovery should list all instances for all projects. + It is only relevant for the 'instance' role and usually requires admin permissions. + type: boolean + applicationCredentialId: + description: ApplicationCredentialID + type: string + applicationCredentialName: + description: |- + The ApplicationCredentialID or ApplicationCredentialName fields are + required if using an application credential to authenticate. Some providers + allow you to create an application credential to authenticate rather than a + password. + type: string + applicationCredentialSecret: + description: |- + The applicationCredentialSecret field is required if using an application + credential to authenticate. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + availability: + description: Availability of the endpoint to connect to. + enum: + - Public + - public + - Admin + - admin + - Internal + - internal + type: string + domainID: + description: DomainID + type: string + domainName: + description: |- + At most one of domainId and domainName must be provided if using username + with Identity V3. Otherwise, either are optional. + type: string + identityEndpoint: + description: |- + IdentityEndpoint specifies the HTTP endpoint that is required to work with + the Identity API of the appropriate version. + type: string + password: + description: |- + Password for the Identity V2 and V3 APIs. Consult with your provider's + control panel to discover your account's preferred method of authentication. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + port: + description: |- + The port to scrape metrics from. If using the public IP address, this must + instead be specified in the relabeling rule. + type: integer + projectID: + description: ' ProjectID' + type: string + projectName: + description: |- + The ProjectId and ProjectName fields are optional for the Identity V2 API. + Some providers allow you to specify a ProjectName instead of the ProjectId. + Some require both. Your provider's authentication policies will determine + how these fields influence authentication. + type: string + region: + description: The OpenStack Region. + minLength: 1 + type: string + role: + description: The OpenStack role of entities that should be discovered. + enum: + - Instance + - instance + - Hypervisor + - hypervisor + type: string + tlsConfig: + description: TLS configuration to use on every scrape request + properties: + ca: + description: Struct containing the CA cert to use for the + targets. + properties: + configMap: + description: ConfigMap containing data to use for the + targets. + properties: + key: + description: The key to select. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the ConfigMap or its + key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + secret: + description: Secret containing data to use for the targets. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key + must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + caFile: + description: Path to the CA cert in the container to use + for the targets. + type: string + cert: + description: Struct containing the client cert file for + the targets. + properties: + configMap: + description: ConfigMap containing data to use for the + targets. + properties: + key: + description: The key to select. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the ConfigMap or its + key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + secret: + description: Secret containing data to use for the targets. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key + must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + certFile: + description: Path to the client cert file in the container + for the targets. + type: string + insecureSkipVerify: + description: Disable target certificate validation. + type: boolean + keyFile: + description: Path to the client key file in the container + for the targets. + type: string + keySecret: + description: Secret containing the client key file for the + targets. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + serverName: + description: Used to verify the hostname for the targets. + type: string + type: object + userid: + description: UserID + type: string + username: + description: |- + Username is required if using Identity V2 API. Consult with your provider's + control panel to discover your account's username. + In Identity V3, either userid or a combination of username + and domainId or domainName are needed + type: string + required: + - region + - role + type: object + type: array + params: + additionalProperties: + items: + type: string + type: array + description: Optional HTTP URL parameters + type: object + path: + description: HTTP path to scrape for metrics. + type: string + proxyURL: + description: ProxyURL eg http://proxyserver:2195 Directs scrapes to + proxy through this endpoint. + type: string + relabelConfigs: + description: RelabelConfigs to apply to samples during service discovery. + items: + description: |- + RelabelConfig allows dynamic rewriting of the label set + More info: https://docs.victoriametrics.com/victoriametrics/#relabeling + properties: + action: + description: Action to perform based on regex matching. Default + is 'replace' + type: string + if: + description: 'If represents metricsQL match expression (or list + of expressions): ''{__name__=~"foo_.*"}''' + x-kubernetes-preserve-unknown-fields: true + labels: + additionalProperties: + type: string + description: 'Labels is used together with Match for `action: + graphite`' + type: object + match: + description: 'Match is used together with Labels for `action: + graphite`' + type: string + modulus: + description: Modulus to take of the hash of the source label + values. + format: int64 + type: integer + regex: + description: |- + Regular expression against which the extracted value is matched. Default is '(.*)' + victoriaMetrics supports multiline regex joined with | + https://docs.victoriametrics.com/victoriametrics/vmagent/#relabeling-enhancements + x-kubernetes-preserve-unknown-fields: true + replacement: + description: |- + Replacement value against which a regex replace is performed if the + regular expression matches. Regex capture groups are available. Default is '$1' + type: string + separator: + description: Separator placed between concatenated source label + values. default is ';'. + type: string + source_labels: + description: |- + UnderScoreSourceLabels - additional form of source labels source_labels + for compatibility with original relabel config. + if set both sourceLabels and source_labels, sourceLabels has priority. + for details https://github.com/VictoriaMetrics/operator/issues/131 + items: + type: string + type: array + sourceLabels: + description: |- + The source labels select values from existing labels. Their content is concatenated + using the configured separator and matched against the configured regular expression + for the replace, keep, and drop actions. + items: + type: string + type: array + target_label: + description: |- + UnderScoreTargetLabel - additional form of target label - target_label + for compatibility with original relabel config. + if set both targetLabel and target_label, targetLabel has priority. + for details https://github.com/VictoriaMetrics/operator/issues/131 + type: string + targetLabel: + description: |- + Label to which the resulting value is written in a replace action. + It is mandatory for replace actions. Regex capture groups are available. + type: string + type: object + type: array + sampleLimit: + description: SampleLimit defines per-scrape limit on number of scraped + samples that will be accepted. + format: int64 + type: integer + scheme: + description: HTTP scheme to use for scraping. + enum: + - http + - https + - HTTPS + - HTTP + type: string + scrape_interval: + description: |- + ScrapeInterval is the same as Interval and has priority over it. + one of scrape_interval or interval can be used + type: string + scrapeTimeout: + description: Timeout after which the scrape is ended + type: string + seriesLimit: + description: |- + SeriesLimit defines per-scrape limit on number of unique time series + a single target can expose during all the scrapes on the time window of 24h. + format: int64 + type: integer + staticConfigs: + description: StaticConfigs defines a list of static targets with a + common label set. + items: + description: |- + StaticConfig defines a static configuration. + See [here](https://docs.victoriametrics.com/victoriametrics/sd_configs/#static_configs) + properties: + labels: + additionalProperties: + type: string + description: Labels assigned to all metrics scraped from the + targets. + type: object + x-kubernetes-map-type: atomic + targets: + description: List of targets for this static configuration. + items: + type: string + type: array + type: object + type: array + tlsConfig: + description: TLSConfig configuration to use when scraping the endpoint + properties: + ca: + description: Struct containing the CA cert to use for the targets. + properties: + configMap: + description: ConfigMap containing data to use for the targets. + properties: + key: + description: The key to select. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the ConfigMap or its key + must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + secret: + description: Secret containing data to use for the targets. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + caFile: + description: Path to the CA cert in the container to use for the + targets. + type: string + cert: + description: Struct containing the client cert file for the targets. + properties: + configMap: + description: ConfigMap containing data to use for the targets. + properties: + key: + description: The key to select. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the ConfigMap or its key + must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + secret: + description: Secret containing data to use for the targets. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + certFile: + description: Path to the client cert file in the container for + the targets. + type: string + insecureSkipVerify: + description: Disable target certificate validation. + type: boolean + keyFile: + description: Path to the client key file in the container for + the targets. + type: string + keySecret: + description: Secret containing the client key file for the targets. + properties: + key: + description: The key of the secret to select from. Must be + a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must be + defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + serverName: + description: Used to verify the hostname for the targets. + type: string + type: object + vm_scrape_params: + description: VMScrapeParams defines VictoriaMetrics specific scrape + parameters + properties: + disable_compression: + description: DisableCompression + type: boolean + disable_keep_alive: + description: |- + disable_keepalive allows disabling HTTP keep-alive when scraping targets. + By default, HTTP keep-alive is enabled, so TCP connections to scrape targets + could be reused. + See https://docs.victoriametrics.com/victoriametrics/vmagent/#scrape_config-enhancements + type: boolean + headers: + description: |- + Headers allows sending custom headers to scrape targets + must be in of semicolon separated header with it's value + eg: + headerName: headerValue + vmagent supports since 1.79.0 version + items: + type: string + type: array + no_stale_markers: + type: boolean + proxy_client_config: + description: |- + ProxyClientConfig configures proxy auth settings for scraping + See feature description https://docs.victoriametrics.com/victoriametrics/vmagent/#scraping-targets-via-a-proxy + properties: + basic_auth: + description: BasicAuth allow an endpoint to authenticate over + basic authentication + properties: + password: + description: |- + Password defines reference for secret with password value + The secret needs to be in the same namespace as scrape object + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key + must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + password_file: + description: |- + PasswordFile defines path to password file at disk + must be pre-mounted + type: string + username: + description: |- + Username defines reference for secret with username value + The secret needs to be in the same namespace as scrape object + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key + must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + bearer_token: + description: SecretKeySelector selects a key of a Secret. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + bearer_token_file: + type: string + tls_config: + x-kubernetes-preserve-unknown-fields: true + type: object + scrape_align_interval: + type: string + scrape_offset: + type: string + stream_parse: + type: boolean + type: object + type: object + status: + description: ScrapeObjectStatus defines the observed state of ScrapeObjects + properties: + conditions: + description: 'Known .status.conditions.type are: "Available", "Progressing", + and "Degraded"' + items: + description: Condition defines status condition of the resource + properties: + lastTransitionTime: + description: lastTransitionTime is the last time the condition + transitioned from one status to another. + format: date-time + type: string + lastUpdateTime: + description: |- + LastUpdateTime is the last time of given type update. + This value is used for status TTL update and removal + format: date-time + type: string + message: + description: |- + message is a human readable message indicating details about the transition. + This may be an empty string. + maxLength: 32768 + type: string + observedGeneration: + description: |- + observedGeneration represents the .metadata.generation that the condition was set based upon. + For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date + with respect to the current state of the instance. + format: int64 + minimum: 0 + type: integer + reason: + description: |- + reason contains a programmatic identifier indicating the reason for the condition's last transition. + Producers of specific condition types may define expected values and meanings for this field, + and whether the values are considered a guaranteed API. + The value should be a CamelCase string. + This field may not be empty. + maxLength: 1024 + minLength: 1 + type: string + status: + description: status of the condition, one of True, False, Unknown. + enum: + - "True" + - "False" + - Unknown + type: string + type: + description: Type of condition in CamelCase or in name.namespace.resource.victoriametrics.com/CamelCase. + maxLength: 316 + type: string + required: + - lastTransitionTime + - lastUpdateTime + - reason + - status + - type + type: object + type: array + x-kubernetes-list-map-keys: + - type + x-kubernetes-list-type: map + observedGeneration: + description: |- + ObservedGeneration defines current generation picked by operator for the + reconcile + format: int64 + type: integer + reason: + description: Reason defines human readable error reason + type: string + updateStatus: + description: UpdateStatus defines a status for update rollout + type: string + type: object + type: object + served: true + storage: true + subresources: + status: {} +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.18.0 + name: vmservicescrapes.operator.victoriametrics.com +spec: + group: operator.victoriametrics.com + names: + kind: VMServiceScrape + listKind: VMServiceScrapeList + plural: vmservicescrapes + singular: vmservicescrape + scope: Namespaced + versions: + - additionalPrinterColumns: + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + - jsonPath: .status.updateStatus + name: Status + type: string + - jsonPath: .status.reason + name: Sync Error + type: string + name: v1beta1 + schema: + openAPIV3Schema: + description: |- + VMServiceScrape is scrape configuration for endpoints associated with + kubernetes service, + it generates scrape configuration for vmagent based on selectors. + result config will scrape service endpoints + properties: + apiVersion: + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + type: string + kind: + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + type: string + metadata: + type: object + spec: + description: VMServiceScrapeSpec defines the desired state of VMServiceScrape + properties: + attach_metadata: + description: AttachMetadata configures metadata attaching from service + discovery + properties: + node: + description: |- + Node instructs vmagent to add node specific metadata from service discovery + Valid for roles: pod, endpoints, endpointslice. + type: boolean + type: object + discoveryRole: + description: |- + DiscoveryRole - defines kubernetes_sd role for objects discovery. + by default, its endpoints. + can be changed to service or endpointslices. + note, that with service setting, you have to use port: "name" + and cannot use targetPort for endpoints. + enum: + - endpoints + - service + - endpointslices + type: string + endpoints: + description: A list of endpoints allowed as part of this ServiceScrape. + items: + description: Endpoint defines a scrapeable endpoint serving metrics. + properties: + attach_metadata: + description: AttachMetadata configures metadata attaching from + service discovery + properties: + node: + description: |- + Node instructs vmagent to add node specific metadata from service discovery + Valid for roles: pod, endpoints, endpointslice. + type: boolean + type: object + authorization: + description: Authorization with http header Authorization + properties: + credentials: + description: Reference to the secret with value for authorization + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + credentialsFile: + description: File with value for authorization + type: string + type: + description: Type of authorization, default to bearer + type: string + type: object + basicAuth: + description: BasicAuth allow an endpoint to authenticate over + basic authentication + properties: + password: + description: |- + Password defines reference for secret with password value + The secret needs to be in the same namespace as scrape object + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + password_file: + description: |- + PasswordFile defines path to password file at disk + must be pre-mounted + type: string + username: + description: |- + Username defines reference for secret with username value + The secret needs to be in the same namespace as scrape object + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + bearerTokenFile: + description: File to read bearer token for scraping targets. + type: string + bearerTokenSecret: + description: |- + Secret to mount to read bearer token for scraping targets. The secret + needs to be in the same namespace as the scrape object and accessible by + the victoria-metrics operator. + nullable: true + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + follow_redirects: + description: FollowRedirects controls redirects for scraping. + type: boolean + honorLabels: + description: HonorLabels chooses the metric's labels on collisions + with target labels. + type: boolean + honorTimestamps: + description: HonorTimestamps controls whether vmagent respects + the timestamps present in scraped data. + type: boolean + interval: + description: Interval at which metrics should be scraped + type: string + max_scrape_size: + description: MaxScrapeSize defines a maximum size of scraped + data for a job + type: string + metricRelabelConfigs: + description: MetricRelabelConfigs to apply to samples after + scrapping. + items: + description: |- + RelabelConfig allows dynamic rewriting of the label set + More info: https://docs.victoriametrics.com/victoriametrics/#relabeling + properties: + action: + description: Action to perform based on regex matching. + Default is 'replace' + type: string + if: + description: 'If represents metricsQL match expression + (or list of expressions): ''{__name__=~"foo_.*"}''' + x-kubernetes-preserve-unknown-fields: true + labels: + additionalProperties: + type: string + description: 'Labels is used together with Match for `action: + graphite`' + type: object + match: + description: 'Match is used together with Labels for `action: + graphite`' + type: string + modulus: + description: Modulus to take of the hash of the source + label values. + format: int64 + type: integer + regex: + description: |- + Regular expression against which the extracted value is matched. Default is '(.*)' + victoriaMetrics supports multiline regex joined with | + https://docs.victoriametrics.com/victoriametrics/vmagent/#relabeling-enhancements + x-kubernetes-preserve-unknown-fields: true + replacement: + description: |- + Replacement value against which a regex replace is performed if the + regular expression matches. Regex capture groups are available. Default is '$1' + type: string + separator: + description: Separator placed between concatenated source + label values. default is ';'. + type: string + source_labels: + description: |- + UnderScoreSourceLabels - additional form of source labels source_labels + for compatibility with original relabel config. + if set both sourceLabels and source_labels, sourceLabels has priority. + for details https://github.com/VictoriaMetrics/operator/issues/131 + items: + type: string + type: array + sourceLabels: + description: |- + The source labels select values from existing labels. Their content is concatenated + using the configured separator and matched against the configured regular expression + for the replace, keep, and drop actions. + items: + type: string + type: array + target_label: + description: |- + UnderScoreTargetLabel - additional form of target label - target_label + for compatibility with original relabel config. + if set both targetLabel and target_label, targetLabel has priority. + for details https://github.com/VictoriaMetrics/operator/issues/131 + type: string + targetLabel: + description: |- + Label to which the resulting value is written in a replace action. + It is mandatory for replace actions. Regex capture groups are available. + type: string + type: object + type: array + oauth2: + description: OAuth2 defines auth configuration + properties: + client_id: + description: The secret or configmap containing the OAuth2 + client id + properties: + configMap: + description: ConfigMap containing data to use for the + targets. + properties: + key: + description: The key to select. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the ConfigMap or its + key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + secret: + description: Secret containing data to use for the targets. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key + must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + client_secret: + description: The secret containing the OAuth2 client secret + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + client_secret_file: + description: ClientSecretFile defines path for client secret + file. + type: string + endpoint_params: + additionalProperties: + type: string + description: Parameters to append to the token URL + type: object + proxy_url: + description: |- + The proxy URL for token_url connection + ( available from v0.55.0). + Is only supported by Scrape objects family + type: string + scopes: + description: OAuth2 scopes used for the token request + items: + type: string + type: array + tls_config: + description: |- + TLSConfig for token_url connection + ( available from v0.55.0). + Is only supported by Scrape objects family + x-kubernetes-preserve-unknown-fields: true + token_url: + description: The URL to fetch the token from + minLength: 1 + type: string + required: + - client_id + - token_url + type: object + params: + additionalProperties: + items: + type: string + type: array + description: Optional HTTP URL parameters + type: object + path: + description: HTTP path to scrape for metrics. + type: string + port: + description: Name of the port exposed at Service. + type: string + proxyURL: + description: ProxyURL eg http://proxyserver:2195 Directs scrapes + to proxy through this endpoint. + type: string + relabelConfigs: + description: RelabelConfigs to apply to samples during service + discovery. + items: + description: |- + RelabelConfig allows dynamic rewriting of the label set + More info: https://docs.victoriametrics.com/victoriametrics/#relabeling + properties: + action: + description: Action to perform based on regex matching. + Default is 'replace' + type: string + if: + description: 'If represents metricsQL match expression + (or list of expressions): ''{__name__=~"foo_.*"}''' + x-kubernetes-preserve-unknown-fields: true + labels: + additionalProperties: + type: string + description: 'Labels is used together with Match for `action: + graphite`' + type: object + match: + description: 'Match is used together with Labels for `action: + graphite`' + type: string + modulus: + description: Modulus to take of the hash of the source + label values. + format: int64 + type: integer + regex: + description: |- + Regular expression against which the extracted value is matched. Default is '(.*)' + victoriaMetrics supports multiline regex joined with | + https://docs.victoriametrics.com/victoriametrics/vmagent/#relabeling-enhancements + x-kubernetes-preserve-unknown-fields: true + replacement: + description: |- + Replacement value against which a regex replace is performed if the + regular expression matches. Regex capture groups are available. Default is '$1' + type: string + separator: + description: Separator placed between concatenated source + label values. default is ';'. + type: string + source_labels: + description: |- + UnderScoreSourceLabels - additional form of source labels source_labels + for compatibility with original relabel config. + if set both sourceLabels and source_labels, sourceLabels has priority. + for details https://github.com/VictoriaMetrics/operator/issues/131 + items: + type: string + type: array + sourceLabels: + description: |- + The source labels select values from existing labels. Their content is concatenated + using the configured separator and matched against the configured regular expression + for the replace, keep, and drop actions. + items: + type: string + type: array + target_label: + description: |- + UnderScoreTargetLabel - additional form of target label - target_label + for compatibility with original relabel config. + if set both targetLabel and target_label, targetLabel has priority. + for details https://github.com/VictoriaMetrics/operator/issues/131 + type: string + targetLabel: + description: |- + Label to which the resulting value is written in a replace action. + It is mandatory for replace actions. Regex capture groups are available. + type: string + type: object + type: array + sampleLimit: + description: SampleLimit defines per-scrape limit on number + of scraped samples that will be accepted. + format: int64 + type: integer + scheme: + description: HTTP scheme to use for scraping. + enum: + - http + - https + - HTTPS + - HTTP + type: string + scrape_interval: + description: |- + ScrapeInterval is the same as Interval and has priority over it. + one of scrape_interval or interval can be used + type: string + scrapeTimeout: + description: Timeout after which the scrape is ended + type: string + seriesLimit: + description: |- + SeriesLimit defines per-scrape limit on number of unique time series + a single target can expose during all the scrapes on the time window of 24h. + format: int64 + type: integer + targetPort: + anyOf: + - type: integer + - type: string + description: |- + TargetPort + Name or number of the pod port this endpoint refers to. Mutually exclusive with port. + x-kubernetes-int-or-string: true + tlsConfig: + description: TLSConfig configuration to use when scraping the + endpoint + properties: + ca: + description: Struct containing the CA cert to use for the + targets. + properties: + configMap: + description: ConfigMap containing data to use for the + targets. + properties: + key: + description: The key to select. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the ConfigMap or its + key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + secret: + description: Secret containing data to use for the targets. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key + must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + caFile: + description: Path to the CA cert in the container to use + for the targets. + type: string + cert: + description: Struct containing the client cert file for + the targets. + properties: + configMap: + description: ConfigMap containing data to use for the + targets. + properties: + key: + description: The key to select. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the ConfigMap or its + key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + secret: + description: Secret containing data to use for the targets. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key + must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + certFile: + description: Path to the client cert file in the container + for the targets. + type: string + insecureSkipVerify: + description: Disable target certificate validation. + type: boolean + keyFile: + description: Path to the client key file in the container + for the targets. + type: string + keySecret: + description: Secret containing the client key file for the + targets. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + serverName: + description: Used to verify the hostname for the targets. + type: string + type: object + vm_scrape_params: + description: VMScrapeParams defines VictoriaMetrics specific + scrape parameters + properties: + disable_compression: + description: DisableCompression + type: boolean + disable_keep_alive: + description: |- + disable_keepalive allows disabling HTTP keep-alive when scraping targets. + By default, HTTP keep-alive is enabled, so TCP connections to scrape targets + could be reused. + See https://docs.victoriametrics.com/victoriametrics/vmagent/#scrape_config-enhancements + type: boolean + headers: + description: |- + Headers allows sending custom headers to scrape targets + must be in of semicolon separated header with it's value + eg: + headerName: headerValue + vmagent supports since 1.79.0 version + items: + type: string + type: array + no_stale_markers: + type: boolean + proxy_client_config: + description: |- + ProxyClientConfig configures proxy auth settings for scraping + See feature description https://docs.victoriametrics.com/victoriametrics/vmagent/#scraping-targets-via-a-proxy + properties: + basic_auth: + description: BasicAuth allow an endpoint to authenticate + over basic authentication + properties: + password: + description: |- + Password defines reference for secret with password value + The secret needs to be in the same namespace as scrape object + properties: + key: + description: The key of the secret to select + from. Must be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its + key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + password_file: + description: |- + PasswordFile defines path to password file at disk + must be pre-mounted + type: string + username: + description: |- + Username defines reference for secret with username value + The secret needs to be in the same namespace as scrape object + properties: + key: + description: The key of the secret to select + from. Must be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its + key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + bearer_token: + description: SecretKeySelector selects a key of a Secret. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key + must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + bearer_token_file: + type: string + tls_config: + x-kubernetes-preserve-unknown-fields: true + type: object + scrape_align_interval: + type: string + scrape_offset: + type: string + stream_parse: + type: boolean + type: object + type: object + type: array + jobLabel: + description: The label to use to retrieve the job name from. + type: string + namespaceSelector: + description: Selector to select which namespaces the Endpoints objects + are discovered from. + properties: + any: + description: |- + Boolean describing whether all namespaces are selected in contrast to a + list restricting them. + type: boolean + matchNames: + description: List of namespace names. + items: + type: string + type: array + type: object + podTargetLabels: + description: PodTargetLabels transfers labels on the Kubernetes Pod + onto the target. + items: + type: string + type: array + sampleLimit: + description: SampleLimit defines per-scrape limit on number of scraped + samples that will be accepted. + format: int64 + type: integer + selector: + description: Selector to select Endpoints objects by corresponding + Service labels. + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. + The requirements are ANDed. + items: + description: |- + A label selector requirement is a selector that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: key is the label key that the selector applies + to. + type: string + operator: + description: |- + operator represents a key's relationship to a set of values. + Valid operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: |- + values is an array of string values. If the operator is In or NotIn, + the values array must be non-empty. If the operator is Exists or DoesNotExist, + the values array must be empty. This array is replaced during a strategic + merge patch. + items: + type: string + type: array + x-kubernetes-list-type: atomic + required: + - key + - operator + type: object + type: array + x-kubernetes-list-type: atomic + matchLabels: + additionalProperties: + type: string + description: |- + matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, whose key field is "key", the + operator is "In", and the values array contains only "value". The requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + seriesLimit: + description: |- + SeriesLimit defines per-scrape limit on number of unique time series + a single target can expose during all the scrapes on the time window of 24h. + format: int64 + type: integer + targetLabels: + description: TargetLabels transfers labels on the Kubernetes Service + onto the target. + items: + type: string + type: array + required: + - endpoints + type: object + status: + description: ScrapeObjectStatus defines the observed state of ScrapeObjects + properties: + conditions: + description: 'Known .status.conditions.type are: "Available", "Progressing", + and "Degraded"' + items: + description: Condition defines status condition of the resource + properties: + lastTransitionTime: + description: lastTransitionTime is the last time the condition + transitioned from one status to another. + format: date-time + type: string + lastUpdateTime: + description: |- + LastUpdateTime is the last time of given type update. + This value is used for status TTL update and removal + format: date-time + type: string + message: + description: |- + message is a human readable message indicating details about the transition. + This may be an empty string. + maxLength: 32768 + type: string + observedGeneration: + description: |- + observedGeneration represents the .metadata.generation that the condition was set based upon. + For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date + with respect to the current state of the instance. + format: int64 + minimum: 0 + type: integer + reason: + description: |- + reason contains a programmatic identifier indicating the reason for the condition's last transition. + Producers of specific condition types may define expected values and meanings for this field, + and whether the values are considered a guaranteed API. + The value should be a CamelCase string. + This field may not be empty. + maxLength: 1024 + minLength: 1 + type: string + status: + description: status of the condition, one of True, False, Unknown. + enum: + - "True" + - "False" + - Unknown + type: string + type: + description: Type of condition in CamelCase or in name.namespace.resource.victoriametrics.com/CamelCase. + maxLength: 316 + type: string + required: + - lastTransitionTime + - lastUpdateTime + - reason + - status + - type + type: object + type: array + x-kubernetes-list-map-keys: + - type + x-kubernetes-list-type: map + observedGeneration: + description: |- + ObservedGeneration defines current generation picked by operator for the + reconcile + format: int64 + type: integer + reason: + description: Reason defines human readable error reason + type: string + updateStatus: + description: UpdateStatus defines a status for update rollout + type: string + type: object + required: + - spec + type: object + served: true + storage: true + subresources: + status: {} +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.18.0 + name: vmsingles.operator.victoriametrics.com +spec: + group: operator.victoriametrics.com + names: + kind: VMSingle + listKind: VMSingleList + plural: vmsingles + singular: vmsingle + scope: Namespaced + versions: + - additionalPrinterColumns: + - description: Current status of single node update process + jsonPath: .status.updateStatus + name: Status + type: string + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + name: v1beta1 + schema: + openAPIV3Schema: + description: VMSingle is fast, cost-effective and scalable time-series database. + properties: + apiVersion: + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + type: string + kind: + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + type: string + metadata: + type: object + spec: + description: VMSingleSpec defines the desired state of VMSingle + properties: + affinity: + description: Affinity If specified, the pod's scheduling constraints. + type: object + x-kubernetes-preserve-unknown-fields: true + configMaps: + description: |- + ConfigMaps is a list of ConfigMaps in the same namespace as the Application + object, which shall be mounted into the Application container + at /etc/vm/configs/CONFIGMAP_NAME folder + items: + type: string + type: array + containers: + description: |- + Containers property allows to inject additions sidecars or to patch existing containers. + It can be useful for proxies, backup, etc. + items: + description: A single application container that you want to run + within a pod. + required: + - name + type: object + x-kubernetes-preserve-unknown-fields: true + type: array + disableAutomountServiceAccountToken: + description: |- + DisableAutomountServiceAccountToken whether to disable serviceAccount auto mount by Kubernetes (available from v0.54.0). + Operator will conditionally create volumes and volumeMounts for containers if it requires k8s API access. + For example, vmagent and vm-config-reloader requires k8s API access. + Operator creates volumes with name: "kube-api-access", which can be used as volumeMount for extraContainers if needed. + And also adds VolumeMounts at /var/run/secrets/kubernetes.io/serviceaccount. + type: boolean + disableSelfServiceScrape: + description: |- + DisableSelfServiceScrape controls creation of VMServiceScrape by operator + for the application. + Has priority over `VM_DISABLESELFSERVICESCRAPECREATION` operator env variable + type: boolean + dnsConfig: + description: |- + Specifies the DNS parameters of a pod. + Parameters specified here will be merged to the generated DNS + configuration based on DNSPolicy. + items: + x-kubernetes-preserve-unknown-fields: true + properties: + nameservers: + description: |- + A list of DNS name server IP addresses. + This will be appended to the base nameservers generated from DNSPolicy. + Duplicated nameservers will be removed. + items: + type: string + type: array + x-kubernetes-list-type: atomic + options: + description: |- + A list of DNS resolver options. + This will be merged with the base options generated from DNSPolicy. + Duplicated entries will be removed. Resolution options given in Options + will override those that appear in the base DNSPolicy. + items: + description: PodDNSConfigOption defines DNS resolver options + of a pod. + properties: + name: + description: |- + Name is this DNS resolver option's name. + Required. + type: string + value: + description: Value is this DNS resolver option's value. + type: string + type: object + type: array + x-kubernetes-list-type: atomic + searches: + description: |- + A list of DNS search domains for host-name lookup. + This will be appended to the base search paths generated from DNSPolicy. + Duplicated search paths will be removed. + items: + type: string + type: array + x-kubernetes-list-type: atomic + type: object + dnsPolicy: + description: DNSPolicy sets DNS policy for the pod + type: string + extraArgs: + additionalProperties: + type: string + description: |- + ExtraArgs that will be passed to the application container + for example remoteWrite.tmpDataPath: /tmp + type: object + extraEnvs: + description: ExtraEnvs that will be passed to the application container + items: + description: EnvVar represents an environment variable present in + a Container. + properties: + name: + description: Name of the environment variable. Must be a C_IDENTIFIER. + type: string + value: + description: |- + Variable references $(VAR_NAME) are expanded + using the previously defined environment variables in the container and + any service environment variables. If a variable cannot be resolved, + the reference in the input string will be unchanged. Double $$ are reduced + to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. + "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". + Escaped references will never be expanded, regardless of whether the variable + exists or not. + Defaults to "". + type: string + required: + - name + type: object + x-kubernetes-preserve-unknown-fields: true + type: array + extraEnvsFrom: + description: |- + ExtraEnvsFrom defines source of env variables for the application container + could either be secret or configmap + items: + description: EnvFromSource represents the source of a set of ConfigMaps + properties: + configMapRef: + description: The ConfigMap to select from + properties: + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the ConfigMap must be defined + type: boolean + type: object + x-kubernetes-map-type: atomic + prefix: + description: An optional identifier to prepend to each key in + the ConfigMap. Must be a C_IDENTIFIER. + type: string + secretRef: + description: The Secret to select from + properties: + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret must be defined + type: boolean + type: object + x-kubernetes-map-type: atomic + type: object + type: array + host_aliases: + description: |- + HostAliasesUnderScore provides mapping for ip and hostname, + that would be propagated to pod, + cannot be used with HostNetwork. + Has Priority over hostAliases field + items: + description: |- + HostAlias holds the mapping between IP and hostnames that will be injected as an entry in the + pod's hosts file. + properties: + hostnames: + description: Hostnames for the above IP address. + items: + type: string + type: array + x-kubernetes-list-type: atomic + ip: + description: IP address of the host file entry. + type: string + required: + - ip + type: object + type: array + hostAliases: + description: |- + HostAliases provides mapping for ip and hostname, + that would be propagated to pod, + cannot be used with HostNetwork. + items: + description: |- + HostAlias holds the mapping between IP and hostnames that will be injected as an entry in the + pod's hosts file. + properties: + hostnames: + description: Hostnames for the above IP address. + items: + type: string + type: array + x-kubernetes-list-type: atomic + ip: + description: IP address of the host file entry. + type: string + required: + - ip + type: object + type: array + hostNetwork: + description: HostNetwork controls whether the pod may use the node + network namespace + type: boolean + image: + description: |- + Image - docker image settings + if no specified operator uses default version from operator config + properties: + pullPolicy: + description: PullPolicy describes how to pull docker image + type: string + repository: + description: Repository contains name of docker image + it's repository + if needed + type: string + tag: + description: Tag contains desired docker image version + type: string + type: object + imagePullSecrets: + description: |- + ImagePullSecrets An optional list of references to secrets in the same namespace + to use for pulling images from registries + see https://kubernetes.io/docs/concepts/containers/images/#referring-to-an-imagepullsecrets-on-a-pod + items: + description: |- + LocalObjectReference contains enough information to let you locate the + referenced object inside the same namespace. + properties: + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + type: object + x-kubernetes-map-type: atomic + type: array + initContainers: + description: |- + InitContainers allows adding initContainers to the pod definition. + Any errors during the execution of an initContainer will lead to a restart of the Pod. + More info: https://kubernetes.io/docs/concepts/workloads/pods/init-containers/ + items: + description: A single application container that you want to run + within a pod. + required: + - name + type: object + x-kubernetes-preserve-unknown-fields: true + type: array + insertPorts: + description: InsertPorts - additional listen ports for data ingestion. + properties: + graphitePort: + description: GraphitePort listen port + type: string + influxPort: + description: InfluxPort listen port + type: string + openTSDBHTTPPort: + description: OpenTSDBHTTPPort for http connections. + type: string + openTSDBPort: + description: OpenTSDBPort for tcp and udp listen + type: string + type: object + license: + description: |- + License allows to configure license key to be used for enterprise features. + Using license key is supported starting from VictoriaMetrics v1.94.0. + See [here](https://docs.victoriametrics.com/victoriametrics/enterprise/) + properties: + forceOffline: + description: Enforce offline verification of the license key. + type: boolean + key: + description: |- + Enterprise license key. This flag is available only in [VictoriaMetrics enterprise](https://docs.victoriametrics.com/victoriametrics/enterprise/). + To request a trial license, [go to](https://victoriametrics.com/products/enterprise/trial) + type: string + keyRef: + description: KeyRef is reference to secret with license key for + enterprise features. + properties: + key: + description: The key of the secret to select from. Must be + a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must be + defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + reloadInterval: + description: Interval to be used for checking for license key + changes. Note that this is only applicable when using KeyRef. + type: string + type: object + livenessProbe: + description: LivenessProbe that will be added CRD pod + type: object + x-kubernetes-preserve-unknown-fields: true + logFormat: + description: LogFormat for VMSingle to be configured with. + enum: + - default + - json + type: string + logLevel: + description: LogLevel for victoria metrics single to be configured + with. + enum: + - INFO + - WARN + - ERROR + - FATAL + - PANIC + type: string + managedMetadata: + description: |- + ManagedMetadata defines metadata that will be added to the all objects + created by operator for the given CustomResource + properties: + annotations: + additionalProperties: + type: string + description: |- + Annotations is an unstructured key value map stored with a resource that may be + set by external tools to store and retrieve arbitrary metadata. They are not + queryable and should be preserved when modifying objects. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations + type: object + labels: + additionalProperties: + type: string + description: |- + Labels Map of string keys and values that can be used to organize and categorize + (scope and select) objects. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels + type: object + type: object + minReadySeconds: + description: |- + MinReadySeconds defines a minimum number of seconds to wait before starting update next pod + if previous in healthy state + Has no effect for VLogs and VMSingle + format: int32 + type: integer + nodeSelector: + additionalProperties: + type: string + description: NodeSelector Define which Nodes the Pods are scheduled + on. + type: object + paused: + description: |- + Paused If set to true all actions on the underlying managed objects are not + going to be performed, except for delete actions. + type: boolean + podMetadata: + description: PodMetadata configures Labels and Annotations which are + propagated to the VMSingle pods. + properties: + annotations: + additionalProperties: + type: string + description: |- + Annotations is an unstructured key value map stored with a resource that may be + set by external tools to store and retrieve arbitrary metadata. They are not + queryable and should be preserved when modifying objects. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations + type: object + labels: + additionalProperties: + type: string + description: |- + Labels Map of string keys and values that can be used to organize and categorize + (scope and select) objects. May match selectors of replication controllers + and services. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels + type: object + name: + description: |- + Name must be unique within a namespace. Is required when creating resources, although + some resources may allow a client to request the generation of an appropriate name + automatically. Name is primarily intended for creation idempotence and configuration + definition. + Cannot be updated. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names#names + type: string + type: object + port: + description: Port listen address + type: string + priorityClassName: + description: PriorityClassName class assigned to the Pods + type: string + readinessGates: + description: ReadinessGates defines pod readiness gates + items: + description: PodReadinessGate contains the reference to a pod condition + properties: + conditionType: + description: ConditionType refers to a condition in the pod's + condition list with matching type. + type: string + required: + - conditionType + type: object + type: array + readinessProbe: + description: ReadinessProbe that will be added CRD pod + type: object + x-kubernetes-preserve-unknown-fields: true + removePvcAfterDelete: + description: |- + RemovePvcAfterDelete - if true, controller adds ownership to pvc + and after VMSingle object deletion - pvc will be garbage collected + by controller manager + type: boolean + replicaCount: + description: ReplicaCount is the expected size of the Application. + format: int32 + type: integer + resources: + description: |- + Resources container resource request and limits, https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + if not defined default resources from operator config will be used + properties: + claims: + description: |- + Claims lists the names of resources, defined in spec.resourceClaims, + that are used by this container. + + This is an alpha field and requires enabling the + DynamicResourceAllocation feature gate. + + This field is immutable. It can only be set for containers. + items: + description: ResourceClaim references one entry in PodSpec.ResourceClaims. + properties: + name: + description: |- + Name must match the name of one entry in pod.spec.resourceClaims of + the Pod where this field is used. It makes that resource available + inside a container. + type: string + request: + description: |- + Request is the name chosen for a request in the referenced claim. + If empty, everything from the claim is made available, otherwise + only the result of this request. + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: |- + Limits describes the maximum amount of compute resources allowed. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: |- + Requests describes the minimum amount of compute resources required. + If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, + otherwise to an implementation-defined value. Requests cannot exceed Limits. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + type: object + type: object + retentionPeriod: + description: |- + RetentionPeriod defines how long to retain stored metrics, specified as a duration (e.g., "1d", "1w", "1m"). + Data with timestamps outside the RetentionPeriod is automatically deleted. The minimum allowed value is 1d, or 24h. + The default value is 1 (one month). + See [retention](https://docs.victoriametrics.com/victoriametrics/single-server-victoriametrics/#retention) docs for details. + pattern: ^[0-9]+(h|d|w|y)?$ + type: string + revisionHistoryLimitCount: + description: |- + The number of old ReplicaSets to retain to allow rollback in deployment or + maximum number of revisions that will be maintained in the Deployment revision history. + Has no effect at StatefulSets + Defaults to 10. + format: int32 + type: integer + runtimeClassName: + description: |- + RuntimeClassName - defines runtime class for kubernetes pod. + https://kubernetes.io/docs/concepts/containers/runtime-class/ + type: string + schedulerName: + description: SchedulerName - defines kubernetes scheduler name + type: string + secrets: + description: |- + Secrets is a list of Secrets in the same namespace as the Application + object, which shall be mounted into the Application container + at /etc/vm/secrets/SECRET_NAME folder + items: + type: string + type: array + securityContext: + description: |- + SecurityContext holds pod-level security attributes and common container settings. + This defaults to the default PodSecurityContext. + type: object + x-kubernetes-preserve-unknown-fields: true + serviceAccountName: + description: ServiceAccountName is the name of the ServiceAccount + to use to run the pods + type: string + serviceScrapeSpec: + description: ServiceScrapeSpec that will be added to vmsingle VMServiceScrape + spec + required: + - endpoints + type: object + x-kubernetes-preserve-unknown-fields: true + serviceSpec: + description: ServiceSpec that will be added to vmsingle service spec + properties: + metadata: + description: EmbeddedObjectMetadata defines objectMeta for additional + service. + properties: + annotations: + additionalProperties: + type: string + description: |- + Annotations is an unstructured key value map stored with a resource that may be + set by external tools to store and retrieve arbitrary metadata. They are not + queryable and should be preserved when modifying objects. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations + type: object + labels: + additionalProperties: + type: string + description: |- + Labels Map of string keys and values that can be used to organize and categorize + (scope and select) objects. May match selectors of replication controllers + and services. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels + type: object + name: + description: |- + Name must be unique within a namespace. Is required when creating resources, although + some resources may allow a client to request the generation of an appropriate name + automatically. Name is primarily intended for creation idempotence and configuration + definition. + Cannot be updated. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names#names + type: string + type: object + spec: + description: |- + ServiceSpec describes the attributes that a user creates on a service. + More info: https://kubernetes.io/docs/concepts/services-networking/service/ + type: object + x-kubernetes-preserve-unknown-fields: true + useAsDefault: + description: |- + UseAsDefault applies changes from given service definition to the main object Service + Changing from headless service to clusterIP or loadbalancer may break cross-component communication + type: boolean + required: + - spec + type: object + startupProbe: + description: StartupProbe that will be added to CRD pod + type: object + x-kubernetes-preserve-unknown-fields: true + storage: + description: |- + Storage is the definition of how storage will be used by the VMSingle + by default it`s empty dir + this option is ignored if storageDataPath is set + properties: + accessModes: + description: |- + accessModes contains the desired access modes the volume should have. + More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1 + items: + type: string + type: array + x-kubernetes-list-type: atomic + dataSource: + description: |- + dataSource field can be used to specify either: + * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot) + * An existing PVC (PersistentVolumeClaim) + If the provisioner or an external controller can support the specified data source, + it will create a new volume based on the contents of the specified data source. + When the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef, + and dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified. + If the namespace is specified, then dataSourceRef will not be copied to dataSource. + properties: + apiGroup: + description: |- + APIGroup is the group for the resource being referenced. + If APIGroup is not specified, the specified Kind must be in the core API group. + For any other third-party types, APIGroup is required. + type: string + kind: + description: Kind is the type of resource being referenced + type: string + name: + description: Name is the name of resource being referenced + type: string + required: + - kind + - name + type: object + x-kubernetes-map-type: atomic + dataSourceRef: + description: |- + dataSourceRef specifies the object from which to populate the volume with data, if a non-empty + volume is desired. This may be any object from a non-empty API group (non + core object) or a PersistentVolumeClaim object. + When this field is specified, volume binding will only succeed if the type of + the specified object matches some installed volume populator or dynamic + provisioner. + This field will replace the functionality of the dataSource field and as such + if both fields are non-empty, they must have the same value. For backwards + compatibility, when namespace isn't specified in dataSourceRef, + both fields (dataSource and dataSourceRef) will be set to the same + value automatically if one of them is empty and the other is non-empty. + When namespace is specified in dataSourceRef, + dataSource isn't set to the same value and must be empty. + There are three important differences between dataSource and dataSourceRef: + * While dataSource only allows two specific types of objects, dataSourceRef + allows any non-core object, as well as PersistentVolumeClaim objects. + * While dataSource ignores disallowed values (dropping them), dataSourceRef + preserves all values, and generates an error if a disallowed value is + specified. + * While dataSource only allows local objects, dataSourceRef allows objects + in any namespaces. + (Beta) Using this field requires the AnyVolumeDataSource feature gate to be enabled. + (Alpha) Using the namespace field of dataSourceRef requires the CrossNamespaceVolumeDataSource feature gate to be enabled. + properties: + apiGroup: + description: |- + APIGroup is the group for the resource being referenced. + If APIGroup is not specified, the specified Kind must be in the core API group. + For any other third-party types, APIGroup is required. + type: string + kind: + description: Kind is the type of resource being referenced + type: string + name: + description: Name is the name of resource being referenced + type: string + namespace: + description: |- + Namespace is the namespace of resource being referenced + Note that when a namespace is specified, a gateway.networking.k8s.io/ReferenceGrant object is required in the referent namespace to allow that namespace's owner to accept the reference. See the ReferenceGrant documentation for details. + (Alpha) This field requires the CrossNamespaceVolumeDataSource feature gate to be enabled. + type: string + required: + - kind + - name + type: object + resources: + description: |- + resources represents the minimum resources the volume should have. + If RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements + that are lower than previous value but must still be higher than capacity recorded in the + status field of the claim. + More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources + properties: + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: |- + Limits describes the maximum amount of compute resources allowed. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: |- + Requests describes the minimum amount of compute resources required. + If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, + otherwise to an implementation-defined value. Requests cannot exceed Limits. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + type: object + type: object + selector: + description: selector is a label query over volumes to consider + for binding. + properties: + matchExpressions: + description: matchExpressions is a list of label selector + requirements. The requirements are ANDed. + items: + description: |- + A label selector requirement is a selector that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: key is the label key that the selector + applies to. + type: string + operator: + description: |- + operator represents a key's relationship to a set of values. + Valid operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: |- + values is an array of string values. If the operator is In or NotIn, + the values array must be non-empty. If the operator is Exists or DoesNotExist, + the values array must be empty. This array is replaced during a strategic + merge patch. + items: + type: string + type: array + x-kubernetes-list-type: atomic + required: + - key + - operator + type: object + type: array + x-kubernetes-list-type: atomic + matchLabels: + additionalProperties: + type: string + description: |- + matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, whose key field is "key", the + operator is "In", and the values array contains only "value". The requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + storageClassName: + description: |- + storageClassName is the name of the StorageClass required by the claim. + More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1 + type: string + volumeAttributesClassName: + description: |- + volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim. + If specified, the CSI driver will create or update the volume with the attributes defined + in the corresponding VolumeAttributesClass. This has a different purpose than storageClassName, + it can be changed after the claim is created. An empty string value means that no VolumeAttributesClass + will be applied to the claim but it's not allowed to reset this field to empty string once it is set. + If unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass + will be set by the persistentvolume controller if it exists. + If the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be + set to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource + exists. + More info: https://kubernetes.io/docs/concepts/storage/volume-attributes-classes/ + (Beta) Using this field requires the VolumeAttributesClass feature gate to be enabled (off by default). + type: string + volumeMode: + description: |- + volumeMode defines what type of volume is required by the claim. + Value of Filesystem is implied when not included in claim spec. + type: string + volumeName: + description: volumeName is the binding reference to the PersistentVolume + backing this claim. + type: string + type: object + storageDataPath: + description: |- + StorageDataPath disables spec.storage option and overrides arg for victoria-metrics binary --storageDataPath, + its users responsibility to mount proper device into given path. + It requires to provide spec.volumes and spec.volumeMounts with at least 1 value + type: string + storageMetadata: + description: StorageMeta defines annotations and labels attached to + PVC for given vmsingle CR + properties: + annotations: + additionalProperties: + type: string + description: |- + Annotations is an unstructured key value map stored with a resource that may be + set by external tools to store and retrieve arbitrary metadata. They are not + queryable and should be preserved when modifying objects. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations + type: object + labels: + additionalProperties: + type: string + description: |- + Labels Map of string keys and values that can be used to organize and categorize + (scope and select) objects. May match selectors of replication controllers + and services. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels + type: object + name: + description: |- + Name must be unique within a namespace. Is required when creating resources, although + some resources may allow a client to request the generation of an appropriate name + automatically. Name is primarily intended for creation idempotence and configuration + definition. + Cannot be updated. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names#names + type: string + type: object + streamAggrConfig: + description: StreamAggrConfig defines stream aggregation configuration + for VMSingle + properties: + configmap: + description: ConfigMap with stream aggregation rules + properties: + key: + description: The key to select. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the ConfigMap or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + dedupInterval: + description: Allows setting different de-duplication intervals + per each configured remote storage + type: string + dropInput: + description: Allow drop all the input samples after the aggregation + type: boolean + dropInputLabels: + description: labels to drop from samples for aggregator before + stream de-duplication and aggregation + items: + type: string + type: array + enableWindows: + description: EnableWindows enables aggregating data in separate + windows ( available from v0.54.0). + type: boolean + ignoreFirstIntervals: + description: IgnoreFirstIntervals instructs to ignore first interval + type: integer + ignoreFirstSampleInterval: + description: IgnoreFirstSampleInterval sets interval for total + and prometheus_total during which first samples will be ignored + type: string + ignoreOldSamples: + description: IgnoreOldSamples instructs to ignore samples with + old timestamps outside the current aggregation interval. + type: boolean + keepInput: + description: Allows writing both raw and aggregate data + type: boolean + rules: + description: Stream aggregation rules + items: + description: StreamAggrRule defines the rule in stream aggregation + config + properties: + by: + description: |- + By is an optional list of labels for grouping input series. + + See also Without. + + If neither By nor Without are set, then the Outputs are calculated + individually per each input time series. + items: + type: string + type: array + dedup_interval: + description: DedupInterval is an optional interval for deduplication. + type: string + drop_input_labels: + description: |- + DropInputLabels is an optional list with labels, which must be dropped before further processing of input samples. + + Labels are dropped before de-duplication and aggregation. + items: + type: string + type: array + enable_windows: + description: EnableWindows enables aggregating data in separate + windows + type: boolean + flush_on_shutdown: + description: |- + FlushOnShutdown defines whether to flush the aggregation state on process termination + or config reload. Is `false` by default. + It is not recommended changing this setting, unless unfinished aggregations states + are preferred to missing data points. + type: boolean + ignore_first_intervals: + type: integer + ignore_old_samples: + description: IgnoreOldSamples instructs to ignore samples + with old timestamps outside the current aggregation interval. + type: boolean + ignoreFirstSampleInterval: + description: IgnoreFirstSampleInterval sets interval for + total and prometheus_total during which first samples + will be ignored + type: string + input_relabel_configs: + description: |- + InputRelabelConfigs is an optional relabeling rules, which are applied on the input + before aggregation. + items: + description: |- + RelabelConfig allows dynamic rewriting of the label set + More info: https://docs.victoriametrics.com/victoriametrics/#relabeling + properties: + action: + description: Action to perform based on regex matching. + Default is 'replace' + type: string + if: + description: 'If represents metricsQL match expression + (or list of expressions): ''{__name__=~"foo_.*"}''' + x-kubernetes-preserve-unknown-fields: true + labels: + additionalProperties: + type: string + description: 'Labels is used together with Match for + `action: graphite`' + type: object + match: + description: 'Match is used together with Labels for + `action: graphite`' + type: string + modulus: + description: Modulus to take of the hash of the source + label values. + format: int64 + type: integer + regex: + description: |- + Regular expression against which the extracted value is matched. Default is '(.*)' + victoriaMetrics supports multiline regex joined with | + https://docs.victoriametrics.com/victoriametrics/vmagent/#relabeling-enhancements + x-kubernetes-preserve-unknown-fields: true + replacement: + description: |- + Replacement value against which a regex replace is performed if the + regular expression matches. Regex capture groups are available. Default is '$1' + type: string + separator: + description: Separator placed between concatenated + source label values. default is ';'. + type: string + source_labels: + description: |- + UnderScoreSourceLabels - additional form of source labels source_labels + for compatibility with original relabel config. + if set both sourceLabels and source_labels, sourceLabels has priority. + for details https://github.com/VictoriaMetrics/operator/issues/131 + items: + type: string + type: array + sourceLabels: + description: |- + The source labels select values from existing labels. Their content is concatenated + using the configured separator and matched against the configured regular expression + for the replace, keep, and drop actions. + items: + type: string + type: array + target_label: + description: |- + UnderScoreTargetLabel - additional form of target label - target_label + for compatibility with original relabel config. + if set both targetLabel and target_label, targetLabel has priority. + for details https://github.com/VictoriaMetrics/operator/issues/131 + type: string + targetLabel: + description: |- + Label to which the resulting value is written in a replace action. + It is mandatory for replace actions. Regex capture groups are available. + type: string + type: object + type: array + interval: + description: Interval is the interval between aggregations. + type: string + keep_metric_names: + description: KeepMetricNames instructs to leave metric names + as is for the output time series without adding any suffix. + type: boolean + match: + description: |- + Match is a label selector (or list of label selectors) for filtering time series for the given selector. + + If the match isn't set, then all the input time series are processed. + x-kubernetes-preserve-unknown-fields: true + no_align_flush_to_interval: + description: |- + NoAlignFlushToInterval disables aligning of flushes to multiples of Interval. + By default flushes are aligned to Interval. + type: boolean + output_relabel_configs: + description: |- + OutputRelabelConfigs is an optional relabeling rules, which are applied + on the aggregated output before being sent to remote storage. + items: + description: |- + RelabelConfig allows dynamic rewriting of the label set + More info: https://docs.victoriametrics.com/victoriametrics/#relabeling + properties: + action: + description: Action to perform based on regex matching. + Default is 'replace' + type: string + if: + description: 'If represents metricsQL match expression + (or list of expressions): ''{__name__=~"foo_.*"}''' + x-kubernetes-preserve-unknown-fields: true + labels: + additionalProperties: + type: string + description: 'Labels is used together with Match for + `action: graphite`' + type: object + match: + description: 'Match is used together with Labels for + `action: graphite`' + type: string + modulus: + description: Modulus to take of the hash of the source + label values. + format: int64 + type: integer + regex: + description: |- + Regular expression against which the extracted value is matched. Default is '(.*)' + victoriaMetrics supports multiline regex joined with | + https://docs.victoriametrics.com/victoriametrics/vmagent/#relabeling-enhancements + x-kubernetes-preserve-unknown-fields: true + replacement: + description: |- + Replacement value against which a regex replace is performed if the + regular expression matches. Regex capture groups are available. Default is '$1' + type: string + separator: + description: Separator placed between concatenated + source label values. default is ';'. + type: string + source_labels: + description: |- + UnderScoreSourceLabels - additional form of source labels source_labels + for compatibility with original relabel config. + if set both sourceLabels and source_labels, sourceLabels has priority. + for details https://github.com/VictoriaMetrics/operator/issues/131 + items: + type: string + type: array + sourceLabels: + description: |- + The source labels select values from existing labels. Their content is concatenated + using the configured separator and matched against the configured regular expression + for the replace, keep, and drop actions. + items: + type: string + type: array + target_label: + description: |- + UnderScoreTargetLabel - additional form of target label - target_label + for compatibility with original relabel config. + if set both targetLabel and target_label, targetLabel has priority. + for details https://github.com/VictoriaMetrics/operator/issues/131 + type: string + targetLabel: + description: |- + Label to which the resulting value is written in a replace action. + It is mandatory for replace actions. Regex capture groups are available. + type: string + type: object + type: array + outputs: + description: |- + Outputs is a list of output aggregate functions to produce. + + The following names are allowed: + + - total - aggregates input counters + - increase - counts the increase over input counters + - count_series - counts the input series + - count_samples - counts the input samples + - sum_samples - sums the input samples + - last - the last biggest sample value + - min - the minimum sample value + - max - the maximum sample value + - avg - the average value across all the samples + - stddev - standard deviation across all the samples + - stdvar - standard variance across all the samples + - histogram_bucket - creates VictoriaMetrics histogram for input samples + - quantiles(phi1, ..., phiN) - quantiles' estimation for phi in the range [0..1] + + The output time series will have the following names: + + input_name:aggr__ + items: + type: string + type: array + staleness_interval: + description: |- + Staleness interval is interval after which the series state will be reset if no samples have been sent during it. + The parameter is only relevant for outputs: total, total_prometheus, increase, increase_prometheus and histogram_bucket. + type: string + without: + description: |- + Without is an optional list of labels, which must be excluded when grouping input series. + + See also By. + + If neither By nor Without are set, then the Outputs are calculated + individually per each input time series. + items: + type: string + type: array + required: + - interval + - outputs + type: object + type: array + type: object + terminationGracePeriodSeconds: + description: TerminationGracePeriodSeconds period for container graceful + termination + format: int64 + type: integer + tolerations: + description: Tolerations If specified, the pod's tolerations. + items: + description: |- + The pod this Toleration is attached to tolerates any taint that matches + the triple using the matching operator . + properties: + effect: + description: |- + Effect indicates the taint effect to match. Empty means match all taint effects. + When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute. + type: string + key: + description: |- + Key is the taint key that the toleration applies to. Empty means match all taint keys. + If the key is empty, operator must be Exists; this combination means to match all values and all keys. + type: string + operator: + description: |- + Operator represents a key's relationship to the value. + Valid operators are Exists and Equal. Defaults to Equal. + Exists is equivalent to wildcard for value, so that a pod can + tolerate all taints of a particular category. + type: string + tolerationSeconds: + description: |- + TolerationSeconds represents the period of time the toleration (which must be + of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, + it is not set, which means tolerate the taint forever (do not evict). Zero and + negative values will be treated as 0 (evict immediately) by the system. + format: int64 + type: integer + value: + description: |- + Value is the taint value the toleration matches to. + If the operator is Exists, the value should be empty, otherwise just a regular string. + type: string + type: object + type: array + topologySpreadConstraints: + description: |- + TopologySpreadConstraints embedded kubernetes pod configuration option, + controls how pods are spread across your cluster among failure-domains + such as regions, zones, nodes, and other user-defined topology domains + https://kubernetes.io/docs/concepts/workloads/pods/pod-topology-spread-constraints/ + items: + description: TopologySpreadConstraint specifies how to spread matching + pods among the given topology. + required: + - maxSkew + - topologyKey + - whenUnsatisfiable + type: object + x-kubernetes-preserve-unknown-fields: true + type: array + useDefaultResources: + description: |- + UseDefaultResources controls resource settings + By default, operator sets built-in resource requirements + type: boolean + useStrictSecurity: + description: |- + UseStrictSecurity enables strict security mode for component + it restricts disk writes access + uses non-root user out of the box + drops not needed security permissions + type: boolean + vmBackup: + description: VMBackup configuration for backup + properties: + acceptEULA: + description: |- + AcceptEULA accepts enterprise feature usage, must be set to true. + otherwise backupmanager cannot be added to single/cluster version. + https://victoriametrics.com/legal/esa/ + Deprecated: use license.key or license.keyRef instead + type: boolean + concurrency: + description: Defines number of concurrent workers. Higher concurrency + may reduce backup duration (default 10) + format: int32 + type: integer + credentialsSecret: + description: |- + CredentialsSecret is secret in the same namespace for access to remote storage + The secret is mounted into /etc/vm/creds. + properties: + key: + description: The key of the secret to select from. Must be + a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must be + defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + customS3Endpoint: + description: Custom S3 endpoint for use with S3-compatible storages + (e.g. MinIO). S3 is used if not set + type: string + destination: + description: Defines destination for backup + type: string + destinationDisableSuffixAdd: + description: |- + DestinationDisableSuffixAdd - disables suffix adding for cluster version backups + each vmstorage backup must have unique backup folder + so operator adds POD_NAME as suffix for backup destination folder. + type: boolean + disableDaily: + description: Defines if daily backups disabled (default false) + type: boolean + disableHourly: + description: Defines if hourly backups disabled (default false) + type: boolean + disableMonthly: + description: Defines if monthly backups disabled (default false) + type: boolean + disableWeekly: + description: Defines if weekly backups disabled (default false) + type: boolean + extraArgs: + additionalProperties: + type: string + description: extra args like maxBytesPerSecond default 0 + type: object + extraEnvs: + items: + description: EnvVar represents an environment variable present + in a Container. + properties: + name: + description: Name of the environment variable. Must be a + C_IDENTIFIER. + type: string + value: + description: |- + Variable references $(VAR_NAME) are expanded + using the previously defined environment variables in the container and + any service environment variables. If a variable cannot be resolved, + the reference in the input string will be unchanged. Double $$ are reduced + to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. + "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". + Escaped references will never be expanded, regardless of whether the variable + exists or not. + Defaults to "". + type: string + valueFrom: + description: Source for the environment variable's value. + Cannot be used if value is not empty. + properties: + configMapKeyRef: + description: Selects a key of a ConfigMap. + properties: + key: + description: The key to select. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the ConfigMap or its + key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + fieldRef: + description: |- + Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, + spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs. + properties: + apiVersion: + description: Version of the schema the FieldPath + is written in terms of, defaults to "v1". + type: string + fieldPath: + description: Path of the field to select in the + specified API version. + type: string + required: + - fieldPath + type: object + x-kubernetes-map-type: atomic + resourceFieldRef: + description: |- + Selects a resource of the container: only resources limits and requests + (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported. + properties: + containerName: + description: 'Container name: required for volumes, + optional for env vars' + type: string + divisor: + anyOf: + - type: integer + - type: string + description: Specifies the output format of the + exposed resources, defaults to "1" + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + resource: + description: 'Required: resource to select' + type: string + required: + - resource + type: object + x-kubernetes-map-type: atomic + secretKeyRef: + description: Selects a key of a secret in the pod's + namespace + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key + must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + required: + - name + type: object + type: array + extraEnvsFrom: + description: |- + ExtraEnvsFrom defines source of env variables for the application container + could either be secret or configmap + items: + description: EnvFromSource represents the source of a set of + ConfigMaps + properties: + configMapRef: + description: The ConfigMap to select from + properties: + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the ConfigMap must be defined + type: boolean + type: object + x-kubernetes-map-type: atomic + prefix: + description: An optional identifier to prepend to each key + in the ConfigMap. Must be a C_IDENTIFIER. + type: string + secretRef: + description: The Secret to select from + properties: + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret must be defined + type: boolean + type: object + x-kubernetes-map-type: atomic + type: object + type: array + image: + description: Image - docker image settings for VMBackuper + properties: + pullPolicy: + description: PullPolicy describes how to pull docker image + type: string + repository: + description: Repository contains name of docker image + it's + repository if needed + type: string + tag: + description: Tag contains desired docker image version + type: string + type: object + logFormat: + description: |- + LogFormat for VMBackup to be configured with. + default or json + enum: + - default + - json + type: string + logLevel: + description: LogLevel for VMBackup to be configured with. + enum: + - INFO + - WARN + - ERROR + - FATAL + - PANIC + type: string + port: + description: Port for health check connections + type: string + resources: + description: |- + Resources container resource request and limits, https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + if not defined default resources from operator config will be used + properties: + claims: + description: |- + Claims lists the names of resources, defined in spec.resourceClaims, + that are used by this container. + + This is an alpha field and requires enabling the + DynamicResourceAllocation feature gate. + + This field is immutable. It can only be set for containers. + items: + description: ResourceClaim references one entry in PodSpec.ResourceClaims. + properties: + name: + description: |- + Name must match the name of one entry in pod.spec.resourceClaims of + the Pod where this field is used. It makes that resource available + inside a container. + type: string + request: + description: |- + Request is the name chosen for a request in the referenced claim. + If empty, everything from the claim is made available, otherwise + only the result of this request. + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: |- + Limits describes the maximum amount of compute resources allowed. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: |- + Requests describes the minimum amount of compute resources required. + If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, + otherwise to an implementation-defined value. Requests cannot exceed Limits. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + type: object + type: object + restore: + description: |- + Restore Allows to enable restore options for pod + Read [more](https://docs.victoriametrics.com/victoriametrics/vmbackupmanager/#restore-commands) + properties: + onStart: + description: OnStart defines configuration for restore on + pod start + properties: + enabled: + description: Enabled defines if restore on start enabled + type: boolean + type: object + type: object + snapshotCreateURL: + description: SnapshotCreateURL overwrites url for snapshot create + type: string + snapshotDeleteURL: + description: SnapShotDeleteURL overwrites url for snapshot delete + type: string + volumeMounts: + description: |- + VolumeMounts allows configuration of additional VolumeMounts on the output Deployment definition. + VolumeMounts specified will be appended to other VolumeMounts in the vmbackupmanager container, + that are generated as a result of StorageSpec objects. + items: + description: VolumeMount describes a mounting of a Volume within + a container. + properties: + mountPath: + description: |- + Path within the container at which the volume should be mounted. Must + not contain ':'. + type: string + mountPropagation: + description: |- + mountPropagation determines how mounts are propagated from the host + to container and the other way around. + When not set, MountPropagationNone is used. + This field is beta in 1.10. + When RecursiveReadOnly is set to IfPossible or to Enabled, MountPropagation must be None or unspecified + (which defaults to None). + type: string + name: + description: This must match the Name of a Volume. + type: string + readOnly: + description: |- + Mounted read-only if true, read-write otherwise (false or unspecified). + Defaults to false. + type: boolean + recursiveReadOnly: + description: |- + RecursiveReadOnly specifies whether read-only mounts should be handled + recursively. + + If ReadOnly is false, this field has no meaning and must be unspecified. + + If ReadOnly is true, and this field is set to Disabled, the mount is not made + recursively read-only. If this field is set to IfPossible, the mount is made + recursively read-only, if it is supported by the container runtime. If this + field is set to Enabled, the mount is made recursively read-only if it is + supported by the container runtime, otherwise the pod will not be started and + an error will be generated to indicate the reason. + + If this field is set to IfPossible or Enabled, MountPropagation must be set to + None (or be unspecified, which defaults to None). + + If this field is not specified, it is treated as an equivalent of Disabled. + type: string + subPath: + description: |- + Path within the volume from which the container's volume should be mounted. + Defaults to "" (volume's root). + type: string + subPathExpr: + description: |- + Expanded path within the volume from which the container's volume should be mounted. + Behaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment. + Defaults to "" (volume's root). + SubPathExpr and SubPath are mutually exclusive. + type: string + required: + - mountPath + - name + type: object + type: array + type: object + volumeMounts: + description: |- + VolumeMounts allows configuration of additional VolumeMounts on the output Deployment/StatefulSet definition. + VolumeMounts specified will be appended to other VolumeMounts in the Application container + items: + description: VolumeMount describes a mounting of a Volume within + a container. + properties: + mountPath: + description: |- + Path within the container at which the volume should be mounted. Must + not contain ':'. + type: string + mountPropagation: + description: |- + mountPropagation determines how mounts are propagated from the host + to container and the other way around. + When not set, MountPropagationNone is used. + This field is beta in 1.10. + When RecursiveReadOnly is set to IfPossible or to Enabled, MountPropagation must be None or unspecified + (which defaults to None). + type: string + name: + description: This must match the Name of a Volume. + type: string + readOnly: + description: |- + Mounted read-only if true, read-write otherwise (false or unspecified). + Defaults to false. + type: boolean + recursiveReadOnly: + description: |- + RecursiveReadOnly specifies whether read-only mounts should be handled + recursively. + + If ReadOnly is false, this field has no meaning and must be unspecified. + + If ReadOnly is true, and this field is set to Disabled, the mount is not made + recursively read-only. If this field is set to IfPossible, the mount is made + recursively read-only, if it is supported by the container runtime. If this + field is set to Enabled, the mount is made recursively read-only if it is + supported by the container runtime, otherwise the pod will not be started and + an error will be generated to indicate the reason. + + If this field is set to IfPossible or Enabled, MountPropagation must be set to + None (or be unspecified, which defaults to None). + + If this field is not specified, it is treated as an equivalent of Disabled. + type: string + subPath: + description: |- + Path within the volume from which the container's volume should be mounted. + Defaults to "" (volume's root). + type: string + subPathExpr: + description: |- + Expanded path within the volume from which the container's volume should be mounted. + Behaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment. + Defaults to "" (volume's root). + SubPathExpr and SubPath are mutually exclusive. + type: string + required: + - mountPath + - name + type: object + type: array + volumes: + description: |- + Volumes allows configuration of additional volumes on the output Deployment/StatefulSet definition. + Volumes specified will be appended to other volumes that are generated. + / +optional + items: + description: Volume represents a named volume in a pod that may + be accessed by any container in the pod. + required: + - name + type: object + x-kubernetes-preserve-unknown-fields: true + type: array + type: object + status: + description: VMSingleStatus defines the observed state of VMSingle + properties: + conditions: + description: 'Known .status.conditions.type are: "Available", "Progressing", + and "Degraded"' + items: + description: Condition defines status condition of the resource + properties: + lastTransitionTime: + description: lastTransitionTime is the last time the condition + transitioned from one status to another. + format: date-time + type: string + lastUpdateTime: + description: |- + LastUpdateTime is the last time of given type update. + This value is used for status TTL update and removal + format: date-time + type: string + message: + description: |- + message is a human readable message indicating details about the transition. + This may be an empty string. + maxLength: 32768 + type: string + observedGeneration: + description: |- + observedGeneration represents the .metadata.generation that the condition was set based upon. + For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date + with respect to the current state of the instance. + format: int64 + minimum: 0 + type: integer + reason: + description: |- + reason contains a programmatic identifier indicating the reason for the condition's last transition. + Producers of specific condition types may define expected values and meanings for this field, + and whether the values are considered a guaranteed API. + The value should be a CamelCase string. + This field may not be empty. + maxLength: 1024 + minLength: 1 + type: string + status: + description: status of the condition, one of True, False, Unknown. + enum: + - "True" + - "False" + - Unknown + type: string + type: + description: Type of condition in CamelCase or in name.namespace.resource.victoriametrics.com/CamelCase. + maxLength: 316 + type: string + required: + - lastTransitionTime + - lastUpdateTime + - reason + - status + - type + type: object + type: array + x-kubernetes-list-map-keys: + - type + x-kubernetes-list-type: map + observedGeneration: + description: |- + ObservedGeneration defines current generation picked by operator for the + reconcile + format: int64 + type: integer + reason: + description: Reason defines human readable error reason + type: string + singleStatus: + description: LegacyStatus is deprecated and will be removed at v0.52.0 + version + type: string + updateStatus: + description: UpdateStatus defines a status for update rollout + type: string + type: object + type: object + served: true + storage: true + subresources: + status: {} +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.18.0 + name: vmstaticscrapes.operator.victoriametrics.com +spec: + group: operator.victoriametrics.com + names: + kind: VMStaticScrape + listKind: VMStaticScrapeList + plural: vmstaticscrapes + singular: vmstaticscrape + scope: Namespaced + versions: + - additionalPrinterColumns: + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + - jsonPath: .status.updateStatus + name: Status + type: string + - jsonPath: .status.reason + name: Sync Error + type: string + name: v1beta1 + schema: + openAPIV3Schema: + description: VMStaticScrape defines static targets configuration for scraping. + properties: + apiVersion: + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + type: string + kind: + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + type: string + metadata: + type: object + spec: + description: VMStaticScrapeSpec defines the desired state of VMStaticScrape. + properties: + jobName: + description: JobName name of job. + type: string + sampleLimit: + description: SampleLimit defines per-scrape limit on number of scraped + samples that will be accepted. + format: int64 + type: integer + seriesLimit: + description: |- + SeriesLimit defines per-scrape limit on number of unique time series + a single target can expose during all the scrapes on the time window of 24h. + format: int64 + type: integer + targetEndpoints: + description: A list of target endpoints to scrape metrics from. + items: + description: TargetEndpoint defines single static target endpoint. + properties: + authorization: + description: Authorization with http header Authorization + properties: + credentials: + description: Reference to the secret with value for authorization + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + credentialsFile: + description: File with value for authorization + type: string + type: + description: Type of authorization, default to bearer + type: string + type: object + basicAuth: + description: BasicAuth allow an endpoint to authenticate over + basic authentication + properties: + password: + description: |- + Password defines reference for secret with password value + The secret needs to be in the same namespace as scrape object + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + password_file: + description: |- + PasswordFile defines path to password file at disk + must be pre-mounted + type: string + username: + description: |- + Username defines reference for secret with username value + The secret needs to be in the same namespace as scrape object + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + bearerTokenFile: + description: File to read bearer token for scraping targets. + type: string + bearerTokenSecret: + description: |- + Secret to mount to read bearer token for scraping targets. The secret + needs to be in the same namespace as the scrape object and accessible by + the victoria-metrics operator. + nullable: true + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + follow_redirects: + description: FollowRedirects controls redirects for scraping. + type: boolean + honorLabels: + description: HonorLabels chooses the metric's labels on collisions + with target labels. + type: boolean + honorTimestamps: + description: HonorTimestamps controls whether vmagent respects + the timestamps present in scraped data. + type: boolean + interval: + description: Interval at which metrics should be scraped + type: string + labels: + additionalProperties: + type: string + description: Labels static labels for targets. + type: object + max_scrape_size: + description: MaxScrapeSize defines a maximum size of scraped + data for a job + type: string + metricRelabelConfigs: + description: MetricRelabelConfigs to apply to samples after + scrapping. + items: + description: |- + RelabelConfig allows dynamic rewriting of the label set + More info: https://docs.victoriametrics.com/victoriametrics/#relabeling + properties: + action: + description: Action to perform based on regex matching. + Default is 'replace' + type: string + if: + description: 'If represents metricsQL match expression + (or list of expressions): ''{__name__=~"foo_.*"}''' + x-kubernetes-preserve-unknown-fields: true + labels: + additionalProperties: + type: string + description: 'Labels is used together with Match for `action: + graphite`' + type: object + match: + description: 'Match is used together with Labels for `action: + graphite`' + type: string + modulus: + description: Modulus to take of the hash of the source + label values. + format: int64 + type: integer + regex: + description: |- + Regular expression against which the extracted value is matched. Default is '(.*)' + victoriaMetrics supports multiline regex joined with | + https://docs.victoriametrics.com/victoriametrics/vmagent/#relabeling-enhancements + x-kubernetes-preserve-unknown-fields: true + replacement: + description: |- + Replacement value against which a regex replace is performed if the + regular expression matches. Regex capture groups are available. Default is '$1' + type: string + separator: + description: Separator placed between concatenated source + label values. default is ';'. + type: string + source_labels: + description: |- + UnderScoreSourceLabels - additional form of source labels source_labels + for compatibility with original relabel config. + if set both sourceLabels and source_labels, sourceLabels has priority. + for details https://github.com/VictoriaMetrics/operator/issues/131 + items: + type: string + type: array + sourceLabels: + description: |- + The source labels select values from existing labels. Their content is concatenated + using the configured separator and matched against the configured regular expression + for the replace, keep, and drop actions. + items: + type: string + type: array + target_label: + description: |- + UnderScoreTargetLabel - additional form of target label - target_label + for compatibility with original relabel config. + if set both targetLabel and target_label, targetLabel has priority. + for details https://github.com/VictoriaMetrics/operator/issues/131 + type: string + targetLabel: + description: |- + Label to which the resulting value is written in a replace action. + It is mandatory for replace actions. Regex capture groups are available. + type: string + type: object + type: array + oauth2: + description: OAuth2 defines auth configuration + properties: + client_id: + description: The secret or configmap containing the OAuth2 + client id + properties: + configMap: + description: ConfigMap containing data to use for the + targets. + properties: + key: + description: The key to select. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the ConfigMap or its + key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + secret: + description: Secret containing data to use for the targets. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key + must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + client_secret: + description: The secret containing the OAuth2 client secret + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + client_secret_file: + description: ClientSecretFile defines path for client secret + file. + type: string + endpoint_params: + additionalProperties: + type: string + description: Parameters to append to the token URL + type: object + proxy_url: + description: |- + The proxy URL for token_url connection + ( available from v0.55.0). + Is only supported by Scrape objects family + type: string + scopes: + description: OAuth2 scopes used for the token request + items: + type: string + type: array + tls_config: + description: |- + TLSConfig for token_url connection + ( available from v0.55.0). + Is only supported by Scrape objects family + x-kubernetes-preserve-unknown-fields: true + token_url: + description: The URL to fetch the token from + minLength: 1 + type: string + required: + - client_id + - token_url + type: object + params: + additionalProperties: + items: + type: string + type: array + description: Optional HTTP URL parameters + type: object + path: + description: HTTP path to scrape for metrics. + type: string + proxyURL: + description: ProxyURL eg http://proxyserver:2195 Directs scrapes + to proxy through this endpoint. + type: string + relabelConfigs: + description: RelabelConfigs to apply to samples during service + discovery. + items: + description: |- + RelabelConfig allows dynamic rewriting of the label set + More info: https://docs.victoriametrics.com/victoriametrics/#relabeling + properties: + action: + description: Action to perform based on regex matching. + Default is 'replace' + type: string + if: + description: 'If represents metricsQL match expression + (or list of expressions): ''{__name__=~"foo_.*"}''' + x-kubernetes-preserve-unknown-fields: true + labels: + additionalProperties: + type: string + description: 'Labels is used together with Match for `action: + graphite`' + type: object + match: + description: 'Match is used together with Labels for `action: + graphite`' + type: string + modulus: + description: Modulus to take of the hash of the source + label values. + format: int64 + type: integer + regex: + description: |- + Regular expression against which the extracted value is matched. Default is '(.*)' + victoriaMetrics supports multiline regex joined with | + https://docs.victoriametrics.com/victoriametrics/vmagent/#relabeling-enhancements + x-kubernetes-preserve-unknown-fields: true + replacement: + description: |- + Replacement value against which a regex replace is performed if the + regular expression matches. Regex capture groups are available. Default is '$1' + type: string + separator: + description: Separator placed between concatenated source + label values. default is ';'. + type: string + source_labels: + description: |- + UnderScoreSourceLabels - additional form of source labels source_labels + for compatibility with original relabel config. + if set both sourceLabels and source_labels, sourceLabels has priority. + for details https://github.com/VictoriaMetrics/operator/issues/131 + items: + type: string + type: array + sourceLabels: + description: |- + The source labels select values from existing labels. Their content is concatenated + using the configured separator and matched against the configured regular expression + for the replace, keep, and drop actions. + items: + type: string + type: array + target_label: + description: |- + UnderScoreTargetLabel - additional form of target label - target_label + for compatibility with original relabel config. + if set both targetLabel and target_label, targetLabel has priority. + for details https://github.com/VictoriaMetrics/operator/issues/131 + type: string + targetLabel: + description: |- + Label to which the resulting value is written in a replace action. + It is mandatory for replace actions. Regex capture groups are available. + type: string + type: object + type: array + sampleLimit: + description: SampleLimit defines per-scrape limit on number + of scraped samples that will be accepted. + format: int64 + type: integer + scheme: + description: HTTP scheme to use for scraping. + enum: + - http + - https + - HTTPS + - HTTP + type: string + scrape_interval: + description: |- + ScrapeInterval is the same as Interval and has priority over it. + one of scrape_interval or interval can be used + type: string + scrapeTimeout: + description: Timeout after which the scrape is ended + type: string + seriesLimit: + description: |- + SeriesLimit defines per-scrape limit on number of unique time series + a single target can expose during all the scrapes on the time window of 24h. + format: int64 + type: integer + targets: + description: Targets static targets addresses in form of ["192.122.55.55:9100","some-name:9100"]. + items: + type: string + minItems: 1 + type: array + tlsConfig: + description: TLSConfig configuration to use when scraping the + endpoint + properties: + ca: + description: Struct containing the CA cert to use for the + targets. + properties: + configMap: + description: ConfigMap containing data to use for the + targets. + properties: + key: + description: The key to select. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the ConfigMap or its + key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + secret: + description: Secret containing data to use for the targets. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key + must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + caFile: + description: Path to the CA cert in the container to use + for the targets. + type: string + cert: + description: Struct containing the client cert file for + the targets. + properties: + configMap: + description: ConfigMap containing data to use for the + targets. + properties: + key: + description: The key to select. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the ConfigMap or its + key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + secret: + description: Secret containing data to use for the targets. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key + must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + certFile: + description: Path to the client cert file in the container + for the targets. + type: string + insecureSkipVerify: + description: Disable target certificate validation. + type: boolean + keyFile: + description: Path to the client key file in the container + for the targets. + type: string + keySecret: + description: Secret containing the client key file for the + targets. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + serverName: + description: Used to verify the hostname for the targets. + type: string + type: object + vm_scrape_params: + description: VMScrapeParams defines VictoriaMetrics specific + scrape parameters + properties: + disable_compression: + description: DisableCompression + type: boolean + disable_keep_alive: + description: |- + disable_keepalive allows disabling HTTP keep-alive when scraping targets. + By default, HTTP keep-alive is enabled, so TCP connections to scrape targets + could be reused. + See https://docs.victoriametrics.com/victoriametrics/vmagent/#scrape_config-enhancements + type: boolean + headers: + description: |- + Headers allows sending custom headers to scrape targets + must be in of semicolon separated header with it's value + eg: + headerName: headerValue + vmagent supports since 1.79.0 version + items: + type: string + type: array + no_stale_markers: + type: boolean + proxy_client_config: + description: |- + ProxyClientConfig configures proxy auth settings for scraping + See feature description https://docs.victoriametrics.com/victoriametrics/vmagent/#scraping-targets-via-a-proxy + properties: + basic_auth: + description: BasicAuth allow an endpoint to authenticate + over basic authentication + properties: + password: + description: |- + Password defines reference for secret with password value + The secret needs to be in the same namespace as scrape object + properties: + key: + description: The key of the secret to select + from. Must be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its + key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + password_file: + description: |- + PasswordFile defines path to password file at disk + must be pre-mounted + type: string + username: + description: |- + Username defines reference for secret with username value + The secret needs to be in the same namespace as scrape object + properties: + key: + description: The key of the secret to select + from. Must be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its + key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + bearer_token: + description: SecretKeySelector selects a key of a Secret. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key + must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + bearer_token_file: + type: string + tls_config: + x-kubernetes-preserve-unknown-fields: true + type: object + scrape_align_interval: + type: string + scrape_offset: + type: string + stream_parse: + type: boolean + type: object + required: + - targets + type: object + type: array + required: + - targetEndpoints + type: object + status: + description: ScrapeObjectStatus defines the observed state of ScrapeObjects + properties: + conditions: + description: 'Known .status.conditions.type are: "Available", "Progressing", + and "Degraded"' + items: + description: Condition defines status condition of the resource + properties: + lastTransitionTime: + description: lastTransitionTime is the last time the condition + transitioned from one status to another. + format: date-time + type: string + lastUpdateTime: + description: |- + LastUpdateTime is the last time of given type update. + This value is used for status TTL update and removal + format: date-time + type: string + message: + description: |- + message is a human readable message indicating details about the transition. + This may be an empty string. + maxLength: 32768 + type: string + observedGeneration: + description: |- + observedGeneration represents the .metadata.generation that the condition was set based upon. + For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date + with respect to the current state of the instance. + format: int64 + minimum: 0 + type: integer + reason: + description: |- + reason contains a programmatic identifier indicating the reason for the condition's last transition. + Producers of specific condition types may define expected values and meanings for this field, + and whether the values are considered a guaranteed API. + The value should be a CamelCase string. + This field may not be empty. + maxLength: 1024 + minLength: 1 + type: string + status: + description: status of the condition, one of True, False, Unknown. + enum: + - "True" + - "False" + - Unknown + type: string + type: + description: Type of condition in CamelCase or in name.namespace.resource.victoriametrics.com/CamelCase. + maxLength: 316 + type: string + required: + - lastTransitionTime + - lastUpdateTime + - reason + - status + - type + type: object + type: array + x-kubernetes-list-map-keys: + - type + x-kubernetes-list-type: map + observedGeneration: + description: |- + ObservedGeneration defines current generation picked by operator for the + reconcile + format: int64 + type: integer + reason: + description: Reason defines human readable error reason + type: string + updateStatus: + description: UpdateStatus defines a status for update rollout + type: string + type: object + type: object + served: true + storage: true + subresources: + status: {} +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.18.0 + name: vmusers.operator.victoriametrics.com +spec: + group: operator.victoriametrics.com + names: + kind: VMUser + listKind: VMUserList + plural: vmusers + singular: vmuser + scope: Namespaced + versions: + - additionalPrinterColumns: + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + - jsonPath: .status.updateStatus + name: Status + type: string + - jsonPath: .status.reason + name: Sync Error + type: string + name: v1beta1 + schema: + openAPIV3Schema: + description: VMUser is the Schema for the vmusers API + properties: + apiVersion: + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + type: string + kind: + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + type: string + metadata: + type: object + spec: + description: VMUserSpec defines the desired state of VMUser + properties: + bearerToken: + description: BearerToken Authorization header value for accessing + protected endpoint. + type: string + default_url: + description: |- + DefaultURLs backend url for non-matching paths filter + usually used for default backend with error message + items: + type: string + type: array + disable_secret_creation: + description: DisableSecretCreation skips related secret creation for + vmuser + type: boolean + discover_backend_ips: + description: DiscoverBackendIPs instructs discovering URLPrefix backend + IPs via DNS. + type: boolean + drop_src_path_prefix_parts: + description: |- + DropSrcPathPrefixParts is the number of `/`-delimited request path prefix parts to drop before proxying the request to backend. + See [here](https://docs.victoriametrics.com/victoriametrics/vmauth/#dropping-request-path-prefix) for more details. + type: integer + dump_request_on_errors: + description: |- + DumpRequestOnErrors instructs vmauth to return detailed request params to the client + if routing rules don't allow to forward request to the backends. + Useful for debugging `src_hosts` and `src_headers` based routing rules + + available since v1.107.0 vmauth version + type: boolean + generatePassword: + description: |- + GeneratePassword instructs operator to generate password for user + if spec.password if empty. + type: boolean + headers: + description: |- + Headers represent additional http headers, that vmauth uses + in form of ["header_key: header_value"] + multiple values for header key: + ["header_key: value1,value2"] + it's available since 1.68.0 version of vmauth + items: + type: string + type: array + ip_filters: + description: |- + IPFilters defines per target src ip filters + supported only with enterprise version of [vmauth](https://docs.victoriametrics.com/victoriametrics/vmauth/#ip-filters) + properties: + allow_list: + items: + type: string + type: array + deny_list: + items: + type: string + type: array + type: object + load_balancing_policy: + description: |- + LoadBalancingPolicy defines load balancing policy to use for backend urls. + Supported policies: least_loaded, first_available. + See [here](https://docs.victoriametrics.com/victoriametrics/vmauth/#load-balancing) for more details (default "least_loaded") + enum: + - least_loaded + - first_available + type: string + max_concurrent_requests: + description: |- + MaxConcurrentRequests defines max concurrent requests per user + 300 is default value for vmauth + type: integer + metric_labels: + additionalProperties: + type: string + description: MetricLabels - additional labels for metrics exported + by vmauth for given user. + type: object + name: + description: Name of the VMUser object. + type: string + password: + description: Password basic auth password for accessing protected + endpoint. + type: string + passwordRef: + description: PasswordRef allows fetching password from user-create + secret by its name and key. + properties: + key: + description: The key of the secret to select from. Must be a + valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + response_headers: + description: |- + ResponseHeaders represent additional http headers, that vmauth adds for request response + in form of ["header_key: header_value"] + multiple values for header key: + ["header_key: value1,value2"] + it's available since 1.93.0 version of vmauth + items: + type: string + type: array + retry_status_codes: + description: |- + RetryStatusCodes defines http status codes in numeric format for request retries + e.g. [429,503] + items: + type: integer + type: array + targetRefs: + description: TargetRefs - reference to endpoints, which user may access. + items: + description: |- + TargetRef describes target for user traffic forwarding. + one of target types can be chosen: + crd or static per targetRef. + user can define multiple targetRefs with different ref Types. + properties: + crd: + description: |- + CRD describes exist operator's CRD object, + operator generates access url based on CRD params. + properties: + kind: + description: |- + Kind one of: + VMAgent,VMAlert, VMSingle, VMCluster/vmselect, VMCluster/vmstorage,VMCluster/vminsert,VMAlertManager, VLSingle, VLCluster/vlinsert, VLCluster/vlselect, VLCluster/vlstorage, VTSingle, VTCluster/vtinsert, VTCluster/vtselect, VTCluster/vtstorage and VLAgent + enum: + - VMAgent + - VMAlert + - VMSingle + - VLogs + - VMAlertManager + - VMAlertmanager + - VMCluster/vmselect + - VMCluster/vmstorage + - VMCluster/vminsert + - VLSingle + - VLCluster/vlinsert + - VLCluster/vlselect + - VLCluster/vlstorage + - VLAgent + - VTCluster/vtinsert + - VTCluster/vtselect + - VTCluster/vtstorage + - VTSingle + type: string + name: + description: Name target CRD object name + type: string + namespace: + description: Namespace target CRD object namespace. + type: string + required: + - kind + - name + - namespace + type: object + discover_backend_ips: + description: DiscoverBackendIPs instructs discovering URLPrefix + backend IPs via DNS. + type: boolean + drop_src_path_prefix_parts: + description: |- + DropSrcPathPrefixParts is the number of `/`-delimited request path prefix parts to drop before proxying the request to backend. + See [here](https://docs.victoriametrics.com/victoriametrics/vmauth/#dropping-request-path-prefix) for more details. + type: integer + headers: + description: |- + RequestHeaders represent additional http headers, that vmauth uses + in form of ["header_key: header_value"] + multiple values for header key: + ["header_key: value1,value2"] + it's available since 1.68.0 version of vmauth + items: + type: string + type: array + hosts: + items: + type: string + type: array + load_balancing_policy: + description: |- + LoadBalancingPolicy defines load balancing policy to use for backend urls. + Supported policies: least_loaded, first_available. + See [here](https://docs.victoriametrics.com/victoriametrics/vmauth/#load-balancing) for more details (default "least_loaded") + enum: + - least_loaded + - first_available + type: string + paths: + description: Paths - matched path to route. + items: + type: string + type: array + response_headers: + description: |- + ResponseHeaders represent additional http headers, that vmauth adds for request response + in form of ["header_key: header_value"] + multiple values for header key: + ["header_key: value1,value2"] + it's available since 1.93.0 version of vmauth + items: + type: string + type: array + retry_status_codes: + description: |- + RetryStatusCodes defines http status codes in numeric format for request retries + Can be defined per target or at VMUser.spec level + e.g. [429,503] + items: + type: integer + type: array + src_headers: + description: SrcHeaders is an optional list of headers, which + must match request headers. + items: + type: string + type: array + src_query_args: + description: SrcQueryArgs is an optional list of query args, + which must match request URL query args. + items: + type: string + type: array + static: + description: |- + Static - user defined url for traffic forward, + for instance http://vmsingle:8428 + properties: + url: + description: URL http url for given staticRef. + type: string + urls: + description: URLs allows setting multiple urls for load-balancing + at vmauth-side. + items: + type: string + type: array + type: object + target_path_suffix: + description: |- + TargetPathSuffix allows to add some suffix to the target path + It allows to hide tenant configuration from user with crd as ref. + it also may contain any url encoded params. + type: string + targetRefBasicAuth: + description: TargetRefBasicAuth allow an target endpoint to + authenticate over basic authentication + properties: + password: + description: |- + The secret in the service scrape namespace that contains the password + for authentication. + It must be at them same namespace as CRD + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + username: + description: |- + The secret in the service scrape namespace that contains the username + for authentication. + It must be at them same namespace as CRD + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + required: + - password + - username + type: object + type: object + type: array + tlsConfig: + description: TLSConfig defines tls configuration for the backend connection + properties: + ca: + description: Struct containing the CA cert to use for the targets. + properties: + configMap: + description: ConfigMap containing data to use for the targets. + properties: + key: + description: The key to select. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the ConfigMap or its key + must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + secret: + description: Secret containing data to use for the targets. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + caFile: + description: Path to the CA cert in the container to use for the + targets. + type: string + cert: + description: Struct containing the client cert file for the targets. + properties: + configMap: + description: ConfigMap containing data to use for the targets. + properties: + key: + description: The key to select. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the ConfigMap or its key + must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + secret: + description: Secret containing data to use for the targets. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + certFile: + description: Path to the client cert file in the container for + the targets. + type: string + insecureSkipVerify: + description: Disable target certificate validation. + type: boolean + keyFile: + description: Path to the client key file in the container for + the targets. + type: string + keySecret: + description: Secret containing the client key file for the targets. + properties: + key: + description: The key of the secret to select from. Must be + a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must be + defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + serverName: + description: Used to verify the hostname for the targets. + type: string + type: object + tokenRef: + description: TokenRef allows fetching token from user-created secrets + by its name and key. + properties: + key: + description: The key of the secret to select from. Must be a + valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + username: + description: |- + UserName basic auth user name for accessing protected endpoint, + will be replaced with metadata.name of VMUser if omitted. + type: string + required: + - targetRefs + type: object + status: + description: VMUserStatus defines the observed state of VMUser + properties: + conditions: + description: 'Known .status.conditions.type are: "Available", "Progressing", + and "Degraded"' + items: + description: Condition defines status condition of the resource + properties: + lastTransitionTime: + description: lastTransitionTime is the last time the condition + transitioned from one status to another. + format: date-time + type: string + lastUpdateTime: + description: |- + LastUpdateTime is the last time of given type update. + This value is used for status TTL update and removal + format: date-time + type: string + message: + description: |- + message is a human readable message indicating details about the transition. + This may be an empty string. + maxLength: 32768 + type: string + observedGeneration: + description: |- + observedGeneration represents the .metadata.generation that the condition was set based upon. + For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date + with respect to the current state of the instance. + format: int64 + minimum: 0 + type: integer + reason: + description: |- + reason contains a programmatic identifier indicating the reason for the condition's last transition. + Producers of specific condition types may define expected values and meanings for this field, + and whether the values are considered a guaranteed API. + The value should be a CamelCase string. + This field may not be empty. + maxLength: 1024 + minLength: 1 + type: string + status: + description: status of the condition, one of True, False, Unknown. + enum: + - "True" + - "False" + - Unknown + type: string + type: + description: Type of condition in CamelCase or in name.namespace.resource.victoriametrics.com/CamelCase. + maxLength: 316 + type: string + required: + - lastTransitionTime + - lastUpdateTime + - reason + - status + - type + type: object + type: array + x-kubernetes-list-map-keys: + - type + x-kubernetes-list-type: map + observedGeneration: + description: |- + ObservedGeneration defines current generation picked by operator for the + reconcile + format: int64 + type: integer + reason: + description: Reason defines human readable error reason + type: string + updateStatus: + description: UpdateStatus defines a status for update rollout + type: string + type: object + type: object + served: true + storage: true + subresources: + status: {} +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.18.0 + name: vtclusters.operator.victoriametrics.com +spec: + group: operator.victoriametrics.com + names: + kind: VTCluster + listKind: VTClusterList + plural: vtclusters + singular: vtcluster + scope: Namespaced + versions: + - additionalPrinterColumns: + - description: replicas of VTInsert + jsonPath: .spec.vtinsert.replicaCount + name: Insert Count + type: string + - description: replicas of VTStorage + jsonPath: .spec.vtstorage.replicaCount + name: Storage Count + type: string + - description: replicas of VTSelect + jsonPath: .spec.vtselect.replicaCount + name: Select Count + type: string + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + - description: Current status of cluster + jsonPath: .status.updateStatus + name: Status + type: string + name: v1 + schema: + openAPIV3Schema: + description: VTCluster is fast, cost-effective and scalable traces database. + properties: + apiVersion: + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + type: string + kind: + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + type: string + metadata: + type: object + spec: + description: VTClusterSpec defines the desired state of VTCluster + properties: + clusterDomainName: + description: |- + ClusterDomainName defines domain name suffix for in-cluster dns addresses + aka .cluster.local + used by vtinsert and vtselect to build vtstorage address + type: string + clusterVersion: + description: |- + ClusterVersion defines default images tag for all components. + it can be overwritten with component specific image.tag value. + type: string + imagePullSecrets: + description: |- + ImagePullSecrets An optional list of references to secrets in the same namespace + to use for pulling images from registries + see https://kubernetes.io/docs/concepts/containers/images/#referring-to-an-imagepullsecrets-on-a-pod + items: + description: |- + LocalObjectReference contains enough information to let you locate the + referenced object inside the same namespace. + properties: + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + type: object + x-kubernetes-map-type: atomic + type: array + insert: + description: VTInsert defines vtinsert component configuration at + victoria-traces cluster + properties: + affinity: + description: Affinity If specified, the pod's scheduling constraints. + type: object + x-kubernetes-preserve-unknown-fields: true + configMaps: + description: |- + ConfigMaps is a list of ConfigMaps in the same namespace as the Application + object, which shall be mounted into the Application container + at /etc/vm/configs/CONFIGMAP_NAME folder + items: + type: string + type: array + containers: + description: |- + Containers property allows to inject additions sidecars or to patch existing containers. + It can be useful for proxies, backup, etc. + items: + description: A single application container that you want to + run within a pod. + required: + - name + type: object + x-kubernetes-preserve-unknown-fields: true + type: array + disableAutomountServiceAccountToken: + description: |- + DisableAutomountServiceAccountToken whether to disable serviceAccount auto mount by Kubernetes (available from v0.54.0). + Operator will conditionally create volumes and volumeMounts for containers if it requires k8s API access. + For example, vmagent and vm-config-reloader requires k8s API access. + Operator creates volumes with name: "kube-api-access", which can be used as volumeMount for extraContainers if needed. + And also adds VolumeMounts at /var/run/secrets/kubernetes.io/serviceaccount. + type: boolean + disableSelfServiceScrape: + description: |- + DisableSelfServiceScrape controls creation of VMServiceScrape by operator + for the application. + Has priority over `VM_DISABLESELFSERVICESCRAPECREATION` operator env variable + type: boolean + dnsConfig: + description: |- + Specifies the DNS parameters of a pod. + Parameters specified here will be merged to the generated DNS + configuration based on DNSPolicy. + items: + x-kubernetes-preserve-unknown-fields: true + properties: + nameservers: + description: |- + A list of DNS name server IP addresses. + This will be appended to the base nameservers generated from DNSPolicy. + Duplicated nameservers will be removed. + items: + type: string + type: array + x-kubernetes-list-type: atomic + options: + description: |- + A list of DNS resolver options. + This will be merged with the base options generated from DNSPolicy. + Duplicated entries will be removed. Resolution options given in Options + will override those that appear in the base DNSPolicy. + items: + description: PodDNSConfigOption defines DNS resolver options + of a pod. + properties: + name: + description: |- + Name is this DNS resolver option's name. + Required. + type: string + value: + description: Value is this DNS resolver option's value. + type: string + type: object + type: array + x-kubernetes-list-type: atomic + searches: + description: |- + A list of DNS search domains for host-name lookup. + This will be appended to the base search paths generated from DNSPolicy. + Duplicated search paths will be removed. + items: + type: string + type: array + x-kubernetes-list-type: atomic + type: object + dnsPolicy: + description: DNSPolicy sets DNS policy for the pod + type: string + extraArgs: + additionalProperties: + type: string + description: |- + ExtraArgs that will be passed to the application container + for example remoteWrite.tmpDataPath: /tmp + type: object + extraEnvs: + description: ExtraEnvs that will be passed to the application + container + items: + description: EnvVar represents an environment variable present + in a Container. + properties: + name: + description: Name of the environment variable. Must be a + C_IDENTIFIER. + type: string + value: + description: |- + Variable references $(VAR_NAME) are expanded + using the previously defined environment variables in the container and + any service environment variables. If a variable cannot be resolved, + the reference in the input string will be unchanged. Double $$ are reduced + to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. + "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". + Escaped references will never be expanded, regardless of whether the variable + exists or not. + Defaults to "". + type: string + required: + - name + type: object + x-kubernetes-preserve-unknown-fields: true + type: array + extraEnvsFrom: + description: |- + ExtraEnvsFrom defines source of env variables for the application container + could either be secret or configmap + items: + description: EnvFromSource represents the source of a set of + ConfigMaps + properties: + configMapRef: + description: The ConfigMap to select from + properties: + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the ConfigMap must be defined + type: boolean + type: object + x-kubernetes-map-type: atomic + prefix: + description: An optional identifier to prepend to each key + in the ConfigMap. Must be a C_IDENTIFIER. + type: string + secretRef: + description: The Secret to select from + properties: + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret must be defined + type: boolean + type: object + x-kubernetes-map-type: atomic + type: object + type: array + host_aliases: + description: |- + HostAliasesUnderScore provides mapping for ip and hostname, + that would be propagated to pod, + cannot be used with HostNetwork. + Has Priority over hostAliases field + items: + description: |- + HostAlias holds the mapping between IP and hostnames that will be injected as an entry in the + pod's hosts file. + properties: + hostnames: + description: Hostnames for the above IP address. + items: + type: string + type: array + x-kubernetes-list-type: atomic + ip: + description: IP address of the host file entry. + type: string + required: + - ip + type: object + type: array + hostAliases: + description: |- + HostAliases provides mapping for ip and hostname, + that would be propagated to pod, + cannot be used with HostNetwork. + items: + description: |- + HostAlias holds the mapping between IP and hostnames that will be injected as an entry in the + pod's hosts file. + properties: + hostnames: + description: Hostnames for the above IP address. + items: + type: string + type: array + x-kubernetes-list-type: atomic + ip: + description: IP address of the host file entry. + type: string + required: + - ip + type: object + type: array + hostNetwork: + description: HostNetwork controls whether the pod may use the + node network namespace + type: boolean + hpa: + description: Configures horizontal pod autoscaling. + type: object + x-kubernetes-preserve-unknown-fields: true + image: + description: |- + Image - docker image settings + if no specified operator uses default version from operator config + properties: + pullPolicy: + description: PullPolicy describes how to pull docker image + type: string + repository: + description: Repository contains name of docker image + it's + repository if needed + type: string + tag: + description: Tag contains desired docker image version + type: string + type: object + imagePullSecrets: + description: |- + ImagePullSecrets An optional list of references to secrets in the same namespace + to use for pulling images from registries + see https://kubernetes.io/docs/concepts/containers/images/#referring-to-an-imagepullsecrets-on-a-pod + items: + description: |- + LocalObjectReference contains enough information to let you locate the + referenced object inside the same namespace. + properties: + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + type: object + x-kubernetes-map-type: atomic + type: array + initContainers: + description: |- + InitContainers allows adding initContainers to the pod definition. + Any errors during the execution of an initContainer will lead to a restart of the Pod. + More info: https://kubernetes.io/docs/concepts/workloads/pods/init-containers/ + items: + description: A single application container that you want to + run within a pod. + required: + - name + type: object + x-kubernetes-preserve-unknown-fields: true + type: array + livenessProbe: + description: LivenessProbe that will be added CRD pod + type: object + x-kubernetes-preserve-unknown-fields: true + logFormat: + description: |- + LogFormat for VTSelect to be configured with. + default or json + enum: + - default + - json + type: string + logLevel: + description: LogLevel for VTSelect to be configured with. + enum: + - INFO + - WARN + - ERROR + - FATAL + - PANIC + type: string + minReadySeconds: + description: |- + MinReadySeconds defines a minimum number of seconds to wait before starting update next pod + if previous in healthy state + Has no effect for VLogs and VMSingle + format: int32 + type: integer + nodeSelector: + additionalProperties: + type: string + description: NodeSelector Define which Nodes the Pods are scheduled + on. + type: object + paused: + description: |- + Paused If set to true all actions on the underlying managed objects are not + going to be performed, except for delete actions. + type: boolean + podDisruptionBudget: + description: PodDisruptionBudget created by operator + properties: + maxUnavailable: + anyOf: + - type: integer + - type: string + description: |- + An eviction is allowed if at most "maxUnavailable" pods selected by + "selector" are unavailable after the eviction, i.e. even in absence of + the evicted pod. For example, one can prevent all voluntary evictions + by specifying 0. This is a mutually exclusive setting with "minAvailable". + x-kubernetes-int-or-string: true + minAvailable: + anyOf: + - type: integer + - type: string + description: |- + An eviction is allowed if at least "minAvailable" pods selected by + "selector" will still be available after the eviction, i.e. even in the + absence of the evicted pod. So for example you can prevent all voluntary + evictions by specifying "100%". + x-kubernetes-int-or-string: true + selectorLabels: + additionalProperties: + type: string + description: |- + replaces default labels selector generated by operator + it's useful when you need to create custom budget + type: object + type: object + podMetadata: + description: PodMetadata configures Labels and Annotations which + are propagated to the VTSelect pods. + properties: + annotations: + additionalProperties: + type: string + description: |- + Annotations is an unstructured key value map stored with a resource that may be + set by external tools to store and retrieve arbitrary metadata. They are not + queryable and should be preserved when modifying objects. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations + type: object + labels: + additionalProperties: + type: string + description: |- + Labels Map of string keys and values that can be used to organize and categorize + (scope and select) objects. May match selectors of replication controllers + and services. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels + type: object + name: + description: |- + Name must be unique within a namespace. Is required when creating resources, although + some resources may allow a client to request the generation of an appropriate name + automatically. Name is primarily intended for creation idempotence and configuration + definition. + Cannot be updated. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names#names + type: string + type: object + port: + description: Port listen address + type: string + priorityClassName: + description: PriorityClassName class assigned to the Pods + type: string + readinessGates: + description: ReadinessGates defines pod readiness gates + items: + description: PodReadinessGate contains the reference to a pod + condition + properties: + conditionType: + description: ConditionType refers to a condition in the + pod's condition list with matching type. + type: string + required: + - conditionType + type: object + type: array + readinessProbe: + description: ReadinessProbe that will be added CRD pod + type: object + x-kubernetes-preserve-unknown-fields: true + replicaCount: + description: ReplicaCount is the expected size of the Application. + format: int32 + type: integer + resources: + description: |- + Resources container resource request and limits, https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + if not defined default resources from operator config will be used + properties: + claims: + description: |- + Claims lists the names of resources, defined in spec.resourceClaims, + that are used by this container. + + This is an alpha field and requires enabling the + DynamicResourceAllocation feature gate. + + This field is immutable. It can only be set for containers. + items: + description: ResourceClaim references one entry in PodSpec.ResourceClaims. + properties: + name: + description: |- + Name must match the name of one entry in pod.spec.resourceClaims of + the Pod where this field is used. It makes that resource available + inside a container. + type: string + request: + description: |- + Request is the name chosen for a request in the referenced claim. + If empty, everything from the claim is made available, otherwise + only the result of this request. + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: |- + Limits describes the maximum amount of compute resources allowed. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: |- + Requests describes the minimum amount of compute resources required. + If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, + otherwise to an implementation-defined value. Requests cannot exceed Limits. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + type: object + type: object + revisionHistoryLimitCount: + description: |- + The number of old ReplicaSets to retain to allow rollback in deployment or + maximum number of revisions that will be maintained in the Deployment revision history. + Has no effect at StatefulSets + Defaults to 10. + format: int32 + type: integer + rollingUpdate: + description: RollingUpdate - overrides deployment update params. + properties: + maxSurge: + anyOf: + - type: integer + - type: string + description: |- + The maximum number of pods that can be scheduled above the desired number of + pods. + Value can be an absolute number (ex: 5) or a percentage of desired pods (ex: 10%). + This can not be 0 if MaxUnavailable is 0. + Absolute number is calculated from percentage by rounding up. + Defaults to 25%. + Example: when this is set to 30%, the new ReplicaSet can be scaled up immediately when + the rolling update starts, such that the total number of old and new pods do not exceed + 130% of desired pods. Once old pods have been killed, + new ReplicaSet can be scaled up further, ensuring that total number of pods running + at any time during the update is at most 130% of desired pods. + x-kubernetes-int-or-string: true + maxUnavailable: + anyOf: + - type: integer + - type: string + description: |- + The maximum number of pods that can be unavailable during the update. + Value can be an absolute number (ex: 5) or a percentage of desired pods (ex: 10%). + Absolute number is calculated from percentage by rounding down. + This can not be 0 if MaxSurge is 0. + Defaults to 25%. + Example: when this is set to 30%, the old ReplicaSet can be scaled down to 70% of desired pods + immediately when the rolling update starts. Once new pods are ready, old ReplicaSet + can be scaled down further, followed by scaling up the new ReplicaSet, ensuring + that the total number of pods available at all times during the update is at + least 70% of desired pods. + x-kubernetes-int-or-string: true + type: object + runtimeClassName: + description: |- + RuntimeClassName - defines runtime class for kubernetes pod. + https://kubernetes.io/docs/concepts/containers/runtime-class/ + type: string + schedulerName: + description: SchedulerName - defines kubernetes scheduler name + type: string + secrets: + description: |- + Secrets is a list of Secrets in the same namespace as the Application + object, which shall be mounted into the Application container + at /etc/vm/secrets/SECRET_NAME folder + items: + type: string + type: array + securityContext: + description: |- + SecurityContext holds pod-level security attributes and common container settings. + This defaults to the default PodSecurityContext. + type: object + x-kubernetes-preserve-unknown-fields: true + serviceScrapeSpec: + description: ServiceScrapeSpec that will be added to vtselect + VMServiceScrape spec + required: + - endpoints + type: object + x-kubernetes-preserve-unknown-fields: true + serviceSpec: + description: ServiceSpec that will be added to vtselect service + spec + properties: + metadata: + description: EmbeddedObjectMetadata defines objectMeta for + additional service. + properties: + annotations: + additionalProperties: + type: string + description: |- + Annotations is an unstructured key value map stored with a resource that may be + set by external tools to store and retrieve arbitrary metadata. They are not + queryable and should be preserved when modifying objects. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations + type: object + labels: + additionalProperties: + type: string + description: |- + Labels Map of string keys and values that can be used to organize and categorize + (scope and select) objects. May match selectors of replication controllers + and services. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels + type: object + name: + description: |- + Name must be unique within a namespace. Is required when creating resources, although + some resources may allow a client to request the generation of an appropriate name + automatically. Name is primarily intended for creation idempotence and configuration + definition. + Cannot be updated. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names#names + type: string + type: object + spec: + description: |- + ServiceSpec describes the attributes that a user creates on a service. + More info: https://kubernetes.io/docs/concepts/services-networking/service/ + type: object + x-kubernetes-preserve-unknown-fields: true + useAsDefault: + description: |- + UseAsDefault applies changes from given service definition to the main object Service + Changing from headless service to clusterIP or loadbalancer may break cross-component communication + type: boolean + required: + - spec + type: object + startupProbe: + description: StartupProbe that will be added to CRD pod + type: object + x-kubernetes-preserve-unknown-fields: true + terminationGracePeriodSeconds: + description: TerminationGracePeriodSeconds period for container + graceful termination + format: int64 + type: integer + tolerations: + description: Tolerations If specified, the pod's tolerations. + items: + description: |- + The pod this Toleration is attached to tolerates any taint that matches + the triple using the matching operator . + properties: + effect: + description: |- + Effect indicates the taint effect to match. Empty means match all taint effects. + When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute. + type: string + key: + description: |- + Key is the taint key that the toleration applies to. Empty means match all taint keys. + If the key is empty, operator must be Exists; this combination means to match all values and all keys. + type: string + operator: + description: |- + Operator represents a key's relationship to the value. + Valid operators are Exists and Equal. Defaults to Equal. + Exists is equivalent to wildcard for value, so that a pod can + tolerate all taints of a particular category. + type: string + tolerationSeconds: + description: |- + TolerationSeconds represents the period of time the toleration (which must be + of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, + it is not set, which means tolerate the taint forever (do not evict). Zero and + negative values will be treated as 0 (evict immediately) by the system. + format: int64 + type: integer + value: + description: |- + Value is the taint value the toleration matches to. + If the operator is Exists, the value should be empty, otherwise just a regular string. + type: string + type: object + type: array + topologySpreadConstraints: + description: |- + TopologySpreadConstraints embedded kubernetes pod configuration option, + controls how pods are spread across your cluster among failure-domains + such as regions, zones, nodes, and other user-defined topology domains + https://kubernetes.io/docs/concepts/workloads/pods/pod-topology-spread-constraints/ + items: + description: TopologySpreadConstraint specifies how to spread + matching pods among the given topology. + required: + - maxSkew + - topologyKey + - whenUnsatisfiable + type: object + x-kubernetes-preserve-unknown-fields: true + type: array + updateStrategy: + description: UpdateStrategy - overrides default update strategy. + enum: + - Recreate + - RollingUpdate + type: string + useDefaultResources: + description: |- + UseDefaultResources controls resource settings + By default, operator sets built-in resource requirements + type: boolean + useStrictSecurity: + description: |- + UseStrictSecurity enables strict security mode for component + it restricts disk writes access + uses non-root user out of the box + drops not needed security permissions + type: boolean + volumeMounts: + description: |- + VolumeMounts allows configuration of additional VolumeMounts on the output Deployment/StatefulSet definition. + VolumeMounts specified will be appended to other VolumeMounts in the Application container + items: + description: VolumeMount describes a mounting of a Volume within + a container. + properties: + mountPath: + description: |- + Path within the container at which the volume should be mounted. Must + not contain ':'. + type: string + mountPropagation: + description: |- + mountPropagation determines how mounts are propagated from the host + to container and the other way around. + When not set, MountPropagationNone is used. + This field is beta in 1.10. + When RecursiveReadOnly is set to IfPossible or to Enabled, MountPropagation must be None or unspecified + (which defaults to None). + type: string + name: + description: This must match the Name of a Volume. + type: string + readOnly: + description: |- + Mounted read-only if true, read-write otherwise (false or unspecified). + Defaults to false. + type: boolean + recursiveReadOnly: + description: |- + RecursiveReadOnly specifies whether read-only mounts should be handled + recursively. + + If ReadOnly is false, this field has no meaning and must be unspecified. + + If ReadOnly is true, and this field is set to Disabled, the mount is not made + recursively read-only. If this field is set to IfPossible, the mount is made + recursively read-only, if it is supported by the container runtime. If this + field is set to Enabled, the mount is made recursively read-only if it is + supported by the container runtime, otherwise the pod will not be started and + an error will be generated to indicate the reason. + + If this field is set to IfPossible or Enabled, MountPropagation must be set to + None (or be unspecified, which defaults to None). + + If this field is not specified, it is treated as an equivalent of Disabled. + type: string + subPath: + description: |- + Path within the volume from which the container's volume should be mounted. + Defaults to "" (volume's root). + type: string + subPathExpr: + description: |- + Expanded path within the volume from which the container's volume should be mounted. + Behaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment. + Defaults to "" (volume's root). + SubPathExpr and SubPath are mutually exclusive. + type: string + required: + - mountPath + - name + type: object + type: array + volumes: + description: |- + Volumes allows configuration of additional volumes on the output Deployment/StatefulSet definition. + Volumes specified will be appended to other volumes that are generated. + / +optional + items: + description: Volume represents a named volume in a pod that + may be accessed by any container in the pod. + required: + - name + type: object + x-kubernetes-preserve-unknown-fields: true + type: array + type: object + managedMetadata: + description: |- + ManagedMetadata defines metadata that will be added to the all objects + created by operator for the given CustomResource + properties: + annotations: + additionalProperties: + type: string + description: |- + Annotations is an unstructured key value map stored with a resource that may be + set by external tools to store and retrieve arbitrary metadata. They are not + queryable and should be preserved when modifying objects. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations + type: object + labels: + additionalProperties: + type: string + description: |- + Labels Map of string keys and values that can be used to organize and categorize + (scope and select) objects. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels + type: object + type: object + paused: + description: |- + Paused If set to true all actions on the underlying managed objects are not + going to be performed, except for delete actions. + type: boolean + requestsLoadBalancer: + description: |- + RequestsLoadBalancer configures load-balancing for vtinsert and vtselect requests. + It helps to evenly spread load across pods. + Usually it's not possible with Kubernetes TCP-based services. + properties: + disableInsertBalancing: + type: boolean + disableSelectBalancing: + type: boolean + enabled: + type: boolean + spec: + description: |- + VMAuthLoadBalancerSpec defines configuration spec for VMAuth used as load-balancer + for VMCluster component + type: object + x-kubernetes-preserve-unknown-fields: true + type: object + select: + description: VTSelect defines vtselect component configuration at + victoria-traces cluster + properties: + affinity: + description: Affinity If specified, the pod's scheduling constraints. + type: object + x-kubernetes-preserve-unknown-fields: true + configMaps: + description: |- + ConfigMaps is a list of ConfigMaps in the same namespace as the Application + object, which shall be mounted into the Application container + at /etc/vm/configs/CONFIGMAP_NAME folder + items: + type: string + type: array + containers: + description: |- + Containers property allows to inject additions sidecars or to patch existing containers. + It can be useful for proxies, backup, etc. + items: + description: A single application container that you want to + run within a pod. + required: + - name + type: object + x-kubernetes-preserve-unknown-fields: true + type: array + disableAutomountServiceAccountToken: + description: |- + DisableAutomountServiceAccountToken whether to disable serviceAccount auto mount by Kubernetes (available from v0.54.0). + Operator will conditionally create volumes and volumeMounts for containers if it requires k8s API access. + For example, vmagent and vm-config-reloader requires k8s API access. + Operator creates volumes with name: "kube-api-access", which can be used as volumeMount for extraContainers if needed. + And also adds VolumeMounts at /var/run/secrets/kubernetes.io/serviceaccount. + type: boolean + disableSelfServiceScrape: + description: |- + DisableSelfServiceScrape controls creation of VMServiceScrape by operator + for the application. + Has priority over `VM_DISABLESELFSERVICESCRAPECREATION` operator env variable + type: boolean + dnsConfig: + description: |- + Specifies the DNS parameters of a pod. + Parameters specified here will be merged to the generated DNS + configuration based on DNSPolicy. + items: + x-kubernetes-preserve-unknown-fields: true + properties: + nameservers: + description: |- + A list of DNS name server IP addresses. + This will be appended to the base nameservers generated from DNSPolicy. + Duplicated nameservers will be removed. + items: + type: string + type: array + x-kubernetes-list-type: atomic + options: + description: |- + A list of DNS resolver options. + This will be merged with the base options generated from DNSPolicy. + Duplicated entries will be removed. Resolution options given in Options + will override those that appear in the base DNSPolicy. + items: + description: PodDNSConfigOption defines DNS resolver options + of a pod. + properties: + name: + description: |- + Name is this DNS resolver option's name. + Required. + type: string + value: + description: Value is this DNS resolver option's value. + type: string + type: object + type: array + x-kubernetes-list-type: atomic + searches: + description: |- + A list of DNS search domains for host-name lookup. + This will be appended to the base search paths generated from DNSPolicy. + Duplicated search paths will be removed. + items: + type: string + type: array + x-kubernetes-list-type: atomic + type: object + dnsPolicy: + description: DNSPolicy sets DNS policy for the pod + type: string + extraArgs: + additionalProperties: + type: string + description: |- + ExtraArgs that will be passed to the application container + for example remoteWrite.tmpDataPath: /tmp + type: object + extraEnvs: + description: ExtraEnvs that will be passed to the application + container + items: + description: EnvVar represents an environment variable present + in a Container. + properties: + name: + description: Name of the environment variable. Must be a + C_IDENTIFIER. + type: string + value: + description: |- + Variable references $(VAR_NAME) are expanded + using the previously defined environment variables in the container and + any service environment variables. If a variable cannot be resolved, + the reference in the input string will be unchanged. Double $$ are reduced + to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. + "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". + Escaped references will never be expanded, regardless of whether the variable + exists or not. + Defaults to "". + type: string + required: + - name + type: object + x-kubernetes-preserve-unknown-fields: true + type: array + extraEnvsFrom: + description: |- + ExtraEnvsFrom defines source of env variables for the application container + could either be secret or configmap + items: + description: EnvFromSource represents the source of a set of + ConfigMaps + properties: + configMapRef: + description: The ConfigMap to select from + properties: + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the ConfigMap must be defined + type: boolean + type: object + x-kubernetes-map-type: atomic + prefix: + description: An optional identifier to prepend to each key + in the ConfigMap. Must be a C_IDENTIFIER. + type: string + secretRef: + description: The Secret to select from + properties: + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret must be defined + type: boolean + type: object + x-kubernetes-map-type: atomic + type: object + type: array + host_aliases: + description: |- + HostAliasesUnderScore provides mapping for ip and hostname, + that would be propagated to pod, + cannot be used with HostNetwork. + Has Priority over hostAliases field + items: + description: |- + HostAlias holds the mapping between IP and hostnames that will be injected as an entry in the + pod's hosts file. + properties: + hostnames: + description: Hostnames for the above IP address. + items: + type: string + type: array + x-kubernetes-list-type: atomic + ip: + description: IP address of the host file entry. + type: string + required: + - ip + type: object + type: array + hostAliases: + description: |- + HostAliases provides mapping for ip and hostname, + that would be propagated to pod, + cannot be used with HostNetwork. + items: + description: |- + HostAlias holds the mapping between IP and hostnames that will be injected as an entry in the + pod's hosts file. + properties: + hostnames: + description: Hostnames for the above IP address. + items: + type: string + type: array + x-kubernetes-list-type: atomic + ip: + description: IP address of the host file entry. + type: string + required: + - ip + type: object + type: array + hostNetwork: + description: HostNetwork controls whether the pod may use the + node network namespace + type: boolean + hpa: + description: Configures horizontal pod autoscaling. + type: object + x-kubernetes-preserve-unknown-fields: true + image: + description: |- + Image - docker image settings + if no specified operator uses default version from operator config + properties: + pullPolicy: + description: PullPolicy describes how to pull docker image + type: string + repository: + description: Repository contains name of docker image + it's + repository if needed + type: string + tag: + description: Tag contains desired docker image version + type: string + type: object + imagePullSecrets: + description: |- + ImagePullSecrets An optional list of references to secrets in the same namespace + to use for pulling images from registries + see https://kubernetes.io/docs/concepts/containers/images/#referring-to-an-imagepullsecrets-on-a-pod + items: + description: |- + LocalObjectReference contains enough information to let you locate the + referenced object inside the same namespace. + properties: + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + type: object + x-kubernetes-map-type: atomic + type: array + initContainers: + description: |- + InitContainers allows adding initContainers to the pod definition. + Any errors during the execution of an initContainer will lead to a restart of the Pod. + More info: https://kubernetes.io/docs/concepts/workloads/pods/init-containers/ + items: + description: A single application container that you want to + run within a pod. + required: + - name + type: object + x-kubernetes-preserve-unknown-fields: true + type: array + livenessProbe: + description: LivenessProbe that will be added CRD pod + type: object + x-kubernetes-preserve-unknown-fields: true + logFormat: + description: |- + LogFormat for VTSelect to be configured with. + default or json + enum: + - default + - json + type: string + logLevel: + description: LogLevel for VTSelect to be configured with. + enum: + - INFO + - WARN + - ERROR + - FATAL + - PANIC + type: string + minReadySeconds: + description: |- + MinReadySeconds defines a minimum number of seconds to wait before starting update next pod + if previous in healthy state + Has no effect for VLogs and VMSingle + format: int32 + type: integer + nodeSelector: + additionalProperties: + type: string + description: NodeSelector Define which Nodes the Pods are scheduled + on. + type: object + paused: + description: |- + Paused If set to true all actions on the underlying managed objects are not + going to be performed, except for delete actions. + type: boolean + podDisruptionBudget: + description: PodDisruptionBudget created by operator + properties: + maxUnavailable: + anyOf: + - type: integer + - type: string + description: |- + An eviction is allowed if at most "maxUnavailable" pods selected by + "selector" are unavailable after the eviction, i.e. even in absence of + the evicted pod. For example, one can prevent all voluntary evictions + by specifying 0. This is a mutually exclusive setting with "minAvailable". + x-kubernetes-int-or-string: true + minAvailable: + anyOf: + - type: integer + - type: string + description: |- + An eviction is allowed if at least "minAvailable" pods selected by + "selector" will still be available after the eviction, i.e. even in the + absence of the evicted pod. So for example you can prevent all voluntary + evictions by specifying "100%". + x-kubernetes-int-or-string: true + selectorLabels: + additionalProperties: + type: string + description: |- + replaces default labels selector generated by operator + it's useful when you need to create custom budget + type: object + type: object + podMetadata: + description: PodMetadata configures Labels and Annotations which + are propagated to the VTSelect pods. + properties: + annotations: + additionalProperties: + type: string + description: |- + Annotations is an unstructured key value map stored with a resource that may be + set by external tools to store and retrieve arbitrary metadata. They are not + queryable and should be preserved when modifying objects. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations + type: object + labels: + additionalProperties: + type: string + description: |- + Labels Map of string keys and values that can be used to organize and categorize + (scope and select) objects. May match selectors of replication controllers + and services. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels + type: object + name: + description: |- + Name must be unique within a namespace. Is required when creating resources, although + some resources may allow a client to request the generation of an appropriate name + automatically. Name is primarily intended for creation idempotence and configuration + definition. + Cannot be updated. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names#names + type: string + type: object + port: + description: Port listen address + type: string + priorityClassName: + description: PriorityClassName class assigned to the Pods + type: string + readinessGates: + description: ReadinessGates defines pod readiness gates + items: + description: PodReadinessGate contains the reference to a pod + condition + properties: + conditionType: + description: ConditionType refers to a condition in the + pod's condition list with matching type. + type: string + required: + - conditionType + type: object + type: array + readinessProbe: + description: ReadinessProbe that will be added CRD pod + type: object + x-kubernetes-preserve-unknown-fields: true + replicaCount: + description: ReplicaCount is the expected size of the Application. + format: int32 + type: integer + resources: + description: |- + Resources container resource request and limits, https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + if not defined default resources from operator config will be used + properties: + claims: + description: |- + Claims lists the names of resources, defined in spec.resourceClaims, + that are used by this container. + + This is an alpha field and requires enabling the + DynamicResourceAllocation feature gate. + + This field is immutable. It can only be set for containers. + items: + description: ResourceClaim references one entry in PodSpec.ResourceClaims. + properties: + name: + description: |- + Name must match the name of one entry in pod.spec.resourceClaims of + the Pod where this field is used. It makes that resource available + inside a container. + type: string + request: + description: |- + Request is the name chosen for a request in the referenced claim. + If empty, everything from the claim is made available, otherwise + only the result of this request. + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: |- + Limits describes the maximum amount of compute resources allowed. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: |- + Requests describes the minimum amount of compute resources required. + If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, + otherwise to an implementation-defined value. Requests cannot exceed Limits. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + type: object + type: object + revisionHistoryLimitCount: + description: |- + The number of old ReplicaSets to retain to allow rollback in deployment or + maximum number of revisions that will be maintained in the Deployment revision history. + Has no effect at StatefulSets + Defaults to 10. + format: int32 + type: integer + rollingUpdate: + description: RollingUpdate - overrides deployment update params. + properties: + maxSurge: + anyOf: + - type: integer + - type: string + description: |- + The maximum number of pods that can be scheduled above the desired number of + pods. + Value can be an absolute number (ex: 5) or a percentage of desired pods (ex: 10%). + This can not be 0 if MaxUnavailable is 0. + Absolute number is calculated from percentage by rounding up. + Defaults to 25%. + Example: when this is set to 30%, the new ReplicaSet can be scaled up immediately when + the rolling update starts, such that the total number of old and new pods do not exceed + 130% of desired pods. Once old pods have been killed, + new ReplicaSet can be scaled up further, ensuring that total number of pods running + at any time during the update is at most 130% of desired pods. + x-kubernetes-int-or-string: true + maxUnavailable: + anyOf: + - type: integer + - type: string + description: |- + The maximum number of pods that can be unavailable during the update. + Value can be an absolute number (ex: 5) or a percentage of desired pods (ex: 10%). + Absolute number is calculated from percentage by rounding down. + This can not be 0 if MaxSurge is 0. + Defaults to 25%. + Example: when this is set to 30%, the old ReplicaSet can be scaled down to 70% of desired pods + immediately when the rolling update starts. Once new pods are ready, old ReplicaSet + can be scaled down further, followed by scaling up the new ReplicaSet, ensuring + that the total number of pods available at all times during the update is at + least 70% of desired pods. + x-kubernetes-int-or-string: true + type: object + runtimeClassName: + description: |- + RuntimeClassName - defines runtime class for kubernetes pod. + https://kubernetes.io/docs/concepts/containers/runtime-class/ + type: string + schedulerName: + description: SchedulerName - defines kubernetes scheduler name + type: string + secrets: + description: |- + Secrets is a list of Secrets in the same namespace as the Application + object, which shall be mounted into the Application container + at /etc/vm/secrets/SECRET_NAME folder + items: + type: string + type: array + securityContext: + description: |- + SecurityContext holds pod-level security attributes and common container settings. + This defaults to the default PodSecurityContext. + type: object + x-kubernetes-preserve-unknown-fields: true + serviceScrapeSpec: + description: ServiceScrapeSpec that will be added to vtselect + VMServiceScrape spec + required: + - endpoints + type: object + x-kubernetes-preserve-unknown-fields: true + serviceSpec: + description: ServiceSpec that will be added to vtselect service + spec + properties: + metadata: + description: EmbeddedObjectMetadata defines objectMeta for + additional service. + properties: + annotations: + additionalProperties: + type: string + description: |- + Annotations is an unstructured key value map stored with a resource that may be + set by external tools to store and retrieve arbitrary metadata. They are not + queryable and should be preserved when modifying objects. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations + type: object + labels: + additionalProperties: + type: string + description: |- + Labels Map of string keys and values that can be used to organize and categorize + (scope and select) objects. May match selectors of replication controllers + and services. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels + type: object + name: + description: |- + Name must be unique within a namespace. Is required when creating resources, although + some resources may allow a client to request the generation of an appropriate name + automatically. Name is primarily intended for creation idempotence and configuration + definition. + Cannot be updated. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names#names + type: string + type: object + spec: + description: |- + ServiceSpec describes the attributes that a user creates on a service. + More info: https://kubernetes.io/docs/concepts/services-networking/service/ + type: object + x-kubernetes-preserve-unknown-fields: true + useAsDefault: + description: |- + UseAsDefault applies changes from given service definition to the main object Service + Changing from headless service to clusterIP or loadbalancer may break cross-component communication + type: boolean + required: + - spec + type: object + startupProbe: + description: StartupProbe that will be added to CRD pod + type: object + x-kubernetes-preserve-unknown-fields: true + terminationGracePeriodSeconds: + description: TerminationGracePeriodSeconds period for container + graceful termination + format: int64 + type: integer + tolerations: + description: Tolerations If specified, the pod's tolerations. + items: + description: |- + The pod this Toleration is attached to tolerates any taint that matches + the triple using the matching operator . + properties: + effect: + description: |- + Effect indicates the taint effect to match. Empty means match all taint effects. + When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute. + type: string + key: + description: |- + Key is the taint key that the toleration applies to. Empty means match all taint keys. + If the key is empty, operator must be Exists; this combination means to match all values and all keys. + type: string + operator: + description: |- + Operator represents a key's relationship to the value. + Valid operators are Exists and Equal. Defaults to Equal. + Exists is equivalent to wildcard for value, so that a pod can + tolerate all taints of a particular category. + type: string + tolerationSeconds: + description: |- + TolerationSeconds represents the period of time the toleration (which must be + of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, + it is not set, which means tolerate the taint forever (do not evict). Zero and + negative values will be treated as 0 (evict immediately) by the system. + format: int64 + type: integer + value: + description: |- + Value is the taint value the toleration matches to. + If the operator is Exists, the value should be empty, otherwise just a regular string. + type: string + type: object + type: array + topologySpreadConstraints: + description: |- + TopologySpreadConstraints embedded kubernetes pod configuration option, + controls how pods are spread across your cluster among failure-domains + such as regions, zones, nodes, and other user-defined topology domains + https://kubernetes.io/docs/concepts/workloads/pods/pod-topology-spread-constraints/ + items: + description: TopologySpreadConstraint specifies how to spread + matching pods among the given topology. + required: + - maxSkew + - topologyKey + - whenUnsatisfiable + type: object + x-kubernetes-preserve-unknown-fields: true + type: array + updateStrategy: + description: UpdateStrategy - overrides default update strategy. + enum: + - Recreate + - RollingUpdate + type: string + useDefaultResources: + description: |- + UseDefaultResources controls resource settings + By default, operator sets built-in resource requirements + type: boolean + useStrictSecurity: + description: |- + UseStrictSecurity enables strict security mode for component + it restricts disk writes access + uses non-root user out of the box + drops not needed security permissions + type: boolean + volumeMounts: + description: |- + VolumeMounts allows configuration of additional VolumeMounts on the output Deployment/StatefulSet definition. + VolumeMounts specified will be appended to other VolumeMounts in the Application container + items: + description: VolumeMount describes a mounting of a Volume within + a container. + properties: + mountPath: + description: |- + Path within the container at which the volume should be mounted. Must + not contain ':'. + type: string + mountPropagation: + description: |- + mountPropagation determines how mounts are propagated from the host + to container and the other way around. + When not set, MountPropagationNone is used. + This field is beta in 1.10. + When RecursiveReadOnly is set to IfPossible or to Enabled, MountPropagation must be None or unspecified + (which defaults to None). + type: string + name: + description: This must match the Name of a Volume. + type: string + readOnly: + description: |- + Mounted read-only if true, read-write otherwise (false or unspecified). + Defaults to false. + type: boolean + recursiveReadOnly: + description: |- + RecursiveReadOnly specifies whether read-only mounts should be handled + recursively. + + If ReadOnly is false, this field has no meaning and must be unspecified. + + If ReadOnly is true, and this field is set to Disabled, the mount is not made + recursively read-only. If this field is set to IfPossible, the mount is made + recursively read-only, if it is supported by the container runtime. If this + field is set to Enabled, the mount is made recursively read-only if it is + supported by the container runtime, otherwise the pod will not be started and + an error will be generated to indicate the reason. + + If this field is set to IfPossible or Enabled, MountPropagation must be set to + None (or be unspecified, which defaults to None). + + If this field is not specified, it is treated as an equivalent of Disabled. + type: string + subPath: + description: |- + Path within the volume from which the container's volume should be mounted. + Defaults to "" (volume's root). + type: string + subPathExpr: + description: |- + Expanded path within the volume from which the container's volume should be mounted. + Behaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment. + Defaults to "" (volume's root). + SubPathExpr and SubPath are mutually exclusive. + type: string + required: + - mountPath + - name + type: object + type: array + volumes: + description: |- + Volumes allows configuration of additional volumes on the output Deployment/StatefulSet definition. + Volumes specified will be appended to other volumes that are generated. + / +optional + items: + description: Volume represents a named volume in a pod that + may be accessed by any container in the pod. + required: + - name + type: object + x-kubernetes-preserve-unknown-fields: true + type: array + type: object + serviceAccountName: + description: |- + ServiceAccountName is the name of the ServiceAccount to use to run the + VTSelect, VTInsert and VTStorage Pods. + type: string + storage: + description: VTStorage defines vtstorage component configuration at + victoria-traces cluster + properties: + affinity: + description: Affinity If specified, the pod's scheduling constraints. + type: object + x-kubernetes-preserve-unknown-fields: true + claimTemplates: + description: ClaimTemplates allows adding additional VolumeClaimTemplates + for StatefulSet + items: + description: PersistentVolumeClaim is a user's request for and + claim to a persistent volume + type: object + x-kubernetes-preserve-unknown-fields: true + type: array + configMaps: + description: |- + ConfigMaps is a list of ConfigMaps in the same namespace as the Application + object, which shall be mounted into the Application container + at /etc/vm/configs/CONFIGMAP_NAME folder + items: + type: string + type: array + containers: + description: |- + Containers property allows to inject additions sidecars or to patch existing containers. + It can be useful for proxies, backup, etc. + items: + description: A single application container that you want to + run within a pod. + required: + - name + type: object + x-kubernetes-preserve-unknown-fields: true + type: array + disableAutomountServiceAccountToken: + description: |- + DisableAutomountServiceAccountToken whether to disable serviceAccount auto mount by Kubernetes (available from v0.54.0). + Operator will conditionally create volumes and volumeMounts for containers if it requires k8s API access. + For example, vmagent and vm-config-reloader requires k8s API access. + Operator creates volumes with name: "kube-api-access", which can be used as volumeMount for extraContainers if needed. + And also adds VolumeMounts at /var/run/secrets/kubernetes.io/serviceaccount. + type: boolean + disableSelfServiceScrape: + description: |- + DisableSelfServiceScrape controls creation of VMServiceScrape by operator + for the application. + Has priority over `VM_DISABLESELFSERVICESCRAPECREATION` operator env variable + type: boolean + dnsConfig: + description: |- + Specifies the DNS parameters of a pod. + Parameters specified here will be merged to the generated DNS + configuration based on DNSPolicy. + items: + x-kubernetes-preserve-unknown-fields: true + properties: + nameservers: + description: |- + A list of DNS name server IP addresses. + This will be appended to the base nameservers generated from DNSPolicy. + Duplicated nameservers will be removed. + items: + type: string + type: array + x-kubernetes-list-type: atomic + options: + description: |- + A list of DNS resolver options. + This will be merged with the base options generated from DNSPolicy. + Duplicated entries will be removed. Resolution options given in Options + will override those that appear in the base DNSPolicy. + items: + description: PodDNSConfigOption defines DNS resolver options + of a pod. + properties: + name: + description: |- + Name is this DNS resolver option's name. + Required. + type: string + value: + description: Value is this DNS resolver option's value. + type: string + type: object + type: array + x-kubernetes-list-type: atomic + searches: + description: |- + A list of DNS search domains for host-name lookup. + This will be appended to the base search paths generated from DNSPolicy. + Duplicated search paths will be removed. + items: + type: string + type: array + x-kubernetes-list-type: atomic + type: object + dnsPolicy: + description: DNSPolicy sets DNS policy for the pod + type: string + extraArgs: + additionalProperties: + type: string + description: |- + ExtraArgs that will be passed to the application container + for example remoteWrite.tmpDataPath: /tmp + type: object + extraEnvs: + description: ExtraEnvs that will be passed to the application + container + items: + description: EnvVar represents an environment variable present + in a Container. + properties: + name: + description: Name of the environment variable. Must be a + C_IDENTIFIER. + type: string + value: + description: |- + Variable references $(VAR_NAME) are expanded + using the previously defined environment variables in the container and + any service environment variables. If a variable cannot be resolved, + the reference in the input string will be unchanged. Double $$ are reduced + to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. + "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". + Escaped references will never be expanded, regardless of whether the variable + exists or not. + Defaults to "". + type: string + required: + - name + type: object + x-kubernetes-preserve-unknown-fields: true + type: array + extraEnvsFrom: + description: |- + ExtraEnvsFrom defines source of env variables for the application container + could either be secret or configmap + items: + description: EnvFromSource represents the source of a set of + ConfigMaps + properties: + configMapRef: + description: The ConfigMap to select from + properties: + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the ConfigMap must be defined + type: boolean + type: object + x-kubernetes-map-type: atomic + prefix: + description: An optional identifier to prepend to each key + in the ConfigMap. Must be a C_IDENTIFIER. + type: string + secretRef: + description: The Secret to select from + properties: + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret must be defined + type: boolean + type: object + x-kubernetes-map-type: atomic + type: object + type: array + futureRetention: + description: |- + FutureRetention for the stored traces + Log entries with timestamps bigger than now+futureRetention are rejected during data ingestion + see https://docs.victoriametrics.com/victoriatraces/#configure-and-run-victoriatraces + pattern: ^[0-9]+(h|d|w|y)?$ + type: string + host_aliases: + description: |- + HostAliasesUnderScore provides mapping for ip and hostname, + that would be propagated to pod, + cannot be used with HostNetwork. + Has Priority over hostAliases field + items: + description: |- + HostAlias holds the mapping between IP and hostnames that will be injected as an entry in the + pod's hosts file. + properties: + hostnames: + description: Hostnames for the above IP address. + items: + type: string + type: array + x-kubernetes-list-type: atomic + ip: + description: IP address of the host file entry. + type: string + required: + - ip + type: object + type: array + hostAliases: + description: |- + HostAliases provides mapping for ip and hostname, + that would be propagated to pod, + cannot be used with HostNetwork. + items: + description: |- + HostAlias holds the mapping between IP and hostnames that will be injected as an entry in the + pod's hosts file. + properties: + hostnames: + description: Hostnames for the above IP address. + items: + type: string + type: array + x-kubernetes-list-type: atomic + ip: + description: IP address of the host file entry. + type: string + required: + - ip + type: object + type: array + hostNetwork: + description: HostNetwork controls whether the pod may use the + node network namespace + type: boolean + image: + description: |- + Image - docker image settings + if no specified operator uses default version from operator config + properties: + pullPolicy: + description: PullPolicy describes how to pull docker image + type: string + repository: + description: Repository contains name of docker image + it's + repository if needed + type: string + tag: + description: Tag contains desired docker image version + type: string + type: object + imagePullSecrets: + description: |- + ImagePullSecrets An optional list of references to secrets in the same namespace + to use for pulling images from registries + see https://kubernetes.io/docs/concepts/containers/images/#referring-to-an-imagepullsecrets-on-a-pod + items: + description: |- + LocalObjectReference contains enough information to let you locate the + referenced object inside the same namespace. + properties: + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + type: object + x-kubernetes-map-type: atomic + type: array + initContainers: + description: |- + InitContainers allows adding initContainers to the pod definition. + Any errors during the execution of an initContainer will lead to a restart of the Pod. + More info: https://kubernetes.io/docs/concepts/workloads/pods/init-containers/ + items: + description: A single application container that you want to + run within a pod. + required: + - name + type: object + x-kubernetes-preserve-unknown-fields: true + type: array + livenessProbe: + description: LivenessProbe that will be added CRD pod + type: object + x-kubernetes-preserve-unknown-fields: true + logFormat: + description: |- + LogFormat for VTStorage to be configured with. + default or json + enum: + - default + - json + type: string + logIngestedRows: + description: |- + Whether to log all the ingested log entries; this can be useful for debugging of data ingestion + see https://docs.victoriametrics.com/victoriatraces/#configure-and-run-victoriatraces + type: boolean + logLevel: + description: LogLevel for VTStorage to be configured with. + enum: + - INFO + - WARN + - ERROR + - FATAL + - PANIC + type: string + logNewStreams: + description: |- + LogNewStreams Whether to log creation of new streams; this can be useful for debugging of high cardinality issues with log streams + see https://docs.victoriametrics.com/victoriatraces/#configure-and-run-victoriatraces + type: boolean + maintenanceInsertNodeIDs: + description: |- + MaintenanceInsertNodeIDs - excludes given node ids from insert requests routing, must contain pod suffixes - for pod-0, id will be 0 and etc. + lets say, you have pod-0, pod-1, pod-2, pod-3. to exclude pod-0 and pod-3 from insert routing, define nodeIDs: [0,3]. + Useful at storage expanding, when you want to rebalance some data at cluster. + items: + format: int32 + type: integer + type: array + maintenanceSelectNodeIDs: + description: MaintenanceInsertNodeIDs - excludes given node ids + from select requests routing, must contain pod suffixes - for + pod-0, id will be 0 and etc. + items: + format: int32 + type: integer + type: array + minReadySeconds: + description: |- + MinReadySeconds defines a minimum number of seconds to wait before starting update next pod + if previous in healthy state + Has no effect for VLogs and VMSingle + format: int32 + type: integer + nodeSelector: + additionalProperties: + type: string + description: NodeSelector Define which Nodes the Pods are scheduled + on. + type: object + paused: + description: |- + Paused If set to true all actions on the underlying managed objects are not + going to be performed, except for delete actions. + type: boolean + persistentVolumeClaimRetentionPolicy: + description: PersistentVolumeClaimRetentionPolicy allows configuration + of PVC retention policy + properties: + whenDeleted: + description: |- + WhenDeleted specifies what happens to PVCs created from StatefulSet + VolumeClaimTemplates when the StatefulSet is deleted. The default policy + of `Retain` causes PVCs to not be affected by StatefulSet deletion. The + `Delete` policy causes those PVCs to be deleted. + type: string + whenScaled: + description: |- + WhenScaled specifies what happens to PVCs created from StatefulSet + VolumeClaimTemplates when the StatefulSet is scaled down. The default + policy of `Retain` causes PVCs to not be affected by a scaledown. The + `Delete` policy causes the associated PVCs for any excess pods above + the replica count to be deleted. + type: string + type: object + podDisruptionBudget: + description: PodDisruptionBudget created by operator + properties: + maxUnavailable: + anyOf: + - type: integer + - type: string + description: |- + An eviction is allowed if at most "maxUnavailable" pods selected by + "selector" are unavailable after the eviction, i.e. even in absence of + the evicted pod. For example, one can prevent all voluntary evictions + by specifying 0. This is a mutually exclusive setting with "minAvailable". + x-kubernetes-int-or-string: true + minAvailable: + anyOf: + - type: integer + - type: string + description: |- + An eviction is allowed if at least "minAvailable" pods selected by + "selector" will still be available after the eviction, i.e. even in the + absence of the evicted pod. So for example you can prevent all voluntary + evictions by specifying "100%". + x-kubernetes-int-or-string: true + selectorLabels: + additionalProperties: + type: string + description: |- + replaces default labels selector generated by operator + it's useful when you need to create custom budget + type: object + type: object + podMetadata: + description: PodMetadata configures Labels and Annotations which + are propagated to the VTStorage pods. + properties: + annotations: + additionalProperties: + type: string + description: |- + Annotations is an unstructured key value map stored with a resource that may be + set by external tools to store and retrieve arbitrary metadata. They are not + queryable and should be preserved when modifying objects. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations + type: object + labels: + additionalProperties: + type: string + description: |- + Labels Map of string keys and values that can be used to organize and categorize + (scope and select) objects. May match selectors of replication controllers + and services. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels + type: object + name: + description: |- + Name must be unique within a namespace. Is required when creating resources, although + some resources may allow a client to request the generation of an appropriate name + automatically. Name is primarily intended for creation idempotence and configuration + definition. + Cannot be updated. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names#names + type: string + type: object + port: + description: Port listen address + type: string + priorityClassName: + description: PriorityClassName class assigned to the Pods + type: string + readinessGates: + description: ReadinessGates defines pod readiness gates + items: + description: PodReadinessGate contains the reference to a pod + condition + properties: + conditionType: + description: ConditionType refers to a condition in the + pod's condition list with matching type. + type: string + required: + - conditionType + type: object + type: array + readinessProbe: + description: ReadinessProbe that will be added CRD pod + type: object + x-kubernetes-preserve-unknown-fields: true + replicaCount: + description: ReplicaCount is the expected size of the Application. + format: int32 + type: integer + resources: + description: |- + Resources container resource request and limits, https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + if not defined default resources from operator config will be used + properties: + claims: + description: |- + Claims lists the names of resources, defined in spec.resourceClaims, + that are used by this container. + + This is an alpha field and requires enabling the + DynamicResourceAllocation feature gate. + + This field is immutable. It can only be set for containers. + items: + description: ResourceClaim references one entry in PodSpec.ResourceClaims. + properties: + name: + description: |- + Name must match the name of one entry in pod.spec.resourceClaims of + the Pod where this field is used. It makes that resource available + inside a container. + type: string + request: + description: |- + Request is the name chosen for a request in the referenced claim. + If empty, everything from the claim is made available, otherwise + only the result of this request. + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: |- + Limits describes the maximum amount of compute resources allowed. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: |- + Requests describes the minimum amount of compute resources required. + If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, + otherwise to an implementation-defined value. Requests cannot exceed Limits. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + type: object + type: object + retentionMaxDiskSpaceUsageBytes: + description: |- + RetentionMaxDiskSpaceUsageBytes for the stored traces + VictoriaTraces keeps at least two last days of data in order to guarantee that the traces for the last day can be returned in queries. + This means that the total disk space usage may exceed the -retention.maxDiskSpaceUsageBytes, + if the size of the last two days of data exceeds the -retention.maxDiskSpaceUsageBytes. + https://docs.victoriametrics.com/victoriatraces/#configure-and-run-victoriatraces + type: string + retentionPeriod: + description: |- + RetentionPeriod for the stored traces + https://docs.victoriametrics.com/victoriatraces/#configure-and-run-victoriatraces + pattern: ^[0-9]+(h|d|w|y)?$ + type: string + revisionHistoryLimitCount: + description: |- + The number of old ReplicaSets to retain to allow rollback in deployment or + maximum number of revisions that will be maintained in the Deployment revision history. + Has no effect at StatefulSets + Defaults to 10. + format: int32 + type: integer + rollingUpdateStrategy: + description: |- + RollingUpdateStrategy defines strategy for application updates + Default is OnDelete, in this case operator handles update process + Can be changed for RollingUpdate + type: string + rollingUpdateStrategyBehavior: + description: |- + RollingUpdateStrategyBehavior defines customized behavior for rolling updates. + It applies if the RollingUpdateStrategy is set to OnDelete, which is the default. + properties: + maxUnavailable: + anyOf: + - type: integer + - type: string + description: |- + MaxUnavailable defines the maximum number of pods that can be unavailable during the update. + It can be specified as an absolute number (e.g. 2) or a percentage of the total pods (e.g. "50%"). + For example, if set to 100%, all pods will be upgraded at once, minimizing downtime when needed. + x-kubernetes-int-or-string: true + type: object + runtimeClassName: + description: |- + RuntimeClassName - defines runtime class for kubernetes pod. + https://kubernetes.io/docs/concepts/containers/runtime-class/ + type: string + schedulerName: + description: SchedulerName - defines kubernetes scheduler name + type: string + secrets: + description: |- + Secrets is a list of Secrets in the same namespace as the Application + object, which shall be mounted into the Application container + at /etc/vm/secrets/SECRET_NAME folder + items: + type: string + type: array + securityContext: + description: |- + SecurityContext holds pod-level security attributes and common container settings. + This defaults to the default PodSecurityContext. + type: object + x-kubernetes-preserve-unknown-fields: true + serviceScrapeSpec: + description: ServiceScrapeSpec that will be added to vtselect + VMServiceScrape spec + required: + - endpoints + type: object + x-kubernetes-preserve-unknown-fields: true + serviceSpec: + description: ServiceSpec that will be added to vtselect service + spec + properties: + metadata: + description: EmbeddedObjectMetadata defines objectMeta for + additional service. + properties: + annotations: + additionalProperties: + type: string + description: |- + Annotations is an unstructured key value map stored with a resource that may be + set by external tools to store and retrieve arbitrary metadata. They are not + queryable and should be preserved when modifying objects. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations + type: object + labels: + additionalProperties: + type: string + description: |- + Labels Map of string keys and values that can be used to organize and categorize + (scope and select) objects. May match selectors of replication controllers + and services. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels + type: object + name: + description: |- + Name must be unique within a namespace. Is required when creating resources, although + some resources may allow a client to request the generation of an appropriate name + automatically. Name is primarily intended for creation idempotence and configuration + definition. + Cannot be updated. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names#names + type: string + type: object + spec: + description: |- + ServiceSpec describes the attributes that a user creates on a service. + More info: https://kubernetes.io/docs/concepts/services-networking/service/ + type: object + x-kubernetes-preserve-unknown-fields: true + useAsDefault: + description: |- + UseAsDefault applies changes from given service definition to the main object Service + Changing from headless service to clusterIP or loadbalancer may break cross-component communication + type: boolean + required: + - spec + type: object + startupProbe: + description: StartupProbe that will be added to CRD pod + type: object + x-kubernetes-preserve-unknown-fields: true + storage: + description: Storage configures persistent volume for VTStorage + properties: + disableMountSubPath: + description: |- + Deprecated: subPath usage will be disabled by default in a future release, this option will become unnecessary. + DisableMountSubPath allows to remove any subPath usage in volume mounts. + type: boolean + emptyDir: + description: |- + EmptyDirVolumeSource to be used by the Prometheus StatefulSets. If specified, used in place of any volumeClaimTemplate. More + info: https://kubernetes.io/docs/concepts/storage/volumes/#emptydir + properties: + medium: + description: |- + medium represents what type of storage medium should back this directory. + The default is "" which means to use the node's default medium. + Must be an empty string (default) or Memory. + More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir + type: string + sizeLimit: + anyOf: + - type: integer + - type: string + description: |- + sizeLimit is the total amount of local storage required for this EmptyDir volume. + The size limit is also applicable for memory medium. + The maximum usage on memory medium EmptyDir would be the minimum value between + the SizeLimit specified here and the sum of memory limits of all containers in a pod. + The default is nil which means that the limit is undefined. + More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + volumeClaimTemplate: + description: A PVC spec to be used by the StatefulSets/Deployments. + type: object + x-kubernetes-preserve-unknown-fields: true + type: object + storageDataPath: + description: StorageDataPath - path to storage data + type: string + terminationGracePeriodSeconds: + description: TerminationGracePeriodSeconds period for container + graceful termination + format: int64 + type: integer + tolerations: + description: Tolerations If specified, the pod's tolerations. + items: + description: |- + The pod this Toleration is attached to tolerates any taint that matches + the triple using the matching operator . + properties: + effect: + description: |- + Effect indicates the taint effect to match. Empty means match all taint effects. + When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute. + type: string + key: + description: |- + Key is the taint key that the toleration applies to. Empty means match all taint keys. + If the key is empty, operator must be Exists; this combination means to match all values and all keys. + type: string + operator: + description: |- + Operator represents a key's relationship to the value. + Valid operators are Exists and Equal. Defaults to Equal. + Exists is equivalent to wildcard for value, so that a pod can + tolerate all taints of a particular category. + type: string + tolerationSeconds: + description: |- + TolerationSeconds represents the period of time the toleration (which must be + of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, + it is not set, which means tolerate the taint forever (do not evict). Zero and + negative values will be treated as 0 (evict immediately) by the system. + format: int64 + type: integer + value: + description: |- + Value is the taint value the toleration matches to. + If the operator is Exists, the value should be empty, otherwise just a regular string. + type: string + type: object + type: array + topologySpreadConstraints: + description: |- + TopologySpreadConstraints embedded kubernetes pod configuration option, + controls how pods are spread across your cluster among failure-domains + such as regions, zones, nodes, and other user-defined topology domains + https://kubernetes.io/docs/concepts/workloads/pods/pod-topology-spread-constraints/ + items: + description: TopologySpreadConstraint specifies how to spread + matching pods among the given topology. + required: + - maxSkew + - topologyKey + - whenUnsatisfiable + type: object + x-kubernetes-preserve-unknown-fields: true + type: array + useDefaultResources: + description: |- + UseDefaultResources controls resource settings + By default, operator sets built-in resource requirements + type: boolean + useStrictSecurity: + description: |- + UseStrictSecurity enables strict security mode for component + it restricts disk writes access + uses non-root user out of the box + drops not needed security permissions + type: boolean + volumeMounts: + description: |- + VolumeMounts allows configuration of additional VolumeMounts on the output Deployment/StatefulSet definition. + VolumeMounts specified will be appended to other VolumeMounts in the Application container + items: + description: VolumeMount describes a mounting of a Volume within + a container. + properties: + mountPath: + description: |- + Path within the container at which the volume should be mounted. Must + not contain ':'. + type: string + mountPropagation: + description: |- + mountPropagation determines how mounts are propagated from the host + to container and the other way around. + When not set, MountPropagationNone is used. + This field is beta in 1.10. + When RecursiveReadOnly is set to IfPossible or to Enabled, MountPropagation must be None or unspecified + (which defaults to None). + type: string + name: + description: This must match the Name of a Volume. + type: string + readOnly: + description: |- + Mounted read-only if true, read-write otherwise (false or unspecified). + Defaults to false. + type: boolean + recursiveReadOnly: + description: |- + RecursiveReadOnly specifies whether read-only mounts should be handled + recursively. + + If ReadOnly is false, this field has no meaning and must be unspecified. + + If ReadOnly is true, and this field is set to Disabled, the mount is not made + recursively read-only. If this field is set to IfPossible, the mount is made + recursively read-only, if it is supported by the container runtime. If this + field is set to Enabled, the mount is made recursively read-only if it is + supported by the container runtime, otherwise the pod will not be started and + an error will be generated to indicate the reason. + + If this field is set to IfPossible or Enabled, MountPropagation must be set to + None (or be unspecified, which defaults to None). + + If this field is not specified, it is treated as an equivalent of Disabled. + type: string + subPath: + description: |- + Path within the volume from which the container's volume should be mounted. + Defaults to "" (volume's root). + type: string + subPathExpr: + description: |- + Expanded path within the volume from which the container's volume should be mounted. + Behaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment. + Defaults to "" (volume's root). + SubPathExpr and SubPath are mutually exclusive. + type: string + required: + - mountPath + - name + type: object + type: array + volumes: + description: |- + Volumes allows configuration of additional volumes on the output Deployment/StatefulSet definition. + Volumes specified will be appended to other volumes that are generated. + / +optional + items: + description: Volume represents a named volume in a pod that + may be accessed by any container in the pod. + required: + - name + type: object + x-kubernetes-preserve-unknown-fields: true + type: array + type: object + useStrictSecurity: + description: |- + UseStrictSecurity enables strict security mode for component + it restricts disk writes access + uses non-root user out of the box + drops not needed security permissions + type: boolean + type: object + status: + description: VTClusterStatus defines the observed state of VTCluster + properties: + conditions: + description: 'Known .status.conditions.type are: "Available", "Progressing", + and "Degraded"' + items: + description: Condition defines status condition of the resource + properties: + lastTransitionTime: + description: lastTransitionTime is the last time the condition + transitioned from one status to another. + format: date-time + type: string + lastUpdateTime: + description: |- + LastUpdateTime is the last time of given type update. + This value is used for status TTL update and removal + format: date-time + type: string + message: + description: |- + message is a human readable message indicating details about the transition. + This may be an empty string. + maxLength: 32768 + type: string + observedGeneration: + description: |- + observedGeneration represents the .metadata.generation that the condition was set based upon. + For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date + with respect to the current state of the instance. + format: int64 + minimum: 0 + type: integer + reason: + description: |- + reason contains a programmatic identifier indicating the reason for the condition's last transition. + Producers of specific condition types may define expected values and meanings for this field, + and whether the values are considered a guaranteed API. + The value should be a CamelCase string. + This field may not be empty. + maxLength: 1024 + minLength: 1 + type: string + status: + description: status of the condition, one of True, False, Unknown. + enum: + - "True" + - "False" + - Unknown + type: string + type: + description: Type of condition in CamelCase or in name.namespace.resource.victoriametrics.com/CamelCase. + maxLength: 316 + type: string + required: + - lastTransitionTime + - lastUpdateTime + - reason + - status + - type + type: object + type: array + x-kubernetes-list-map-keys: + - type + x-kubernetes-list-type: map + observedGeneration: + description: |- + ObservedGeneration defines current generation picked by operator for the + reconcile + format: int64 + type: integer + reason: + description: Reason defines human readable error reason + type: string + updateStatus: + description: UpdateStatus defines a status for update rollout + type: string + type: object + type: object + served: true + storage: true + subresources: + status: {} +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.18.0 + name: vtsingles.operator.victoriametrics.com +spec: + group: operator.victoriametrics.com + names: + kind: VTSingle + listKind: VTSingleList + plural: vtsingles + singular: vtsingle + scope: Namespaced + versions: + - additionalPrinterColumns: + - description: Current status of traces instance update process + jsonPath: .status.status + name: Status + type: string + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + name: v1 + schema: + openAPIV3Schema: + description: |- + VTSingle is fast, cost-effective and scalable traces database. + VTSingle is the Schema for the API + properties: + apiVersion: + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + type: string + kind: + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + type: string + metadata: + type: object + spec: + description: VTSingleSpec defines the desired state of VTSingle + properties: + affinity: + description: Affinity If specified, the pod's scheduling constraints. + type: object + x-kubernetes-preserve-unknown-fields: true + configMaps: + description: |- + ConfigMaps is a list of ConfigMaps in the same namespace as the Application + object, which shall be mounted into the Application container + at /etc/vm/configs/CONFIGMAP_NAME folder + items: + type: string + type: array + containers: + description: |- + Containers property allows to inject additions sidecars or to patch existing containers. + It can be useful for proxies, backup, etc. + items: + description: A single application container that you want to run + within a pod. + required: + - name + type: object + x-kubernetes-preserve-unknown-fields: true + type: array + disableAutomountServiceAccountToken: + description: |- + DisableAutomountServiceAccountToken whether to disable serviceAccount auto mount by Kubernetes (available from v0.54.0). + Operator will conditionally create volumes and volumeMounts for containers if it requires k8s API access. + For example, vmagent and vm-config-reloader requires k8s API access. + Operator creates volumes with name: "kube-api-access", which can be used as volumeMount for extraContainers if needed. + And also adds VolumeMounts at /var/run/secrets/kubernetes.io/serviceaccount. + type: boolean + disableSelfServiceScrape: + description: |- + DisableSelfServiceScrape controls creation of VMServiceScrape by operator + for the application. + Has priority over `VM_DISABLESELFSERVICESCRAPECREATION` operator env variable + type: boolean + dnsConfig: + description: |- + Specifies the DNS parameters of a pod. + Parameters specified here will be merged to the generated DNS + configuration based on DNSPolicy. + items: + x-kubernetes-preserve-unknown-fields: true + properties: + nameservers: + description: |- + A list of DNS name server IP addresses. + This will be appended to the base nameservers generated from DNSPolicy. + Duplicated nameservers will be removed. + items: + type: string + type: array + x-kubernetes-list-type: atomic + options: + description: |- + A list of DNS resolver options. + This will be merged with the base options generated from DNSPolicy. + Duplicated entries will be removed. Resolution options given in Options + will override those that appear in the base DNSPolicy. + items: + description: PodDNSConfigOption defines DNS resolver options + of a pod. + properties: + name: + description: |- + Name is this DNS resolver option's name. + Required. + type: string + value: + description: Value is this DNS resolver option's value. + type: string + type: object + type: array + x-kubernetes-list-type: atomic + searches: + description: |- + A list of DNS search domains for host-name lookup. + This will be appended to the base search paths generated from DNSPolicy. + Duplicated search paths will be removed. + items: + type: string + type: array + x-kubernetes-list-type: atomic + type: object + dnsPolicy: + description: DNSPolicy sets DNS policy for the pod + type: string + extraArgs: + additionalProperties: + type: string + description: |- + ExtraArgs that will be passed to the application container + for example remoteWrite.tmpDataPath: /tmp + type: object + extraEnvs: + description: ExtraEnvs that will be passed to the application container + items: + description: EnvVar represents an environment variable present in + a Container. + properties: + name: + description: Name of the environment variable. Must be a C_IDENTIFIER. + type: string + value: + description: |- + Variable references $(VAR_NAME) are expanded + using the previously defined environment variables in the container and + any service environment variables. If a variable cannot be resolved, + the reference in the input string will be unchanged. Double $$ are reduced + to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. + "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". + Escaped references will never be expanded, regardless of whether the variable + exists or not. + Defaults to "". + type: string + required: + - name + type: object + x-kubernetes-preserve-unknown-fields: true + type: array + extraEnvsFrom: + description: |- + ExtraEnvsFrom defines source of env variables for the application container + could either be secret or configmap + items: + description: EnvFromSource represents the source of a set of ConfigMaps + properties: + configMapRef: + description: The ConfigMap to select from + properties: + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the ConfigMap must be defined + type: boolean + type: object + x-kubernetes-map-type: atomic + prefix: + description: An optional identifier to prepend to each key in + the ConfigMap. Must be a C_IDENTIFIER. + type: string + secretRef: + description: The Secret to select from + properties: + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret must be defined + type: boolean + type: object + x-kubernetes-map-type: atomic + type: object + type: array + futureRetention: + description: |- + FutureRetention for the stored traces + Log entries with timestamps bigger than now+futureRetention are rejected during data ingestion; + see https://docs.victoriametrics.com/victoriatraces/#configure-and-run-victoriatraces + pattern: ^[0-9]+(h|d|y)?$ + type: string + host_aliases: + description: |- + HostAliasesUnderScore provides mapping for ip and hostname, + that would be propagated to pod, + cannot be used with HostNetwork. + Has Priority over hostAliases field + items: + description: |- + HostAlias holds the mapping between IP and hostnames that will be injected as an entry in the + pod's hosts file. + properties: + hostnames: + description: Hostnames for the above IP address. + items: + type: string + type: array + x-kubernetes-list-type: atomic + ip: + description: IP address of the host file entry. + type: string + required: + - ip + type: object + type: array + hostAliases: + description: |- + HostAliases provides mapping for ip and hostname, + that would be propagated to pod, + cannot be used with HostNetwork. + items: + description: |- + HostAlias holds the mapping between IP and hostnames that will be injected as an entry in the + pod's hosts file. + properties: + hostnames: + description: Hostnames for the above IP address. + items: + type: string + type: array + x-kubernetes-list-type: atomic + ip: + description: IP address of the host file entry. + type: string + required: + - ip + type: object + type: array + hostNetwork: + description: HostNetwork controls whether the pod may use the node + network namespace + type: boolean + image: + description: |- + Image - docker image settings + if no specified operator uses default version from operator config + properties: + pullPolicy: + description: PullPolicy describes how to pull docker image + type: string + repository: + description: Repository contains name of docker image + it's repository + if needed + type: string + tag: + description: Tag contains desired docker image version + type: string + type: object + imagePullSecrets: + description: |- + ImagePullSecrets An optional list of references to secrets in the same namespace + to use for pulling images from registries + see https://kubernetes.io/docs/concepts/containers/images/#referring-to-an-imagepullsecrets-on-a-pod + items: + description: |- + LocalObjectReference contains enough information to let you locate the + referenced object inside the same namespace. + properties: + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + type: object + x-kubernetes-map-type: atomic + type: array + initContainers: + description: |- + InitContainers allows adding initContainers to the pod definition. + Any errors during the execution of an initContainer will lead to a restart of the Pod. + More info: https://kubernetes.io/docs/concepts/workloads/pods/init-containers/ + items: + description: A single application container that you want to run + within a pod. + required: + - name + type: object + x-kubernetes-preserve-unknown-fields: true + type: array + livenessProbe: + description: LivenessProbe that will be added CRD pod + type: object + x-kubernetes-preserve-unknown-fields: true + logFormat: + description: LogFormat for VTSingle to be configured with. + enum: + - default + - json + type: string + logIngestedRows: + description: |- + Whether to log all the ingested log entries; this can be useful for debugging of data ingestion; + see https://docs.victoriametrics.com/victoriatraces/#configure-and-run-victoriatraces + type: boolean + logLevel: + description: LogLevel for VictoriaTraces to be configured with. + enum: + - INFO + - WARN + - ERROR + - FATAL + - PANIC + type: string + logNewStreams: + description: |- + LogNewStreams Whether to log creation of new streams; this can be useful for debugging of high cardinality issues with log streams; + see https://docs.victoriametrics.com/victoriatraces/#configure-and-run-victoriatraces + type: boolean + managedMetadata: + description: |- + ManagedMetadata defines metadata that will be added to the all objects + created by operator for the given CustomResource + properties: + annotations: + additionalProperties: + type: string + description: |- + Annotations is an unstructured key value map stored with a resource that may be + set by external tools to store and retrieve arbitrary metadata. They are not + queryable and should be preserved when modifying objects. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations + type: object + labels: + additionalProperties: + type: string + description: |- + Labels Map of string keys and values that can be used to organize and categorize + (scope and select) objects. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels + type: object + type: object + minReadySeconds: + description: |- + MinReadySeconds defines a minimum number of seconds to wait before starting update next pod + if previous in healthy state + Has no effect for VLogs and VMSingle + format: int32 + type: integer + nodeSelector: + additionalProperties: + type: string + description: NodeSelector Define which Nodes the Pods are scheduled + on. + type: object + paused: + description: |- + Paused If set to true all actions on the underlying managed objects are not + going to be performed, except for delete actions. + type: boolean + podMetadata: + description: PodMetadata configures Labels and Annotations which are + propagated to the VTSingle pods. + properties: + annotations: + additionalProperties: + type: string + description: |- + Annotations is an unstructured key value map stored with a resource that may be + set by external tools to store and retrieve arbitrary metadata. They are not + queryable and should be preserved when modifying objects. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations + type: object + labels: + additionalProperties: + type: string + description: |- + Labels Map of string keys and values that can be used to organize and categorize + (scope and select) objects. May match selectors of replication controllers + and services. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels + type: object + name: + description: |- + Name must be unique within a namespace. Is required when creating resources, although + some resources may allow a client to request the generation of an appropriate name + automatically. Name is primarily intended for creation idempotence and configuration + definition. + Cannot be updated. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names#names + type: string + type: object + port: + description: Port listen address + type: string + priorityClassName: + description: PriorityClassName class assigned to the Pods + type: string + readinessGates: + description: ReadinessGates defines pod readiness gates + items: + description: PodReadinessGate contains the reference to a pod condition + properties: + conditionType: + description: ConditionType refers to a condition in the pod's + condition list with matching type. + type: string + required: + - conditionType + type: object + type: array + readinessProbe: + description: ReadinessProbe that will be added CRD pod + type: object + x-kubernetes-preserve-unknown-fields: true + replicaCount: + description: ReplicaCount is the expected size of the Application. + format: int32 + type: integer + resources: + description: |- + Resources container resource request and limits, https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + if not defined default resources from operator config will be used + properties: + claims: + description: |- + Claims lists the names of resources, defined in spec.resourceClaims, + that are used by this container. + + This is an alpha field and requires enabling the + DynamicResourceAllocation feature gate. + + This field is immutable. It can only be set for containers. + items: + description: ResourceClaim references one entry in PodSpec.ResourceClaims. + properties: + name: + description: |- + Name must match the name of one entry in pod.spec.resourceClaims of + the Pod where this field is used. It makes that resource available + inside a container. + type: string + request: + description: |- + Request is the name chosen for a request in the referenced claim. + If empty, everything from the claim is made available, otherwise + only the result of this request. + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: |- + Limits describes the maximum amount of compute resources allowed. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: |- + Requests describes the minimum amount of compute resources required. + If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, + otherwise to an implementation-defined value. Requests cannot exceed Limits. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + type: object + type: object + retentionMaxDiskSpaceUsageBytes: + description: |- + RetentionMaxDiskSpaceUsageBytes for the stored traces + VictoriaTraces keeps at least two last days of data in order to guarantee that the traces for the last day can be returned in queries. + This means that the total disk space usage may exceed the -retention.maxDiskSpaceUsageBytes, + if the size of the last two days of data exceeds the -retention.maxDiskSpaceUsageBytes. + https://docs.victoriametrics.com/victoriatraces/#configure-and-run-victoriatraces + type: string + retentionPeriod: + description: |- + RetentionPeriod for the stored traces + https://docs.victoriametrics.com/victoriatraces/#configure-and-run-victoriatraces + pattern: ^[0-9]+(h|d|w|y)?$ + type: string + revisionHistoryLimitCount: + description: |- + The number of old ReplicaSets to retain to allow rollback in deployment or + maximum number of revisions that will be maintained in the Deployment revision history. + Has no effect at StatefulSets + Defaults to 10. + format: int32 + type: integer + runtimeClassName: + description: |- + RuntimeClassName - defines runtime class for kubernetes pod. + https://kubernetes.io/docs/concepts/containers/runtime-class/ + type: string + schedulerName: + description: SchedulerName - defines kubernetes scheduler name + type: string + secrets: + description: |- + Secrets is a list of Secrets in the same namespace as the Application + object, which shall be mounted into the Application container + at /etc/vm/secrets/SECRET_NAME folder + items: + type: string + type: array + securityContext: + description: |- + SecurityContext holds pod-level security attributes and common container settings. + This defaults to the default PodSecurityContext. + type: object + x-kubernetes-preserve-unknown-fields: true + serviceAccountName: + description: ServiceAccountName is the name of the ServiceAccount + to use to run the pods + type: string + serviceScrapeSpec: + description: ServiceScrapeSpec that will be added to vtsingle VMServiceScrape + spec + required: + - endpoints + type: object + x-kubernetes-preserve-unknown-fields: true + serviceSpec: + description: ServiceSpec that will be added to vtsingle service spec + properties: + metadata: + description: EmbeddedObjectMetadata defines objectMeta for additional + service. + properties: + annotations: + additionalProperties: + type: string + description: |- + Annotations is an unstructured key value map stored with a resource that may be + set by external tools to store and retrieve arbitrary metadata. They are not + queryable and should be preserved when modifying objects. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations + type: object + labels: + additionalProperties: + type: string + description: |- + Labels Map of string keys and values that can be used to organize and categorize + (scope and select) objects. May match selectors of replication controllers + and services. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels + type: object + name: + description: |- + Name must be unique within a namespace. Is required when creating resources, although + some resources may allow a client to request the generation of an appropriate name + automatically. Name is primarily intended for creation idempotence and configuration + definition. + Cannot be updated. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names#names + type: string + type: object + spec: + description: |- + ServiceSpec describes the attributes that a user creates on a service. + More info: https://kubernetes.io/docs/concepts/services-networking/service/ + type: object + x-kubernetes-preserve-unknown-fields: true + useAsDefault: + description: |- + UseAsDefault applies changes from given service definition to the main object Service + Changing from headless service to clusterIP or loadbalancer may break cross-component communication + type: boolean + required: + - spec + type: object + startupProbe: + description: StartupProbe that will be added to CRD pod + type: object + x-kubernetes-preserve-unknown-fields: true + storage: + description: |- + Storage is the definition of how storage will be used by the VTSingle + by default it`s empty dir + properties: + accessModes: + description: |- + accessModes contains the desired access modes the volume should have. + More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1 + items: + type: string + type: array + x-kubernetes-list-type: atomic + dataSource: + description: |- + dataSource field can be used to specify either: + * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot) + * An existing PVC (PersistentVolumeClaim) + If the provisioner or an external controller can support the specified data source, + it will create a new volume based on the contents of the specified data source. + When the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef, + and dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified. + If the namespace is specified, then dataSourceRef will not be copied to dataSource. + properties: + apiGroup: + description: |- + APIGroup is the group for the resource being referenced. + If APIGroup is not specified, the specified Kind must be in the core API group. + For any other third-party types, APIGroup is required. + type: string + kind: + description: Kind is the type of resource being referenced + type: string + name: + description: Name is the name of resource being referenced + type: string + required: + - kind + - name + type: object + x-kubernetes-map-type: atomic + dataSourceRef: + description: |- + dataSourceRef specifies the object from which to populate the volume with data, if a non-empty + volume is desired. This may be any object from a non-empty API group (non + core object) or a PersistentVolumeClaim object. + When this field is specified, volume binding will only succeed if the type of + the specified object matches some installed volume populator or dynamic + provisioner. + This field will replace the functionality of the dataSource field and as such + if both fields are non-empty, they must have the same value. For backwards + compatibility, when namespace isn't specified in dataSourceRef, + both fields (dataSource and dataSourceRef) will be set to the same + value automatically if one of them is empty and the other is non-empty. + When namespace is specified in dataSourceRef, + dataSource isn't set to the same value and must be empty. + There are three important differences between dataSource and dataSourceRef: + * While dataSource only allows two specific types of objects, dataSourceRef + allows any non-core object, as well as PersistentVolumeClaim objects. + * While dataSource ignores disallowed values (dropping them), dataSourceRef + preserves all values, and generates an error if a disallowed value is + specified. + * While dataSource only allows local objects, dataSourceRef allows objects + in any namespaces. + (Beta) Using this field requires the AnyVolumeDataSource feature gate to be enabled. + (Alpha) Using the namespace field of dataSourceRef requires the CrossNamespaceVolumeDataSource feature gate to be enabled. + properties: + apiGroup: + description: |- + APIGroup is the group for the resource being referenced. + If APIGroup is not specified, the specified Kind must be in the core API group. + For any other third-party types, APIGroup is required. + type: string + kind: + description: Kind is the type of resource being referenced + type: string + name: + description: Name is the name of resource being referenced + type: string + namespace: + description: |- + Namespace is the namespace of resource being referenced + Note that when a namespace is specified, a gateway.networking.k8s.io/ReferenceGrant object is required in the referent namespace to allow that namespace's owner to accept the reference. See the ReferenceGrant documentation for details. + (Alpha) This field requires the CrossNamespaceVolumeDataSource feature gate to be enabled. + type: string + required: + - kind + - name + type: object + resources: + description: |- + resources represents the minimum resources the volume should have. + If RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements + that are lower than previous value but must still be higher than capacity recorded in the + status field of the claim. + More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources + properties: + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: |- + Limits describes the maximum amount of compute resources allowed. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: |- + Requests describes the minimum amount of compute resources required. + If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, + otherwise to an implementation-defined value. Requests cannot exceed Limits. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + type: object + type: object + selector: + description: selector is a label query over volumes to consider + for binding. + properties: + matchExpressions: + description: matchExpressions is a list of label selector + requirements. The requirements are ANDed. + items: + description: |- + A label selector requirement is a selector that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: key is the label key that the selector + applies to. + type: string + operator: + description: |- + operator represents a key's relationship to a set of values. + Valid operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: |- + values is an array of string values. If the operator is In or NotIn, + the values array must be non-empty. If the operator is Exists or DoesNotExist, + the values array must be empty. This array is replaced during a strategic + merge patch. + items: + type: string + type: array + x-kubernetes-list-type: atomic + required: + - key + - operator + type: object + type: array + x-kubernetes-list-type: atomic + matchLabels: + additionalProperties: + type: string + description: |- + matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, whose key field is "key", the + operator is "In", and the values array contains only "value". The requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + storageClassName: + description: |- + storageClassName is the name of the StorageClass required by the claim. + More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1 + type: string + volumeAttributesClassName: + description: |- + volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim. + If specified, the CSI driver will create or update the volume with the attributes defined + in the corresponding VolumeAttributesClass. This has a different purpose than storageClassName, + it can be changed after the claim is created. An empty string value means that no VolumeAttributesClass + will be applied to the claim but it's not allowed to reset this field to empty string once it is set. + If unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass + will be set by the persistentvolume controller if it exists. + If the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be + set to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource + exists. + More info: https://kubernetes.io/docs/concepts/storage/volume-attributes-classes/ + (Beta) Using this field requires the VolumeAttributesClass feature gate to be enabled (off by default). + type: string + volumeMode: + description: |- + volumeMode defines what type of volume is required by the claim. + Value of Filesystem is implied when not included in claim spec. + type: string + volumeName: + description: volumeName is the binding reference to the PersistentVolume + backing this claim. + type: string + type: object + storageDataPath: + description: |- + StorageDataPath disables spec.storage option and overrides arg for victoria-traces binary --storageDataPath, + its users responsibility to mount proper device into given path. + type: string + storageMetadata: + description: StorageMeta defines annotations and labels attached to + PVC for given vtsingle CR + properties: + annotations: + additionalProperties: + type: string + description: |- + Annotations is an unstructured key value map stored with a resource that may be + set by external tools to store and retrieve arbitrary metadata. They are not + queryable and should be preserved when modifying objects. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations + type: object + labels: + additionalProperties: + type: string + description: |- + Labels Map of string keys and values that can be used to organize and categorize + (scope and select) objects. May match selectors of replication controllers + and services. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels + type: object + name: + description: |- + Name must be unique within a namespace. Is required when creating resources, although + some resources may allow a client to request the generation of an appropriate name + automatically. Name is primarily intended for creation idempotence and configuration + definition. + Cannot be updated. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names#names + type: string + type: object + terminationGracePeriodSeconds: + description: TerminationGracePeriodSeconds period for container graceful + termination + format: int64 + type: integer + tolerations: + description: Tolerations If specified, the pod's tolerations. + items: + description: |- + The pod this Toleration is attached to tolerates any taint that matches + the triple using the matching operator . + properties: + effect: + description: |- + Effect indicates the taint effect to match. Empty means match all taint effects. + When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute. + type: string + key: + description: |- + Key is the taint key that the toleration applies to. Empty means match all taint keys. + If the key is empty, operator must be Exists; this combination means to match all values and all keys. + type: string + operator: + description: |- + Operator represents a key's relationship to the value. + Valid operators are Exists and Equal. Defaults to Equal. + Exists is equivalent to wildcard for value, so that a pod can + tolerate all taints of a particular category. + type: string + tolerationSeconds: + description: |- + TolerationSeconds represents the period of time the toleration (which must be + of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, + it is not set, which means tolerate the taint forever (do not evict). Zero and + negative values will be treated as 0 (evict immediately) by the system. + format: int64 + type: integer + value: + description: |- + Value is the taint value the toleration matches to. + If the operator is Exists, the value should be empty, otherwise just a regular string. + type: string + type: object + type: array + topologySpreadConstraints: + description: |- + TopologySpreadConstraints embedded kubernetes pod configuration option, + controls how pods are spread across your cluster among failure-domains + such as regions, zones, nodes, and other user-defined topology domains + https://kubernetes.io/docs/concepts/workloads/pods/pod-topology-spread-constraints/ + items: + description: TopologySpreadConstraint specifies how to spread matching + pods among the given topology. + required: + - maxSkew + - topologyKey + - whenUnsatisfiable + type: object + x-kubernetes-preserve-unknown-fields: true + type: array + useDefaultResources: + description: |- + UseDefaultResources controls resource settings + By default, operator sets built-in resource requirements + type: boolean + useStrictSecurity: + description: |- + UseStrictSecurity enables strict security mode for component + it restricts disk writes access + uses non-root user out of the box + drops not needed security permissions + type: boolean + volumeMounts: + description: |- + VolumeMounts allows configuration of additional VolumeMounts on the output Deployment/StatefulSet definition. + VolumeMounts specified will be appended to other VolumeMounts in the Application container + items: + description: VolumeMount describes a mounting of a Volume within + a container. + properties: + mountPath: + description: |- + Path within the container at which the volume should be mounted. Must + not contain ':'. + type: string + mountPropagation: + description: |- + mountPropagation determines how mounts are propagated from the host + to container and the other way around. + When not set, MountPropagationNone is used. + This field is beta in 1.10. + When RecursiveReadOnly is set to IfPossible or to Enabled, MountPropagation must be None or unspecified + (which defaults to None). + type: string + name: + description: This must match the Name of a Volume. + type: string + readOnly: + description: |- + Mounted read-only if true, read-write otherwise (false or unspecified). + Defaults to false. + type: boolean + recursiveReadOnly: + description: |- + RecursiveReadOnly specifies whether read-only mounts should be handled + recursively. + + If ReadOnly is false, this field has no meaning and must be unspecified. + + If ReadOnly is true, and this field is set to Disabled, the mount is not made + recursively read-only. If this field is set to IfPossible, the mount is made + recursively read-only, if it is supported by the container runtime. If this + field is set to Enabled, the mount is made recursively read-only if it is + supported by the container runtime, otherwise the pod will not be started and + an error will be generated to indicate the reason. + + If this field is set to IfPossible or Enabled, MountPropagation must be set to + None (or be unspecified, which defaults to None). + + If this field is not specified, it is treated as an equivalent of Disabled. + type: string + subPath: + description: |- + Path within the volume from which the container's volume should be mounted. + Defaults to "" (volume's root). + type: string + subPathExpr: + description: |- + Expanded path within the volume from which the container's volume should be mounted. + Behaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment. + Defaults to "" (volume's root). + SubPathExpr and SubPath are mutually exclusive. + type: string + required: + - mountPath + - name + type: object + type: array + volumes: + description: |- + Volumes allows configuration of additional volumes on the output Deployment/StatefulSet definition. + Volumes specified will be appended to other volumes that are generated. + / +optional + items: + description: Volume represents a named volume in a pod that may + be accessed by any container in the pod. + required: + - name + type: object + x-kubernetes-preserve-unknown-fields: true + type: array + type: object + status: + description: VTSingleStatus defines the observed state of VTSingle + properties: + conditions: + description: 'Known .status.conditions.type are: "Available", "Progressing", + and "Degraded"' + items: + description: Condition defines status condition of the resource + properties: + lastTransitionTime: + description: lastTransitionTime is the last time the condition + transitioned from one status to another. + format: date-time + type: string + lastUpdateTime: + description: |- + LastUpdateTime is the last time of given type update. + This value is used for status TTL update and removal + format: date-time + type: string + message: + description: |- + message is a human readable message indicating details about the transition. + This may be an empty string. + maxLength: 32768 + type: string + observedGeneration: + description: |- + observedGeneration represents the .metadata.generation that the condition was set based upon. + For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date + with respect to the current state of the instance. + format: int64 + minimum: 0 + type: integer + reason: + description: |- + reason contains a programmatic identifier indicating the reason for the condition's last transition. + Producers of specific condition types may define expected values and meanings for this field, + and whether the values are considered a guaranteed API. + The value should be a CamelCase string. + This field may not be empty. + maxLength: 1024 + minLength: 1 + type: string + status: + description: status of the condition, one of True, False, Unknown. + enum: + - "True" + - "False" + - Unknown + type: string + type: + description: Type of condition in CamelCase or in name.namespace.resource.victoriametrics.com/CamelCase. + maxLength: 316 + type: string + required: + - lastTransitionTime + - lastUpdateTime + - reason + - status + - type + type: object + type: array + x-kubernetes-list-map-keys: + - type + x-kubernetes-list-type: map + observedGeneration: + description: |- + ObservedGeneration defines current generation picked by operator for the + reconcile + format: int64 + type: integer + reason: + description: Reason defines human readable error reason + type: string + updateStatus: + description: UpdateStatus defines a status for update rollout + type: string + type: object + type: object + served: true + storage: true + subresources: + status: {} diff --git a/charts/victoria-metrics-operator/charts/crds/files/crd.yaml.bz2 b/charts/victoria-metrics-operator/charts/crds/files/crd.yaml.bz2 new file mode 100644 index 000000000..de8c08f2b Binary files /dev/null and b/charts/victoria-metrics-operator/charts/crds/files/crd.yaml.bz2 differ diff --git a/charts/victoria-metrics-operator/charts/crds/templates/_helpers.yaml b/charts/victoria-metrics-operator/charts/crds/templates/_helpers.yaml new file mode 100644 index 000000000..65e96fc6c --- /dev/null +++ b/charts/victoria-metrics-operator/charts/crds/templates/_helpers.yaml @@ -0,0 +1,13 @@ +{{- define "crds.upgrade.name" -}} +{{- print (include "vm.plain.fullname" .) "-upgrade-crds" }} +{{- end -}} + +{{- define "crds.upgrade.serviceAccountName" -}} +{{- $Values := (.helm).Values | default .Values }} +{{- $upgrade := $Values.upgrade }} +{{- if $upgrade.serviceAccount.create -}} + {{ default (include "crds.upgrade.name" .) $upgrade.serviceAccount.name }} +{{- else -}} + {{ default "default" $upgrade.serviceAccount.name }} +{{- end -}} +{{- end -}} diff --git a/charts/victoria-metrics-operator/charts/crds/templates/cm.yaml b/charts/victoria-metrics-operator/charts/crds/templates/cm.yaml new file mode 100644 index 000000000..40cd8ed58 --- /dev/null +++ b/charts/victoria-metrics-operator/charts/crds/templates/cm.yaml @@ -0,0 +1,18 @@ +{{- if .Values.upgrade.enabled }} +{{- $ctx := dict "helm" . }} +{{- $upgrade := .Values.upgrade }} +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ include "crds.upgrade.serviceAccountName" $ctx }} + namespace: {{ template "vm.namespace" $ctx }} + annotations: + "helm.sh/hook": pre-install,pre-upgrade,pre-rollback + "helm.sh/hook-weight": "-2" + "helm.sh/hook-delete-policy": before-hook-creation,hook-succeeded + {{- $_ := set $ctx "extraLabels" (dict "app.kubernetes.io/component" "upgrade-crds") }} + labels: {{ include "vm.labels" $ctx | nindent 4 }} + {{- $_ := unset $ctx "extraLabels" }} +binaryData: + crd.yaml.bz2: {{ .Files.Get "files/crd.yaml.bz2" | b64enc }} +{{- end }} diff --git a/charts/victoria-metrics-operator/charts/crds/templates/job.yaml b/charts/victoria-metrics-operator/charts/crds/templates/job.yaml new file mode 100644 index 000000000..d4e544dbb --- /dev/null +++ b/charts/victoria-metrics-operator/charts/crds/templates/job.yaml @@ -0,0 +1,124 @@ +{{- if .Values.upgrade.enabled }} +{{- $app := .Values.upgrade }} +{{- if empty (($app.kubectl).image).tag }} + {{- $tag := regexSplit "[+-]" .Capabilities.KubeVersion.Version -1 | first -}} + {{- $_ := set $app.kubectl.image "tag" $tag }} +{{- else if not (kindIs "string" (($app.kubectl).image).tag) }} + {{- fail "`crd.upgrade.kubectl.image.tag` is not string, most probably you need to enquote provided value" -}} +{{- end }} +{{- $ctx := dict "helm" . "noEnterprise" true }} +apiVersion: batch/v1 +kind: Job +metadata: + name: {{ template "crds.upgrade.name" $ctx }} + namespace: {{ template "vm.namespace" $ctx }} + annotations: + "helm.sh/hook": pre-install,pre-upgrade,pre-rollback + "helm.sh/hook-weight": "5" + "helm.sh/hook-delete-policy": before-hook-creation,hook-succeeded + {{- with $app.annotations }} + {{- toYaml . | nindent 4 }} + {{- end }} + {{- $_ := set $ctx "extraLabels" $app.labels }} + {{- $_ := set $ctx.extraLabels "app.kubernetes.io/component" "upgrade-crds" }} + labels: {{ include "vm.labels" $ctx | nindent 4 }} + {{- $_ := unset $ctx "extraLabels" }} +spec: + backoffLimit: 3 + template: + metadata: + {{- with $app.podLabels }} + labels: {{ toYaml . | nindent 8 }} + {{- end }} + {{- with $app.podAnnotations }} + annotations: {{ toYaml . | nindent 8 }} + {{- end }} + spec: + {{- with (.Values.imagePullSecrets | default .Values.global.imagePullSecrets) }} + imagePullSecrets: {{ toYaml . | nindent 8 }} + {{- end }} + serviceAccountName: {{ include "crds.upgrade.serviceAccountName" . }} + {{- if $app.podSecurityContext.enabled }} + securityContext: {{ include "vm.securityContext" (dict "securityContext" $app.podSecurityContext "helm" .) | nindent 8 }} + {{- end }} + initContainers: + - name: busybox + {{- $_ := set $ctx "appKey" (list "upgrade" "busybox") }} + image: {{ include "vm.image" $ctx }} + imagePullPolicy: {{ $app.busybox.image.pullPolicy }} + workingDir: /tmp/ + command: + - sh + args: + - -c + - bzcat /crds/crd.yaml.bz2 > /tmp/crd.yaml + {{- with $app.resources }} + resources: {{ toYaml . | nindent 12 }} + {{- end }} + {{- with $app.securityContext }} + securityContext: {{ toYaml . | nindent 12 }} + {{- end }} + volumeMounts: + - mountPath: /crds/ + name: crds + - mountPath: /tmp/ + name: tmp + {{- with $app.extraVolumeMounts }} + {{- toYaml . | nindent 12 }} + {{- end }} + {{- with $app.env }} + env: {{ toYaml . | nindent 12 }} + {{- end }} + containers: + - name: kubectl + {{- $_ := set $ctx "appKey" (list "upgrade" "kubectl") }} + image: {{ include "vm.image" $ctx }} + imagePullPolicy: {{ $app.kubectl.image.pullPolicy }} + command: + - kubectl + args: + - apply + - --server-side + {{- if $app.forceConflicts }} + - --force-conflicts + {{- end }} + - --filename + - /tmp/crd.yaml + {{- with $app.resources }} + resources: {{ toYaml . | nindent 12 }} + {{- end }} + {{- with $app.securityContext }} + securityContext: {{ toYaml . | nindent 12 }} + {{- end }} + volumeMounts: + - mountPath: /tmp/ + name: tmp + {{- with $app.extraVolumeMounts }} + {{- toYaml . | nindent 12 }} + {{- end }} + {{- with $app.env }} + env: {{ toYaml . | nindent 12 }} + {{- end }} + volumes: + - name: tmp + emptyDir: {} + - name: crds + configMap: + name: {{ template "crds.upgrade.name" . }} + {{- with $app.extraVolumes }} + {{- toYaml . | nindent 8 }} + {{- end }} + restartPolicy: OnFailure + {{- with $app.nodeSelector }} + nodeSelector: {{ toYaml . | nindent 8 }} + {{- end }} + {{- with $app.tolerations }} + tolerations: {{ toYaml . | nindent 8 }} + {{- end }} + {{- with $app.affinity }} + affinity: {{ toYaml . | nindent 8 }} + {{- end }} + {{- with $app.topologySpreadConstraints }} + topologySpreadConstraints: {{ toYaml . | nindent 8 }} + {{- end }} +{{- end }} diff --git a/charts/victoria-metrics-operator/charts/crds/templates/role.yaml b/charts/victoria-metrics-operator/charts/crds/templates/role.yaml new file mode 100644 index 000000000..7cb71a2dd --- /dev/null +++ b/charts/victoria-metrics-operator/charts/crds/templates/role.yaml @@ -0,0 +1,52 @@ +{{- if .Values.upgrade.enabled }} +{{- $ctx := dict "helm" . }} +{{- $_ := set $ctx "extraLabels" (dict "app.kubernetes.io/component" "upgrade-crds") }} +{{- $labels := include "vm.labels" $ctx }} +{{- $_ := unset $ctx "extraLabels" }} +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: {{ template "crds.upgrade.name" . }} + namespace: {{ template "vm.namespace" . }} + annotations: + "helm.sh/hook": pre-install,pre-upgrade,pre-rollback + "helm.sh/hook-weight": "-5" + "helm.sh/hook-delete-policy": before-hook-creation,hook-succeeded + labels: {{ $labels | nindent 4 }} + {{- $crds := .Files.Get "crds/crd.yaml" | splitList "---" }} +rules: + - apiGroups: + - "apiextensions.k8s.io" + resources: + - "customresourcedefinitions" + verbs: + - create + - patch + - update + - get + - list + resourceNames: + {{- range $crds }} + {{- $crd := fromYaml . }} + - {{ $crd.metadata.name }} + {{- end }} +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: {{ template "crds.upgrade.name" . }} + namespace: {{ template "vm.namespace" . }} + annotations: + "helm.sh/hook": pre-install,pre-upgrade,pre-rollback + "helm.sh/hook-weight": "-3" + "helm.sh/hook-delete-policy": before-hook-creation,hook-succeeded + labels: {{ $labels | nindent 4 }} +subjects: + - kind: ServiceAccount + namespace: {{ template "vm.namespace" . }} + name: {{ template "crds.upgrade.serviceAccountName" . }} +roleRef: + kind: ClusterRole + name: {{ template "crds.upgrade.name" . }} + apiGroup: rbac.authorization.k8s.io +{{- end }} diff --git a/charts/victoria-metrics-operator/charts/crds/templates/serviceaccount.yaml b/charts/victoria-metrics-operator/charts/crds/templates/serviceaccount.yaml new file mode 100644 index 000000000..5eb25578d --- /dev/null +++ b/charts/victoria-metrics-operator/charts/crds/templates/serviceaccount.yaml @@ -0,0 +1,24 @@ +{{- $upgrade := .Values.upgrade }} +{{- if and $upgrade.enabled $upgrade.serviceAccount.create }} +{{- $ctx := dict "helm" . }} +{{- $fullname := include "vm.plain.fullname" $ctx }} +{{- $ns := include "vm.namespace" $ctx }} +{{- $sa := $upgrade.serviceAccount }} +apiVersion: v1 +kind: ServiceAccount +automountServiceAccountToken: {{ $sa.automountServiceAccountToken }} +metadata: + name: {{ include "crds.upgrade.name" . }} + namespace: {{ $ns }} + annotations: + "helm.sh/hook": pre-install,pre-upgrade,pre-rollback + "helm.sh/hook-weight": "-4" + "helm.sh/hook-delete-policy": before-hook-creation,hook-succeeded + {{- with $sa.annotations }} + {{- toYaml . | nindent 4 }} + {{- end }} + {{- $_ := set $ctx "extraLabels" $sa.labels }} + {{- $_ := set $ctx.extraLabels "app.kubernetes.io/component" "upgrade-crds" }} + labels: {{ include "vm.labels" $ctx | nindent 4 }} + {{- $_ := unset $ctx "extraLabels" }} +{{- end }} diff --git a/charts/victoria-metrics-operator/charts/crds/values.yaml b/charts/victoria-metrics-operator/charts/crds/values.yaml index e69de29bb..dbfd2e007 100644 --- a/charts/victoria-metrics-operator/charts/crds/values.yaml +++ b/charts/victoria-metrics-operator/charts/crds/values.yaml @@ -0,0 +1,2 @@ +upgrade: + enabled: true diff --git a/charts/victoria-metrics-operator/crd.yaml b/charts/victoria-metrics-operator/crd.yaml index 1b0f84a20..3eec95bef 100644 --- a/charts/victoria-metrics-operator/crd.yaml +++ b/charts/victoria-metrics-operator/crd.yaml @@ -50,2077 +50,10 @@ spec: type: object spec: description: VLAgentSpec defines the desired state of VLAgent - properties: - affinity: - description: Affinity If specified, the pod's scheduling constraints. - type: object - x-kubernetes-preserve-unknown-fields: true - claimTemplates: - description: 'ClaimTemplates allows adding additional VolumeClaimTemplates - for VLAgent in Mode: StatefulSet' - items: - description: PersistentVolumeClaim is a user's request for and claim - to a persistent volume - properties: - apiVersion: - description: |- - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources - type: string - kind: - description: |- - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. - In CamelCase. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds - type: string - metadata: - description: |- - Standard object's metadata. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata - type: object - x-kubernetes-preserve-unknown-fields: true - spec: - description: |- - spec defines the desired characteristics of a volume requested by a pod author. - More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims - properties: - accessModes: - description: |- - accessModes contains the desired access modes the volume should have. - More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1 - items: - type: string - type: array - x-kubernetes-list-type: atomic - dataSource: - description: |- - dataSource field can be used to specify either: - * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot) - * An existing PVC (PersistentVolumeClaim) - If the provisioner or an external controller can support the specified data source, - it will create a new volume based on the contents of the specified data source. - When the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef, - and dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified. - If the namespace is specified, then dataSourceRef will not be copied to dataSource. - properties: - apiGroup: - description: |- - APIGroup is the group for the resource being referenced. - If APIGroup is not specified, the specified Kind must be in the core API group. - For any other third-party types, APIGroup is required. - type: string - kind: - description: Kind is the type of resource being referenced - type: string - name: - description: Name is the name of resource being referenced - type: string - required: - - kind - - name - type: object - x-kubernetes-map-type: atomic - dataSourceRef: - description: |- - dataSourceRef specifies the object from which to populate the volume with data, if a non-empty - volume is desired. This may be any object from a non-empty API group (non - core object) or a PersistentVolumeClaim object. - When this field is specified, volume binding will only succeed if the type of - the specified object matches some installed volume populator or dynamic - provisioner. - This field will replace the functionality of the dataSource field and as such - if both fields are non-empty, they must have the same value. For backwards - compatibility, when namespace isn't specified in dataSourceRef, - both fields (dataSource and dataSourceRef) will be set to the same - value automatically if one of them is empty and the other is non-empty. - When namespace is specified in dataSourceRef, - dataSource isn't set to the same value and must be empty. - There are three important differences between dataSource and dataSourceRef: - * While dataSource only allows two specific types of objects, dataSourceRef - allows any non-core object, as well as PersistentVolumeClaim objects. - * While dataSource ignores disallowed values (dropping them), dataSourceRef - preserves all values, and generates an error if a disallowed value is - specified. - * While dataSource only allows local objects, dataSourceRef allows objects - in any namespaces. - (Beta) Using this field requires the AnyVolumeDataSource feature gate to be enabled. - (Alpha) Using the namespace field of dataSourceRef requires the CrossNamespaceVolumeDataSource feature gate to be enabled. - properties: - apiGroup: - description: |- - APIGroup is the group for the resource being referenced. - If APIGroup is not specified, the specified Kind must be in the core API group. - For any other third-party types, APIGroup is required. - type: string - kind: - description: Kind is the type of resource being referenced - type: string - name: - description: Name is the name of resource being referenced - type: string - namespace: - description: |- - Namespace is the namespace of resource being referenced - Note that when a namespace is specified, a gateway.networking.k8s.io/ReferenceGrant object is required in the referent namespace to allow that namespace's owner to accept the reference. See the ReferenceGrant documentation for details. - (Alpha) This field requires the CrossNamespaceVolumeDataSource feature gate to be enabled. - type: string - required: - - kind - - name - type: object - resources: - description: |- - resources represents the minimum resources the volume should have. - If RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements - that are lower than previous value but must still be higher than capacity recorded in the - status field of the claim. - More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources - properties: - limits: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - description: |- - Limits describes the maximum amount of compute resources allowed. - More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ - type: object - requests: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - description: |- - Requests describes the minimum amount of compute resources required. - If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, - otherwise to an implementation-defined value. Requests cannot exceed Limits. - More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ - type: object - type: object - selector: - description: selector is a label query over volumes to consider - for binding. - properties: - matchExpressions: - description: matchExpressions is a list of label selector - requirements. The requirements are ANDed. - items: - description: |- - A label selector requirement is a selector that contains values, a key, and an operator that - relates the key and values. - properties: - key: - description: key is the label key that the selector - applies to. - type: string - operator: - description: |- - operator represents a key's relationship to a set of values. - Valid operators are In, NotIn, Exists and DoesNotExist. - type: string - values: - description: |- - values is an array of string values. If the operator is In or NotIn, - the values array must be non-empty. If the operator is Exists or DoesNotExist, - the values array must be empty. This array is replaced during a strategic - merge patch. - items: - type: string - type: array - x-kubernetes-list-type: atomic - required: - - key - - operator - type: object - type: array - x-kubernetes-list-type: atomic - matchLabels: - additionalProperties: - type: string - description: |- - matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels - map is equivalent to an element of matchExpressions, whose key field is "key", the - operator is "In", and the values array contains only "value". The requirements are ANDed. - type: object - type: object - x-kubernetes-map-type: atomic - storageClassName: - description: |- - storageClassName is the name of the StorageClass required by the claim. - More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1 - type: string - volumeAttributesClassName: - description: |- - volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim. - If specified, the CSI driver will create or update the volume with the attributes defined - in the corresponding VolumeAttributesClass. This has a different purpose than storageClassName, - it can be changed after the claim is created. An empty string value means that no VolumeAttributesClass - will be applied to the claim but it's not allowed to reset this field to empty string once it is set. - If unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass - will be set by the persistentvolume controller if it exists. - If the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be - set to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource - exists. - More info: https://kubernetes.io/docs/concepts/storage/volume-attributes-classes/ - (Beta) Using this field requires the VolumeAttributesClass feature gate to be enabled (off by default). - type: string - volumeMode: - description: |- - volumeMode defines what type of volume is required by the claim. - Value of Filesystem is implied when not included in claim spec. - type: string - volumeName: - description: volumeName is the binding reference to the - PersistentVolume backing this claim. - type: string - type: object - status: - description: |- - status represents the current information/status of a persistent volume claim. - Read-only. - More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims - properties: - accessModes: - description: |- - accessModes contains the actual access modes the volume backing the PVC has. - More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1 - items: - type: string - type: array - x-kubernetes-list-type: atomic - allocatedResourceStatuses: - additionalProperties: - description: |- - When a controller receives persistentvolume claim update with ClaimResourceStatus for a resource - that it does not recognizes, then it should ignore that update and let other controllers - handle it. - type: string - description: "allocatedResourceStatuses stores status of - resource being resized for the given PVC.\nKey names follow - standard Kubernetes label syntax. Valid values are either:\n\t* - Un-prefixed keys:\n\t\t- storage - the capacity of the - volume.\n\t* Custom resources must use implementation-defined - prefixed names such as \"example.com/my-custom-resource\"\nApart - from above values - keys that are unprefixed or have kubernetes.io - prefix are considered\nreserved and hence may not be used.\n\nClaimResourceStatus - can be in any of following states:\n\t- ControllerResizeInProgress:\n\t\tState - set when resize controller starts resizing the volume - in control-plane.\n\t- ControllerResizeFailed:\n\t\tState - set when resize has failed in resize controller with a - terminal error.\n\t- NodeResizePending:\n\t\tState set - when resize controller has finished resizing the volume - but further resizing of\n\t\tvolume is needed on the node.\n\t- - NodeResizeInProgress:\n\t\tState set when kubelet starts - resizing the volume.\n\t- NodeResizeFailed:\n\t\tState - set when resizing has failed in kubelet with a terminal - error. Transient errors don't set\n\t\tNodeResizeFailed.\nFor - example: if expanding a PVC for more capacity - this field - can be one of the following states:\n\t- pvc.status.allocatedResourceStatus['storage'] - = \"ControllerResizeInProgress\"\n - pvc.status.allocatedResourceStatus['storage'] - = \"ControllerResizeFailed\"\n - pvc.status.allocatedResourceStatus['storage'] - = \"NodeResizePending\"\n - pvc.status.allocatedResourceStatus['storage'] - = \"NodeResizeInProgress\"\n - pvc.status.allocatedResourceStatus['storage'] - = \"NodeResizeFailed\"\nWhen this field is not set, it - means that no resize operation is in progress for the - given PVC.\n\nA controller that receives PVC update with - previously unknown resourceName or ClaimResourceStatus\nshould - ignore the update for the purpose it was designed. For - example - a controller that\nonly is responsible for resizing - capacity of the volume, should ignore PVC updates that - change other valid\nresources associated with PVC.\n\nThis - is an alpha field and requires enabling RecoverVolumeExpansionFailure - feature." - type: object - x-kubernetes-map-type: granular - allocatedResources: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - description: "allocatedResources tracks the resources allocated - to a PVC including its capacity.\nKey names follow standard - Kubernetes label syntax. Valid values are either:\n\t* - Un-prefixed keys:\n\t\t- storage - the capacity of the - volume.\n\t* Custom resources must use implementation-defined - prefixed names such as \"example.com/my-custom-resource\"\nApart - from above values - keys that are unprefixed or have kubernetes.io - prefix are considered\nreserved and hence may not be used.\n\nCapacity - reported here may be larger than the actual capacity when - a volume expansion operation\nis requested.\nFor storage - quota, the larger value from allocatedResources and PVC.spec.resources - is used.\nIf allocatedResources is not set, PVC.spec.resources - alone is used for quota calculation.\nIf a volume expansion - capacity request is lowered, allocatedResources is only\nlowered - if there are no expansion operations in progress and if - the actual volume capacity\nis equal or lower than the - requested capacity.\n\nA controller that receives PVC - update with previously unknown resourceName\nshould ignore - the update for the purpose it was designed. For example - - a controller that\nonly is responsible for resizing - capacity of the volume, should ignore PVC updates that - change other valid\nresources associated with PVC.\n\nThis - is an alpha field and requires enabling RecoverVolumeExpansionFailure - feature." - type: object - capacity: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - description: capacity represents the actual resources of - the underlying volume. - type: object - conditions: - description: |- - conditions is the current Condition of persistent volume claim. If underlying persistent volume is being - resized then the Condition will be set to 'Resizing'. - items: - description: PersistentVolumeClaimCondition contains details - about state of pvc - properties: - lastProbeTime: - description: lastProbeTime is the time we probed the - condition. - format: date-time - type: string - lastTransitionTime: - description: lastTransitionTime is the time the condition - transitioned from one status to another. - format: date-time - type: string - message: - description: message is the human-readable message - indicating details about last transition. - type: string - reason: - description: |- - reason is a unique, this should be a short, machine understandable string that gives the reason - for condition's last transition. If it reports "Resizing" that means the underlying - persistent volume is being resized. - type: string - status: - description: |- - Status is the status of the condition. - Can be True, False, Unknown. - More info: https://kubernetes.io/docs/reference/kubernetes-api/config-and-storage-resources/persistent-volume-claim-v1/#:~:text=state%20of%20pvc-,conditions.status,-(string)%2C%20required - type: string - type: - description: |- - Type is the type of the condition. - More info: https://kubernetes.io/docs/reference/kubernetes-api/config-and-storage-resources/persistent-volume-claim-v1/#:~:text=set%20to%20%27ResizeStarted%27.-,PersistentVolumeClaimCondition,-contains%20details%20about - type: string - required: - - status - - type - type: object - type: array - x-kubernetes-list-map-keys: - - type - x-kubernetes-list-type: map - currentVolumeAttributesClassName: - description: |- - currentVolumeAttributesClassName is the current name of the VolumeAttributesClass the PVC is using. - When unset, there is no VolumeAttributeClass applied to this PersistentVolumeClaim - This is a beta field and requires enabling VolumeAttributesClass feature (off by default). - type: string - modifyVolumeStatus: - description: |- - ModifyVolumeStatus represents the status object of ControllerModifyVolume operation. - When this is unset, there is no ModifyVolume operation being attempted. - This is a beta field and requires enabling VolumeAttributesClass feature (off by default). - properties: - status: - description: "status is the status of the ControllerModifyVolume - operation. It can be in any of following states:\n - - Pending\n Pending indicates that the PersistentVolumeClaim - cannot be modified due to unmet requirements, such - as\n the specified VolumeAttributesClass not existing.\n - - InProgress\n InProgress indicates that the volume - is being modified.\n - Infeasible\n Infeasible indicates - that the request has been rejected as invalid by the - CSI driver. To\n\t resolve the error, a valid VolumeAttributesClass - needs to be specified.\nNote: New statuses can be - added in the future. Consumers should check for unknown - statuses and fail appropriately." - type: string - targetVolumeAttributesClassName: - description: targetVolumeAttributesClassName is the - name of the VolumeAttributesClass the PVC currently - being reconciled - type: string - required: - - status - type: object - phase: - description: phase represents the current phase of PersistentVolumeClaim. - type: string - type: object - type: object - type: array - configMaps: - description: |- - ConfigMaps is a list of ConfigMaps in the same namespace as the Application - object, which shall be mounted into the Application container - at /etc/vm/configs/CONFIGMAP_NAME folder - items: - type: string - type: array - containers: - description: |- - Containers property allows to inject additions sidecars or to patch existing containers. - It can be useful for proxies, backup, etc. - items: - description: A single application container that you want to run - within a pod. - required: - - name - type: object - x-kubernetes-preserve-unknown-fields: true - type: array - disableAutomountServiceAccountToken: - description: |- - DisableAutomountServiceAccountToken whether to disable serviceAccount auto mount by Kubernetes (available from v0.54.0). - Operator will conditionally create volumes and volumeMounts for containers if it requires k8s API access. - For example, vmagent and vm-config-reloader requires k8s API access. - Operator creates volumes with name: "kube-api-access", which can be used as volumeMount for extraContainers if needed. - And also adds VolumeMounts at /var/run/secrets/kubernetes.io/serviceaccount. - type: boolean - disableSelfServiceScrape: - description: |- - DisableSelfServiceScrape controls creation of VMServiceScrape by operator - for the application. - Has priority over `VM_DISABLESELFSERVICESCRAPECREATION` operator env variable - type: boolean - dnsConfig: - description: |- - Specifies the DNS parameters of a pod. - Parameters specified here will be merged to the generated DNS - configuration based on DNSPolicy. - items: - x-kubernetes-preserve-unknown-fields: true - properties: - nameservers: - description: |- - A list of DNS name server IP addresses. - This will be appended to the base nameservers generated from DNSPolicy. - Duplicated nameservers will be removed. - items: - type: string - type: array - x-kubernetes-list-type: atomic - options: - description: |- - A list of DNS resolver options. - This will be merged with the base options generated from DNSPolicy. - Duplicated entries will be removed. Resolution options given in Options - will override those that appear in the base DNSPolicy. - items: - description: PodDNSConfigOption defines DNS resolver options - of a pod. - properties: - name: - description: |- - Name is this DNS resolver option's name. - Required. - type: string - value: - description: Value is this DNS resolver option's value. - type: string - type: object - type: array - x-kubernetes-list-type: atomic - searches: - description: |- - A list of DNS search domains for host-name lookup. - This will be appended to the base search paths generated from DNSPolicy. - Duplicated search paths will be removed. - items: - type: string - type: array - x-kubernetes-list-type: atomic - type: object - dnsPolicy: - description: DNSPolicy sets DNS policy for the pod - type: string - extraArgs: - additionalProperties: - type: string - description: |- - ExtraArgs that will be passed to the application container - for example remoteWrite.tmpDataPath: /tmp - type: object - extraEnvs: - description: ExtraEnvs that will be passed to the application container - items: - description: EnvVar represents an environment variable present in - a Container. - properties: - name: - description: Name of the environment variable. Must be a C_IDENTIFIER. - type: string - value: - description: |- - Variable references $(VAR_NAME) are expanded - using the previously defined environment variables in the container and - any service environment variables. If a variable cannot be resolved, - the reference in the input string will be unchanged. Double $$ are reduced - to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. - "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". - Escaped references will never be expanded, regardless of whether the variable - exists or not. - Defaults to "". - type: string - required: - - name - type: object - x-kubernetes-preserve-unknown-fields: true - type: array - extraEnvsFrom: - description: |- - ExtraEnvsFrom defines source of env variables for the application container - could either be secret or configmap - items: - description: EnvFromSource represents the source of a set of ConfigMaps - properties: - configMapRef: - description: The ConfigMap to select from - properties: - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the ConfigMap must be defined - type: boolean - type: object - x-kubernetes-map-type: atomic - prefix: - description: An optional identifier to prepend to each key in - the ConfigMap. Must be a C_IDENTIFIER. - type: string - secretRef: - description: The Secret to select from - properties: - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the Secret must be defined - type: boolean - type: object - x-kubernetes-map-type: atomic - type: object - type: array - host_aliases: - description: |- - HostAliasesUnderScore provides mapping for ip and hostname, - that would be propagated to pod, - cannot be used with HostNetwork. - Has Priority over hostAliases field - items: - description: |- - HostAlias holds the mapping between IP and hostnames that will be injected as an entry in the - pod's hosts file. - properties: - hostnames: - description: Hostnames for the above IP address. - items: - type: string - type: array - x-kubernetes-list-type: atomic - ip: - description: IP address of the host file entry. - type: string - required: - - ip - type: object - type: array - hostAliases: - description: |- - HostAliases provides mapping for ip and hostname, - that would be propagated to pod, - cannot be used with HostNetwork. - items: - description: |- - HostAlias holds the mapping between IP and hostnames that will be injected as an entry in the - pod's hosts file. - properties: - hostnames: - description: Hostnames for the above IP address. - items: - type: string - type: array - x-kubernetes-list-type: atomic - ip: - description: IP address of the host file entry. - type: string - required: - - ip - type: object - type: array - hostNetwork: - description: HostNetwork controls whether the pod may use the node - network namespace - type: boolean - image: - description: |- - Image - docker image settings - if no specified operator uses default version from operator config - properties: - pullPolicy: - description: PullPolicy describes how to pull docker image - type: string - repository: - description: Repository contains name of docker image + it's repository - if needed - type: string - tag: - description: Tag contains desired docker image version - type: string - type: object - imagePullSecrets: - description: |- - ImagePullSecrets An optional list of references to secrets in the same namespace - to use for pulling images from registries - see https://kubernetes.io/docs/concepts/containers/images/#referring-to-an-imagepullsecrets-on-a-pod - items: - description: |- - LocalObjectReference contains enough information to let you locate the - referenced object inside the same namespace. - properties: - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - type: object - x-kubernetes-map-type: atomic - type: array - initContainers: - description: |- - InitContainers allows adding initContainers to the pod definition. - Any errors during the execution of an initContainer will lead to a restart of the Pod. - More info: https://kubernetes.io/docs/concepts/workloads/pods/init-containers/ - items: - description: A single application container that you want to run - within a pod. - required: - - name - type: object - x-kubernetes-preserve-unknown-fields: true - type: array - livenessProbe: - description: LivenessProbe that will be added CRD pod - type: object - x-kubernetes-preserve-unknown-fields: true - logFormat: - description: LogFormat for VLAgent to be configured with. - enum: - - default - - json - type: string - logLevel: - description: |- - LogLevel for VLAgent to be configured with. - INFO, WARN, ERROR, FATAL, PANIC - enum: - - INFO - - WARN - - ERROR - - FATAL - - PANIC - type: string - managedMetadata: - description: |- - ManagedMetadata defines metadata that will be added to the all objects - created by operator for the given CustomResource - properties: - annotations: - additionalProperties: - type: string - description: |- - Annotations is an unstructured key value map stored with a resource that may be - set by external tools to store and retrieve arbitrary metadata. They are not - queryable and should be preserved when modifying objects. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations - type: object - labels: - additionalProperties: - type: string - description: |- - Labels Map of string keys and values that can be used to organize and categorize - (scope and select) objects. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels - type: object - type: object - minReadySeconds: - description: |- - MinReadySeconds defines a minimum number of seconds to wait before starting update next pod - if previous in healthy state - Has no effect for VLogs and VMSingle - format: int32 - type: integer - nodeSelector: - additionalProperties: - type: string - description: NodeSelector Define which Nodes the Pods are scheduled - on. - type: object - paused: - description: |- - Paused If set to true all actions on the underlying managed objects are not - going to be performed, except for delete actions. - type: boolean - persistentVolumeClaimRetentionPolicy: - description: PersistentVolumeClaimRetentionPolicy allows configuration - of PVC retention policy - properties: - whenDeleted: - description: |- - WhenDeleted specifies what happens to PVCs created from StatefulSet - VolumeClaimTemplates when the StatefulSet is deleted. The default policy - of `Retain` causes PVCs to not be affected by StatefulSet deletion. The - `Delete` policy causes those PVCs to be deleted. - type: string - whenScaled: - description: |- - WhenScaled specifies what happens to PVCs created from StatefulSet - VolumeClaimTemplates when the StatefulSet is scaled down. The default - policy of `Retain` causes PVCs to not be affected by a scaledown. The - `Delete` policy causes the associated PVCs for any excess pods above - the replica count to be deleted. - type: string - type: object - podDisruptionBudget: - description: PodDisruptionBudget created by operator - properties: - maxUnavailable: - anyOf: - - type: integer - - type: string - description: |- - An eviction is allowed if at most "maxUnavailable" pods selected by - "selector" are unavailable after the eviction, i.e. even in absence of - the evicted pod. For example, one can prevent all voluntary evictions - by specifying 0. This is a mutually exclusive setting with "minAvailable". - x-kubernetes-int-or-string: true - minAvailable: - anyOf: - - type: integer - - type: string - description: |- - An eviction is allowed if at least "minAvailable" pods selected by - "selector" will still be available after the eviction, i.e. even in the - absence of the evicted pod. So for example you can prevent all voluntary - evictions by specifying "100%". - x-kubernetes-int-or-string: true - selectorLabels: - additionalProperties: - type: string - description: |- - replaces default labels selector generated by operator - it's useful when you need to create custom budget - type: object - type: object - podMetadata: - description: PodMetadata configures Labels and Annotations which are - propagated to the vlagent pods. - properties: - annotations: - additionalProperties: - type: string - description: |- - Annotations is an unstructured key value map stored with a resource that may be - set by external tools to store and retrieve arbitrary metadata. They are not - queryable and should be preserved when modifying objects. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations - type: object - labels: - additionalProperties: - type: string - description: |- - Labels Map of string keys and values that can be used to organize and categorize - (scope and select) objects. May match selectors of replication controllers - and services. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels - type: object - name: - description: |- - Name must be unique within a namespace. Is required when creating resources, although - some resources may allow a client to request the generation of an appropriate name - automatically. Name is primarily intended for creation idempotence and configuration - definition. - Cannot be updated. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names#names - type: string - type: object - port: - description: Port listen address - type: string - priorityClassName: - description: PriorityClassName class assigned to the Pods - type: string - readinessGates: - description: ReadinessGates defines pod readiness gates - items: - description: PodReadinessGate contains the reference to a pod condition - properties: - conditionType: - description: ConditionType refers to a condition in the pod's - condition list with matching type. - type: string - required: - - conditionType - type: object - type: array - readinessProbe: - description: ReadinessProbe that will be added CRD pod - type: object - x-kubernetes-preserve-unknown-fields: true - remoteWrite: - description: |- - RemoteWrite list of victoria logs endpoints - for victorialogs it must looks like: http://victoria-logs-single:9428/ - or for cluster different url - https://docs.victoriametrics.com/victorialogs/vlagent/#replication-and-high-availability - items: - description: VLAgentRemoteWriteSpec defines the remote storage configuration - for VmAgent - properties: - bearerTokenPath: - description: Optional bearer auth token to use for -remoteWrite.url - type: string - bearerTokenSecret: - description: Optional bearer auth token to use for -remoteWrite.url - properties: - key: - description: The key of the secret to select from. Must - be a valid secret key. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the Secret or its key must - be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - headers: - description: |- - Headers allow configuring custom http headers - Must be in form of semicolon separated header with value - e.g. - headerName: headerValue - items: - type: string - type: array - maxDiskUsage: - description: |- - MaxDiskUsage defines the maximum file-based buffer size in bytes for the given remoteWrite - It overrides global configuration defined at remoteWriteSettings.maxDiskUsagePerURL - x-kubernetes-preserve-unknown-fields: true - oauth2: - description: OAuth2 defines auth configuration - properties: - clientIDFile: - description: ClientIDFile defines path to pre-mounted OAuth2 - client id - type: string - clientIDSecret: - description: ClientIDSecret defines secret or configmap - containing the OAuth2 client id - properties: - key: - description: The key of the secret to select from. Must - be a valid secret key. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the Secret or its key must - be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - clientSecret: - description: The secret containing the OAuth2 client secret - properties: - key: - description: The key of the secret to select from. Must - be a valid secret key. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the Secret or its key must - be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - clientSecretFile: - description: ClientSecretFile defines path to pre-mounted - OAuth2 client secret - type: string - endpointParams: - additionalProperties: - type: string - description: EndpointParams to append to the token URL - type: object - scopes: - description: Scopes used for the token request - items: - type: string - type: array - tokenURL: - description: TokenURL defines URL to fetch the token from - minLength: 1 - type: string - required: - - tokenURL - type: object - proxyURL: - description: 'ProxyURL for -remoteWrite.url. Supported proxies: - http, https, socks5. Example: socks5://proxy:1234' - type: string - sendTimeout: - description: Timeout for sending a single block of data to -remoteWrite.url - (default 1m0s) - pattern: '[0-9]+(ms|s|m|h)' - type: string - tlsConfig: - description: TLSConfig describes tls configuration for remote - write target - properties: - caFile: - description: CAFile defines path to the pre-mounted file - with TLS ca certificate - type: string - caSecretKeyRef: - description: CASecret defines secret reference with tls - CA key by given key - properties: - key: - description: The key of the secret to select from. Must - be a valid secret key. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the Secret or its key must - be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - certFile: - description: |- - CertFile defines path to the pre-mounted file with TLS certificate - mutually exclusive with CertSecret - type: string - certSecretKeyRef: - description: |- - CertSecret defines secret reference with TLS cert by given key - mutually exclusive with CASecret - properties: - key: - description: The key of the secret to select from. Must - be a valid secret key. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the Secret or its key must - be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - insecureSkipVerify: - description: Disable target certificate validation. - type: boolean - keyFile: - description: |- - KeyFile defines path to the pre-mounted file with TLS cert key - mutually exclusive with CertSecret - type: string - keySecretKeyRef: - description: CertSecret defines secret reference with TLS - key by given key - properties: - key: - description: The key of the secret to select from. Must - be a valid secret key. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the Secret or its key must - be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - serverName: - description: Used to verify the hostname for the targets. - type: string - type: object - url: - description: URL of the endpoint to send samples to. - type: string - required: - - url - type: object - type: array - remoteWriteSettings: - description: RemoteWriteSettings defines global settings for all remoteWrite - urls. - properties: - flushInterval: - description: Interval for flushing the data to remote storage. - (default 1s) - pattern: '[0-9]+(ms|s|m|h)' - type: string - maxBlockSize: - description: The maximum size of unpacked request to send to remote - storage - x-kubernetes-preserve-unknown-fields: true - maxDiskUsagePerURL: - description: The maximum file-based buffer size in bytes at -remoteWrite.tmpDataPath - x-kubernetes-preserve-unknown-fields: true - queues: - description: The number of concurrent queues - format: int32 - type: integer - showURL: - description: Whether to show -remoteWrite.url in the exported - metrics. It is hidden by default, since it can contain sensitive - auth info - type: boolean - tmpDataPath: - description: |- - Path to directory where temporary data for remote write component is stored (default /vlagent_pq/vlagent-remotewrite-data) - If defined, operator ignores spec.storage field and skips adding volume and volumeMount for pq - type: string - type: object - replicaCount: - description: ReplicaCount is the expected size of the Application. - format: int32 - type: integer - resources: - description: |- - Resources container resource request and limits, https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ - if not defined default resources from operator config will be used - properties: - claims: - description: |- - Claims lists the names of resources, defined in spec.resourceClaims, - that are used by this container. - - This is an alpha field and requires enabling the - DynamicResourceAllocation feature gate. - - This field is immutable. It can only be set for containers. - items: - description: ResourceClaim references one entry in PodSpec.ResourceClaims. - properties: - name: - description: |- - Name must match the name of one entry in pod.spec.resourceClaims of - the Pod where this field is used. It makes that resource available - inside a container. - type: string - request: - description: |- - Request is the name chosen for a request in the referenced claim. - If empty, everything from the claim is made available, otherwise - only the result of this request. - type: string - required: - - name - type: object - type: array - x-kubernetes-list-map-keys: - - name - x-kubernetes-list-type: map - limits: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - description: |- - Limits describes the maximum amount of compute resources allowed. - More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ - type: object - requests: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - description: |- - Requests describes the minimum amount of compute resources required. - If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, - otherwise to an implementation-defined value. Requests cannot exceed Limits. - More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ - type: object - type: object - revisionHistoryLimitCount: - description: |- - The number of old ReplicaSets to retain to allow rollback in deployment or - maximum number of revisions that will be maintained in the Deployment revision history. - Has no effect at StatefulSets - Defaults to 10. - format: int32 - type: integer - rollingUpdateStrategy: - description: |- - StatefulRollingUpdateStrategy allows configuration for strategyType - set it to RollingUpdate for disabling operator statefulSet rollingUpdate - type: string - runtimeClassName: - description: |- - RuntimeClassName - defines runtime class for kubernetes pod. - https://kubernetes.io/docs/concepts/containers/runtime-class/ - type: string - schedulerName: - description: SchedulerName - defines kubernetes scheduler name - type: string - secrets: - description: |- - Secrets is a list of Secrets in the same namespace as the Application - object, which shall be mounted into the Application container - at /etc/vm/secrets/SECRET_NAME folder - items: - type: string - type: array - securityContext: - description: |- - SecurityContext holds pod-level security attributes and common container settings. - This defaults to the default PodSecurityContext. - type: object - x-kubernetes-preserve-unknown-fields: true - serviceAccountName: - description: ServiceAccountName is the name of the ServiceAccount - to use to run the pods - type: string - serviceScrapeSpec: - description: ServiceScrapeSpec that will be added to vlagent VMServiceScrape - spec - required: - - endpoints - type: object - x-kubernetes-preserve-unknown-fields: true - serviceSpec: - description: ServiceSpec that will be added to vlagent service spec - properties: - metadata: - description: EmbeddedObjectMetadata defines objectMeta for additional - service. - properties: - annotations: - additionalProperties: - type: string - description: |- - Annotations is an unstructured key value map stored with a resource that may be - set by external tools to store and retrieve arbitrary metadata. They are not - queryable and should be preserved when modifying objects. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations - type: object - labels: - additionalProperties: - type: string - description: |- - Labels Map of string keys and values that can be used to organize and categorize - (scope and select) objects. May match selectors of replication controllers - and services. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels - type: object - name: - description: |- - Name must be unique within a namespace. Is required when creating resources, although - some resources may allow a client to request the generation of an appropriate name - automatically. Name is primarily intended for creation idempotence and configuration - definition. - Cannot be updated. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names#names - type: string - type: object - spec: - description: |- - ServiceSpec describes the attributes that a user creates on a service. - More info: https://kubernetes.io/docs/concepts/services-networking/service/ - type: object - x-kubernetes-preserve-unknown-fields: true - useAsDefault: - description: |- - UseAsDefault applies changes from given service definition to the main object Service - Changing from headless service to clusterIP or loadbalancer may break cross-component communication - type: boolean - required: - - spec - type: object - startupProbe: - description: StartupProbe that will be added to CRD pod - type: object - x-kubernetes-preserve-unknown-fields: true - storage: - description: StatefulStorage configures storage for StatefulSet - properties: - disableMountSubPath: - description: |- - Deprecated: subPath usage will be disabled by default in a future release, this option will become unnecessary. - DisableMountSubPath allows to remove any subPath usage in volume mounts. - type: boolean - emptyDir: - description: |- - EmptyDirVolumeSource to be used by the Prometheus StatefulSets. If specified, used in place of any volumeClaimTemplate. More - info: https://kubernetes.io/docs/concepts/storage/volumes/#emptydir - properties: - medium: - description: |- - medium represents what type of storage medium should back this directory. - The default is "" which means to use the node's default medium. - Must be an empty string (default) or Memory. - More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir - type: string - sizeLimit: - anyOf: - - type: integer - - type: string - description: |- - sizeLimit is the total amount of local storage required for this EmptyDir volume. - The size limit is also applicable for memory medium. - The maximum usage on memory medium EmptyDir would be the minimum value between - the SizeLimit specified here and the sum of memory limits of all containers in a pod. - The default is nil which means that the limit is undefined. - More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - type: object - volumeClaimTemplate: - description: A PVC spec to be used by the StatefulSets/Deployments. - properties: - apiVersion: - description: |- - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources - type: string - kind: - description: |- - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. - In CamelCase. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds - type: string - metadata: - description: EmbeddedMetadata contains metadata relevant to - an EmbeddedResource. - properties: - annotations: - additionalProperties: - type: string - description: |- - Annotations is an unstructured key value map stored with a resource that may be - set by external tools to store and retrieve arbitrary metadata. They are not - queryable and should be preserved when modifying objects. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations - type: object - labels: - additionalProperties: - type: string - description: |- - Labels Map of string keys and values that can be used to organize and categorize - (scope and select) objects. May match selectors of replication controllers - and services. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels - type: object - name: - description: |- - Name must be unique within a namespace. Is required when creating resources, although - some resources may allow a client to request the generation of an appropriate name - automatically. Name is primarily intended for creation idempotence and configuration - definition. - Cannot be updated. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names#names - type: string - type: object - spec: - description: |- - Spec defines the desired characteristics of a volume requested by a pod author. - More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims - properties: - accessModes: - description: |- - accessModes contains the desired access modes the volume should have. - More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1 - items: - type: string - type: array - x-kubernetes-list-type: atomic - dataSource: - description: |- - dataSource field can be used to specify either: - * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot) - * An existing PVC (PersistentVolumeClaim) - If the provisioner or an external controller can support the specified data source, - it will create a new volume based on the contents of the specified data source. - When the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef, - and dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified. - If the namespace is specified, then dataSourceRef will not be copied to dataSource. - properties: - apiGroup: - description: |- - APIGroup is the group for the resource being referenced. - If APIGroup is not specified, the specified Kind must be in the core API group. - For any other third-party types, APIGroup is required. - type: string - kind: - description: Kind is the type of resource being referenced - type: string - name: - description: Name is the name of resource being referenced - type: string - required: - - kind - - name - type: object - x-kubernetes-map-type: atomic - dataSourceRef: - description: |- - dataSourceRef specifies the object from which to populate the volume with data, if a non-empty - volume is desired. This may be any object from a non-empty API group (non - core object) or a PersistentVolumeClaim object. - When this field is specified, volume binding will only succeed if the type of - the specified object matches some installed volume populator or dynamic - provisioner. - This field will replace the functionality of the dataSource field and as such - if both fields are non-empty, they must have the same value. For backwards - compatibility, when namespace isn't specified in dataSourceRef, - both fields (dataSource and dataSourceRef) will be set to the same - value automatically if one of them is empty and the other is non-empty. - When namespace is specified in dataSourceRef, - dataSource isn't set to the same value and must be empty. - There are three important differences between dataSource and dataSourceRef: - * While dataSource only allows two specific types of objects, dataSourceRef - allows any non-core object, as well as PersistentVolumeClaim objects. - * While dataSource ignores disallowed values (dropping them), dataSourceRef - preserves all values, and generates an error if a disallowed value is - specified. - * While dataSource only allows local objects, dataSourceRef allows objects - in any namespaces. - (Beta) Using this field requires the AnyVolumeDataSource feature gate to be enabled. - (Alpha) Using the namespace field of dataSourceRef requires the CrossNamespaceVolumeDataSource feature gate to be enabled. - properties: - apiGroup: - description: |- - APIGroup is the group for the resource being referenced. - If APIGroup is not specified, the specified Kind must be in the core API group. - For any other third-party types, APIGroup is required. - type: string - kind: - description: Kind is the type of resource being referenced - type: string - name: - description: Name is the name of resource being referenced - type: string - namespace: - description: |- - Namespace is the namespace of resource being referenced - Note that when a namespace is specified, a gateway.networking.k8s.io/ReferenceGrant object is required in the referent namespace to allow that namespace's owner to accept the reference. See the ReferenceGrant documentation for details. - (Alpha) This field requires the CrossNamespaceVolumeDataSource feature gate to be enabled. - type: string - required: - - kind - - name - type: object - resources: - description: |- - resources represents the minimum resources the volume should have. - If RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements - that are lower than previous value but must still be higher than capacity recorded in the - status field of the claim. - More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources - properties: - limits: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - description: |- - Limits describes the maximum amount of compute resources allowed. - More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ - type: object - requests: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - description: |- - Requests describes the minimum amount of compute resources required. - If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, - otherwise to an implementation-defined value. Requests cannot exceed Limits. - More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ - type: object - type: object - selector: - description: selector is a label query over volumes to - consider for binding. - properties: - matchExpressions: - description: matchExpressions is a list of label selector - requirements. The requirements are ANDed. - items: - description: |- - A label selector requirement is a selector that contains values, a key, and an operator that - relates the key and values. - properties: - key: - description: key is the label key that the selector - applies to. - type: string - operator: - description: |- - operator represents a key's relationship to a set of values. - Valid operators are In, NotIn, Exists and DoesNotExist. - type: string - values: - description: |- - values is an array of string values. If the operator is In or NotIn, - the values array must be non-empty. If the operator is Exists or DoesNotExist, - the values array must be empty. This array is replaced during a strategic - merge patch. - items: - type: string - type: array - x-kubernetes-list-type: atomic - required: - - key - - operator - type: object - type: array - x-kubernetes-list-type: atomic - matchLabels: - additionalProperties: - type: string - description: |- - matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels - map is equivalent to an element of matchExpressions, whose key field is "key", the - operator is "In", and the values array contains only "value". The requirements are ANDed. - type: object - type: object - x-kubernetes-map-type: atomic - storageClassName: - description: |- - storageClassName is the name of the StorageClass required by the claim. - More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1 - type: string - volumeAttributesClassName: - description: |- - volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim. - If specified, the CSI driver will create or update the volume with the attributes defined - in the corresponding VolumeAttributesClass. This has a different purpose than storageClassName, - it can be changed after the claim is created. An empty string value means that no VolumeAttributesClass - will be applied to the claim but it's not allowed to reset this field to empty string once it is set. - If unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass - will be set by the persistentvolume controller if it exists. - If the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be - set to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource - exists. - More info: https://kubernetes.io/docs/concepts/storage/volume-attributes-classes/ - (Beta) Using this field requires the VolumeAttributesClass feature gate to be enabled (off by default). - type: string - volumeMode: - description: |- - volumeMode defines what type of volume is required by the claim. - Value of Filesystem is implied when not included in claim spec. - type: string - volumeName: - description: volumeName is the binding reference to the - PersistentVolume backing this claim. - type: string - type: object - status: - description: |- - Status represents the current information/status of a persistent volume claim. - Read-only. - More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims - properties: - accessModes: - description: |- - accessModes contains the actual access modes the volume backing the PVC has. - More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1 - items: - type: string - type: array - x-kubernetes-list-type: atomic - allocatedResourceStatuses: - additionalProperties: - description: |- - When a controller receives persistentvolume claim update with ClaimResourceStatus for a resource - that it does not recognizes, then it should ignore that update and let other controllers - handle it. - type: string - description: "allocatedResourceStatuses stores status - of resource being resized for the given PVC.\nKey names - follow standard Kubernetes label syntax. Valid values - are either:\n\t* Un-prefixed keys:\n\t\t- storage - - the capacity of the volume.\n\t* Custom resources must - use implementation-defined prefixed names such as \"example.com/my-custom-resource\"\nApart - from above values - keys that are unprefixed or have - kubernetes.io prefix are considered\nreserved and hence - may not be used.\n\nClaimResourceStatus can be in any - of following states:\n\t- ControllerResizeInProgress:\n\t\tState - set when resize controller starts resizing the volume - in control-plane.\n\t- ControllerResizeFailed:\n\t\tState - set when resize has failed in resize controller with - a terminal error.\n\t- NodeResizePending:\n\t\tState - set when resize controller has finished resizing the - volume but further resizing of\n\t\tvolume is needed - on the node.\n\t- NodeResizeInProgress:\n\t\tState set - when kubelet starts resizing the volume.\n\t- NodeResizeFailed:\n\t\tState - set when resizing has failed in kubelet with a terminal - error. Transient errors don't set\n\t\tNodeResizeFailed.\nFor - example: if expanding a PVC for more capacity - this - field can be one of the following states:\n\t- pvc.status.allocatedResourceStatus['storage'] - = \"ControllerResizeInProgress\"\n - pvc.status.allocatedResourceStatus['storage'] - = \"ControllerResizeFailed\"\n - pvc.status.allocatedResourceStatus['storage'] - = \"NodeResizePending\"\n - pvc.status.allocatedResourceStatus['storage'] - = \"NodeResizeInProgress\"\n - pvc.status.allocatedResourceStatus['storage'] - = \"NodeResizeFailed\"\nWhen this field is not set, - it means that no resize operation is in progress for - the given PVC.\n\nA controller that receives PVC update - with previously unknown resourceName or ClaimResourceStatus\nshould - ignore the update for the purpose it was designed. For - example - a controller that\nonly is responsible for - resizing capacity of the volume, should ignore PVC updates - that change other valid\nresources associated with PVC.\n\nThis - is an alpha field and requires enabling RecoverVolumeExpansionFailure - feature." - type: object - x-kubernetes-map-type: granular - allocatedResources: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - description: "allocatedResources tracks the resources - allocated to a PVC including its capacity.\nKey names - follow standard Kubernetes label syntax. Valid values - are either:\n\t* Un-prefixed keys:\n\t\t- storage - - the capacity of the volume.\n\t* Custom resources must - use implementation-defined prefixed names such as \"example.com/my-custom-resource\"\nApart - from above values - keys that are unprefixed or have - kubernetes.io prefix are considered\nreserved and hence - may not be used.\n\nCapacity reported here may be larger - than the actual capacity when a volume expansion operation\nis - requested.\nFor storage quota, the larger value from - allocatedResources and PVC.spec.resources is used.\nIf - allocatedResources is not set, PVC.spec.resources alone - is used for quota calculation.\nIf a volume expansion - capacity request is lowered, allocatedResources is only\nlowered - if there are no expansion operations in progress and - if the actual volume capacity\nis equal or lower than - the requested capacity.\n\nA controller that receives - PVC update with previously unknown resourceName\nshould - ignore the update for the purpose it was designed. For - example - a controller that\nonly is responsible for - resizing capacity of the volume, should ignore PVC updates - that change other valid\nresources associated with PVC.\n\nThis - is an alpha field and requires enabling RecoverVolumeExpansionFailure - feature." - type: object - capacity: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - description: capacity represents the actual resources - of the underlying volume. - type: object - conditions: - description: |- - conditions is the current Condition of persistent volume claim. If underlying persistent volume is being - resized then the Condition will be set to 'Resizing'. - items: - description: PersistentVolumeClaimCondition contains - details about state of pvc - properties: - lastProbeTime: - description: lastProbeTime is the time we probed - the condition. - format: date-time - type: string - lastTransitionTime: - description: lastTransitionTime is the time the - condition transitioned from one status to another. - format: date-time - type: string - message: - description: message is the human-readable message - indicating details about last transition. - type: string - reason: - description: |- - reason is a unique, this should be a short, machine understandable string that gives the reason - for condition's last transition. If it reports "Resizing" that means the underlying - persistent volume is being resized. - type: string - status: - description: |- - Status is the status of the condition. - Can be True, False, Unknown. - More info: https://kubernetes.io/docs/reference/kubernetes-api/config-and-storage-resources/persistent-volume-claim-v1/#:~:text=state%20of%20pvc-,conditions.status,-(string)%2C%20required - type: string - type: - description: |- - Type is the type of the condition. - More info: https://kubernetes.io/docs/reference/kubernetes-api/config-and-storage-resources/persistent-volume-claim-v1/#:~:text=set%20to%20%27ResizeStarted%27.-,PersistentVolumeClaimCondition,-contains%20details%20about - type: string - required: - - status - - type - type: object - type: array - x-kubernetes-list-map-keys: - - type - x-kubernetes-list-type: map - currentVolumeAttributesClassName: - description: |- - currentVolumeAttributesClassName is the current name of the VolumeAttributesClass the PVC is using. - When unset, there is no VolumeAttributeClass applied to this PersistentVolumeClaim - This is a beta field and requires enabling VolumeAttributesClass feature (off by default). - type: string - modifyVolumeStatus: - description: |- - ModifyVolumeStatus represents the status object of ControllerModifyVolume operation. - When this is unset, there is no ModifyVolume operation being attempted. - This is a beta field and requires enabling VolumeAttributesClass feature (off by default). - properties: - status: - description: "status is the status of the ControllerModifyVolume - operation. It can be in any of following states:\n - - Pending\n Pending indicates that the PersistentVolumeClaim - cannot be modified due to unmet requirements, such - as\n the specified VolumeAttributesClass not existing.\n - - InProgress\n InProgress indicates that the volume - is being modified.\n - Infeasible\n Infeasible - indicates that the request has been rejected as - invalid by the CSI driver. To\n\t resolve the error, - a valid VolumeAttributesClass needs to be specified.\nNote: - New statuses can be added in the future. Consumers - should check for unknown statuses and fail appropriately." - type: string - targetVolumeAttributesClassName: - description: targetVolumeAttributesClassName is the - name of the VolumeAttributesClass the PVC currently - being reconciled - type: string - required: - - status - type: object - phase: - description: phase represents the current phase of PersistentVolumeClaim. - type: string - type: object - type: object - type: object - syslogSpec: - description: SyslogSpec defines syslog listener configuration - properties: - tcpListeners: - description: TCPListeners defines syslog server TCP listener configuration - items: - description: SyslogTCPListener defines configuration for TCP - syslog server listen - properties: - compressMethod: - description: |- - CompressMethod for syslog messages - see https://docs.victoriametrics.com/victorialogs/data-ingestion/syslog/#compression - pattern: ^(none|zstd|gzip|deflate)$ - type: string - decolorizeFields: - description: |- - DecolorizeFields to remove ANSI color codes across logs - see https://docs.victoriametrics.com/victorialogs/data-ingestion/syslog/#decolorizing-fields - type: string - ignoreFields: - description: |- - IgnoreFields to ignore at logs - see https://docs.victoriametrics.com/victorialogs/data-ingestion/syslog/#dropping-fields - type: string - listenPort: - description: ListenPort defines listen port - format: int32 - type: integer - streamFields: - description: |- - StreamFields to use as log stream labels - see https://docs.victoriametrics.com/victorialogs/data-ingestion/syslog/#stream-fields - type: string - tenantID: - description: |- - TenantID for logs ingested in form of accountID:projectID - see https://docs.victoriametrics.com/victorialogs/data-ingestion/syslog/#multiple-configs - type: string - tlsConfig: - description: TLSServerConfig defines VictoriaMetrics TLS - configuration for the application's server - properties: - certFile: - description: |- - CertFile defines path to the pre-mounted file with certificate - mutually exclusive with CertSecret - type: string - certSecret: - description: |- - CertSecretRef defines reference for secret with certificate content under given key - mutually exclusive with CertFile - properties: - key: - description: The key of the secret to select from. Must - be a valid secret key. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the Secret or its key - must be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - keyFile: - description: |- - KeyFile defines path to the pre-mounted file with certificate key - mutually exclusive with KeySecretRef - type: string - keySecret: - description: |- - Key defines reference for secret with certificate key content under given key - mutually exclusive with KeyFile - properties: - key: - description: The key of the secret to select from. Must - be a valid secret key. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the Secret or its key - must be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - type: object - required: - - listenPort - type: object - type: array - udpListeners: - description: UDPListeners defines syslog server UDP listener configuration - items: - description: SyslogUDPListener defines configuration for UDP - syslog server listen - properties: - compressMethod: - description: |- - CompressMethod for syslog messages - see https://docs.victoriametrics.com/victorialogs/data-ingestion/syslog/#compression - pattern: ^(none|zstd|gzip|deflate)$ - type: string - decolorizeFields: - description: |- - DecolorizeFields to remove ANSI color codes across logs - see https://docs.victoriametrics.com/victorialogs/data-ingestion/syslog/#decolorizing-fields - type: string - ignoreFields: - description: |- - IgnoreFields to ignore at logs - see https://docs.victoriametrics.com/victorialogs/data-ingestion/syslog/#dropping-fields - type: string - listenPort: - description: ListenPort defines listen port - format: int32 - type: integer - streamFields: - description: |- - StreamFields to use as log stream labels - see https://docs.victoriametrics.com/victorialogs/data-ingestion/syslog/#stream-fields - type: string - tenantID: - description: |- - TenantID for logs ingested in form of accountID:projectID - see https://docs.victoriametrics.com/victorialogs/data-ingestion/syslog/#multiple-configs - type: string - required: - - listenPort - type: object - type: array - type: object - terminationGracePeriodSeconds: - description: TerminationGracePeriodSeconds period for container graceful - termination - format: int64 - type: integer - tolerations: - description: Tolerations If specified, the pod's tolerations. - items: - description: |- - The pod this Toleration is attached to tolerates any taint that matches - the triple using the matching operator . - properties: - effect: - description: |- - Effect indicates the taint effect to match. Empty means match all taint effects. - When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute. - type: string - key: - description: |- - Key is the taint key that the toleration applies to. Empty means match all taint keys. - If the key is empty, operator must be Exists; this combination means to match all values and all keys. - type: string - operator: - description: |- - Operator represents a key's relationship to the value. - Valid operators are Exists and Equal. Defaults to Equal. - Exists is equivalent to wildcard for value, so that a pod can - tolerate all taints of a particular category. - type: string - tolerationSeconds: - description: |- - TolerationSeconds represents the period of time the toleration (which must be - of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, - it is not set, which means tolerate the taint forever (do not evict). Zero and - negative values will be treated as 0 (evict immediately) by the system. - format: int64 - type: integer - value: - description: |- - Value is the taint value the toleration matches to. - If the operator is Exists, the value should be empty, otherwise just a regular string. - type: string - type: object - type: array - topologySpreadConstraints: - description: |- - TopologySpreadConstraints embedded kubernetes pod configuration option, - controls how pods are spread across your cluster among failure-domains - such as regions, zones, nodes, and other user-defined topology domains - https://kubernetes.io/docs/concepts/workloads/pods/pod-topology-spread-constraints/ - items: - description: TopologySpreadConstraint specifies how to spread matching - pods among the given topology. - required: - - maxSkew - - topologyKey - - whenUnsatisfiable - type: object - x-kubernetes-preserve-unknown-fields: true - type: array - useDefaultResources: - description: |- - UseDefaultResources controls resource settings - By default, operator sets built-in resource requirements - type: boolean - useStrictSecurity: - description: |- - UseStrictSecurity enables strict security mode for component - it restricts disk writes access - uses non-root user out of the box - drops not needed security permissions - type: boolean - volumeMounts: - description: |- - VolumeMounts allows configuration of additional VolumeMounts on the output Deployment/StatefulSet definition. - VolumeMounts specified will be appended to other VolumeMounts in the Application container - items: - description: VolumeMount describes a mounting of a Volume within - a container. - properties: - mountPath: - description: |- - Path within the container at which the volume should be mounted. Must - not contain ':'. - type: string - mountPropagation: - description: |- - mountPropagation determines how mounts are propagated from the host - to container and the other way around. - When not set, MountPropagationNone is used. - This field is beta in 1.10. - When RecursiveReadOnly is set to IfPossible or to Enabled, MountPropagation must be None or unspecified - (which defaults to None). - type: string - name: - description: This must match the Name of a Volume. - type: string - readOnly: - description: |- - Mounted read-only if true, read-write otherwise (false or unspecified). - Defaults to false. - type: boolean - recursiveReadOnly: - description: |- - RecursiveReadOnly specifies whether read-only mounts should be handled - recursively. - - If ReadOnly is false, this field has no meaning and must be unspecified. - - If ReadOnly is true, and this field is set to Disabled, the mount is not made - recursively read-only. If this field is set to IfPossible, the mount is made - recursively read-only, if it is supported by the container runtime. If this - field is set to Enabled, the mount is made recursively read-only if it is - supported by the container runtime, otherwise the pod will not be started and - an error will be generated to indicate the reason. - - If this field is set to IfPossible or Enabled, MountPropagation must be set to - None (or be unspecified, which defaults to None). - - If this field is not specified, it is treated as an equivalent of Disabled. - type: string - subPath: - description: |- - Path within the volume from which the container's volume should be mounted. - Defaults to "" (volume's root). - type: string - subPathExpr: - description: |- - Expanded path within the volume from which the container's volume should be mounted. - Behaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment. - Defaults to "" (volume's root). - SubPathExpr and SubPath are mutually exclusive. - type: string - required: - - mountPath - - name - type: object - type: array - volumes: - description: |- - Volumes allows configuration of additional volumes on the output Deployment/StatefulSet definition. - Volumes specified will be appended to other volumes that are generated. - / +optional - items: - description: Volume represents a named volume in a pod that may - be accessed by any container in the pod. - required: - - name - type: object - x-kubernetes-preserve-unknown-fields: true - type: array required: - remoteWrite type: object + x-kubernetes-preserve-unknown-fields: true status: description: VLAgentStatus defines the observed state of VLAgent properties: @@ -2276,2621 +209,8 @@ spec: type: object spec: description: VLClusterSpec defines the desired state of VLCluster - properties: - clusterDomainName: - description: |- - ClusterDomainName defines domain name suffix for in-cluster dns addresses - aka .cluster.local - used by vlinsert and vlselect to build vlstorage address - type: string - clusterVersion: - description: |- - ClusterVersion defines default images tag for all components. - it can be overwritten with component specific image.tag value. - type: string - imagePullSecrets: - description: |- - ImagePullSecrets An optional list of references to secrets in the same namespace - to use for pulling images from registries - see https://kubernetes.io/docs/concepts/containers/images/#referring-to-an-imagepullsecrets-on-a-pod - items: - description: |- - LocalObjectReference contains enough information to let you locate the - referenced object inside the same namespace. - properties: - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - type: object - x-kubernetes-map-type: atomic - type: array - managedMetadata: - description: |- - ManagedMetadata defines metadata that will be added to the all objects - created by operator for the given CustomResource - properties: - annotations: - additionalProperties: - type: string - description: |- - Annotations is an unstructured key value map stored with a resource that may be - set by external tools to store and retrieve arbitrary metadata. They are not - queryable and should be preserved when modifying objects. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations - type: object - labels: - additionalProperties: - type: string - description: |- - Labels Map of string keys and values that can be used to organize and categorize - (scope and select) objects. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels - type: object - type: object - paused: - description: |- - Paused If set to true all actions on the underlying managed objects are not - going to be performed, except for delete actions. - type: boolean - requestsLoadBalancer: - description: |- - RequestsLoadBalancer configures load-balancing for vlinsert and vlselect requests. - It helps to evenly spread load across pods. - Usually it's not possible with Kubernetes TCP-based services. - properties: - disableInsertBalancing: - type: boolean - disableSelectBalancing: - type: boolean - enabled: - type: boolean - spec: - description: |- - VMAuthLoadBalancerSpec defines configuration spec for VMAuth used as load-balancer - for VMCluster component - type: object - x-kubernetes-preserve-unknown-fields: true - type: object - serviceAccountName: - description: |- - ServiceAccountName is the name of the ServiceAccount to use to run the - VLSelect, VLInsert and VLStorage Pods. - type: string - useStrictSecurity: - description: |- - UseStrictSecurity enables strict security mode for component - it restricts disk writes access - uses non-root user out of the box - drops not needed security permissions - type: boolean - vlinsert: - description: VLInsert defines vlinsert component configuration at - victoria-logs cluster - properties: - affinity: - description: Affinity If specified, the pod's scheduling constraints. - type: object - x-kubernetes-preserve-unknown-fields: true - configMaps: - description: |- - ConfigMaps is a list of ConfigMaps in the same namespace as the Application - object, which shall be mounted into the Application container - at /etc/vm/configs/CONFIGMAP_NAME folder - items: - type: string - type: array - containers: - description: |- - Containers property allows to inject additions sidecars or to patch existing containers. - It can be useful for proxies, backup, etc. - items: - description: A single application container that you want to - run within a pod. - required: - - name - type: object - x-kubernetes-preserve-unknown-fields: true - type: array - disableAutomountServiceAccountToken: - description: |- - DisableAutomountServiceAccountToken whether to disable serviceAccount auto mount by Kubernetes (available from v0.54.0). - Operator will conditionally create volumes and volumeMounts for containers if it requires k8s API access. - For example, vmagent and vm-config-reloader requires k8s API access. - Operator creates volumes with name: "kube-api-access", which can be used as volumeMount for extraContainers if needed. - And also adds VolumeMounts at /var/run/secrets/kubernetes.io/serviceaccount. - type: boolean - disableSelfServiceScrape: - description: |- - DisableSelfServiceScrape controls creation of VMServiceScrape by operator - for the application. - Has priority over `VM_DISABLESELFSERVICESCRAPECREATION` operator env variable - type: boolean - dnsConfig: - description: |- - Specifies the DNS parameters of a pod. - Parameters specified here will be merged to the generated DNS - configuration based on DNSPolicy. - items: - x-kubernetes-preserve-unknown-fields: true - properties: - nameservers: - description: |- - A list of DNS name server IP addresses. - This will be appended to the base nameservers generated from DNSPolicy. - Duplicated nameservers will be removed. - items: - type: string - type: array - x-kubernetes-list-type: atomic - options: - description: |- - A list of DNS resolver options. - This will be merged with the base options generated from DNSPolicy. - Duplicated entries will be removed. Resolution options given in Options - will override those that appear in the base DNSPolicy. - items: - description: PodDNSConfigOption defines DNS resolver options - of a pod. - properties: - name: - description: |- - Name is this DNS resolver option's name. - Required. - type: string - value: - description: Value is this DNS resolver option's value. - type: string - type: object - type: array - x-kubernetes-list-type: atomic - searches: - description: |- - A list of DNS search domains for host-name lookup. - This will be appended to the base search paths generated from DNSPolicy. - Duplicated search paths will be removed. - items: - type: string - type: array - x-kubernetes-list-type: atomic - type: object - dnsPolicy: - description: DNSPolicy sets DNS policy for the pod - type: string - extraArgs: - additionalProperties: - type: string - description: |- - ExtraArgs that will be passed to the application container - for example remoteWrite.tmpDataPath: /tmp - type: object - extraEnvs: - description: ExtraEnvs that will be passed to the application - container - items: - description: EnvVar represents an environment variable present - in a Container. - properties: - name: - description: Name of the environment variable. Must be a - C_IDENTIFIER. - type: string - value: - description: |- - Variable references $(VAR_NAME) are expanded - using the previously defined environment variables in the container and - any service environment variables. If a variable cannot be resolved, - the reference in the input string will be unchanged. Double $$ are reduced - to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. - "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". - Escaped references will never be expanded, regardless of whether the variable - exists or not. - Defaults to "". - type: string - required: - - name - type: object - x-kubernetes-preserve-unknown-fields: true - type: array - extraEnvsFrom: - description: |- - ExtraEnvsFrom defines source of env variables for the application container - could either be secret or configmap - items: - description: EnvFromSource represents the source of a set of - ConfigMaps - properties: - configMapRef: - description: The ConfigMap to select from - properties: - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the ConfigMap must be defined - type: boolean - type: object - x-kubernetes-map-type: atomic - prefix: - description: An optional identifier to prepend to each key - in the ConfigMap. Must be a C_IDENTIFIER. - type: string - secretRef: - description: The Secret to select from - properties: - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the Secret must be defined - type: boolean - type: object - x-kubernetes-map-type: atomic - type: object - type: array - host_aliases: - description: |- - HostAliasesUnderScore provides mapping for ip and hostname, - that would be propagated to pod, - cannot be used with HostNetwork. - Has Priority over hostAliases field - items: - description: |- - HostAlias holds the mapping between IP and hostnames that will be injected as an entry in the - pod's hosts file. - properties: - hostnames: - description: Hostnames for the above IP address. - items: - type: string - type: array - x-kubernetes-list-type: atomic - ip: - description: IP address of the host file entry. - type: string - required: - - ip - type: object - type: array - hostAliases: - description: |- - HostAliases provides mapping for ip and hostname, - that would be propagated to pod, - cannot be used with HostNetwork. - items: - description: |- - HostAlias holds the mapping between IP and hostnames that will be injected as an entry in the - pod's hosts file. - properties: - hostnames: - description: Hostnames for the above IP address. - items: - type: string - type: array - x-kubernetes-list-type: atomic - ip: - description: IP address of the host file entry. - type: string - required: - - ip - type: object - type: array - hostNetwork: - description: HostNetwork controls whether the pod may use the - node network namespace - type: boolean - hpa: - description: Configures horizontal pod autoscaling. - type: object - x-kubernetes-preserve-unknown-fields: true - image: - description: |- - Image - docker image settings - if no specified operator uses default version from operator config - properties: - pullPolicy: - description: PullPolicy describes how to pull docker image - type: string - repository: - description: Repository contains name of docker image + it's - repository if needed - type: string - tag: - description: Tag contains desired docker image version - type: string - type: object - imagePullSecrets: - description: |- - ImagePullSecrets An optional list of references to secrets in the same namespace - to use for pulling images from registries - see https://kubernetes.io/docs/concepts/containers/images/#referring-to-an-imagepullsecrets-on-a-pod - items: - description: |- - LocalObjectReference contains enough information to let you locate the - referenced object inside the same namespace. - properties: - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - type: object - x-kubernetes-map-type: atomic - type: array - initContainers: - description: |- - InitContainers allows adding initContainers to the pod definition. - Any errors during the execution of an initContainer will lead to a restart of the Pod. - More info: https://kubernetes.io/docs/concepts/workloads/pods/init-containers/ - items: - description: A single application container that you want to - run within a pod. - required: - - name - type: object - x-kubernetes-preserve-unknown-fields: true - type: array - livenessProbe: - description: LivenessProbe that will be added CRD pod - type: object - x-kubernetes-preserve-unknown-fields: true - logFormat: - description: |- - LogFormat for VLSelect to be configured with. - default or json - enum: - - default - - json - type: string - logLevel: - description: LogLevel for VLSelect to be configured with. - enum: - - INFO - - WARN - - ERROR - - FATAL - - PANIC - type: string - minReadySeconds: - description: |- - MinReadySeconds defines a minimum number of seconds to wait before starting update next pod - if previous in healthy state - Has no effect for VLogs and VMSingle - format: int32 - type: integer - nodeSelector: - additionalProperties: - type: string - description: NodeSelector Define which Nodes the Pods are scheduled - on. - type: object - paused: - description: |- - Paused If set to true all actions on the underlying managed objects are not - going to be performed, except for delete actions. - type: boolean - podDisruptionBudget: - description: PodDisruptionBudget created by operator - properties: - maxUnavailable: - anyOf: - - type: integer - - type: string - description: |- - An eviction is allowed if at most "maxUnavailable" pods selected by - "selector" are unavailable after the eviction, i.e. even in absence of - the evicted pod. For example, one can prevent all voluntary evictions - by specifying 0. This is a mutually exclusive setting with "minAvailable". - x-kubernetes-int-or-string: true - minAvailable: - anyOf: - - type: integer - - type: string - description: |- - An eviction is allowed if at least "minAvailable" pods selected by - "selector" will still be available after the eviction, i.e. even in the - absence of the evicted pod. So for example you can prevent all voluntary - evictions by specifying "100%". - x-kubernetes-int-or-string: true - selectorLabels: - additionalProperties: - type: string - description: |- - replaces default labels selector generated by operator - it's useful when you need to create custom budget - type: object - type: object - podMetadata: - description: PodMetadata configures Labels and Annotations which - are propagated to the VLSelect pods. - properties: - annotations: - additionalProperties: - type: string - description: |- - Annotations is an unstructured key value map stored with a resource that may be - set by external tools to store and retrieve arbitrary metadata. They are not - queryable and should be preserved when modifying objects. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations - type: object - labels: - additionalProperties: - type: string - description: |- - Labels Map of string keys and values that can be used to organize and categorize - (scope and select) objects. May match selectors of replication controllers - and services. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels - type: object - name: - description: |- - Name must be unique within a namespace. Is required when creating resources, although - some resources may allow a client to request the generation of an appropriate name - automatically. Name is primarily intended for creation idempotence and configuration - definition. - Cannot be updated. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names#names - type: string - type: object - port: - description: Port listen address - type: string - priorityClassName: - description: PriorityClassName class assigned to the Pods - type: string - readinessGates: - description: ReadinessGates defines pod readiness gates - items: - description: PodReadinessGate contains the reference to a pod - condition - properties: - conditionType: - description: ConditionType refers to a condition in the - pod's condition list with matching type. - type: string - required: - - conditionType - type: object - type: array - readinessProbe: - description: ReadinessProbe that will be added CRD pod - type: object - x-kubernetes-preserve-unknown-fields: true - replicaCount: - description: ReplicaCount is the expected size of the Application. - format: int32 - type: integer - resources: - description: |- - Resources container resource request and limits, https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ - if not defined default resources from operator config will be used - properties: - claims: - description: |- - Claims lists the names of resources, defined in spec.resourceClaims, - that are used by this container. - - This is an alpha field and requires enabling the - DynamicResourceAllocation feature gate. - - This field is immutable. It can only be set for containers. - items: - description: ResourceClaim references one entry in PodSpec.ResourceClaims. - properties: - name: - description: |- - Name must match the name of one entry in pod.spec.resourceClaims of - the Pod where this field is used. It makes that resource available - inside a container. - type: string - request: - description: |- - Request is the name chosen for a request in the referenced claim. - If empty, everything from the claim is made available, otherwise - only the result of this request. - type: string - required: - - name - type: object - type: array - x-kubernetes-list-map-keys: - - name - x-kubernetes-list-type: map - limits: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - description: |- - Limits describes the maximum amount of compute resources allowed. - More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ - type: object - requests: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - description: |- - Requests describes the minimum amount of compute resources required. - If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, - otherwise to an implementation-defined value. Requests cannot exceed Limits. - More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ - type: object - type: object - revisionHistoryLimitCount: - description: |- - The number of old ReplicaSets to retain to allow rollback in deployment or - maximum number of revisions that will be maintained in the Deployment revision history. - Has no effect at StatefulSets - Defaults to 10. - format: int32 - type: integer - rollingUpdate: - description: RollingUpdate - overrides deployment update params. - properties: - maxSurge: - anyOf: - - type: integer - - type: string - description: |- - The maximum number of pods that can be scheduled above the desired number of - pods. - Value can be an absolute number (ex: 5) or a percentage of desired pods (ex: 10%). - This can not be 0 if MaxUnavailable is 0. - Absolute number is calculated from percentage by rounding up. - Defaults to 25%. - Example: when this is set to 30%, the new ReplicaSet can be scaled up immediately when - the rolling update starts, such that the total number of old and new pods do not exceed - 130% of desired pods. Once old pods have been killed, - new ReplicaSet can be scaled up further, ensuring that total number of pods running - at any time during the update is at most 130% of desired pods. - x-kubernetes-int-or-string: true - maxUnavailable: - anyOf: - - type: integer - - type: string - description: |- - The maximum number of pods that can be unavailable during the update. - Value can be an absolute number (ex: 5) or a percentage of desired pods (ex: 10%). - Absolute number is calculated from percentage by rounding down. - This can not be 0 if MaxSurge is 0. - Defaults to 25%. - Example: when this is set to 30%, the old ReplicaSet can be scaled down to 70% of desired pods - immediately when the rolling update starts. Once new pods are ready, old ReplicaSet - can be scaled down further, followed by scaling up the new ReplicaSet, ensuring - that the total number of pods available at all times during the update is at - least 70% of desired pods. - x-kubernetes-int-or-string: true - type: object - runtimeClassName: - description: |- - RuntimeClassName - defines runtime class for kubernetes pod. - https://kubernetes.io/docs/concepts/containers/runtime-class/ - type: string - schedulerName: - description: SchedulerName - defines kubernetes scheduler name - type: string - secrets: - description: |- - Secrets is a list of Secrets in the same namespace as the Application - object, which shall be mounted into the Application container - at /etc/vm/secrets/SECRET_NAME folder - items: - type: string - type: array - securityContext: - description: |- - SecurityContext holds pod-level security attributes and common container settings. - This defaults to the default PodSecurityContext. - type: object - x-kubernetes-preserve-unknown-fields: true - serviceScrapeSpec: - description: ServiceScrapeSpec that will be added to vlselect - VMServiceScrape spec - required: - - endpoints - type: object - x-kubernetes-preserve-unknown-fields: true - serviceSpec: - description: ServiceSpec that will be added to vlselect service - spec - properties: - metadata: - description: EmbeddedObjectMetadata defines objectMeta for - additional service. - properties: - annotations: - additionalProperties: - type: string - description: |- - Annotations is an unstructured key value map stored with a resource that may be - set by external tools to store and retrieve arbitrary metadata. They are not - queryable and should be preserved when modifying objects. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations - type: object - labels: - additionalProperties: - type: string - description: |- - Labels Map of string keys and values that can be used to organize and categorize - (scope and select) objects. May match selectors of replication controllers - and services. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels - type: object - name: - description: |- - Name must be unique within a namespace. Is required when creating resources, although - some resources may allow a client to request the generation of an appropriate name - automatically. Name is primarily intended for creation idempotence and configuration - definition. - Cannot be updated. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names#names - type: string - type: object - spec: - description: |- - ServiceSpec describes the attributes that a user creates on a service. - More info: https://kubernetes.io/docs/concepts/services-networking/service/ - type: object - x-kubernetes-preserve-unknown-fields: true - useAsDefault: - description: |- - UseAsDefault applies changes from given service definition to the main object Service - Changing from headless service to clusterIP or loadbalancer may break cross-component communication - type: boolean - required: - - spec - type: object - startupProbe: - description: StartupProbe that will be added to CRD pod - type: object - x-kubernetes-preserve-unknown-fields: true - syslogSpec: - description: SyslogSpec defines syslog listener configuration - properties: - tcpListeners: - description: TCPListeners defines syslog server TCP listener - configuration - items: - description: SyslogTCPListener defines configuration for - TCP syslog server listen - properties: - compressMethod: - description: |- - CompressMethod for syslog messages - see https://docs.victoriametrics.com/victorialogs/data-ingestion/syslog/#compression - pattern: ^(none|zstd|gzip|deflate)$ - type: string - decolorizeFields: - description: |- - DecolorizeFields to remove ANSI color codes across logs - see https://docs.victoriametrics.com/victorialogs/data-ingestion/syslog/#decolorizing-fields - type: string - ignoreFields: - description: |- - IgnoreFields to ignore at logs - see https://docs.victoriametrics.com/victorialogs/data-ingestion/syslog/#dropping-fields - type: string - listenPort: - description: ListenPort defines listen port - format: int32 - type: integer - streamFields: - description: |- - StreamFields to use as log stream labels - see https://docs.victoriametrics.com/victorialogs/data-ingestion/syslog/#stream-fields - type: string - tenantID: - description: |- - TenantID for logs ingested in form of accountID:projectID - see https://docs.victoriametrics.com/victorialogs/data-ingestion/syslog/#multiple-configs - type: string - tlsConfig: - description: TLSServerConfig defines VictoriaMetrics - TLS configuration for the application's server - properties: - certFile: - description: |- - CertFile defines path to the pre-mounted file with certificate - mutually exclusive with CertSecret - type: string - certSecret: - description: |- - CertSecretRef defines reference for secret with certificate content under given key - mutually exclusive with CertFile - properties: - key: - description: The key of the secret to select - from. Must be a valid secret key. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the Secret or its - key must be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - keyFile: - description: |- - KeyFile defines path to the pre-mounted file with certificate key - mutually exclusive with KeySecretRef - type: string - keySecret: - description: |- - Key defines reference for secret with certificate key content under given key - mutually exclusive with KeyFile - properties: - key: - description: The key of the secret to select - from. Must be a valid secret key. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the Secret or its - key must be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - type: object - required: - - listenPort - type: object - type: array - udpListeners: - description: UDPListeners defines syslog server UDP listener - configuration - items: - description: SyslogUDPListener defines configuration for - UDP syslog server listen - properties: - compressMethod: - description: |- - CompressMethod for syslog messages - see https://docs.victoriametrics.com/victorialogs/data-ingestion/syslog/#compression - pattern: ^(none|zstd|gzip|deflate)$ - type: string - decolorizeFields: - description: |- - DecolorizeFields to remove ANSI color codes across logs - see https://docs.victoriametrics.com/victorialogs/data-ingestion/syslog/#decolorizing-fields - type: string - ignoreFields: - description: |- - IgnoreFields to ignore at logs - see https://docs.victoriametrics.com/victorialogs/data-ingestion/syslog/#dropping-fields - type: string - listenPort: - description: ListenPort defines listen port - format: int32 - type: integer - streamFields: - description: |- - StreamFields to use as log stream labels - see https://docs.victoriametrics.com/victorialogs/data-ingestion/syslog/#stream-fields - type: string - tenantID: - description: |- - TenantID for logs ingested in form of accountID:projectID - see https://docs.victoriametrics.com/victorialogs/data-ingestion/syslog/#multiple-configs - type: string - required: - - listenPort - type: object - type: array - type: object - terminationGracePeriodSeconds: - description: TerminationGracePeriodSeconds period for container - graceful termination - format: int64 - type: integer - tolerations: - description: Tolerations If specified, the pod's tolerations. - items: - description: |- - The pod this Toleration is attached to tolerates any taint that matches - the triple using the matching operator . - properties: - effect: - description: |- - Effect indicates the taint effect to match. Empty means match all taint effects. - When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute. - type: string - key: - description: |- - Key is the taint key that the toleration applies to. Empty means match all taint keys. - If the key is empty, operator must be Exists; this combination means to match all values and all keys. - type: string - operator: - description: |- - Operator represents a key's relationship to the value. - Valid operators are Exists and Equal. Defaults to Equal. - Exists is equivalent to wildcard for value, so that a pod can - tolerate all taints of a particular category. - type: string - tolerationSeconds: - description: |- - TolerationSeconds represents the period of time the toleration (which must be - of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, - it is not set, which means tolerate the taint forever (do not evict). Zero and - negative values will be treated as 0 (evict immediately) by the system. - format: int64 - type: integer - value: - description: |- - Value is the taint value the toleration matches to. - If the operator is Exists, the value should be empty, otherwise just a regular string. - type: string - type: object - type: array - topologySpreadConstraints: - description: |- - TopologySpreadConstraints embedded kubernetes pod configuration option, - controls how pods are spread across your cluster among failure-domains - such as regions, zones, nodes, and other user-defined topology domains - https://kubernetes.io/docs/concepts/workloads/pods/pod-topology-spread-constraints/ - items: - description: TopologySpreadConstraint specifies how to spread - matching pods among the given topology. - required: - - maxSkew - - topologyKey - - whenUnsatisfiable - type: object - x-kubernetes-preserve-unknown-fields: true - type: array - updateStrategy: - description: UpdateStrategy - overrides default update strategy. - enum: - - Recreate - - RollingUpdate - type: string - useDefaultResources: - description: |- - UseDefaultResources controls resource settings - By default, operator sets built-in resource requirements - type: boolean - useStrictSecurity: - description: |- - UseStrictSecurity enables strict security mode for component - it restricts disk writes access - uses non-root user out of the box - drops not needed security permissions - type: boolean - volumeMounts: - description: |- - VolumeMounts allows configuration of additional VolumeMounts on the output Deployment/StatefulSet definition. - VolumeMounts specified will be appended to other VolumeMounts in the Application container - items: - description: VolumeMount describes a mounting of a Volume within - a container. - properties: - mountPath: - description: |- - Path within the container at which the volume should be mounted. Must - not contain ':'. - type: string - mountPropagation: - description: |- - mountPropagation determines how mounts are propagated from the host - to container and the other way around. - When not set, MountPropagationNone is used. - This field is beta in 1.10. - When RecursiveReadOnly is set to IfPossible or to Enabled, MountPropagation must be None or unspecified - (which defaults to None). - type: string - name: - description: This must match the Name of a Volume. - type: string - readOnly: - description: |- - Mounted read-only if true, read-write otherwise (false or unspecified). - Defaults to false. - type: boolean - recursiveReadOnly: - description: |- - RecursiveReadOnly specifies whether read-only mounts should be handled - recursively. - - If ReadOnly is false, this field has no meaning and must be unspecified. - - If ReadOnly is true, and this field is set to Disabled, the mount is not made - recursively read-only. If this field is set to IfPossible, the mount is made - recursively read-only, if it is supported by the container runtime. If this - field is set to Enabled, the mount is made recursively read-only if it is - supported by the container runtime, otherwise the pod will not be started and - an error will be generated to indicate the reason. - - If this field is set to IfPossible or Enabled, MountPropagation must be set to - None (or be unspecified, which defaults to None). - - If this field is not specified, it is treated as an equivalent of Disabled. - type: string - subPath: - description: |- - Path within the volume from which the container's volume should be mounted. - Defaults to "" (volume's root). - type: string - subPathExpr: - description: |- - Expanded path within the volume from which the container's volume should be mounted. - Behaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment. - Defaults to "" (volume's root). - SubPathExpr and SubPath are mutually exclusive. - type: string - required: - - mountPath - - name - type: object - type: array - volumes: - description: |- - Volumes allows configuration of additional volumes on the output Deployment/StatefulSet definition. - Volumes specified will be appended to other volumes that are generated. - / +optional - items: - description: Volume represents a named volume in a pod that - may be accessed by any container in the pod. - required: - - name - type: object - x-kubernetes-preserve-unknown-fields: true - type: array - type: object - vlselect: - description: VLSelect defines vlselect component configuration at - victoria-logs cluster - properties: - affinity: - description: Affinity If specified, the pod's scheduling constraints. - type: object - x-kubernetes-preserve-unknown-fields: true - configMaps: - description: |- - ConfigMaps is a list of ConfigMaps in the same namespace as the Application - object, which shall be mounted into the Application container - at /etc/vm/configs/CONFIGMAP_NAME folder - items: - type: string - type: array - containers: - description: |- - Containers property allows to inject additions sidecars or to patch existing containers. - It can be useful for proxies, backup, etc. - items: - description: A single application container that you want to - run within a pod. - required: - - name - type: object - x-kubernetes-preserve-unknown-fields: true - type: array - disableAutomountServiceAccountToken: - description: |- - DisableAutomountServiceAccountToken whether to disable serviceAccount auto mount by Kubernetes (available from v0.54.0). - Operator will conditionally create volumes and volumeMounts for containers if it requires k8s API access. - For example, vmagent and vm-config-reloader requires k8s API access. - Operator creates volumes with name: "kube-api-access", which can be used as volumeMount for extraContainers if needed. - And also adds VolumeMounts at /var/run/secrets/kubernetes.io/serviceaccount. - type: boolean - disableSelfServiceScrape: - description: |- - DisableSelfServiceScrape controls creation of VMServiceScrape by operator - for the application. - Has priority over `VM_DISABLESELFSERVICESCRAPECREATION` operator env variable - type: boolean - dnsConfig: - description: |- - Specifies the DNS parameters of a pod. - Parameters specified here will be merged to the generated DNS - configuration based on DNSPolicy. - items: - x-kubernetes-preserve-unknown-fields: true - properties: - nameservers: - description: |- - A list of DNS name server IP addresses. - This will be appended to the base nameservers generated from DNSPolicy. - Duplicated nameservers will be removed. - items: - type: string - type: array - x-kubernetes-list-type: atomic - options: - description: |- - A list of DNS resolver options. - This will be merged with the base options generated from DNSPolicy. - Duplicated entries will be removed. Resolution options given in Options - will override those that appear in the base DNSPolicy. - items: - description: PodDNSConfigOption defines DNS resolver options - of a pod. - properties: - name: - description: |- - Name is this DNS resolver option's name. - Required. - type: string - value: - description: Value is this DNS resolver option's value. - type: string - type: object - type: array - x-kubernetes-list-type: atomic - searches: - description: |- - A list of DNS search domains for host-name lookup. - This will be appended to the base search paths generated from DNSPolicy. - Duplicated search paths will be removed. - items: - type: string - type: array - x-kubernetes-list-type: atomic - type: object - dnsPolicy: - description: DNSPolicy sets DNS policy for the pod - type: string - extraArgs: - additionalProperties: - type: string - description: |- - ExtraArgs that will be passed to the application container - for example remoteWrite.tmpDataPath: /tmp - type: object - extraEnvs: - description: ExtraEnvs that will be passed to the application - container - items: - description: EnvVar represents an environment variable present - in a Container. - properties: - name: - description: Name of the environment variable. Must be a - C_IDENTIFIER. - type: string - value: - description: |- - Variable references $(VAR_NAME) are expanded - using the previously defined environment variables in the container and - any service environment variables. If a variable cannot be resolved, - the reference in the input string will be unchanged. Double $$ are reduced - to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. - "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". - Escaped references will never be expanded, regardless of whether the variable - exists or not. - Defaults to "". - type: string - required: - - name - type: object - x-kubernetes-preserve-unknown-fields: true - type: array - extraEnvsFrom: - description: |- - ExtraEnvsFrom defines source of env variables for the application container - could either be secret or configmap - items: - description: EnvFromSource represents the source of a set of - ConfigMaps - properties: - configMapRef: - description: The ConfigMap to select from - properties: - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the ConfigMap must be defined - type: boolean - type: object - x-kubernetes-map-type: atomic - prefix: - description: An optional identifier to prepend to each key - in the ConfigMap. Must be a C_IDENTIFIER. - type: string - secretRef: - description: The Secret to select from - properties: - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the Secret must be defined - type: boolean - type: object - x-kubernetes-map-type: atomic - type: object - type: array - host_aliases: - description: |- - HostAliasesUnderScore provides mapping for ip and hostname, - that would be propagated to pod, - cannot be used with HostNetwork. - Has Priority over hostAliases field - items: - description: |- - HostAlias holds the mapping between IP and hostnames that will be injected as an entry in the - pod's hosts file. - properties: - hostnames: - description: Hostnames for the above IP address. - items: - type: string - type: array - x-kubernetes-list-type: atomic - ip: - description: IP address of the host file entry. - type: string - required: - - ip - type: object - type: array - hostAliases: - description: |- - HostAliases provides mapping for ip and hostname, - that would be propagated to pod, - cannot be used with HostNetwork. - items: - description: |- - HostAlias holds the mapping between IP and hostnames that will be injected as an entry in the - pod's hosts file. - properties: - hostnames: - description: Hostnames for the above IP address. - items: - type: string - type: array - x-kubernetes-list-type: atomic - ip: - description: IP address of the host file entry. - type: string - required: - - ip - type: object - type: array - hostNetwork: - description: HostNetwork controls whether the pod may use the - node network namespace - type: boolean - hpa: - description: Configures horizontal pod autoscaling. - type: object - x-kubernetes-preserve-unknown-fields: true - image: - description: |- - Image - docker image settings - if no specified operator uses default version from operator config - properties: - pullPolicy: - description: PullPolicy describes how to pull docker image - type: string - repository: - description: Repository contains name of docker image + it's - repository if needed - type: string - tag: - description: Tag contains desired docker image version - type: string - type: object - imagePullSecrets: - description: |- - ImagePullSecrets An optional list of references to secrets in the same namespace - to use for pulling images from registries - see https://kubernetes.io/docs/concepts/containers/images/#referring-to-an-imagepullsecrets-on-a-pod - items: - description: |- - LocalObjectReference contains enough information to let you locate the - referenced object inside the same namespace. - properties: - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - type: object - x-kubernetes-map-type: atomic - type: array - initContainers: - description: |- - InitContainers allows adding initContainers to the pod definition. - Any errors during the execution of an initContainer will lead to a restart of the Pod. - More info: https://kubernetes.io/docs/concepts/workloads/pods/init-containers/ - items: - description: A single application container that you want to - run within a pod. - required: - - name - type: object - x-kubernetes-preserve-unknown-fields: true - type: array - livenessProbe: - description: LivenessProbe that will be added CRD pod - type: object - x-kubernetes-preserve-unknown-fields: true - logFormat: - description: |- - LogFormat for VLSelect to be configured with. - default or json - enum: - - default - - json - type: string - logLevel: - description: LogLevel for VLSelect to be configured with. - enum: - - INFO - - WARN - - ERROR - - FATAL - - PANIC - type: string - minReadySeconds: - description: |- - MinReadySeconds defines a minimum number of seconds to wait before starting update next pod - if previous in healthy state - Has no effect for VLogs and VMSingle - format: int32 - type: integer - nodeSelector: - additionalProperties: - type: string - description: NodeSelector Define which Nodes the Pods are scheduled - on. - type: object - paused: - description: |- - Paused If set to true all actions on the underlying managed objects are not - going to be performed, except for delete actions. - type: boolean - podDisruptionBudget: - description: PodDisruptionBudget created by operator - properties: - maxUnavailable: - anyOf: - - type: integer - - type: string - description: |- - An eviction is allowed if at most "maxUnavailable" pods selected by - "selector" are unavailable after the eviction, i.e. even in absence of - the evicted pod. For example, one can prevent all voluntary evictions - by specifying 0. This is a mutually exclusive setting with "minAvailable". - x-kubernetes-int-or-string: true - minAvailable: - anyOf: - - type: integer - - type: string - description: |- - An eviction is allowed if at least "minAvailable" pods selected by - "selector" will still be available after the eviction, i.e. even in the - absence of the evicted pod. So for example you can prevent all voluntary - evictions by specifying "100%". - x-kubernetes-int-or-string: true - selectorLabels: - additionalProperties: - type: string - description: |- - replaces default labels selector generated by operator - it's useful when you need to create custom budget - type: object - type: object - podMetadata: - description: PodMetadata configures Labels and Annotations which - are propagated to the VLSelect pods. - properties: - annotations: - additionalProperties: - type: string - description: |- - Annotations is an unstructured key value map stored with a resource that may be - set by external tools to store and retrieve arbitrary metadata. They are not - queryable and should be preserved when modifying objects. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations - type: object - labels: - additionalProperties: - type: string - description: |- - Labels Map of string keys and values that can be used to organize and categorize - (scope and select) objects. May match selectors of replication controllers - and services. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels - type: object - name: - description: |- - Name must be unique within a namespace. Is required when creating resources, although - some resources may allow a client to request the generation of an appropriate name - automatically. Name is primarily intended for creation idempotence and configuration - definition. - Cannot be updated. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names#names - type: string - type: object - port: - description: Port listen address - type: string - priorityClassName: - description: PriorityClassName class assigned to the Pods - type: string - readinessGates: - description: ReadinessGates defines pod readiness gates - items: - description: PodReadinessGate contains the reference to a pod - condition - properties: - conditionType: - description: ConditionType refers to a condition in the - pod's condition list with matching type. - type: string - required: - - conditionType - type: object - type: array - readinessProbe: - description: ReadinessProbe that will be added CRD pod - type: object - x-kubernetes-preserve-unknown-fields: true - replicaCount: - description: ReplicaCount is the expected size of the Application. - format: int32 - type: integer - resources: - description: |- - Resources container resource request and limits, https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ - if not defined default resources from operator config will be used - properties: - claims: - description: |- - Claims lists the names of resources, defined in spec.resourceClaims, - that are used by this container. - - This is an alpha field and requires enabling the - DynamicResourceAllocation feature gate. - - This field is immutable. It can only be set for containers. - items: - description: ResourceClaim references one entry in PodSpec.ResourceClaims. - properties: - name: - description: |- - Name must match the name of one entry in pod.spec.resourceClaims of - the Pod where this field is used. It makes that resource available - inside a container. - type: string - request: - description: |- - Request is the name chosen for a request in the referenced claim. - If empty, everything from the claim is made available, otherwise - only the result of this request. - type: string - required: - - name - type: object - type: array - x-kubernetes-list-map-keys: - - name - x-kubernetes-list-type: map - limits: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - description: |- - Limits describes the maximum amount of compute resources allowed. - More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ - type: object - requests: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - description: |- - Requests describes the minimum amount of compute resources required. - If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, - otherwise to an implementation-defined value. Requests cannot exceed Limits. - More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ - type: object - type: object - revisionHistoryLimitCount: - description: |- - The number of old ReplicaSets to retain to allow rollback in deployment or - maximum number of revisions that will be maintained in the Deployment revision history. - Has no effect at StatefulSets - Defaults to 10. - format: int32 - type: integer - rollingUpdate: - description: RollingUpdate - overrides deployment update params. - properties: - maxSurge: - anyOf: - - type: integer - - type: string - description: |- - The maximum number of pods that can be scheduled above the desired number of - pods. - Value can be an absolute number (ex: 5) or a percentage of desired pods (ex: 10%). - This can not be 0 if MaxUnavailable is 0. - Absolute number is calculated from percentage by rounding up. - Defaults to 25%. - Example: when this is set to 30%, the new ReplicaSet can be scaled up immediately when - the rolling update starts, such that the total number of old and new pods do not exceed - 130% of desired pods. Once old pods have been killed, - new ReplicaSet can be scaled up further, ensuring that total number of pods running - at any time during the update is at most 130% of desired pods. - x-kubernetes-int-or-string: true - maxUnavailable: - anyOf: - - type: integer - - type: string - description: |- - The maximum number of pods that can be unavailable during the update. - Value can be an absolute number (ex: 5) or a percentage of desired pods (ex: 10%). - Absolute number is calculated from percentage by rounding down. - This can not be 0 if MaxSurge is 0. - Defaults to 25%. - Example: when this is set to 30%, the old ReplicaSet can be scaled down to 70% of desired pods - immediately when the rolling update starts. Once new pods are ready, old ReplicaSet - can be scaled down further, followed by scaling up the new ReplicaSet, ensuring - that the total number of pods available at all times during the update is at - least 70% of desired pods. - x-kubernetes-int-or-string: true - type: object - runtimeClassName: - description: |- - RuntimeClassName - defines runtime class for kubernetes pod. - https://kubernetes.io/docs/concepts/containers/runtime-class/ - type: string - schedulerName: - description: SchedulerName - defines kubernetes scheduler name - type: string - secrets: - description: |- - Secrets is a list of Secrets in the same namespace as the Application - object, which shall be mounted into the Application container - at /etc/vm/secrets/SECRET_NAME folder - items: - type: string - type: array - securityContext: - description: |- - SecurityContext holds pod-level security attributes and common container settings. - This defaults to the default PodSecurityContext. - type: object - x-kubernetes-preserve-unknown-fields: true - serviceScrapeSpec: - description: ServiceScrapeSpec that will be added to vlselect - VMServiceScrape spec - required: - - endpoints - type: object - x-kubernetes-preserve-unknown-fields: true - serviceSpec: - description: ServiceSpec that will be added to vlselect service - spec - properties: - metadata: - description: EmbeddedObjectMetadata defines objectMeta for - additional service. - properties: - annotations: - additionalProperties: - type: string - description: |- - Annotations is an unstructured key value map stored with a resource that may be - set by external tools to store and retrieve arbitrary metadata. They are not - queryable and should be preserved when modifying objects. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations - type: object - labels: - additionalProperties: - type: string - description: |- - Labels Map of string keys and values that can be used to organize and categorize - (scope and select) objects. May match selectors of replication controllers - and services. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels - type: object - name: - description: |- - Name must be unique within a namespace. Is required when creating resources, although - some resources may allow a client to request the generation of an appropriate name - automatically. Name is primarily intended for creation idempotence and configuration - definition. - Cannot be updated. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names#names - type: string - type: object - spec: - description: |- - ServiceSpec describes the attributes that a user creates on a service. - More info: https://kubernetes.io/docs/concepts/services-networking/service/ - type: object - x-kubernetes-preserve-unknown-fields: true - useAsDefault: - description: |- - UseAsDefault applies changes from given service definition to the main object Service - Changing from headless service to clusterIP or loadbalancer may break cross-component communication - type: boolean - required: - - spec - type: object - startupProbe: - description: StartupProbe that will be added to CRD pod - type: object - x-kubernetes-preserve-unknown-fields: true - terminationGracePeriodSeconds: - description: TerminationGracePeriodSeconds period for container - graceful termination - format: int64 - type: integer - tolerations: - description: Tolerations If specified, the pod's tolerations. - items: - description: |- - The pod this Toleration is attached to tolerates any taint that matches - the triple using the matching operator . - properties: - effect: - description: |- - Effect indicates the taint effect to match. Empty means match all taint effects. - When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute. - type: string - key: - description: |- - Key is the taint key that the toleration applies to. Empty means match all taint keys. - If the key is empty, operator must be Exists; this combination means to match all values and all keys. - type: string - operator: - description: |- - Operator represents a key's relationship to the value. - Valid operators are Exists and Equal. Defaults to Equal. - Exists is equivalent to wildcard for value, so that a pod can - tolerate all taints of a particular category. - type: string - tolerationSeconds: - description: |- - TolerationSeconds represents the period of time the toleration (which must be - of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, - it is not set, which means tolerate the taint forever (do not evict). Zero and - negative values will be treated as 0 (evict immediately) by the system. - format: int64 - type: integer - value: - description: |- - Value is the taint value the toleration matches to. - If the operator is Exists, the value should be empty, otherwise just a regular string. - type: string - type: object - type: array - topologySpreadConstraints: - description: |- - TopologySpreadConstraints embedded kubernetes pod configuration option, - controls how pods are spread across your cluster among failure-domains - such as regions, zones, nodes, and other user-defined topology domains - https://kubernetes.io/docs/concepts/workloads/pods/pod-topology-spread-constraints/ - items: - description: TopologySpreadConstraint specifies how to spread - matching pods among the given topology. - required: - - maxSkew - - topologyKey - - whenUnsatisfiable - type: object - x-kubernetes-preserve-unknown-fields: true - type: array - updateStrategy: - description: UpdateStrategy - overrides default update strategy. - enum: - - Recreate - - RollingUpdate - type: string - useDefaultResources: - description: |- - UseDefaultResources controls resource settings - By default, operator sets built-in resource requirements - type: boolean - useStrictSecurity: - description: |- - UseStrictSecurity enables strict security mode for component - it restricts disk writes access - uses non-root user out of the box - drops not needed security permissions - type: boolean - volumeMounts: - description: |- - VolumeMounts allows configuration of additional VolumeMounts on the output Deployment/StatefulSet definition. - VolumeMounts specified will be appended to other VolumeMounts in the Application container - items: - description: VolumeMount describes a mounting of a Volume within - a container. - properties: - mountPath: - description: |- - Path within the container at which the volume should be mounted. Must - not contain ':'. - type: string - mountPropagation: - description: |- - mountPropagation determines how mounts are propagated from the host - to container and the other way around. - When not set, MountPropagationNone is used. - This field is beta in 1.10. - When RecursiveReadOnly is set to IfPossible or to Enabled, MountPropagation must be None or unspecified - (which defaults to None). - type: string - name: - description: This must match the Name of a Volume. - type: string - readOnly: - description: |- - Mounted read-only if true, read-write otherwise (false or unspecified). - Defaults to false. - type: boolean - recursiveReadOnly: - description: |- - RecursiveReadOnly specifies whether read-only mounts should be handled - recursively. - - If ReadOnly is false, this field has no meaning and must be unspecified. - - If ReadOnly is true, and this field is set to Disabled, the mount is not made - recursively read-only. If this field is set to IfPossible, the mount is made - recursively read-only, if it is supported by the container runtime. If this - field is set to Enabled, the mount is made recursively read-only if it is - supported by the container runtime, otherwise the pod will not be started and - an error will be generated to indicate the reason. - - If this field is set to IfPossible or Enabled, MountPropagation must be set to - None (or be unspecified, which defaults to None). - - If this field is not specified, it is treated as an equivalent of Disabled. - type: string - subPath: - description: |- - Path within the volume from which the container's volume should be mounted. - Defaults to "" (volume's root). - type: string - subPathExpr: - description: |- - Expanded path within the volume from which the container's volume should be mounted. - Behaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment. - Defaults to "" (volume's root). - SubPathExpr and SubPath are mutually exclusive. - type: string - required: - - mountPath - - name - type: object - type: array - volumes: - description: |- - Volumes allows configuration of additional volumes on the output Deployment/StatefulSet definition. - Volumes specified will be appended to other volumes that are generated. - / +optional - items: - description: Volume represents a named volume in a pod that - may be accessed by any container in the pod. - required: - - name - type: object - x-kubernetes-preserve-unknown-fields: true - type: array - type: object - vlstorage: - description: VLStorage defines vlstorage component configuration at - victoria-logs cluster - properties: - affinity: - description: Affinity If specified, the pod's scheduling constraints. - type: object - x-kubernetes-preserve-unknown-fields: true - claimTemplates: - description: ClaimTemplates allows adding additional VolumeClaimTemplates - for StatefulSet - items: - description: PersistentVolumeClaim is a user's request for and - claim to a persistent volume - type: object - x-kubernetes-preserve-unknown-fields: true - type: array - configMaps: - description: |- - ConfigMaps is a list of ConfigMaps in the same namespace as the Application - object, which shall be mounted into the Application container - at /etc/vm/configs/CONFIGMAP_NAME folder - items: - type: string - type: array - containers: - description: |- - Containers property allows to inject additions sidecars or to patch existing containers. - It can be useful for proxies, backup, etc. - items: - description: A single application container that you want to - run within a pod. - required: - - name - type: object - x-kubernetes-preserve-unknown-fields: true - type: array - disableAutomountServiceAccountToken: - description: |- - DisableAutomountServiceAccountToken whether to disable serviceAccount auto mount by Kubernetes (available from v0.54.0). - Operator will conditionally create volumes and volumeMounts for containers if it requires k8s API access. - For example, vmagent and vm-config-reloader requires k8s API access. - Operator creates volumes with name: "kube-api-access", which can be used as volumeMount for extraContainers if needed. - And also adds VolumeMounts at /var/run/secrets/kubernetes.io/serviceaccount. - type: boolean - disableSelfServiceScrape: - description: |- - DisableSelfServiceScrape controls creation of VMServiceScrape by operator - for the application. - Has priority over `VM_DISABLESELFSERVICESCRAPECREATION` operator env variable - type: boolean - dnsConfig: - description: |- - Specifies the DNS parameters of a pod. - Parameters specified here will be merged to the generated DNS - configuration based on DNSPolicy. - items: - x-kubernetes-preserve-unknown-fields: true - properties: - nameservers: - description: |- - A list of DNS name server IP addresses. - This will be appended to the base nameservers generated from DNSPolicy. - Duplicated nameservers will be removed. - items: - type: string - type: array - x-kubernetes-list-type: atomic - options: - description: |- - A list of DNS resolver options. - This will be merged with the base options generated from DNSPolicy. - Duplicated entries will be removed. Resolution options given in Options - will override those that appear in the base DNSPolicy. - items: - description: PodDNSConfigOption defines DNS resolver options - of a pod. - properties: - name: - description: |- - Name is this DNS resolver option's name. - Required. - type: string - value: - description: Value is this DNS resolver option's value. - type: string - type: object - type: array - x-kubernetes-list-type: atomic - searches: - description: |- - A list of DNS search domains for host-name lookup. - This will be appended to the base search paths generated from DNSPolicy. - Duplicated search paths will be removed. - items: - type: string - type: array - x-kubernetes-list-type: atomic - type: object - dnsPolicy: - description: DNSPolicy sets DNS policy for the pod - type: string - extraArgs: - additionalProperties: - type: string - description: |- - ExtraArgs that will be passed to the application container - for example remoteWrite.tmpDataPath: /tmp - type: object - extraEnvs: - description: ExtraEnvs that will be passed to the application - container - items: - description: EnvVar represents an environment variable present - in a Container. - properties: - name: - description: Name of the environment variable. Must be a - C_IDENTIFIER. - type: string - value: - description: |- - Variable references $(VAR_NAME) are expanded - using the previously defined environment variables in the container and - any service environment variables. If a variable cannot be resolved, - the reference in the input string will be unchanged. Double $$ are reduced - to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. - "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". - Escaped references will never be expanded, regardless of whether the variable - exists or not. - Defaults to "". - type: string - required: - - name - type: object - x-kubernetes-preserve-unknown-fields: true - type: array - extraEnvsFrom: - description: |- - ExtraEnvsFrom defines source of env variables for the application container - could either be secret or configmap - items: - description: EnvFromSource represents the source of a set of - ConfigMaps - properties: - configMapRef: - description: The ConfigMap to select from - properties: - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the ConfigMap must be defined - type: boolean - type: object - x-kubernetes-map-type: atomic - prefix: - description: An optional identifier to prepend to each key - in the ConfigMap. Must be a C_IDENTIFIER. - type: string - secretRef: - description: The Secret to select from - properties: - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the Secret must be defined - type: boolean - type: object - x-kubernetes-map-type: atomic - type: object - type: array - futureRetention: - description: |- - FutureRetention for the stored logs - Log entries with timestamps bigger than now+futureRetention are rejected during data ingestion; see https://docs.victoriametrics.com/victorialogs/#retention - pattern: ^[0-9]+(h|d|w|y)?$ - type: string - host_aliases: - description: |- - HostAliasesUnderScore provides mapping for ip and hostname, - that would be propagated to pod, - cannot be used with HostNetwork. - Has Priority over hostAliases field - items: - description: |- - HostAlias holds the mapping between IP and hostnames that will be injected as an entry in the - pod's hosts file. - properties: - hostnames: - description: Hostnames for the above IP address. - items: - type: string - type: array - x-kubernetes-list-type: atomic - ip: - description: IP address of the host file entry. - type: string - required: - - ip - type: object - type: array - hostAliases: - description: |- - HostAliases provides mapping for ip and hostname, - that would be propagated to pod, - cannot be used with HostNetwork. - items: - description: |- - HostAlias holds the mapping between IP and hostnames that will be injected as an entry in the - pod's hosts file. - properties: - hostnames: - description: Hostnames for the above IP address. - items: - type: string - type: array - x-kubernetes-list-type: atomic - ip: - description: IP address of the host file entry. - type: string - required: - - ip - type: object - type: array - hostNetwork: - description: HostNetwork controls whether the pod may use the - node network namespace - type: boolean - image: - description: |- - Image - docker image settings - if no specified operator uses default version from operator config - properties: - pullPolicy: - description: PullPolicy describes how to pull docker image - type: string - repository: - description: Repository contains name of docker image + it's - repository if needed - type: string - tag: - description: Tag contains desired docker image version - type: string - type: object - imagePullSecrets: - description: |- - ImagePullSecrets An optional list of references to secrets in the same namespace - to use for pulling images from registries - see https://kubernetes.io/docs/concepts/containers/images/#referring-to-an-imagepullsecrets-on-a-pod - items: - description: |- - LocalObjectReference contains enough information to let you locate the - referenced object inside the same namespace. - properties: - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - type: object - x-kubernetes-map-type: atomic - type: array - initContainers: - description: |- - InitContainers allows adding initContainers to the pod definition. - Any errors during the execution of an initContainer will lead to a restart of the Pod. - More info: https://kubernetes.io/docs/concepts/workloads/pods/init-containers/ - items: - description: A single application container that you want to - run within a pod. - required: - - name - type: object - x-kubernetes-preserve-unknown-fields: true - type: array - livenessProbe: - description: LivenessProbe that will be added CRD pod - type: object - x-kubernetes-preserve-unknown-fields: true - logFormat: - description: |- - LogFormat for VLStorage to be configured with. - default or json - enum: - - default - - json - type: string - logIngestedRows: - description: Whether to log all the ingested log entries; this - can be useful for debugging of data ingestion; see https://docs.victoriametrics.com/victorialogs/data-ingestion/ - type: boolean - logLevel: - description: LogLevel for VLStorage to be configured with. - enum: - - INFO - - WARN - - ERROR - - FATAL - - PANIC - type: string - logNewStreams: - description: LogNewStreams Whether to log creation of new streams; - this can be useful for debugging of high cardinality issues - with log streams; see https://docs.victoriametrics.com/victorialogs/keyconcepts/#stream-fields - type: boolean - maintenanceInsertNodeIDs: - description: |- - MaintenanceInsertNodeIDs - excludes given node ids from insert requests routing, must contain pod suffixes - for pod-0, id will be 0 and etc. - lets say, you have pod-0, pod-1, pod-2, pod-3. to exclude pod-0 and pod-3 from insert routing, define nodeIDs: [0,3]. - Useful at storage expanding, when you want to rebalance some data at cluster. - items: - format: int32 - type: integer - type: array - maintenanceSelectNodeIDs: - description: MaintenanceInsertNodeIDs - excludes given node ids - from select requests routing, must contain pod suffixes - for - pod-0, id will be 0 and etc. - items: - format: int32 - type: integer - type: array - minReadySeconds: - description: |- - MinReadySeconds defines a minimum number of seconds to wait before starting update next pod - if previous in healthy state - Has no effect for VLogs and VMSingle - format: int32 - type: integer - nodeSelector: - additionalProperties: - type: string - description: NodeSelector Define which Nodes the Pods are scheduled - on. - type: object - paused: - description: |- - Paused If set to true all actions on the underlying managed objects are not - going to be performed, except for delete actions. - type: boolean - persistentVolumeClaimRetentionPolicy: - description: PersistentVolumeClaimRetentionPolicy allows configuration - of PVC retention policy - properties: - whenDeleted: - description: |- - WhenDeleted specifies what happens to PVCs created from StatefulSet - VolumeClaimTemplates when the StatefulSet is deleted. The default policy - of `Retain` causes PVCs to not be affected by StatefulSet deletion. The - `Delete` policy causes those PVCs to be deleted. - type: string - whenScaled: - description: |- - WhenScaled specifies what happens to PVCs created from StatefulSet - VolumeClaimTemplates when the StatefulSet is scaled down. The default - policy of `Retain` causes PVCs to not be affected by a scaledown. The - `Delete` policy causes the associated PVCs for any excess pods above - the replica count to be deleted. - type: string - type: object - podDisruptionBudget: - description: PodDisruptionBudget created by operator - properties: - maxUnavailable: - anyOf: - - type: integer - - type: string - description: |- - An eviction is allowed if at most "maxUnavailable" pods selected by - "selector" are unavailable after the eviction, i.e. even in absence of - the evicted pod. For example, one can prevent all voluntary evictions - by specifying 0. This is a mutually exclusive setting with "minAvailable". - x-kubernetes-int-or-string: true - minAvailable: - anyOf: - - type: integer - - type: string - description: |- - An eviction is allowed if at least "minAvailable" pods selected by - "selector" will still be available after the eviction, i.e. even in the - absence of the evicted pod. So for example you can prevent all voluntary - evictions by specifying "100%". - x-kubernetes-int-or-string: true - selectorLabels: - additionalProperties: - type: string - description: |- - replaces default labels selector generated by operator - it's useful when you need to create custom budget - type: object - type: object - podMetadata: - description: PodMetadata configures Labels and Annotations which - are propagated to the VLStorage pods. - properties: - annotations: - additionalProperties: - type: string - description: |- - Annotations is an unstructured key value map stored with a resource that may be - set by external tools to store and retrieve arbitrary metadata. They are not - queryable and should be preserved when modifying objects. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations - type: object - labels: - additionalProperties: - type: string - description: |- - Labels Map of string keys and values that can be used to organize and categorize - (scope and select) objects. May match selectors of replication controllers - and services. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels - type: object - name: - description: |- - Name must be unique within a namespace. Is required when creating resources, although - some resources may allow a client to request the generation of an appropriate name - automatically. Name is primarily intended for creation idempotence and configuration - definition. - Cannot be updated. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names#names - type: string - type: object - port: - description: Port listen address - type: string - priorityClassName: - description: PriorityClassName class assigned to the Pods - type: string - readinessGates: - description: ReadinessGates defines pod readiness gates - items: - description: PodReadinessGate contains the reference to a pod - condition - properties: - conditionType: - description: ConditionType refers to a condition in the - pod's condition list with matching type. - type: string - required: - - conditionType - type: object - type: array - readinessProbe: - description: ReadinessProbe that will be added CRD pod - type: object - x-kubernetes-preserve-unknown-fields: true - replicaCount: - description: ReplicaCount is the expected size of the Application. - format: int32 - type: integer - resources: - description: |- - Resources container resource request and limits, https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ - if not defined default resources from operator config will be used - properties: - claims: - description: |- - Claims lists the names of resources, defined in spec.resourceClaims, - that are used by this container. - - This is an alpha field and requires enabling the - DynamicResourceAllocation feature gate. - - This field is immutable. It can only be set for containers. - items: - description: ResourceClaim references one entry in PodSpec.ResourceClaims. - properties: - name: - description: |- - Name must match the name of one entry in pod.spec.resourceClaims of - the Pod where this field is used. It makes that resource available - inside a container. - type: string - request: - description: |- - Request is the name chosen for a request in the referenced claim. - If empty, everything from the claim is made available, otherwise - only the result of this request. - type: string - required: - - name - type: object - type: array - x-kubernetes-list-map-keys: - - name - x-kubernetes-list-type: map - limits: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - description: |- - Limits describes the maximum amount of compute resources allowed. - More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ - type: object - requests: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - description: |- - Requests describes the minimum amount of compute resources required. - If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, - otherwise to an implementation-defined value. Requests cannot exceed Limits. - More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ - type: object - type: object - retentionMaxDiskSpaceUsageBytes: - description: |- - RetentionMaxDiskSpaceUsageBytes for the stored logs - VictoriaLogs keeps at least two last days of data in order to guarantee that the logs for the last day can be returned in queries. - This means that the total disk space usage may exceed the -retention.maxDiskSpaceUsageBytes, - if the size of the last two days of data exceeds the -retention.maxDiskSpaceUsageBytes. - https://docs.victoriametrics.com/victorialogs/#retention-by-disk-space-usage - type: string - retentionPeriod: - description: |- - RetentionPeriod for the stored logs - https://docs.victoriametrics.com/victorialogs/#retention - pattern: ^[0-9]+(h|d|w|y)?$ - type: string - revisionHistoryLimitCount: - description: |- - The number of old ReplicaSets to retain to allow rollback in deployment or - maximum number of revisions that will be maintained in the Deployment revision history. - Has no effect at StatefulSets - Defaults to 10. - format: int32 - type: integer - rollingUpdateStrategy: - description: |- - RollingUpdateStrategy defines strategy for application updates - Default is OnDelete, in this case operator handles update process - Can be changed for RollingUpdate - type: string - rollingUpdateStrategyBehavior: - description: |- - RollingUpdateStrategyBehavior defines customized behavior for rolling updates. - It applies if the RollingUpdateStrategy is set to OnDelete, which is the default. - properties: - maxUnavailable: - anyOf: - - type: integer - - type: string - description: |- - MaxUnavailable defines the maximum number of pods that can be unavailable during the update. - It can be specified as an absolute number (e.g. 2) or a percentage of the total pods (e.g. "50%"). - For example, if set to 100%, all pods will be upgraded at once, minimizing downtime when needed. - x-kubernetes-int-or-string: true - type: object - runtimeClassName: - description: |- - RuntimeClassName - defines runtime class for kubernetes pod. - https://kubernetes.io/docs/concepts/containers/runtime-class/ - type: string - schedulerName: - description: SchedulerName - defines kubernetes scheduler name - type: string - secrets: - description: |- - Secrets is a list of Secrets in the same namespace as the Application - object, which shall be mounted into the Application container - at /etc/vm/secrets/SECRET_NAME folder - items: - type: string - type: array - securityContext: - description: |- - SecurityContext holds pod-level security attributes and common container settings. - This defaults to the default PodSecurityContext. - type: object - x-kubernetes-preserve-unknown-fields: true - serviceScrapeSpec: - description: ServiceScrapeSpec that will be added to vlselect - VMServiceScrape spec - required: - - endpoints - type: object - x-kubernetes-preserve-unknown-fields: true - serviceSpec: - description: ServiceSpec that will be added to vlselect service - spec - properties: - metadata: - description: EmbeddedObjectMetadata defines objectMeta for - additional service. - properties: - annotations: - additionalProperties: - type: string - description: |- - Annotations is an unstructured key value map stored with a resource that may be - set by external tools to store and retrieve arbitrary metadata. They are not - queryable and should be preserved when modifying objects. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations - type: object - labels: - additionalProperties: - type: string - description: |- - Labels Map of string keys and values that can be used to organize and categorize - (scope and select) objects. May match selectors of replication controllers - and services. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels - type: object - name: - description: |- - Name must be unique within a namespace. Is required when creating resources, although - some resources may allow a client to request the generation of an appropriate name - automatically. Name is primarily intended for creation idempotence and configuration - definition. - Cannot be updated. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names#names - type: string - type: object - spec: - description: |- - ServiceSpec describes the attributes that a user creates on a service. - More info: https://kubernetes.io/docs/concepts/services-networking/service/ - type: object - x-kubernetes-preserve-unknown-fields: true - useAsDefault: - description: |- - UseAsDefault applies changes from given service definition to the main object Service - Changing from headless service to clusterIP or loadbalancer may break cross-component communication - type: boolean - required: - - spec - type: object - startupProbe: - description: StartupProbe that will be added to CRD pod - type: object - x-kubernetes-preserve-unknown-fields: true - storage: - description: Storage configures persistent volume for VLStorage - properties: - disableMountSubPath: - description: |- - Deprecated: subPath usage will be disabled by default in a future release, this option will become unnecessary. - DisableMountSubPath allows to remove any subPath usage in volume mounts. - type: boolean - emptyDir: - description: |- - EmptyDirVolumeSource to be used by the Prometheus StatefulSets. If specified, used in place of any volumeClaimTemplate. More - info: https://kubernetes.io/docs/concepts/storage/volumes/#emptydir - properties: - medium: - description: |- - medium represents what type of storage medium should back this directory. - The default is "" which means to use the node's default medium. - Must be an empty string (default) or Memory. - More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir - type: string - sizeLimit: - anyOf: - - type: integer - - type: string - description: |- - sizeLimit is the total amount of local storage required for this EmptyDir volume. - The size limit is also applicable for memory medium. - The maximum usage on memory medium EmptyDir would be the minimum value between - the SizeLimit specified here and the sum of memory limits of all containers in a pod. - The default is nil which means that the limit is undefined. - More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - type: object - volumeClaimTemplate: - description: A PVC spec to be used by the StatefulSets/Deployments. - type: object - x-kubernetes-preserve-unknown-fields: true - type: object - storageDataPath: - description: StorageDataPath - path to storage data - type: string - terminationGracePeriodSeconds: - description: TerminationGracePeriodSeconds period for container - graceful termination - format: int64 - type: integer - tolerations: - description: Tolerations If specified, the pod's tolerations. - items: - description: |- - The pod this Toleration is attached to tolerates any taint that matches - the triple using the matching operator . - properties: - effect: - description: |- - Effect indicates the taint effect to match. Empty means match all taint effects. - When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute. - type: string - key: - description: |- - Key is the taint key that the toleration applies to. Empty means match all taint keys. - If the key is empty, operator must be Exists; this combination means to match all values and all keys. - type: string - operator: - description: |- - Operator represents a key's relationship to the value. - Valid operators are Exists and Equal. Defaults to Equal. - Exists is equivalent to wildcard for value, so that a pod can - tolerate all taints of a particular category. - type: string - tolerationSeconds: - description: |- - TolerationSeconds represents the period of time the toleration (which must be - of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, - it is not set, which means tolerate the taint forever (do not evict). Zero and - negative values will be treated as 0 (evict immediately) by the system. - format: int64 - type: integer - value: - description: |- - Value is the taint value the toleration matches to. - If the operator is Exists, the value should be empty, otherwise just a regular string. - type: string - type: object - type: array - topologySpreadConstraints: - description: |- - TopologySpreadConstraints embedded kubernetes pod configuration option, - controls how pods are spread across your cluster among failure-domains - such as regions, zones, nodes, and other user-defined topology domains - https://kubernetes.io/docs/concepts/workloads/pods/pod-topology-spread-constraints/ - items: - description: TopologySpreadConstraint specifies how to spread - matching pods among the given topology. - required: - - maxSkew - - topologyKey - - whenUnsatisfiable - type: object - x-kubernetes-preserve-unknown-fields: true - type: array - useDefaultResources: - description: |- - UseDefaultResources controls resource settings - By default, operator sets built-in resource requirements - type: boolean - useStrictSecurity: - description: |- - UseStrictSecurity enables strict security mode for component - it restricts disk writes access - uses non-root user out of the box - drops not needed security permissions - type: boolean - volumeMounts: - description: |- - VolumeMounts allows configuration of additional VolumeMounts on the output Deployment/StatefulSet definition. - VolumeMounts specified will be appended to other VolumeMounts in the Application container - items: - description: VolumeMount describes a mounting of a Volume within - a container. - properties: - mountPath: - description: |- - Path within the container at which the volume should be mounted. Must - not contain ':'. - type: string - mountPropagation: - description: |- - mountPropagation determines how mounts are propagated from the host - to container and the other way around. - When not set, MountPropagationNone is used. - This field is beta in 1.10. - When RecursiveReadOnly is set to IfPossible or to Enabled, MountPropagation must be None or unspecified - (which defaults to None). - type: string - name: - description: This must match the Name of a Volume. - type: string - readOnly: - description: |- - Mounted read-only if true, read-write otherwise (false or unspecified). - Defaults to false. - type: boolean - recursiveReadOnly: - description: |- - RecursiveReadOnly specifies whether read-only mounts should be handled - recursively. - - If ReadOnly is false, this field has no meaning and must be unspecified. - - If ReadOnly is true, and this field is set to Disabled, the mount is not made - recursively read-only. If this field is set to IfPossible, the mount is made - recursively read-only, if it is supported by the container runtime. If this - field is set to Enabled, the mount is made recursively read-only if it is - supported by the container runtime, otherwise the pod will not be started and - an error will be generated to indicate the reason. - - If this field is set to IfPossible or Enabled, MountPropagation must be set to - None (or be unspecified, which defaults to None). - - If this field is not specified, it is treated as an equivalent of Disabled. - type: string - subPath: - description: |- - Path within the volume from which the container's volume should be mounted. - Defaults to "" (volume's root). - type: string - subPathExpr: - description: |- - Expanded path within the volume from which the container's volume should be mounted. - Behaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment. - Defaults to "" (volume's root). - SubPathExpr and SubPath are mutually exclusive. - type: string - required: - - mountPath - - name - type: object - type: array - volumes: - description: |- - Volumes allows configuration of additional volumes on the output Deployment/StatefulSet definition. - Volumes specified will be appended to other volumes that are generated. - / +optional - items: - description: Volume represents a named volume in a pod that - may be accessed by any container in the pod. - required: - - name - type: object - x-kubernetes-preserve-unknown-fields: true - type: array - type: object type: object + x-kubernetes-preserve-unknown-fields: true status: description: VLClusterStatus defines the observed state of VLCluster properties: @@ -5165,1139 +485,27 @@ spec: type: object spec: description: VLSingleSpec defines the desired state of VLSingle + type: object + x-kubernetes-preserve-unknown-fields: true + status: + description: VLSingleStatus defines the observed state of VLSingle properties: - affinity: - description: Affinity If specified, the pod's scheduling constraints. - type: object - x-kubernetes-preserve-unknown-fields: true - configMaps: - description: |- - ConfigMaps is a list of ConfigMaps in the same namespace as the Application - object, which shall be mounted into the Application container - at /etc/vm/configs/CONFIGMAP_NAME folder - items: - type: string - type: array - containers: - description: |- - Containers property allows to inject additions sidecars or to patch existing containers. - It can be useful for proxies, backup, etc. - items: - description: A single application container that you want to run - within a pod. - required: - - name - type: object - x-kubernetes-preserve-unknown-fields: true - type: array - disableAutomountServiceAccountToken: - description: |- - DisableAutomountServiceAccountToken whether to disable serviceAccount auto mount by Kubernetes (available from v0.54.0). - Operator will conditionally create volumes and volumeMounts for containers if it requires k8s API access. - For example, vmagent and vm-config-reloader requires k8s API access. - Operator creates volumes with name: "kube-api-access", which can be used as volumeMount for extraContainers if needed. - And also adds VolumeMounts at /var/run/secrets/kubernetes.io/serviceaccount. - type: boolean - disableSelfServiceScrape: - description: |- - DisableSelfServiceScrape controls creation of VMServiceScrape by operator - for the application. - Has priority over `VM_DISABLESELFSERVICESCRAPECREATION` operator env variable - type: boolean - dnsConfig: - description: |- - Specifies the DNS parameters of a pod. - Parameters specified here will be merged to the generated DNS - configuration based on DNSPolicy. - items: - x-kubernetes-preserve-unknown-fields: true - properties: - nameservers: - description: |- - A list of DNS name server IP addresses. - This will be appended to the base nameservers generated from DNSPolicy. - Duplicated nameservers will be removed. - items: - type: string - type: array - x-kubernetes-list-type: atomic - options: - description: |- - A list of DNS resolver options. - This will be merged with the base options generated from DNSPolicy. - Duplicated entries will be removed. Resolution options given in Options - will override those that appear in the base DNSPolicy. - items: - description: PodDNSConfigOption defines DNS resolver options - of a pod. - properties: - name: - description: |- - Name is this DNS resolver option's name. - Required. - type: string - value: - description: Value is this DNS resolver option's value. - type: string - type: object - type: array - x-kubernetes-list-type: atomic - searches: - description: |- - A list of DNS search domains for host-name lookup. - This will be appended to the base search paths generated from DNSPolicy. - Duplicated search paths will be removed. - items: - type: string - type: array - x-kubernetes-list-type: atomic - type: object - dnsPolicy: - description: DNSPolicy sets DNS policy for the pod - type: string - extraArgs: - additionalProperties: - type: string - description: |- - ExtraArgs that will be passed to the application container - for example remoteWrite.tmpDataPath: /tmp - type: object - extraEnvs: - description: ExtraEnvs that will be passed to the application container + conditions: + description: 'Known .status.conditions.type are: "Available", "Progressing", + and "Degraded"' items: - description: EnvVar represents an environment variable present in - a Container. + description: Condition defines status condition of the resource properties: - name: - description: Name of the environment variable. Must be a C_IDENTIFIER. + lastTransitionTime: + description: lastTransitionTime is the last time the condition + transitioned from one status to another. + format: date-time type: string - value: + lastUpdateTime: description: |- - Variable references $(VAR_NAME) are expanded - using the previously defined environment variables in the container and - any service environment variables. If a variable cannot be resolved, - the reference in the input string will be unchanged. Double $$ are reduced - to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. - "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". - Escaped references will never be expanded, regardless of whether the variable - exists or not. - Defaults to "". - type: string - required: - - name - type: object - x-kubernetes-preserve-unknown-fields: true - type: array - extraEnvsFrom: - description: |- - ExtraEnvsFrom defines source of env variables for the application container - could either be secret or configmap - items: - description: EnvFromSource represents the source of a set of ConfigMaps - properties: - configMapRef: - description: The ConfigMap to select from - properties: - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the ConfigMap must be defined - type: boolean - type: object - x-kubernetes-map-type: atomic - prefix: - description: An optional identifier to prepend to each key in - the ConfigMap. Must be a C_IDENTIFIER. - type: string - secretRef: - description: The Secret to select from - properties: - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the Secret must be defined - type: boolean - type: object - x-kubernetes-map-type: atomic - type: object - type: array - futureRetention: - description: |- - FutureRetention for the stored logs - Log entries with timestamps bigger than now+futureRetention are rejected during data ingestion; see https://docs.victoriametrics.com/victorialogs/#retention - pattern: ^[0-9]+(h|d|y)?$ - type: string - host_aliases: - description: |- - HostAliasesUnderScore provides mapping for ip and hostname, - that would be propagated to pod, - cannot be used with HostNetwork. - Has Priority over hostAliases field - items: - description: |- - HostAlias holds the mapping between IP and hostnames that will be injected as an entry in the - pod's hosts file. - properties: - hostnames: - description: Hostnames for the above IP address. - items: - type: string - type: array - x-kubernetes-list-type: atomic - ip: - description: IP address of the host file entry. - type: string - required: - - ip - type: object - type: array - hostAliases: - description: |- - HostAliases provides mapping for ip and hostname, - that would be propagated to pod, - cannot be used with HostNetwork. - items: - description: |- - HostAlias holds the mapping between IP and hostnames that will be injected as an entry in the - pod's hosts file. - properties: - hostnames: - description: Hostnames for the above IP address. - items: - type: string - type: array - x-kubernetes-list-type: atomic - ip: - description: IP address of the host file entry. - type: string - required: - - ip - type: object - type: array - hostNetwork: - description: HostNetwork controls whether the pod may use the node - network namespace - type: boolean - image: - description: |- - Image - docker image settings - if no specified operator uses default version from operator config - properties: - pullPolicy: - description: PullPolicy describes how to pull docker image - type: string - repository: - description: Repository contains name of docker image + it's repository - if needed - type: string - tag: - description: Tag contains desired docker image version - type: string - type: object - imagePullSecrets: - description: |- - ImagePullSecrets An optional list of references to secrets in the same namespace - to use for pulling images from registries - see https://kubernetes.io/docs/concepts/containers/images/#referring-to-an-imagepullsecrets-on-a-pod - items: - description: |- - LocalObjectReference contains enough information to let you locate the - referenced object inside the same namespace. - properties: - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - type: object - x-kubernetes-map-type: atomic - type: array - initContainers: - description: |- - InitContainers allows adding initContainers to the pod definition. - Any errors during the execution of an initContainer will lead to a restart of the Pod. - More info: https://kubernetes.io/docs/concepts/workloads/pods/init-containers/ - items: - description: A single application container that you want to run - within a pod. - required: - - name - type: object - x-kubernetes-preserve-unknown-fields: true - type: array - livenessProbe: - description: LivenessProbe that will be added CRD pod - type: object - x-kubernetes-preserve-unknown-fields: true - logFormat: - description: LogFormat for VLSingle to be configured with. - enum: - - default - - json - type: string - logIngestedRows: - description: Whether to log all the ingested log entries; this can - be useful for debugging of data ingestion; see https://docs.victoriametrics.com/victorialogs/data-ingestion/ - type: boolean - logLevel: - description: LogLevel for VictoriaLogs to be configured with. - enum: - - INFO - - WARN - - ERROR - - FATAL - - PANIC - type: string - logNewStreams: - description: LogNewStreams Whether to log creation of new streams; - this can be useful for debugging of high cardinality issues with - log streams; see https://docs.victoriametrics.com/victorialogs/keyconcepts/#stream-fields - type: boolean - managedMetadata: - description: |- - ManagedMetadata defines metadata that will be added to the all objects - created by operator for the given CustomResource - properties: - annotations: - additionalProperties: - type: string - description: |- - Annotations is an unstructured key value map stored with a resource that may be - set by external tools to store and retrieve arbitrary metadata. They are not - queryable and should be preserved when modifying objects. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations - type: object - labels: - additionalProperties: - type: string - description: |- - Labels Map of string keys and values that can be used to organize and categorize - (scope and select) objects. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels - type: object - type: object - minReadySeconds: - description: |- - MinReadySeconds defines a minimum number of seconds to wait before starting update next pod - if previous in healthy state - Has no effect for VLogs and VMSingle - format: int32 - type: integer - nodeSelector: - additionalProperties: - type: string - description: NodeSelector Define which Nodes the Pods are scheduled - on. - type: object - paused: - description: |- - Paused If set to true all actions on the underlying managed objects are not - going to be performed, except for delete actions. - type: boolean - podMetadata: - description: PodMetadata configures Labels and Annotations which are - propagated to the VLSingle pods. - properties: - annotations: - additionalProperties: - type: string - description: |- - Annotations is an unstructured key value map stored with a resource that may be - set by external tools to store and retrieve arbitrary metadata. They are not - queryable and should be preserved when modifying objects. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations - type: object - labels: - additionalProperties: - type: string - description: |- - Labels Map of string keys and values that can be used to organize and categorize - (scope and select) objects. May match selectors of replication controllers - and services. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels - type: object - name: - description: |- - Name must be unique within a namespace. Is required when creating resources, although - some resources may allow a client to request the generation of an appropriate name - automatically. Name is primarily intended for creation idempotence and configuration - definition. - Cannot be updated. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names#names - type: string - type: object - port: - description: Port listen address - type: string - priorityClassName: - description: PriorityClassName class assigned to the Pods - type: string - readinessGates: - description: ReadinessGates defines pod readiness gates - items: - description: PodReadinessGate contains the reference to a pod condition - properties: - conditionType: - description: ConditionType refers to a condition in the pod's - condition list with matching type. - type: string - required: - - conditionType - type: object - type: array - readinessProbe: - description: ReadinessProbe that will be added CRD pod - type: object - x-kubernetes-preserve-unknown-fields: true - replicaCount: - description: ReplicaCount is the expected size of the Application. - format: int32 - type: integer - resources: - description: |- - Resources container resource request and limits, https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ - if not defined default resources from operator config will be used - properties: - claims: - description: |- - Claims lists the names of resources, defined in spec.resourceClaims, - that are used by this container. - - This is an alpha field and requires enabling the - DynamicResourceAllocation feature gate. - - This field is immutable. It can only be set for containers. - items: - description: ResourceClaim references one entry in PodSpec.ResourceClaims. - properties: - name: - description: |- - Name must match the name of one entry in pod.spec.resourceClaims of - the Pod where this field is used. It makes that resource available - inside a container. - type: string - request: - description: |- - Request is the name chosen for a request in the referenced claim. - If empty, everything from the claim is made available, otherwise - only the result of this request. - type: string - required: - - name - type: object - type: array - x-kubernetes-list-map-keys: - - name - x-kubernetes-list-type: map - limits: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - description: |- - Limits describes the maximum amount of compute resources allowed. - More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ - type: object - requests: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - description: |- - Requests describes the minimum amount of compute resources required. - If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, - otherwise to an implementation-defined value. Requests cannot exceed Limits. - More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ - type: object - type: object - retentionMaxDiskSpaceUsageBytes: - description: |- - RetentionMaxDiskSpaceUsageBytes for the stored logs - VictoriaLogs keeps at least two last days of data in order to guarantee that the logs for the last day can be returned in queries. - This means that the total disk space usage may exceed the -retention.maxDiskSpaceUsageBytes, - if the size of the last two days of data exceeds the -retention.maxDiskSpaceUsageBytes. - https://docs.victoriametrics.com/victorialogs/#retention-by-disk-space-usage - type: string - retentionPeriod: - description: |- - RetentionPeriod for the stored logs - https://docs.victoriametrics.com/victorialogs/#retention - pattern: ^[0-9]+(h|d|w|y)?$ - type: string - revisionHistoryLimitCount: - description: |- - The number of old ReplicaSets to retain to allow rollback in deployment or - maximum number of revisions that will be maintained in the Deployment revision history. - Has no effect at StatefulSets - Defaults to 10. - format: int32 - type: integer - runtimeClassName: - description: |- - RuntimeClassName - defines runtime class for kubernetes pod. - https://kubernetes.io/docs/concepts/containers/runtime-class/ - type: string - schedulerName: - description: SchedulerName - defines kubernetes scheduler name - type: string - secrets: - description: |- - Secrets is a list of Secrets in the same namespace as the Application - object, which shall be mounted into the Application container - at /etc/vm/secrets/SECRET_NAME folder - items: - type: string - type: array - securityContext: - description: |- - SecurityContext holds pod-level security attributes and common container settings. - This defaults to the default PodSecurityContext. - type: object - x-kubernetes-preserve-unknown-fields: true - serviceAccountName: - description: ServiceAccountName is the name of the ServiceAccount - to use to run the pods - type: string - serviceScrapeSpec: - description: ServiceScrapeSpec that will be added to vlsingle VMServiceScrape - spec - required: - - endpoints - type: object - x-kubernetes-preserve-unknown-fields: true - serviceSpec: - description: ServiceSpec that will be added to vlsingle service spec - properties: - metadata: - description: EmbeddedObjectMetadata defines objectMeta for additional - service. - properties: - annotations: - additionalProperties: - type: string - description: |- - Annotations is an unstructured key value map stored with a resource that may be - set by external tools to store and retrieve arbitrary metadata. They are not - queryable and should be preserved when modifying objects. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations - type: object - labels: - additionalProperties: - type: string - description: |- - Labels Map of string keys and values that can be used to organize and categorize - (scope and select) objects. May match selectors of replication controllers - and services. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels - type: object - name: - description: |- - Name must be unique within a namespace. Is required when creating resources, although - some resources may allow a client to request the generation of an appropriate name - automatically. Name is primarily intended for creation idempotence and configuration - definition. - Cannot be updated. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names#names - type: string - type: object - spec: - description: |- - ServiceSpec describes the attributes that a user creates on a service. - More info: https://kubernetes.io/docs/concepts/services-networking/service/ - type: object - x-kubernetes-preserve-unknown-fields: true - useAsDefault: - description: |- - UseAsDefault applies changes from given service definition to the main object Service - Changing from headless service to clusterIP or loadbalancer may break cross-component communication - type: boolean - required: - - spec - type: object - startupProbe: - description: StartupProbe that will be added to CRD pod - type: object - x-kubernetes-preserve-unknown-fields: true - storage: - description: |- - Storage is the definition of how storage will be used by the VLSingle - by default it`s empty dir - properties: - accessModes: - description: |- - accessModes contains the desired access modes the volume should have. - More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1 - items: - type: string - type: array - x-kubernetes-list-type: atomic - dataSource: - description: |- - dataSource field can be used to specify either: - * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot) - * An existing PVC (PersistentVolumeClaim) - If the provisioner or an external controller can support the specified data source, - it will create a new volume based on the contents of the specified data source. - When the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef, - and dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified. - If the namespace is specified, then dataSourceRef will not be copied to dataSource. - properties: - apiGroup: - description: |- - APIGroup is the group for the resource being referenced. - If APIGroup is not specified, the specified Kind must be in the core API group. - For any other third-party types, APIGroup is required. - type: string - kind: - description: Kind is the type of resource being referenced - type: string - name: - description: Name is the name of resource being referenced - type: string - required: - - kind - - name - type: object - x-kubernetes-map-type: atomic - dataSourceRef: - description: |- - dataSourceRef specifies the object from which to populate the volume with data, if a non-empty - volume is desired. This may be any object from a non-empty API group (non - core object) or a PersistentVolumeClaim object. - When this field is specified, volume binding will only succeed if the type of - the specified object matches some installed volume populator or dynamic - provisioner. - This field will replace the functionality of the dataSource field and as such - if both fields are non-empty, they must have the same value. For backwards - compatibility, when namespace isn't specified in dataSourceRef, - both fields (dataSource and dataSourceRef) will be set to the same - value automatically if one of them is empty and the other is non-empty. - When namespace is specified in dataSourceRef, - dataSource isn't set to the same value and must be empty. - There are three important differences between dataSource and dataSourceRef: - * While dataSource only allows two specific types of objects, dataSourceRef - allows any non-core object, as well as PersistentVolumeClaim objects. - * While dataSource ignores disallowed values (dropping them), dataSourceRef - preserves all values, and generates an error if a disallowed value is - specified. - * While dataSource only allows local objects, dataSourceRef allows objects - in any namespaces. - (Beta) Using this field requires the AnyVolumeDataSource feature gate to be enabled. - (Alpha) Using the namespace field of dataSourceRef requires the CrossNamespaceVolumeDataSource feature gate to be enabled. - properties: - apiGroup: - description: |- - APIGroup is the group for the resource being referenced. - If APIGroup is not specified, the specified Kind must be in the core API group. - For any other third-party types, APIGroup is required. - type: string - kind: - description: Kind is the type of resource being referenced - type: string - name: - description: Name is the name of resource being referenced - type: string - namespace: - description: |- - Namespace is the namespace of resource being referenced - Note that when a namespace is specified, a gateway.networking.k8s.io/ReferenceGrant object is required in the referent namespace to allow that namespace's owner to accept the reference. See the ReferenceGrant documentation for details. - (Alpha) This field requires the CrossNamespaceVolumeDataSource feature gate to be enabled. - type: string - required: - - kind - - name - type: object - resources: - description: |- - resources represents the minimum resources the volume should have. - If RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements - that are lower than previous value but must still be higher than capacity recorded in the - status field of the claim. - More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources - properties: - limits: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - description: |- - Limits describes the maximum amount of compute resources allowed. - More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ - type: object - requests: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - description: |- - Requests describes the minimum amount of compute resources required. - If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, - otherwise to an implementation-defined value. Requests cannot exceed Limits. - More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ - type: object - type: object - selector: - description: selector is a label query over volumes to consider - for binding. - properties: - matchExpressions: - description: matchExpressions is a list of label selector - requirements. The requirements are ANDed. - items: - description: |- - A label selector requirement is a selector that contains values, a key, and an operator that - relates the key and values. - properties: - key: - description: key is the label key that the selector - applies to. - type: string - operator: - description: |- - operator represents a key's relationship to a set of values. - Valid operators are In, NotIn, Exists and DoesNotExist. - type: string - values: - description: |- - values is an array of string values. If the operator is In or NotIn, - the values array must be non-empty. If the operator is Exists or DoesNotExist, - the values array must be empty. This array is replaced during a strategic - merge patch. - items: - type: string - type: array - x-kubernetes-list-type: atomic - required: - - key - - operator - type: object - type: array - x-kubernetes-list-type: atomic - matchLabels: - additionalProperties: - type: string - description: |- - matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels - map is equivalent to an element of matchExpressions, whose key field is "key", the - operator is "In", and the values array contains only "value". The requirements are ANDed. - type: object - type: object - x-kubernetes-map-type: atomic - storageClassName: - description: |- - storageClassName is the name of the StorageClass required by the claim. - More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1 - type: string - volumeAttributesClassName: - description: |- - volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim. - If specified, the CSI driver will create or update the volume with the attributes defined - in the corresponding VolumeAttributesClass. This has a different purpose than storageClassName, - it can be changed after the claim is created. An empty string value means that no VolumeAttributesClass - will be applied to the claim but it's not allowed to reset this field to empty string once it is set. - If unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass - will be set by the persistentvolume controller if it exists. - If the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be - set to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource - exists. - More info: https://kubernetes.io/docs/concepts/storage/volume-attributes-classes/ - (Beta) Using this field requires the VolumeAttributesClass feature gate to be enabled (off by default). - type: string - volumeMode: - description: |- - volumeMode defines what type of volume is required by the claim. - Value of Filesystem is implied when not included in claim spec. - type: string - volumeName: - description: volumeName is the binding reference to the PersistentVolume - backing this claim. - type: string - type: object - storageDataPath: - description: |- - StorageDataPath disables spec.storage option and overrides arg for victoria-logs binary --storageDataPath, - its users responsibility to mount proper device into given path. - type: string - storageMetadata: - description: StorageMeta defines annotations and labels attached to - PVC for given vlsingle CR - properties: - annotations: - additionalProperties: - type: string - description: |- - Annotations is an unstructured key value map stored with a resource that may be - set by external tools to store and retrieve arbitrary metadata. They are not - queryable and should be preserved when modifying objects. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations - type: object - labels: - additionalProperties: - type: string - description: |- - Labels Map of string keys and values that can be used to organize and categorize - (scope and select) objects. May match selectors of replication controllers - and services. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels - type: object - name: - description: |- - Name must be unique within a namespace. Is required when creating resources, although - some resources may allow a client to request the generation of an appropriate name - automatically. Name is primarily intended for creation idempotence and configuration - definition. - Cannot be updated. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names#names - type: string - type: object - syslogSpec: - description: SyslogSpec defines syslog listener configuration - properties: - tcpListeners: - description: TCPListeners defines syslog server TCP listener configuration - items: - description: SyslogTCPListener defines configuration for TCP - syslog server listen - properties: - compressMethod: - description: |- - CompressMethod for syslog messages - see https://docs.victoriametrics.com/victorialogs/data-ingestion/syslog/#compression - pattern: ^(none|zstd|gzip|deflate)$ - type: string - decolorizeFields: - description: |- - DecolorizeFields to remove ANSI color codes across logs - see https://docs.victoriametrics.com/victorialogs/data-ingestion/syslog/#decolorizing-fields - type: string - ignoreFields: - description: |- - IgnoreFields to ignore at logs - see https://docs.victoriametrics.com/victorialogs/data-ingestion/syslog/#dropping-fields - type: string - listenPort: - description: ListenPort defines listen port - format: int32 - type: integer - streamFields: - description: |- - StreamFields to use as log stream labels - see https://docs.victoriametrics.com/victorialogs/data-ingestion/syslog/#stream-fields - type: string - tenantID: - description: |- - TenantID for logs ingested in form of accountID:projectID - see https://docs.victoriametrics.com/victorialogs/data-ingestion/syslog/#multiple-configs - type: string - tlsConfig: - description: TLSServerConfig defines VictoriaMetrics TLS - configuration for the application's server - properties: - certFile: - description: |- - CertFile defines path to the pre-mounted file with certificate - mutually exclusive with CertSecret - type: string - certSecret: - description: |- - CertSecretRef defines reference for secret with certificate content under given key - mutually exclusive with CertFile - properties: - key: - description: The key of the secret to select from. Must - be a valid secret key. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the Secret or its key - must be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - keyFile: - description: |- - KeyFile defines path to the pre-mounted file with certificate key - mutually exclusive with KeySecretRef - type: string - keySecret: - description: |- - Key defines reference for secret with certificate key content under given key - mutually exclusive with KeyFile - properties: - key: - description: The key of the secret to select from. Must - be a valid secret key. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the Secret or its key - must be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - type: object - required: - - listenPort - type: object - type: array - udpListeners: - description: UDPListeners defines syslog server UDP listener configuration - items: - description: SyslogUDPListener defines configuration for UDP - syslog server listen - properties: - compressMethod: - description: |- - CompressMethod for syslog messages - see https://docs.victoriametrics.com/victorialogs/data-ingestion/syslog/#compression - pattern: ^(none|zstd|gzip|deflate)$ - type: string - decolorizeFields: - description: |- - DecolorizeFields to remove ANSI color codes across logs - see https://docs.victoriametrics.com/victorialogs/data-ingestion/syslog/#decolorizing-fields - type: string - ignoreFields: - description: |- - IgnoreFields to ignore at logs - see https://docs.victoriametrics.com/victorialogs/data-ingestion/syslog/#dropping-fields - type: string - listenPort: - description: ListenPort defines listen port - format: int32 - type: integer - streamFields: - description: |- - StreamFields to use as log stream labels - see https://docs.victoriametrics.com/victorialogs/data-ingestion/syslog/#stream-fields - type: string - tenantID: - description: |- - TenantID for logs ingested in form of accountID:projectID - see https://docs.victoriametrics.com/victorialogs/data-ingestion/syslog/#multiple-configs - type: string - required: - - listenPort - type: object - type: array - type: object - terminationGracePeriodSeconds: - description: TerminationGracePeriodSeconds period for container graceful - termination - format: int64 - type: integer - tolerations: - description: Tolerations If specified, the pod's tolerations. - items: - description: |- - The pod this Toleration is attached to tolerates any taint that matches - the triple using the matching operator . - properties: - effect: - description: |- - Effect indicates the taint effect to match. Empty means match all taint effects. - When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute. - type: string - key: - description: |- - Key is the taint key that the toleration applies to. Empty means match all taint keys. - If the key is empty, operator must be Exists; this combination means to match all values and all keys. - type: string - operator: - description: |- - Operator represents a key's relationship to the value. - Valid operators are Exists and Equal. Defaults to Equal. - Exists is equivalent to wildcard for value, so that a pod can - tolerate all taints of a particular category. - type: string - tolerationSeconds: - description: |- - TolerationSeconds represents the period of time the toleration (which must be - of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, - it is not set, which means tolerate the taint forever (do not evict). Zero and - negative values will be treated as 0 (evict immediately) by the system. - format: int64 - type: integer - value: - description: |- - Value is the taint value the toleration matches to. - If the operator is Exists, the value should be empty, otherwise just a regular string. - type: string - type: object - type: array - topologySpreadConstraints: - description: |- - TopologySpreadConstraints embedded kubernetes pod configuration option, - controls how pods are spread across your cluster among failure-domains - such as regions, zones, nodes, and other user-defined topology domains - https://kubernetes.io/docs/concepts/workloads/pods/pod-topology-spread-constraints/ - items: - description: TopologySpreadConstraint specifies how to spread matching - pods among the given topology. - required: - - maxSkew - - topologyKey - - whenUnsatisfiable - type: object - x-kubernetes-preserve-unknown-fields: true - type: array - useDefaultResources: - description: |- - UseDefaultResources controls resource settings - By default, operator sets built-in resource requirements - type: boolean - useStrictSecurity: - description: |- - UseStrictSecurity enables strict security mode for component - it restricts disk writes access - uses non-root user out of the box - drops not needed security permissions - type: boolean - volumeMounts: - description: |- - VolumeMounts allows configuration of additional VolumeMounts on the output Deployment/StatefulSet definition. - VolumeMounts specified will be appended to other VolumeMounts in the Application container - items: - description: VolumeMount describes a mounting of a Volume within - a container. - properties: - mountPath: - description: |- - Path within the container at which the volume should be mounted. Must - not contain ':'. - type: string - mountPropagation: - description: |- - mountPropagation determines how mounts are propagated from the host - to container and the other way around. - When not set, MountPropagationNone is used. - This field is beta in 1.10. - When RecursiveReadOnly is set to IfPossible or to Enabled, MountPropagation must be None or unspecified - (which defaults to None). - type: string - name: - description: This must match the Name of a Volume. - type: string - readOnly: - description: |- - Mounted read-only if true, read-write otherwise (false or unspecified). - Defaults to false. - type: boolean - recursiveReadOnly: - description: |- - RecursiveReadOnly specifies whether read-only mounts should be handled - recursively. - - If ReadOnly is false, this field has no meaning and must be unspecified. - - If ReadOnly is true, and this field is set to Disabled, the mount is not made - recursively read-only. If this field is set to IfPossible, the mount is made - recursively read-only, if it is supported by the container runtime. If this - field is set to Enabled, the mount is made recursively read-only if it is - supported by the container runtime, otherwise the pod will not be started and - an error will be generated to indicate the reason. - - If this field is set to IfPossible or Enabled, MountPropagation must be set to - None (or be unspecified, which defaults to None). - - If this field is not specified, it is treated as an equivalent of Disabled. - type: string - subPath: - description: |- - Path within the volume from which the container's volume should be mounted. - Defaults to "" (volume's root). - type: string - subPathExpr: - description: |- - Expanded path within the volume from which the container's volume should be mounted. - Behaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment. - Defaults to "" (volume's root). - SubPathExpr and SubPath are mutually exclusive. - type: string - required: - - mountPath - - name - type: object - type: array - volumes: - description: |- - Volumes allows configuration of additional volumes on the output Deployment/StatefulSet definition. - Volumes specified will be appended to other volumes that are generated. - / +optional - items: - description: Volume represents a named volume in a pod that may - be accessed by any container in the pod. - required: - - name - type: object - x-kubernetes-preserve-unknown-fields: true - type: array - type: object - status: - description: VLSingleStatus defines the observed state of VLSingle - properties: - conditions: - description: 'Known .status.conditions.type are: "Available", "Progressing", - and "Degraded"' - items: - description: Condition defines status condition of the resource - properties: - lastTransitionTime: - description: lastTransitionTime is the last time the condition - transitioned from one status to another. - format: date-time - type: string - lastUpdateTime: - description: |- - LastUpdateTime is the last time of given type update. - This value is used for status TTL update and removal - format: date-time + LastUpdateTime is the last time of given type update. + This value is used for status TTL update and removal + format: date-time type: string message: description: |- @@ -6421,4919 +629,71 @@ spec: type: object spec: description: VMAgentSpec defines the desired state of VMAgent + required: + - remoteWrite + type: object + x-kubernetes-preserve-unknown-fields: true + status: + description: VMAgentStatus defines the observed state of VMAgent properties: - aPIServerConfig: - description: |- - APIServerConfig allows specifying a host and auth methods to access apiserver. - If left empty, VMAgent is assumed to run inside of the cluster - and will discover API servers automatically and use the pod's CA certificate - and bearer token file at /var/run/secrets/kubernetes.io/serviceaccount/. - aPIServerConfig is deprecated use apiServerConfig instead - required: - - host - type: object - x-kubernetes-preserve-unknown-fields: true - additionalScrapeConfigs: - description: |- - AdditionalScrapeConfigs As scrape configs are appended, the user is responsible to make sure it - is valid. Note that using this feature may expose the possibility to - break upgrades of VMAgent. It is advised to review VMAgent release - notes to ensure that no incompatible scrape configs are going to break - VMAgent after the upgrade. - properties: - key: - description: The key of the secret to select from. Must be a - valid secret key. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the Secret or its key must be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - affinity: - description: Affinity If specified, the pod's scheduling constraints. - type: object - x-kubernetes-preserve-unknown-fields: true - apiServerConfig: - description: |- - APIServerConfig allows specifying a host and auth methods to access apiserver. - If left empty, VMAgent is assumed to run inside of the cluster - and will discover API servers automatically and use the pod's CA certificate - and bearer token file at /var/run/secrets/kubernetes.io/serviceaccount/. - properties: - authorization: - description: Authorization configures generic authorization params - properties: - credentials: - description: Reference to the secret with value for authorization - properties: - key: - description: The key of the secret to select from. Must - be a valid secret key. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the Secret or its key must - be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - credentialsFile: - description: File with value for authorization - type: string - type: - description: Type of authorization, default to bearer - type: string - type: object - basicAuth: - description: BasicAuth allow an endpoint to authenticate over - basic authentication - properties: - password: - description: |- - Password defines reference for secret with password value - The secret needs to be in the same namespace as scrape object - properties: - key: - description: The key of the secret to select from. Must - be a valid secret key. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the Secret or its key must - be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - password_file: - description: |- - PasswordFile defines path to password file at disk - must be pre-mounted - type: string - username: - description: |- - Username defines reference for secret with username value - The secret needs to be in the same namespace as scrape object - properties: - key: - description: The key of the secret to select from. Must - be a valid secret key. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the Secret or its key must - be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - type: object - bearerToken: - description: Bearer token for accessing apiserver. - type: string - bearerTokenFile: - description: File to read bearer token for accessing apiserver. - type: string - host: - description: |- - Host of apiserver. - A valid string consisting of a hostname or IP followed by an optional port number - type: string - tlsConfig: - description: TLSConfig Config to use for accessing apiserver. - properties: - ca: - description: Struct containing the CA cert to use for the - targets. - properties: - configMap: - description: ConfigMap containing data to use for the - targets. - properties: - key: - description: The key to select. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the ConfigMap or its - key must be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - secret: - description: Secret containing data to use for the targets. - properties: - key: - description: The key of the secret to select from. Must - be a valid secret key. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the Secret or its key - must be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - type: object - caFile: - description: Path to the CA cert in the container to use for - the targets. - type: string - cert: - description: Struct containing the client cert file for the - targets. - properties: - configMap: - description: ConfigMap containing data to use for the - targets. - properties: - key: - description: The key to select. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the ConfigMap or its - key must be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - secret: - description: Secret containing data to use for the targets. - properties: - key: - description: The key of the secret to select from. Must - be a valid secret key. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the Secret or its key - must be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - type: object - certFile: - description: Path to the client cert file in the container - for the targets. - type: string - insecureSkipVerify: - description: Disable target certificate validation. - type: boolean - keyFile: - description: Path to the client key file in the container - for the targets. - type: string - keySecret: - description: Secret containing the client key file for the - targets. - properties: - key: - description: The key of the secret to select from. Must - be a valid secret key. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the Secret or its key must - be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - serverName: - description: Used to verify the hostname for the targets. - type: string - type: object - required: - - host - type: object - arbitraryFSAccessThroughSMs: - description: |- - ArbitraryFSAccessThroughSMs configures whether configuration - based on EndpointAuth can access arbitrary files on the file system - of the VMAgent container e.g. bearer token files, basic auth, tls certs - properties: - deny: - type: boolean - type: object - claimTemplates: - description: ClaimTemplates allows adding additional VolumeClaimTemplates - for VMAgent in StatefulMode + conditions: + description: 'Known .status.conditions.type are: "Available", "Progressing", + and "Degraded"' items: - description: PersistentVolumeClaim is a user's request for and claim - to a persistent volume + description: Condition defines status condition of the resource properties: - apiVersion: - description: |- - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + lastTransitionTime: + description: lastTransitionTime is the last time the condition + transitioned from one status to another. + format: date-time type: string - kind: + lastUpdateTime: description: |- - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. - In CamelCase. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + LastUpdateTime is the last time of given type update. + This value is used for status TTL update and removal + format: date-time type: string - metadata: - description: |- - Standard object's metadata. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata - type: object - x-kubernetes-preserve-unknown-fields: true - spec: - description: |- - spec defines the desired characteristics of a volume requested by a pod author. - More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims - properties: - accessModes: - description: |- - accessModes contains the desired access modes the volume should have. - More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1 - items: - type: string - type: array - x-kubernetes-list-type: atomic - dataSource: - description: |- - dataSource field can be used to specify either: - * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot) - * An existing PVC (PersistentVolumeClaim) - If the provisioner or an external controller can support the specified data source, - it will create a new volume based on the contents of the specified data source. - When the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef, - and dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified. - If the namespace is specified, then dataSourceRef will not be copied to dataSource. - properties: - apiGroup: - description: |- - APIGroup is the group for the resource being referenced. - If APIGroup is not specified, the specified Kind must be in the core API group. - For any other third-party types, APIGroup is required. - type: string - kind: - description: Kind is the type of resource being referenced - type: string - name: - description: Name is the name of resource being referenced - type: string - required: - - kind - - name - type: object - x-kubernetes-map-type: atomic - dataSourceRef: - description: |- - dataSourceRef specifies the object from which to populate the volume with data, if a non-empty - volume is desired. This may be any object from a non-empty API group (non - core object) or a PersistentVolumeClaim object. - When this field is specified, volume binding will only succeed if the type of - the specified object matches some installed volume populator or dynamic - provisioner. - This field will replace the functionality of the dataSource field and as such - if both fields are non-empty, they must have the same value. For backwards - compatibility, when namespace isn't specified in dataSourceRef, - both fields (dataSource and dataSourceRef) will be set to the same - value automatically if one of them is empty and the other is non-empty. - When namespace is specified in dataSourceRef, - dataSource isn't set to the same value and must be empty. - There are three important differences between dataSource and dataSourceRef: - * While dataSource only allows two specific types of objects, dataSourceRef - allows any non-core object, as well as PersistentVolumeClaim objects. - * While dataSource ignores disallowed values (dropping them), dataSourceRef - preserves all values, and generates an error if a disallowed value is - specified. - * While dataSource only allows local objects, dataSourceRef allows objects - in any namespaces. - (Beta) Using this field requires the AnyVolumeDataSource feature gate to be enabled. - (Alpha) Using the namespace field of dataSourceRef requires the CrossNamespaceVolumeDataSource feature gate to be enabled. - properties: - apiGroup: - description: |- - APIGroup is the group for the resource being referenced. - If APIGroup is not specified, the specified Kind must be in the core API group. - For any other third-party types, APIGroup is required. - type: string - kind: - description: Kind is the type of resource being referenced - type: string - name: - description: Name is the name of resource being referenced - type: string - namespace: - description: |- - Namespace is the namespace of resource being referenced - Note that when a namespace is specified, a gateway.networking.k8s.io/ReferenceGrant object is required in the referent namespace to allow that namespace's owner to accept the reference. See the ReferenceGrant documentation for details. - (Alpha) This field requires the CrossNamespaceVolumeDataSource feature gate to be enabled. - type: string - required: - - kind - - name - type: object - resources: - description: |- - resources represents the minimum resources the volume should have. - If RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements - that are lower than previous value but must still be higher than capacity recorded in the - status field of the claim. - More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources - properties: - limits: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - description: |- - Limits describes the maximum amount of compute resources allowed. - More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ - type: object - requests: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - description: |- - Requests describes the minimum amount of compute resources required. - If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, - otherwise to an implementation-defined value. Requests cannot exceed Limits. - More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ - type: object - type: object - selector: - description: selector is a label query over volumes to consider - for binding. - properties: - matchExpressions: - description: matchExpressions is a list of label selector - requirements. The requirements are ANDed. - items: - description: |- - A label selector requirement is a selector that contains values, a key, and an operator that - relates the key and values. - properties: - key: - description: key is the label key that the selector - applies to. - type: string - operator: - description: |- - operator represents a key's relationship to a set of values. - Valid operators are In, NotIn, Exists and DoesNotExist. - type: string - values: - description: |- - values is an array of string values. If the operator is In or NotIn, - the values array must be non-empty. If the operator is Exists or DoesNotExist, - the values array must be empty. This array is replaced during a strategic - merge patch. - items: - type: string - type: array - x-kubernetes-list-type: atomic - required: - - key - - operator - type: object - type: array - x-kubernetes-list-type: atomic - matchLabels: - additionalProperties: - type: string - description: |- - matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels - map is equivalent to an element of matchExpressions, whose key field is "key", the - operator is "In", and the values array contains only "value". The requirements are ANDed. - type: object - type: object - x-kubernetes-map-type: atomic - storageClassName: - description: |- - storageClassName is the name of the StorageClass required by the claim. - More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1 - type: string - volumeAttributesClassName: - description: |- - volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim. - If specified, the CSI driver will create or update the volume with the attributes defined - in the corresponding VolumeAttributesClass. This has a different purpose than storageClassName, - it can be changed after the claim is created. An empty string value means that no VolumeAttributesClass - will be applied to the claim but it's not allowed to reset this field to empty string once it is set. - If unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass - will be set by the persistentvolume controller if it exists. - If the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be - set to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource - exists. - More info: https://kubernetes.io/docs/concepts/storage/volume-attributes-classes/ - (Beta) Using this field requires the VolumeAttributesClass feature gate to be enabled (off by default). - type: string - volumeMode: - description: |- - volumeMode defines what type of volume is required by the claim. - Value of Filesystem is implied when not included in claim spec. - type: string - volumeName: - description: volumeName is the binding reference to the - PersistentVolume backing this claim. - type: string - type: object - status: + message: description: |- - status represents the current information/status of a persistent volume claim. - Read-only. - More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims - properties: - accessModes: - description: |- - accessModes contains the actual access modes the volume backing the PVC has. - More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1 - items: - type: string - type: array - x-kubernetes-list-type: atomic - allocatedResourceStatuses: - additionalProperties: - description: |- - When a controller receives persistentvolume claim update with ClaimResourceStatus for a resource - that it does not recognizes, then it should ignore that update and let other controllers - handle it. - type: string - description: "allocatedResourceStatuses stores status of - resource being resized for the given PVC.\nKey names follow - standard Kubernetes label syntax. Valid values are either:\n\t* - Un-prefixed keys:\n\t\t- storage - the capacity of the - volume.\n\t* Custom resources must use implementation-defined - prefixed names such as \"example.com/my-custom-resource\"\nApart - from above values - keys that are unprefixed or have kubernetes.io - prefix are considered\nreserved and hence may not be used.\n\nClaimResourceStatus - can be in any of following states:\n\t- ControllerResizeInProgress:\n\t\tState - set when resize controller starts resizing the volume - in control-plane.\n\t- ControllerResizeFailed:\n\t\tState - set when resize has failed in resize controller with a - terminal error.\n\t- NodeResizePending:\n\t\tState set - when resize controller has finished resizing the volume - but further resizing of\n\t\tvolume is needed on the node.\n\t- - NodeResizeInProgress:\n\t\tState set when kubelet starts - resizing the volume.\n\t- NodeResizeFailed:\n\t\tState - set when resizing has failed in kubelet with a terminal - error. Transient errors don't set\n\t\tNodeResizeFailed.\nFor - example: if expanding a PVC for more capacity - this field - can be one of the following states:\n\t- pvc.status.allocatedResourceStatus['storage'] - = \"ControllerResizeInProgress\"\n - pvc.status.allocatedResourceStatus['storage'] - = \"ControllerResizeFailed\"\n - pvc.status.allocatedResourceStatus['storage'] - = \"NodeResizePending\"\n - pvc.status.allocatedResourceStatus['storage'] - = \"NodeResizeInProgress\"\n - pvc.status.allocatedResourceStatus['storage'] - = \"NodeResizeFailed\"\nWhen this field is not set, it - means that no resize operation is in progress for the - given PVC.\n\nA controller that receives PVC update with - previously unknown resourceName or ClaimResourceStatus\nshould - ignore the update for the purpose it was designed. For - example - a controller that\nonly is responsible for resizing - capacity of the volume, should ignore PVC updates that - change other valid\nresources associated with PVC.\n\nThis - is an alpha field and requires enabling RecoverVolumeExpansionFailure - feature." - type: object - x-kubernetes-map-type: granular - allocatedResources: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - description: "allocatedResources tracks the resources allocated - to a PVC including its capacity.\nKey names follow standard - Kubernetes label syntax. Valid values are either:\n\t* - Un-prefixed keys:\n\t\t- storage - the capacity of the - volume.\n\t* Custom resources must use implementation-defined - prefixed names such as \"example.com/my-custom-resource\"\nApart - from above values - keys that are unprefixed or have kubernetes.io - prefix are considered\nreserved and hence may not be used.\n\nCapacity - reported here may be larger than the actual capacity when - a volume expansion operation\nis requested.\nFor storage - quota, the larger value from allocatedResources and PVC.spec.resources - is used.\nIf allocatedResources is not set, PVC.spec.resources - alone is used for quota calculation.\nIf a volume expansion - capacity request is lowered, allocatedResources is only\nlowered - if there are no expansion operations in progress and if - the actual volume capacity\nis equal or lower than the - requested capacity.\n\nA controller that receives PVC - update with previously unknown resourceName\nshould ignore - the update for the purpose it was designed. For example - - a controller that\nonly is responsible for resizing - capacity of the volume, should ignore PVC updates that - change other valid\nresources associated with PVC.\n\nThis - is an alpha field and requires enabling RecoverVolumeExpansionFailure - feature." - type: object - capacity: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - description: capacity represents the actual resources of - the underlying volume. - type: object - conditions: - description: |- - conditions is the current Condition of persistent volume claim. If underlying persistent volume is being - resized then the Condition will be set to 'Resizing'. - items: - description: PersistentVolumeClaimCondition contains details - about state of pvc - properties: - lastProbeTime: - description: lastProbeTime is the time we probed the - condition. - format: date-time - type: string - lastTransitionTime: - description: lastTransitionTime is the time the condition - transitioned from one status to another. - format: date-time - type: string - message: - description: message is the human-readable message - indicating details about last transition. - type: string - reason: - description: |- - reason is a unique, this should be a short, machine understandable string that gives the reason - for condition's last transition. If it reports "Resizing" that means the underlying - persistent volume is being resized. - type: string - status: - description: |- - Status is the status of the condition. - Can be True, False, Unknown. - More info: https://kubernetes.io/docs/reference/kubernetes-api/config-and-storage-resources/persistent-volume-claim-v1/#:~:text=state%20of%20pvc-,conditions.status,-(string)%2C%20required - type: string - type: - description: |- - Type is the type of the condition. - More info: https://kubernetes.io/docs/reference/kubernetes-api/config-and-storage-resources/persistent-volume-claim-v1/#:~:text=set%20to%20%27ResizeStarted%27.-,PersistentVolumeClaimCondition,-contains%20details%20about - type: string - required: - - status - - type - type: object - type: array - x-kubernetes-list-map-keys: - - type - x-kubernetes-list-type: map - currentVolumeAttributesClassName: - description: |- - currentVolumeAttributesClassName is the current name of the VolumeAttributesClass the PVC is using. - When unset, there is no VolumeAttributeClass applied to this PersistentVolumeClaim - This is a beta field and requires enabling VolumeAttributesClass feature (off by default). - type: string - modifyVolumeStatus: - description: |- - ModifyVolumeStatus represents the status object of ControllerModifyVolume operation. - When this is unset, there is no ModifyVolume operation being attempted. - This is a beta field and requires enabling VolumeAttributesClass feature (off by default). - properties: - status: - description: "status is the status of the ControllerModifyVolume - operation. It can be in any of following states:\n - - Pending\n Pending indicates that the PersistentVolumeClaim - cannot be modified due to unmet requirements, such - as\n the specified VolumeAttributesClass not existing.\n - - InProgress\n InProgress indicates that the volume - is being modified.\n - Infeasible\n Infeasible indicates - that the request has been rejected as invalid by the - CSI driver. To\n\t resolve the error, a valid VolumeAttributesClass - needs to be specified.\nNote: New statuses can be - added in the future. Consumers should check for unknown - statuses and fail appropriately." - type: string - targetVolumeAttributesClassName: - description: targetVolumeAttributesClassName is the - name of the VolumeAttributesClass the PVC currently - being reconciled - type: string - required: - - status - type: object - phase: - description: phase represents the current phase of PersistentVolumeClaim. - type: string - type: object - type: object - type: array - configMaps: - description: |- - ConfigMaps is a list of ConfigMaps in the same namespace as the Application - object, which shall be mounted into the Application container - at /etc/vm/configs/CONFIGMAP_NAME folder - items: - type: string - type: array - configReloadAuthKeySecret: - description: |- - ConfigReloadAuthKeySecret defines optional secret reference authKey for /-/reload API requests. - Given secret reference will be added to the application and vm-config-reloader as volume - available since v0.57.0 version - properties: - key: - description: The key of the secret to select from. Must be a - valid secret key. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the Secret or its key must be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - configReloaderExtraArgs: - additionalProperties: - type: string - description: |- - ConfigReloaderExtraArgs that will be passed to VMAuths config-reloader container - for example resyncInterval: "30s" - type: object - configReloaderImageTag: - description: ConfigReloaderImageTag defines image:tag for config-reloader - container - type: string - configReloaderResources: - description: |- - ConfigReloaderResources config-reloader container resource request and limits, https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ - if not defined default resources from operator config will be used - properties: - claims: - description: |- - Claims lists the names of resources, defined in spec.resourceClaims, - that are used by this container. - - This is an alpha field and requires enabling the - DynamicResourceAllocation feature gate. - - This field is immutable. It can only be set for containers. - items: - description: ResourceClaim references one entry in PodSpec.ResourceClaims. - properties: - name: - description: |- - Name must match the name of one entry in pod.spec.resourceClaims of - the Pod where this field is used. It makes that resource available - inside a container. - type: string - request: - description: |- - Request is the name chosen for a request in the referenced claim. - If empty, everything from the claim is made available, otherwise - only the result of this request. - type: string - required: - - name - type: object - type: array - x-kubernetes-list-map-keys: - - name - x-kubernetes-list-type: map - limits: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - description: |- - Limits describes the maximum amount of compute resources allowed. - More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ - type: object - requests: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - description: |- - Requests describes the minimum amount of compute resources required. - If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, - otherwise to an implementation-defined value. Requests cannot exceed Limits. - More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ - type: object - type: object - containers: - description: |- - Containers property allows to inject additions sidecars or to patch existing containers. - It can be useful for proxies, backup, etc. - items: - description: A single application container that you want to run - within a pod. - required: - - name - type: object - x-kubernetes-preserve-unknown-fields: true - type: array - daemonSetMode: - description: |- - DaemonSetMode enables DaemonSet deployment mode instead of Deployment. - Supports only VMPodScrape - (available from v0.55.0). - Cannot be used with statefulMode - type: boolean - disableAutomountServiceAccountToken: - description: |- - DisableAutomountServiceAccountToken whether to disable serviceAccount auto mount by Kubernetes (available from v0.54.0). - Operator will conditionally create volumes and volumeMounts for containers if it requires k8s API access. - For example, vmagent and vm-config-reloader requires k8s API access. - Operator creates volumes with name: "kube-api-access", which can be used as volumeMount for extraContainers if needed. - And also adds VolumeMounts at /var/run/secrets/kubernetes.io/serviceaccount. - type: boolean - disableSelfServiceScrape: - description: |- - DisableSelfServiceScrape controls creation of VMServiceScrape by operator - for the application. - Has priority over `VM_DISABLESELFSERVICESCRAPECREATION` operator env variable - type: boolean - dnsConfig: - description: |- - Specifies the DNS parameters of a pod. - Parameters specified here will be merged to the generated DNS - configuration based on DNSPolicy. - items: - x-kubernetes-preserve-unknown-fields: true - properties: - nameservers: - description: |- - A list of DNS name server IP addresses. - This will be appended to the base nameservers generated from DNSPolicy. - Duplicated nameservers will be removed. - items: - type: string - type: array - x-kubernetes-list-type: atomic - options: - description: |- - A list of DNS resolver options. - This will be merged with the base options generated from DNSPolicy. - Duplicated entries will be removed. Resolution options given in Options - will override those that appear in the base DNSPolicy. - items: - description: PodDNSConfigOption defines DNS resolver options - of a pod. - properties: - name: - description: |- - Name is this DNS resolver option's name. - Required. - type: string - value: - description: Value is this DNS resolver option's value. - type: string - type: object - type: array - x-kubernetes-list-type: atomic - searches: - description: |- - A list of DNS search domains for host-name lookup. - This will be appended to the base search paths generated from DNSPolicy. - Duplicated search paths will be removed. - items: - type: string - type: array - x-kubernetes-list-type: atomic - type: object - dnsPolicy: - description: DNSPolicy sets DNS policy for the pod - type: string - enableKubernetesAPISelectors: - description: |- - EnableKubernetesAPISelectors instructs vmagent to use CRD scrape objects spec.selectors for - Kubernetes API list and watch requests. - https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#list-and-watch-filtering - It could be useful to reduce Kubernetes API server resource usage for serving less than 100 CRD scrape objects in total. - type: boolean - enforcedNamespaceLabel: - description: |- - EnforcedNamespaceLabel enforces adding a namespace label of origin for each alert - and metric that is user created. The label value will always be the namespace of the object that is - being created. - type: string - externalLabels: - additionalProperties: - type: string - description: |- - ExternalLabels The labels to add to any time series scraped by vmagent. - it doesn't affect metrics ingested directly by push API's - type: object - extraArgs: - additionalProperties: - type: string - description: |- - ExtraArgs that will be passed to the application container - for example remoteWrite.tmpDataPath: /tmp - type: object - extraEnvs: - description: ExtraEnvs that will be passed to the application container - items: - description: EnvVar represents an environment variable present in - a Container. - properties: - name: - description: Name of the environment variable. Must be a C_IDENTIFIER. + message is a human readable message indicating details about the transition. + This may be an empty string. + maxLength: 32768 type: string - value: + observedGeneration: description: |- - Variable references $(VAR_NAME) are expanded - using the previously defined environment variables in the container and - any service environment variables. If a variable cannot be resolved, - the reference in the input string will be unchanged. Double $$ are reduced - to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. - "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". - Escaped references will never be expanded, regardless of whether the variable - exists or not. - Defaults to "". - type: string - required: - - name - type: object - x-kubernetes-preserve-unknown-fields: true - type: array - extraEnvsFrom: - description: |- - ExtraEnvsFrom defines source of env variables for the application container - could either be secret or configmap - items: - description: EnvFromSource represents the source of a set of ConfigMaps - properties: - configMapRef: - description: The ConfigMap to select from - properties: - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the ConfigMap must be defined - type: boolean - type: object - x-kubernetes-map-type: atomic - prefix: - description: An optional identifier to prepend to each key in - the ConfigMap. Must be a C_IDENTIFIER. - type: string - secretRef: - description: The Secret to select from - properties: - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the Secret must be defined - type: boolean - type: object - x-kubernetes-map-type: atomic - type: object - type: array - globalScrapeMetricRelabelConfigs: - description: GlobalScrapeMetricRelabelConfigs is a global metric relabel - configuration, which is applied to each scrape job. - items: - description: |- - RelabelConfig allows dynamic rewriting of the label set - More info: https://docs.victoriametrics.com/victoriametrics/#relabeling - properties: - action: - description: Action to perform based on regex matching. Default - is 'replace' - type: string - if: - description: 'If represents metricsQL match expression (or list - of expressions): ''{__name__=~"foo_.*"}''' - x-kubernetes-preserve-unknown-fields: true - labels: - additionalProperties: - type: string - description: 'Labels is used together with Match for `action: - graphite`' - type: object - match: - description: 'Match is used together with Labels for `action: - graphite`' - type: string - modulus: - description: Modulus to take of the hash of the source label - values. + observedGeneration represents the .metadata.generation that the condition was set based upon. + For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date + with respect to the current state of the instance. format: int64 + minimum: 0 type: integer - regex: - description: |- - Regular expression against which the extracted value is matched. Default is '(.*)' - victoriaMetrics supports multiline regex joined with | - https://docs.victoriametrics.com/victoriametrics/vmagent/#relabeling-enhancements - x-kubernetes-preserve-unknown-fields: true - replacement: + reason: description: |- - Replacement value against which a regex replace is performed if the - regular expression matches. Regex capture groups are available. Default is '$1' - type: string - separator: - description: Separator placed between concatenated source label - values. default is ';'. + reason contains a programmatic identifier indicating the reason for the condition's last transition. + Producers of specific condition types may define expected values and meanings for this field, + and whether the values are considered a guaranteed API. + The value should be a CamelCase string. + This field may not be empty. + maxLength: 1024 + minLength: 1 type: string - source_labels: - description: |- - UnderScoreSourceLabels - additional form of source labels source_labels - for compatibility with original relabel config. - if set both sourceLabels and source_labels, sourceLabels has priority. - for details https://github.com/VictoriaMetrics/operator/issues/131 - items: - type: string - type: array - sourceLabels: - description: |- - The source labels select values from existing labels. Their content is concatenated - using the configured separator and matched against the configured regular expression - for the replace, keep, and drop actions. - items: - type: string - type: array - target_label: - description: |- - UnderScoreTargetLabel - additional form of target label - target_label - for compatibility with original relabel config. - if set both targetLabel and target_label, targetLabel has priority. - for details https://github.com/VictoriaMetrics/operator/issues/131 + status: + description: status of the condition, one of True, False, Unknown. + enum: + - "True" + - "False" + - Unknown type: string - targetLabel: - description: |- - Label to which the resulting value is written in a replace action. - It is mandatory for replace actions. Regex capture groups are available. + type: + description: Type of condition in CamelCase or in name.namespace.resource.victoriametrics.com/CamelCase. + maxLength: 316 type: string - type: object - type: array - globalScrapeRelabelConfigs: - description: GlobalScrapeRelabelConfigs is a global relabel configuration, - which is applied to each samples of each scrape job during service - discovery. - items: - description: |- - RelabelConfig allows dynamic rewriting of the label set - More info: https://docs.victoriametrics.com/victoriametrics/#relabeling - properties: - action: - description: Action to perform based on regex matching. Default - is 'replace' - type: string - if: - description: 'If represents metricsQL match expression (or list - of expressions): ''{__name__=~"foo_.*"}''' - x-kubernetes-preserve-unknown-fields: true - labels: - additionalProperties: - type: string - description: 'Labels is used together with Match for `action: - graphite`' - type: object - match: - description: 'Match is used together with Labels for `action: - graphite`' - type: string - modulus: - description: Modulus to take of the hash of the source label - values. - format: int64 - type: integer - regex: - description: |- - Regular expression against which the extracted value is matched. Default is '(.*)' - victoriaMetrics supports multiline regex joined with | - https://docs.victoriametrics.com/victoriametrics/vmagent/#relabeling-enhancements - x-kubernetes-preserve-unknown-fields: true - replacement: - description: |- - Replacement value against which a regex replace is performed if the - regular expression matches. Regex capture groups are available. Default is '$1' - type: string - separator: - description: Separator placed between concatenated source label - values. default is ';'. - type: string - source_labels: - description: |- - UnderScoreSourceLabels - additional form of source labels source_labels - for compatibility with original relabel config. - if set both sourceLabels and source_labels, sourceLabels has priority. - for details https://github.com/VictoriaMetrics/operator/issues/131 - items: - type: string - type: array - sourceLabels: - description: |- - The source labels select values from existing labels. Their content is concatenated - using the configured separator and matched against the configured regular expression - for the replace, keep, and drop actions. - items: - type: string - type: array - target_label: - description: |- - UnderScoreTargetLabel - additional form of target label - target_label - for compatibility with original relabel config. - if set both targetLabel and target_label, targetLabel has priority. - for details https://github.com/VictoriaMetrics/operator/issues/131 - type: string - targetLabel: - description: |- - Label to which the resulting value is written in a replace action. - It is mandatory for replace actions. Regex capture groups are available. - type: string - type: object - type: array - host_aliases: - description: |- - HostAliasesUnderScore provides mapping for ip and hostname, - that would be propagated to pod, - cannot be used with HostNetwork. - Has Priority over hostAliases field - items: - description: |- - HostAlias holds the mapping between IP and hostnames that will be injected as an entry in the - pod's hosts file. - properties: - hostnames: - description: Hostnames for the above IP address. - items: - type: string - type: array - x-kubernetes-list-type: atomic - ip: - description: IP address of the host file entry. - type: string - required: - - ip - type: object - type: array - hostAliases: - description: |- - HostAliases provides mapping for ip and hostname, - that would be propagated to pod, - cannot be used with HostNetwork. - items: - description: |- - HostAlias holds the mapping between IP and hostnames that will be injected as an entry in the - pod's hosts file. - properties: - hostnames: - description: Hostnames for the above IP address. - items: - type: string - type: array - x-kubernetes-list-type: atomic - ip: - description: IP address of the host file entry. - type: string - required: - - ip - type: object - type: array - hostNetwork: - description: HostNetwork controls whether the pod may use the node - network namespace - type: boolean - ignoreNamespaceSelectors: - description: |- - IgnoreNamespaceSelectors if set to true will ignore NamespaceSelector settings from - scrape objects, and they will only discover endpoints - within their current namespace. Defaults to false. - type: boolean - image: - description: |- - Image - docker image settings - if no specified operator uses default version from operator config - properties: - pullPolicy: - description: PullPolicy describes how to pull docker image - type: string - repository: - description: Repository contains name of docker image + it's repository - if needed - type: string - tag: - description: Tag contains desired docker image version - type: string - type: object - imagePullSecrets: - description: |- - ImagePullSecrets An optional list of references to secrets in the same namespace - to use for pulling images from registries - see https://kubernetes.io/docs/concepts/containers/images/#referring-to-an-imagepullsecrets-on-a-pod - items: - description: |- - LocalObjectReference contains enough information to let you locate the - referenced object inside the same namespace. - properties: - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - type: object - x-kubernetes-map-type: atomic - type: array - ingestOnlyMode: - description: |- - IngestOnlyMode switches vmagent into unmanaged mode - it disables any config generation for scraping - Currently it prevents vmagent from managing tls and auth options for remote write - type: boolean - initContainers: - description: |- - InitContainers allows adding initContainers to the pod definition. - Any errors during the execution of an initContainer will lead to a restart of the Pod. - More info: https://kubernetes.io/docs/concepts/workloads/pods/init-containers/ - items: - description: A single application container that you want to run - within a pod. - required: - - name - type: object - x-kubernetes-preserve-unknown-fields: true - type: array - inlineRelabelConfig: - description: InlineRelabelConfig - defines GlobalRelabelConfig for - vmagent, can be defined directly at CRD. - items: - description: |- - RelabelConfig allows dynamic rewriting of the label set - More info: https://docs.victoriametrics.com/victoriametrics/#relabeling - properties: - action: - description: Action to perform based on regex matching. Default - is 'replace' - type: string - if: - description: 'If represents metricsQL match expression (or list - of expressions): ''{__name__=~"foo_.*"}''' - x-kubernetes-preserve-unknown-fields: true - labels: - additionalProperties: - type: string - description: 'Labels is used together with Match for `action: - graphite`' - type: object - match: - description: 'Match is used together with Labels for `action: - graphite`' - type: string - modulus: - description: Modulus to take of the hash of the source label - values. - format: int64 - type: integer - regex: - description: |- - Regular expression against which the extracted value is matched. Default is '(.*)' - victoriaMetrics supports multiline regex joined with | - https://docs.victoriametrics.com/victoriametrics/vmagent/#relabeling-enhancements - x-kubernetes-preserve-unknown-fields: true - replacement: - description: |- - Replacement value against which a regex replace is performed if the - regular expression matches. Regex capture groups are available. Default is '$1' - type: string - separator: - description: Separator placed between concatenated source label - values. default is ';'. - type: string - source_labels: - description: |- - UnderScoreSourceLabels - additional form of source labels source_labels - for compatibility with original relabel config. - if set both sourceLabels and source_labels, sourceLabels has priority. - for details https://github.com/VictoriaMetrics/operator/issues/131 - items: - type: string - type: array - sourceLabels: - description: |- - The source labels select values from existing labels. Their content is concatenated - using the configured separator and matched against the configured regular expression - for the replace, keep, and drop actions. - items: - type: string - type: array - target_label: - description: |- - UnderScoreTargetLabel - additional form of target label - target_label - for compatibility with original relabel config. - if set both targetLabel and target_label, targetLabel has priority. - for details https://github.com/VictoriaMetrics/operator/issues/131 - type: string - targetLabel: - description: |- - Label to which the resulting value is written in a replace action. - It is mandatory for replace actions. Regex capture groups are available. - type: string - type: object - type: array - inlineScrapeConfig: - description: |- - InlineScrapeConfig As scrape configs are appended, the user is responsible to make sure it - is valid. Note that using this feature may expose the possibility to - break upgrades of VMAgent. It is advised to review VMAgent release - notes to ensure that no incompatible scrape configs are going to break - VMAgent after the upgrade. - it should be defined as single yaml file. - inlineScrapeConfig: | - - job_name: "prometheus" - static_configs: - - targets: ["localhost:9090"] - type: string - insertPorts: - description: InsertPorts - additional listen ports for data ingestion. - properties: - graphitePort: - description: GraphitePort listen port - type: string - influxPort: - description: InfluxPort listen port - type: string - openTSDBHTTPPort: - description: OpenTSDBHTTPPort for http connections. - type: string - openTSDBPort: - description: OpenTSDBPort for tcp and udp listen - type: string - type: object - license: - description: |- - License allows to configure license key to be used for enterprise features. - Using license key is supported starting from VictoriaMetrics v1.94.0. - See [here](https://docs.victoriametrics.com/victoriametrics/enterprise/) - properties: - forceOffline: - description: Enforce offline verification of the license key. - type: boolean - key: - description: |- - Enterprise license key. This flag is available only in [VictoriaMetrics enterprise](https://docs.victoriametrics.com/victoriametrics/enterprise/). - To request a trial license, [go to](https://victoriametrics.com/products/enterprise/trial) - type: string - keyRef: - description: KeyRef is reference to secret with license key for - enterprise features. - properties: - key: - description: The key of the secret to select from. Must be - a valid secret key. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the Secret or its key must be - defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - reloadInterval: - description: Interval to be used for checking for license key - changes. Note that this is only applicable when using KeyRef. - type: string - type: object - livenessProbe: - description: LivenessProbe that will be added CRD pod - type: object - x-kubernetes-preserve-unknown-fields: true - logFormat: - description: LogFormat for VMAgent to be configured with. - enum: - - default - - json - type: string - logLevel: - description: |- - LogLevel for VMAgent to be configured with. - INFO, WARN, ERROR, FATAL, PANIC - enum: - - INFO - - WARN - - ERROR - - FATAL - - PANIC - type: string - managedMetadata: - description: |- - ManagedMetadata defines metadata that will be added to the all objects - created by operator for the given CustomResource - properties: - annotations: - additionalProperties: - type: string - description: |- - Annotations is an unstructured key value map stored with a resource that may be - set by external tools to store and retrieve arbitrary metadata. They are not - queryable and should be preserved when modifying objects. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations - type: object - labels: - additionalProperties: - type: string - description: |- - Labels Map of string keys and values that can be used to organize and categorize - (scope and select) objects. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels - type: object - type: object - maxScrapeInterval: - description: |- - MaxScrapeInterval allows limiting maximum scrape interval for VMServiceScrape, VMPodScrape and other scrapes - If interval is higher than defined limit, `maxScrapeInterval` will be used. - type: string - minReadySeconds: - description: |- - MinReadySeconds defines a minimum number of seconds to wait before starting update next pod - if previous in healthy state - Has no effect for VLogs and VMSingle - format: int32 - type: integer - minScrapeInterval: - description: |- - MinScrapeInterval allows limiting minimal scrape interval for VMServiceScrape, VMPodScrape and other scrapes - If interval is lower than defined limit, `minScrapeInterval` will be used. - type: string - nodeScrapeNamespaceSelector: - description: |- - NodeScrapeNamespaceSelector defines Namespaces to be selected for VMNodeScrape discovery. - Works in combination with Selector. - NamespaceSelector nil - only objects at VMAgent namespace. - Selector nil - only objects at NamespaceSelector namespaces. - If both nil - behaviour controlled by selectAllByDefault - properties: - matchExpressions: - description: matchExpressions is a list of label selector requirements. - The requirements are ANDed. - items: - description: |- - A label selector requirement is a selector that contains values, a key, and an operator that - relates the key and values. - properties: - key: - description: key is the label key that the selector applies - to. - type: string - operator: - description: |- - operator represents a key's relationship to a set of values. - Valid operators are In, NotIn, Exists and DoesNotExist. - type: string - values: - description: |- - values is an array of string values. If the operator is In or NotIn, - the values array must be non-empty. If the operator is Exists or DoesNotExist, - the values array must be empty. This array is replaced during a strategic - merge patch. - items: - type: string - type: array - x-kubernetes-list-type: atomic - required: - - key - - operator - type: object - type: array - x-kubernetes-list-type: atomic - matchLabels: - additionalProperties: - type: string - description: |- - matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels - map is equivalent to an element of matchExpressions, whose key field is "key", the - operator is "In", and the values array contains only "value". The requirements are ANDed. - type: object - type: object - x-kubernetes-map-type: atomic - nodeScrapeRelabelTemplate: - description: |- - NodeScrapeRelabelTemplate defines relabel config, that will be added to each VMNodeScrape. - it's useful for adding specific labels to all targets - items: - description: |- - RelabelConfig allows dynamic rewriting of the label set - More info: https://docs.victoriametrics.com/victoriametrics/#relabeling - properties: - action: - description: Action to perform based on regex matching. Default - is 'replace' - type: string - if: - description: 'If represents metricsQL match expression (or list - of expressions): ''{__name__=~"foo_.*"}''' - x-kubernetes-preserve-unknown-fields: true - labels: - additionalProperties: - type: string - description: 'Labels is used together with Match for `action: - graphite`' - type: object - match: - description: 'Match is used together with Labels for `action: - graphite`' - type: string - modulus: - description: Modulus to take of the hash of the source label - values. - format: int64 - type: integer - regex: - description: |- - Regular expression against which the extracted value is matched. Default is '(.*)' - victoriaMetrics supports multiline regex joined with | - https://docs.victoriametrics.com/victoriametrics/vmagent/#relabeling-enhancements - x-kubernetes-preserve-unknown-fields: true - replacement: - description: |- - Replacement value against which a regex replace is performed if the - regular expression matches. Regex capture groups are available. Default is '$1' - type: string - separator: - description: Separator placed between concatenated source label - values. default is ';'. - type: string - source_labels: - description: |- - UnderScoreSourceLabels - additional form of source labels source_labels - for compatibility with original relabel config. - if set both sourceLabels and source_labels, sourceLabels has priority. - for details https://github.com/VictoriaMetrics/operator/issues/131 - items: - type: string - type: array - sourceLabels: - description: |- - The source labels select values from existing labels. Their content is concatenated - using the configured separator and matched against the configured regular expression - for the replace, keep, and drop actions. - items: - type: string - type: array - target_label: - description: |- - UnderScoreTargetLabel - additional form of target label - target_label - for compatibility with original relabel config. - if set both targetLabel and target_label, targetLabel has priority. - for details https://github.com/VictoriaMetrics/operator/issues/131 - type: string - targetLabel: - description: |- - Label to which the resulting value is written in a replace action. - It is mandatory for replace actions. Regex capture groups are available. - type: string - type: object - type: array - nodeScrapeSelector: - description: |- - NodeScrapeSelector defines VMNodeScrape to be selected for scraping. - Works in combination with NamespaceSelector. - NamespaceSelector nil - only objects at VMAgent namespace. - Selector nil - only objects at NamespaceSelector namespaces. - If both nil - behaviour controlled by selectAllByDefault - properties: - matchExpressions: - description: matchExpressions is a list of label selector requirements. - The requirements are ANDed. - items: - description: |- - A label selector requirement is a selector that contains values, a key, and an operator that - relates the key and values. - properties: - key: - description: key is the label key that the selector applies - to. - type: string - operator: - description: |- - operator represents a key's relationship to a set of values. - Valid operators are In, NotIn, Exists and DoesNotExist. - type: string - values: - description: |- - values is an array of string values. If the operator is In or NotIn, - the values array must be non-empty. If the operator is Exists or DoesNotExist, - the values array must be empty. This array is replaced during a strategic - merge patch. - items: - type: string - type: array - x-kubernetes-list-type: atomic - required: - - key - - operator - type: object - type: array - x-kubernetes-list-type: atomic - matchLabels: - additionalProperties: - type: string - description: |- - matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels - map is equivalent to an element of matchExpressions, whose key field is "key", the - operator is "In", and the values array contains only "value". The requirements are ANDed. - type: object - type: object - x-kubernetes-map-type: atomic - nodeSelector: - additionalProperties: - type: string - description: NodeSelector Define which Nodes the Pods are scheduled - on. - type: object - overrideHonorLabels: - description: |- - OverrideHonorLabels if set to true overrides all user configured honor_labels. - If HonorLabels is set in scrape objects to true, this overrides honor_labels to false. - type: boolean - overrideHonorTimestamps: - description: OverrideHonorTimestamps allows to globally enforce honoring - timestamps in all scrape configs. - type: boolean - paused: - description: |- - Paused If set to true all actions on the underlying managed objects are not - going to be performed, except for delete actions. - type: boolean - persistentVolumeClaimRetentionPolicy: - description: PersistentVolumeClaimRetentionPolicy allows configuration - of PVC retention policy - properties: - whenDeleted: - description: |- - WhenDeleted specifies what happens to PVCs created from StatefulSet - VolumeClaimTemplates when the StatefulSet is deleted. The default policy - of `Retain` causes PVCs to not be affected by StatefulSet deletion. The - `Delete` policy causes those PVCs to be deleted. - type: string - whenScaled: - description: |- - WhenScaled specifies what happens to PVCs created from StatefulSet - VolumeClaimTemplates when the StatefulSet is scaled down. The default - policy of `Retain` causes PVCs to not be affected by a scaledown. The - `Delete` policy causes the associated PVCs for any excess pods above - the replica count to be deleted. - type: string - type: object - podDisruptionBudget: - description: PodDisruptionBudget created by operator - properties: - maxUnavailable: - anyOf: - - type: integer - - type: string - description: |- - An eviction is allowed if at most "maxUnavailable" pods selected by - "selector" are unavailable after the eviction, i.e. even in absence of - the evicted pod. For example, one can prevent all voluntary evictions - by specifying 0. This is a mutually exclusive setting with "minAvailable". - x-kubernetes-int-or-string: true - minAvailable: - anyOf: - - type: integer - - type: string - description: |- - An eviction is allowed if at least "minAvailable" pods selected by - "selector" will still be available after the eviction, i.e. even in the - absence of the evicted pod. So for example you can prevent all voluntary - evictions by specifying "100%". - x-kubernetes-int-or-string: true - selectorLabels: - additionalProperties: - type: string - description: |- - replaces default labels selector generated by operator - it's useful when you need to create custom budget - type: object - type: object - podMetadata: - description: PodMetadata configures Labels and Annotations which are - propagated to the vmagent pods. - properties: - annotations: - additionalProperties: - type: string - description: |- - Annotations is an unstructured key value map stored with a resource that may be - set by external tools to store and retrieve arbitrary metadata. They are not - queryable and should be preserved when modifying objects. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations - type: object - labels: - additionalProperties: - type: string - description: |- - Labels Map of string keys and values that can be used to organize and categorize - (scope and select) objects. May match selectors of replication controllers - and services. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels - type: object - name: - description: |- - Name must be unique within a namespace. Is required when creating resources, although - some resources may allow a client to request the generation of an appropriate name - automatically. Name is primarily intended for creation idempotence and configuration - definition. - Cannot be updated. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names#names - type: string - type: object - podScrapeNamespaceSelector: - description: |- - PodScrapeNamespaceSelector defines Namespaces to be selected for VMPodScrape discovery. - Works in combination with Selector. - NamespaceSelector nil - only objects at VMAgent namespace. - Selector nil - only objects at NamespaceSelector namespaces. - If both nil - behaviour controlled by selectAllByDefault - properties: - matchExpressions: - description: matchExpressions is a list of label selector requirements. - The requirements are ANDed. - items: - description: |- - A label selector requirement is a selector that contains values, a key, and an operator that - relates the key and values. - properties: - key: - description: key is the label key that the selector applies - to. - type: string - operator: - description: |- - operator represents a key's relationship to a set of values. - Valid operators are In, NotIn, Exists and DoesNotExist. - type: string - values: - description: |- - values is an array of string values. If the operator is In or NotIn, - the values array must be non-empty. If the operator is Exists or DoesNotExist, - the values array must be empty. This array is replaced during a strategic - merge patch. - items: - type: string - type: array - x-kubernetes-list-type: atomic - required: - - key - - operator - type: object - type: array - x-kubernetes-list-type: atomic - matchLabels: - additionalProperties: - type: string - description: |- - matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels - map is equivalent to an element of matchExpressions, whose key field is "key", the - operator is "In", and the values array contains only "value". The requirements are ANDed. - type: object - type: object - x-kubernetes-map-type: atomic - podScrapeRelabelTemplate: - description: |- - PodScrapeRelabelTemplate defines relabel config, that will be added to each VMPodScrape. - it's useful for adding specific labels to all targets - items: - description: |- - RelabelConfig allows dynamic rewriting of the label set - More info: https://docs.victoriametrics.com/victoriametrics/#relabeling - properties: - action: - description: Action to perform based on regex matching. Default - is 'replace' - type: string - if: - description: 'If represents metricsQL match expression (or list - of expressions): ''{__name__=~"foo_.*"}''' - x-kubernetes-preserve-unknown-fields: true - labels: - additionalProperties: - type: string - description: 'Labels is used together with Match for `action: - graphite`' - type: object - match: - description: 'Match is used together with Labels for `action: - graphite`' - type: string - modulus: - description: Modulus to take of the hash of the source label - values. - format: int64 - type: integer - regex: - description: |- - Regular expression against which the extracted value is matched. Default is '(.*)' - victoriaMetrics supports multiline regex joined with | - https://docs.victoriametrics.com/victoriametrics/vmagent/#relabeling-enhancements - x-kubernetes-preserve-unknown-fields: true - replacement: - description: |- - Replacement value against which a regex replace is performed if the - regular expression matches. Regex capture groups are available. Default is '$1' - type: string - separator: - description: Separator placed between concatenated source label - values. default is ';'. - type: string - source_labels: - description: |- - UnderScoreSourceLabels - additional form of source labels source_labels - for compatibility with original relabel config. - if set both sourceLabels and source_labels, sourceLabels has priority. - for details https://github.com/VictoriaMetrics/operator/issues/131 - items: - type: string - type: array - sourceLabels: - description: |- - The source labels select values from existing labels. Their content is concatenated - using the configured separator and matched against the configured regular expression - for the replace, keep, and drop actions. - items: - type: string - type: array - target_label: - description: |- - UnderScoreTargetLabel - additional form of target label - target_label - for compatibility with original relabel config. - if set both targetLabel and target_label, targetLabel has priority. - for details https://github.com/VictoriaMetrics/operator/issues/131 - type: string - targetLabel: - description: |- - Label to which the resulting value is written in a replace action. - It is mandatory for replace actions. Regex capture groups are available. - type: string - type: object - type: array - podScrapeSelector: - description: |- - PodScrapeSelector defines PodScrapes to be selected for target discovery. - Works in combination with NamespaceSelector. - NamespaceSelector nil - only objects at VMAgent namespace. - Selector nil - only objects at NamespaceSelector namespaces. - If both nil - behaviour controlled by selectAllByDefault - properties: - matchExpressions: - description: matchExpressions is a list of label selector requirements. - The requirements are ANDed. - items: - description: |- - A label selector requirement is a selector that contains values, a key, and an operator that - relates the key and values. - properties: - key: - description: key is the label key that the selector applies - to. - type: string - operator: - description: |- - operator represents a key's relationship to a set of values. - Valid operators are In, NotIn, Exists and DoesNotExist. - type: string - values: - description: |- - values is an array of string values. If the operator is In or NotIn, - the values array must be non-empty. If the operator is Exists or DoesNotExist, - the values array must be empty. This array is replaced during a strategic - merge patch. - items: - type: string - type: array - x-kubernetes-list-type: atomic - required: - - key - - operator - type: object - type: array - x-kubernetes-list-type: atomic - matchLabels: - additionalProperties: - type: string - description: |- - matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels - map is equivalent to an element of matchExpressions, whose key field is "key", the - operator is "In", and the values array contains only "value". The requirements are ANDed. - type: object - type: object - x-kubernetes-map-type: atomic - port: - description: Port listen address - type: string - priorityClassName: - description: PriorityClassName class assigned to the Pods - type: string - probeNamespaceSelector: - description: |- - ProbeNamespaceSelector defines Namespaces to be selected for VMProbe discovery. - Works in combination with Selector. - NamespaceSelector nil - only objects at VMAgent namespace. - Selector nil - only objects at NamespaceSelector namespaces. - If both nil - behaviour controlled by selectAllByDefault - properties: - matchExpressions: - description: matchExpressions is a list of label selector requirements. - The requirements are ANDed. - items: - description: |- - A label selector requirement is a selector that contains values, a key, and an operator that - relates the key and values. - properties: - key: - description: key is the label key that the selector applies - to. - type: string - operator: - description: |- - operator represents a key's relationship to a set of values. - Valid operators are In, NotIn, Exists and DoesNotExist. - type: string - values: - description: |- - values is an array of string values. If the operator is In or NotIn, - the values array must be non-empty. If the operator is Exists or DoesNotExist, - the values array must be empty. This array is replaced during a strategic - merge patch. - items: - type: string - type: array - x-kubernetes-list-type: atomic - required: - - key - - operator - type: object - type: array - x-kubernetes-list-type: atomic - matchLabels: - additionalProperties: - type: string - description: |- - matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels - map is equivalent to an element of matchExpressions, whose key field is "key", the - operator is "In", and the values array contains only "value". The requirements are ANDed. - type: object - type: object - x-kubernetes-map-type: atomic - probeScrapeRelabelTemplate: - description: |- - ProbeScrapeRelabelTemplate defines relabel config, that will be added to each VMProbeScrape. - it's useful for adding specific labels to all targets - items: - description: |- - RelabelConfig allows dynamic rewriting of the label set - More info: https://docs.victoriametrics.com/victoriametrics/#relabeling - properties: - action: - description: Action to perform based on regex matching. Default - is 'replace' - type: string - if: - description: 'If represents metricsQL match expression (or list - of expressions): ''{__name__=~"foo_.*"}''' - x-kubernetes-preserve-unknown-fields: true - labels: - additionalProperties: - type: string - description: 'Labels is used together with Match for `action: - graphite`' - type: object - match: - description: 'Match is used together with Labels for `action: - graphite`' - type: string - modulus: - description: Modulus to take of the hash of the source label - values. - format: int64 - type: integer - regex: - description: |- - Regular expression against which the extracted value is matched. Default is '(.*)' - victoriaMetrics supports multiline regex joined with | - https://docs.victoriametrics.com/victoriametrics/vmagent/#relabeling-enhancements - x-kubernetes-preserve-unknown-fields: true - replacement: - description: |- - Replacement value against which a regex replace is performed if the - regular expression matches. Regex capture groups are available. Default is '$1' - type: string - separator: - description: Separator placed between concatenated source label - values. default is ';'. - type: string - source_labels: - description: |- - UnderScoreSourceLabels - additional form of source labels source_labels - for compatibility with original relabel config. - if set both sourceLabels and source_labels, sourceLabels has priority. - for details https://github.com/VictoriaMetrics/operator/issues/131 - items: - type: string - type: array - sourceLabels: - description: |- - The source labels select values from existing labels. Their content is concatenated - using the configured separator and matched against the configured regular expression - for the replace, keep, and drop actions. - items: - type: string - type: array - target_label: - description: |- - UnderScoreTargetLabel - additional form of target label - target_label - for compatibility with original relabel config. - if set both targetLabel and target_label, targetLabel has priority. - for details https://github.com/VictoriaMetrics/operator/issues/131 - type: string - targetLabel: - description: |- - Label to which the resulting value is written in a replace action. - It is mandatory for replace actions. Regex capture groups are available. - type: string - type: object - type: array - probeSelector: - description: |- - ProbeSelector defines VMProbe to be selected for target probing. - Works in combination with NamespaceSelector. - NamespaceSelector nil - only objects at VMAgent namespace. - Selector nil - only objects at NamespaceSelector namespaces. - If both nil - behaviour controlled by selectAllByDefault - properties: - matchExpressions: - description: matchExpressions is a list of label selector requirements. - The requirements are ANDed. - items: - description: |- - A label selector requirement is a selector that contains values, a key, and an operator that - relates the key and values. - properties: - key: - description: key is the label key that the selector applies - to. - type: string - operator: - description: |- - operator represents a key's relationship to a set of values. - Valid operators are In, NotIn, Exists and DoesNotExist. - type: string - values: - description: |- - values is an array of string values. If the operator is In or NotIn, - the values array must be non-empty. If the operator is Exists or DoesNotExist, - the values array must be empty. This array is replaced during a strategic - merge patch. - items: - type: string - type: array - x-kubernetes-list-type: atomic - required: - - key - - operator - type: object - type: array - x-kubernetes-list-type: atomic - matchLabels: - additionalProperties: - type: string - description: |- - matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels - map is equivalent to an element of matchExpressions, whose key field is "key", the - operator is "In", and the values array contains only "value". The requirements are ANDed. - type: object - type: object - x-kubernetes-map-type: atomic - readinessGates: - description: ReadinessGates defines pod readiness gates - items: - description: PodReadinessGate contains the reference to a pod condition - properties: - conditionType: - description: ConditionType refers to a condition in the pod's - condition list with matching type. - type: string - required: - - conditionType - type: object - type: array - readinessProbe: - description: ReadinessProbe that will be added CRD pod - type: object - x-kubernetes-preserve-unknown-fields: true - relabelConfig: - description: |- - RelabelConfig ConfigMap with global relabel config -remoteWrite.relabelConfig - This relabeling is applied to all the collected metrics before sending them to remote storage. - properties: - key: - description: The key to select. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the ConfigMap or its key must be - defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - remoteWrite: - description: |- - RemoteWrite list of victoria metrics /some other remote write system - for vm it must looks like: http://victoria-metrics-single:8428/api/v1/write - or for cluster different url - https://docs.victoriametrics.com/victoriametrics/vmagent/#splitting-data-streams-among-multiple-systems - items: - description: VMAgentRemoteWriteSpec defines the remote storage configuration - for VmAgent - properties: - aws: - description: AWS describes params specific to AWS cloud - properties: - ec2Endpoint: - description: EC2Endpoint is an optional AWS EC2 API endpoint - to use for the corresponding -remoteWrite.url if -remoteWrite.aws.useSigv4 - is set - type: string - region: - description: Region is an optional AWS region to use for - the corresponding -remoteWrite.url if -remoteWrite.aws.useSigv4 - is set - type: string - roleARN: - description: RoleARN is an optional AWS region to use for - the corresponding -remoteWrite.url if -remoteWrite.aws.useSigv4 - is set - type: string - service: - description: Service is an optional AWS Service to use for - the corresponding -remoteWrite.url if -remoteWrite.aws.useSigv4 - is set - type: string - stsEndpoint: - description: STSEndpoint is an optional AWS STS API endpoint - to use for the corresponding -remoteWrite.url if -remoteWrite.aws.useSigv4 - is set - type: string - useSigv4: - description: UseSigv4 enables SigV4 request signing for - the corresponding -remoteWrite.url - type: boolean - type: object - basicAuth: - description: BasicAuth allow an endpoint to authenticate over - basic authentication - properties: - password: - description: |- - Password defines reference for secret with password value - The secret needs to be in the same namespace as scrape object - properties: - key: - description: The key of the secret to select from. Must - be a valid secret key. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the Secret or its key must - be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - password_file: - description: |- - PasswordFile defines path to password file at disk - must be pre-mounted - type: string - username: - description: |- - Username defines reference for secret with username value - The secret needs to be in the same namespace as scrape object - properties: - key: - description: The key of the secret to select from. Must - be a valid secret key. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the Secret or its key must - be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - type: object - bearerTokenSecret: - description: Optional bearer auth token to use for -remoteWrite.url - properties: - key: - description: The key of the secret to select from. Must - be a valid secret key. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the Secret or its key must - be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - forceVMProto: - description: ForceVMProto forces using VictoriaMetrics protocol - for sending data to -remoteWrite.url - type: boolean - headers: - description: |- - Headers allow configuring custom http headers - Must be in form of semicolon separated header with value - e.g. - headerName: headerValue - vmagent supports since 1.79.0 version - items: - type: string - type: array - inlineUrlRelabelConfig: - description: InlineUrlRelabelConfig defines relabeling config - for remoteWriteURL, it can be defined at crd spec. - items: - description: |- - RelabelConfig allows dynamic rewriting of the label set - More info: https://docs.victoriametrics.com/victoriametrics/#relabeling - properties: - action: - description: Action to perform based on regex matching. - Default is 'replace' - type: string - if: - description: 'If represents metricsQL match expression - (or list of expressions): ''{__name__=~"foo_.*"}''' - x-kubernetes-preserve-unknown-fields: true - labels: - additionalProperties: - type: string - description: 'Labels is used together with Match for `action: - graphite`' - type: object - match: - description: 'Match is used together with Labels for `action: - graphite`' - type: string - modulus: - description: Modulus to take of the hash of the source - label values. - format: int64 - type: integer - regex: - description: |- - Regular expression against which the extracted value is matched. Default is '(.*)' - victoriaMetrics supports multiline regex joined with | - https://docs.victoriametrics.com/victoriametrics/vmagent/#relabeling-enhancements - x-kubernetes-preserve-unknown-fields: true - replacement: - description: |- - Replacement value against which a regex replace is performed if the - regular expression matches. Regex capture groups are available. Default is '$1' - type: string - separator: - description: Separator placed between concatenated source - label values. default is ';'. - type: string - source_labels: - description: |- - UnderScoreSourceLabels - additional form of source labels source_labels - for compatibility with original relabel config. - if set both sourceLabels and source_labels, sourceLabels has priority. - for details https://github.com/VictoriaMetrics/operator/issues/131 - items: - type: string - type: array - sourceLabels: - description: |- - The source labels select values from existing labels. Their content is concatenated - using the configured separator and matched against the configured regular expression - for the replace, keep, and drop actions. - items: - type: string - type: array - target_label: - description: |- - UnderScoreTargetLabel - additional form of target label - target_label - for compatibility with original relabel config. - if set both targetLabel and target_label, targetLabel has priority. - for details https://github.com/VictoriaMetrics/operator/issues/131 - type: string - targetLabel: - description: |- - Label to which the resulting value is written in a replace action. - It is mandatory for replace actions. Regex capture groups are available. - type: string - type: object - type: array - maxDiskUsage: - description: |- - MaxDiskUsage defines the maximum file-based buffer size in bytes for the given remoteWrite - It overrides global configuration defined at remoteWriteSettings.maxDiskUsagePerURL - x-kubernetes-preserve-unknown-fields: true - oauth2: - description: OAuth2 defines auth configuration - properties: - client_id: - description: The secret or configmap containing the OAuth2 - client id - properties: - configMap: - description: ConfigMap containing data to use for the - targets. - properties: - key: - description: The key to select. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the ConfigMap or its - key must be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - secret: - description: Secret containing data to use for the targets. - properties: - key: - description: The key of the secret to select from. Must - be a valid secret key. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the Secret or its key - must be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - type: object - client_secret: - description: The secret containing the OAuth2 client secret - properties: - key: - description: The key of the secret to select from. Must - be a valid secret key. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the Secret or its key must - be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - client_secret_file: - description: ClientSecretFile defines path for client secret - file. - type: string - endpoint_params: - additionalProperties: - type: string - description: Parameters to append to the token URL - type: object - proxy_url: - description: |- - The proxy URL for token_url connection - ( available from v0.55.0). - Is only supported by Scrape objects family - type: string - scopes: - description: OAuth2 scopes used for the token request - items: - type: string - type: array - tls_config: - description: |- - TLSConfig for token_url connection - ( available from v0.55.0). - Is only supported by Scrape objects family - x-kubernetes-preserve-unknown-fields: true - token_url: - description: The URL to fetch the token from - minLength: 1 - type: string - required: - - client_id - - token_url - type: object - proxyURL: - description: 'ProxyURL for -remoteWrite.url. Supported proxies: - http, https, socks5. Example: socks5://proxy:1234' - type: string - sendTimeout: - description: Timeout for sending a single block of data to -remoteWrite.url - (default 1m0s) - pattern: '[0-9]+(ms|s|m|h)' - type: string - streamAggrConfig: - description: StreamAggrConfig defines stream aggregation configuration - for VMAgent for -remoteWrite.url - properties: - configmap: - description: ConfigMap with stream aggregation rules - properties: - key: - description: The key to select. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the ConfigMap or its key - must be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - dedupInterval: - description: Allows setting different de-duplication intervals - per each configured remote storage - type: string - dropInput: - description: Allow drop all the input samples after the - aggregation - type: boolean - dropInputLabels: - description: labels to drop from samples for aggregator - before stream de-duplication and aggregation - items: - type: string - type: array - enableWindows: - description: EnableWindows enables aggregating data in separate - windows ( available from v0.54.0). - type: boolean - ignoreFirstIntervals: - description: IgnoreFirstIntervals instructs to ignore first - interval - type: integer - ignoreFirstSampleInterval: - description: IgnoreFirstSampleInterval sets interval for - total and prometheus_total during which first samples - will be ignored - type: string - ignoreOldSamples: - description: IgnoreOldSamples instructs to ignore samples - with old timestamps outside the current aggregation interval. - type: boolean - keepInput: - description: Allows writing both raw and aggregate data - type: boolean - rules: - description: Stream aggregation rules - items: - description: StreamAggrRule defines the rule in stream - aggregation config - properties: - by: - description: |- - By is an optional list of labels for grouping input series. - - See also Without. - - If neither By nor Without are set, then the Outputs are calculated - individually per each input time series. - items: - type: string - type: array - dedup_interval: - description: DedupInterval is an optional interval - for deduplication. - type: string - drop_input_labels: - description: |- - DropInputLabels is an optional list with labels, which must be dropped before further processing of input samples. - - Labels are dropped before de-duplication and aggregation. - items: - type: string - type: array - enable_windows: - description: EnableWindows enables aggregating data - in separate windows - type: boolean - flush_on_shutdown: - description: |- - FlushOnShutdown defines whether to flush the aggregation state on process termination - or config reload. Is `false` by default. - It is not recommended changing this setting, unless unfinished aggregations states - are preferred to missing data points. - type: boolean - ignore_first_intervals: - type: integer - ignore_old_samples: - description: IgnoreOldSamples instructs to ignore - samples with old timestamps outside the current - aggregation interval. - type: boolean - ignoreFirstSampleInterval: - description: IgnoreFirstSampleInterval sets interval - for total and prometheus_total during which first - samples will be ignored - type: string - input_relabel_configs: - description: |- - InputRelabelConfigs is an optional relabeling rules, which are applied on the input - before aggregation. - items: - description: |- - RelabelConfig allows dynamic rewriting of the label set - More info: https://docs.victoriametrics.com/victoriametrics/#relabeling - properties: - action: - description: Action to perform based on regex - matching. Default is 'replace' - type: string - if: - description: 'If represents metricsQL match - expression (or list of expressions): ''{__name__=~"foo_.*"}''' - x-kubernetes-preserve-unknown-fields: true - labels: - additionalProperties: - type: string - description: 'Labels is used together with Match - for `action: graphite`' - type: object - match: - description: 'Match is used together with Labels - for `action: graphite`' - type: string - modulus: - description: Modulus to take of the hash of - the source label values. - format: int64 - type: integer - regex: - description: |- - Regular expression against which the extracted value is matched. Default is '(.*)' - victoriaMetrics supports multiline regex joined with | - https://docs.victoriametrics.com/victoriametrics/vmagent/#relabeling-enhancements - x-kubernetes-preserve-unknown-fields: true - replacement: - description: |- - Replacement value against which a regex replace is performed if the - regular expression matches. Regex capture groups are available. Default is '$1' - type: string - separator: - description: Separator placed between concatenated - source label values. default is ';'. - type: string - source_labels: - description: |- - UnderScoreSourceLabels - additional form of source labels source_labels - for compatibility with original relabel config. - if set both sourceLabels and source_labels, sourceLabels has priority. - for details https://github.com/VictoriaMetrics/operator/issues/131 - items: - type: string - type: array - sourceLabels: - description: |- - The source labels select values from existing labels. Their content is concatenated - using the configured separator and matched against the configured regular expression - for the replace, keep, and drop actions. - items: - type: string - type: array - target_label: - description: |- - UnderScoreTargetLabel - additional form of target label - target_label - for compatibility with original relabel config. - if set both targetLabel and target_label, targetLabel has priority. - for details https://github.com/VictoriaMetrics/operator/issues/131 - type: string - targetLabel: - description: |- - Label to which the resulting value is written in a replace action. - It is mandatory for replace actions. Regex capture groups are available. - type: string - type: object - type: array - interval: - description: Interval is the interval between aggregations. - type: string - keep_metric_names: - description: KeepMetricNames instructs to leave metric - names as is for the output time series without adding - any suffix. - type: boolean - match: - description: |- - Match is a label selector (or list of label selectors) for filtering time series for the given selector. - - If the match isn't set, then all the input time series are processed. - x-kubernetes-preserve-unknown-fields: true - no_align_flush_to_interval: - description: |- - NoAlignFlushToInterval disables aligning of flushes to multiples of Interval. - By default flushes are aligned to Interval. - type: boolean - output_relabel_configs: - description: |- - OutputRelabelConfigs is an optional relabeling rules, which are applied - on the aggregated output before being sent to remote storage. - items: - description: |- - RelabelConfig allows dynamic rewriting of the label set - More info: https://docs.victoriametrics.com/victoriametrics/#relabeling - properties: - action: - description: Action to perform based on regex - matching. Default is 'replace' - type: string - if: - description: 'If represents metricsQL match - expression (or list of expressions): ''{__name__=~"foo_.*"}''' - x-kubernetes-preserve-unknown-fields: true - labels: - additionalProperties: - type: string - description: 'Labels is used together with Match - for `action: graphite`' - type: object - match: - description: 'Match is used together with Labels - for `action: graphite`' - type: string - modulus: - description: Modulus to take of the hash of - the source label values. - format: int64 - type: integer - regex: - description: |- - Regular expression against which the extracted value is matched. Default is '(.*)' - victoriaMetrics supports multiline regex joined with | - https://docs.victoriametrics.com/victoriametrics/vmagent/#relabeling-enhancements - x-kubernetes-preserve-unknown-fields: true - replacement: - description: |- - Replacement value against which a regex replace is performed if the - regular expression matches. Regex capture groups are available. Default is '$1' - type: string - separator: - description: Separator placed between concatenated - source label values. default is ';'. - type: string - source_labels: - description: |- - UnderScoreSourceLabels - additional form of source labels source_labels - for compatibility with original relabel config. - if set both sourceLabels and source_labels, sourceLabels has priority. - for details https://github.com/VictoriaMetrics/operator/issues/131 - items: - type: string - type: array - sourceLabels: - description: |- - The source labels select values from existing labels. Their content is concatenated - using the configured separator and matched against the configured regular expression - for the replace, keep, and drop actions. - items: - type: string - type: array - target_label: - description: |- - UnderScoreTargetLabel - additional form of target label - target_label - for compatibility with original relabel config. - if set both targetLabel and target_label, targetLabel has priority. - for details https://github.com/VictoriaMetrics/operator/issues/131 - type: string - targetLabel: - description: |- - Label to which the resulting value is written in a replace action. - It is mandatory for replace actions. Regex capture groups are available. - type: string - type: object - type: array - outputs: - description: |- - Outputs is a list of output aggregate functions to produce. - - The following names are allowed: - - - total - aggregates input counters - - increase - counts the increase over input counters - - count_series - counts the input series - - count_samples - counts the input samples - - sum_samples - sums the input samples - - last - the last biggest sample value - - min - the minimum sample value - - max - the maximum sample value - - avg - the average value across all the samples - - stddev - standard deviation across all the samples - - stdvar - standard variance across all the samples - - histogram_bucket - creates VictoriaMetrics histogram for input samples - - quantiles(phi1, ..., phiN) - quantiles' estimation for phi in the range [0..1] - - The output time series will have the following names: - - input_name:aggr__ - items: - type: string - type: array - staleness_interval: - description: |- - Staleness interval is interval after which the series state will be reset if no samples have been sent during it. - The parameter is only relevant for outputs: total, total_prometheus, increase, increase_prometheus and histogram_bucket. - type: string - without: - description: |- - Without is an optional list of labels, which must be excluded when grouping input series. - - See also By. - - If neither By nor Without are set, then the Outputs are calculated - individually per each input time series. - items: - type: string - type: array - required: - - interval - - outputs - type: object - type: array - type: object - tlsConfig: - description: TLSConfig describes tls configuration for remote - write target - properties: - ca: - description: Struct containing the CA cert to use for the - targets. - properties: - configMap: - description: ConfigMap containing data to use for the - targets. - properties: - key: - description: The key to select. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the ConfigMap or its - key must be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - secret: - description: Secret containing data to use for the targets. - properties: - key: - description: The key of the secret to select from. Must - be a valid secret key. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the Secret or its key - must be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - type: object - caFile: - description: Path to the CA cert in the container to use - for the targets. - type: string - cert: - description: Struct containing the client cert file for - the targets. - properties: - configMap: - description: ConfigMap containing data to use for the - targets. - properties: - key: - description: The key to select. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the ConfigMap or its - key must be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - secret: - description: Secret containing data to use for the targets. - properties: - key: - description: The key of the secret to select from. Must - be a valid secret key. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the Secret or its key - must be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - type: object - certFile: - description: Path to the client cert file in the container - for the targets. - type: string - insecureSkipVerify: - description: Disable target certificate validation. - type: boolean - keyFile: - description: Path to the client key file in the container - for the targets. - type: string - keySecret: - description: Secret containing the client key file for the - targets. - properties: - key: - description: The key of the secret to select from. Must - be a valid secret key. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the Secret or its key must - be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - serverName: - description: Used to verify the hostname for the targets. - type: string - type: object - url: - description: URL of the endpoint to send samples to. - type: string - urlRelabelConfig: - description: ConfigMap with relabeling config which is applied - to metrics before sending them to the corresponding -remoteWrite.url - properties: - key: - description: The key to select. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the ConfigMap or its key must - be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - required: - - url - type: object - type: array - remoteWriteSettings: - description: RemoteWriteSettings defines global settings for all remoteWrite - urls. - properties: - flushInterval: - description: Interval for flushing the data to remote storage. - (default 1s) - pattern: '[0-9]+(ms|s|m|h)' - type: string - label: - additionalProperties: - type: string - description: Labels in the form 'name=value' to add to all the - metrics before sending them. This overrides the label if it - already exists. - type: object - maxBlockSize: - description: The maximum size in bytes of unpacked request to - send to remote storage - format: int32 - type: integer - maxDiskUsagePerURL: - description: The maximum file-based buffer size in bytes at -remoteWrite.tmpDataPath - x-kubernetes-preserve-unknown-fields: true - queues: - description: The number of concurrent queues - format: int32 - type: integer - showURL: - description: Whether to show -remoteWrite.url in the exported - metrics. It is hidden by default, since it can contain sensitive - auth info - type: boolean - tmpDataPath: - description: Path to directory where temporary data for remote - write component is stored (default vmagent-remotewrite-data) - type: string - useMultiTenantMode: - description: |- - Configures vmagent accepting data via the same multitenant endpoints as vminsert at VictoriaMetrics cluster does, - see [here](https://docs.victoriametrics.com/victoriametrics/vmagent/#multitenancy). - it's global setting and affects all remote storage configurations - type: boolean - type: object - replicaCount: - description: ReplicaCount is the expected size of the Application. - format: int32 - type: integer - resources: - description: |- - Resources container resource request and limits, https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ - if not defined default resources from operator config will be used - properties: - claims: - description: |- - Claims lists the names of resources, defined in spec.resourceClaims, - that are used by this container. - - This is an alpha field and requires enabling the - DynamicResourceAllocation feature gate. - - This field is immutable. It can only be set for containers. - items: - description: ResourceClaim references one entry in PodSpec.ResourceClaims. - properties: - name: - description: |- - Name must match the name of one entry in pod.spec.resourceClaims of - the Pod where this field is used. It makes that resource available - inside a container. - type: string - request: - description: |- - Request is the name chosen for a request in the referenced claim. - If empty, everything from the claim is made available, otherwise - only the result of this request. - type: string - required: - - name - type: object - type: array - x-kubernetes-list-map-keys: - - name - x-kubernetes-list-type: map - limits: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - description: |- - Limits describes the maximum amount of compute resources allowed. - More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ - type: object - requests: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - description: |- - Requests describes the minimum amount of compute resources required. - If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, - otherwise to an implementation-defined value. Requests cannot exceed Limits. - More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ - type: object - type: object - revisionHistoryLimitCount: - description: |- - The number of old ReplicaSets to retain to allow rollback in deployment or - maximum number of revisions that will be maintained in the Deployment revision history. - Has no effect at StatefulSets - Defaults to 10. - format: int32 - type: integer - rollingUpdate: - description: RollingUpdate - overrides deployment update params. - properties: - maxSurge: - anyOf: - - type: integer - - type: string - description: |- - The maximum number of pods that can be scheduled above the desired number of - pods. - Value can be an absolute number (ex: 5) or a percentage of desired pods (ex: 10%). - This can not be 0 if MaxUnavailable is 0. - Absolute number is calculated from percentage by rounding up. - Defaults to 25%. - Example: when this is set to 30%, the new ReplicaSet can be scaled up immediately when - the rolling update starts, such that the total number of old and new pods do not exceed - 130% of desired pods. Once old pods have been killed, - new ReplicaSet can be scaled up further, ensuring that total number of pods running - at any time during the update is at most 130% of desired pods. - x-kubernetes-int-or-string: true - maxUnavailable: - anyOf: - - type: integer - - type: string - description: |- - The maximum number of pods that can be unavailable during the update. - Value can be an absolute number (ex: 5) or a percentage of desired pods (ex: 10%). - Absolute number is calculated from percentage by rounding down. - This can not be 0 if MaxSurge is 0. - Defaults to 25%. - Example: when this is set to 30%, the old ReplicaSet can be scaled down to 70% of desired pods - immediately when the rolling update starts. Once new pods are ready, old ReplicaSet - can be scaled down further, followed by scaling up the new ReplicaSet, ensuring - that the total number of pods available at all times during the update is at - least 70% of desired pods. - x-kubernetes-int-or-string: true - type: object - runtimeClassName: - description: |- - RuntimeClassName - defines runtime class for kubernetes pod. - https://kubernetes.io/docs/concepts/containers/runtime-class/ - type: string - schedulerName: - description: SchedulerName - defines kubernetes scheduler name - type: string - scrapeConfigNamespaceSelector: - description: |- - ScrapeConfigNamespaceSelector defines Namespaces to be selected for VMScrapeConfig discovery. - Works in combination with Selector. - NamespaceSelector nil - only objects at VMAgent namespace. - Selector nil - only objects at NamespaceSelector namespaces. - If both nil - behaviour controlled by selectAllByDefault - properties: - matchExpressions: - description: matchExpressions is a list of label selector requirements. - The requirements are ANDed. - items: - description: |- - A label selector requirement is a selector that contains values, a key, and an operator that - relates the key and values. - properties: - key: - description: key is the label key that the selector applies - to. - type: string - operator: - description: |- - operator represents a key's relationship to a set of values. - Valid operators are In, NotIn, Exists and DoesNotExist. - type: string - values: - description: |- - values is an array of string values. If the operator is In or NotIn, - the values array must be non-empty. If the operator is Exists or DoesNotExist, - the values array must be empty. This array is replaced during a strategic - merge patch. - items: - type: string - type: array - x-kubernetes-list-type: atomic - required: - - key - - operator - type: object - type: array - x-kubernetes-list-type: atomic - matchLabels: - additionalProperties: - type: string - description: |- - matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels - map is equivalent to an element of matchExpressions, whose key field is "key", the - operator is "In", and the values array contains only "value". The requirements are ANDed. - type: object - type: object - x-kubernetes-map-type: atomic - scrapeConfigRelabelTemplate: - description: |- - ScrapeConfigRelabelTemplate defines relabel config, that will be added to each VMScrapeConfig. - it's useful for adding specific labels to all targets - items: - description: |- - RelabelConfig allows dynamic rewriting of the label set - More info: https://docs.victoriametrics.com/victoriametrics/#relabeling - properties: - action: - description: Action to perform based on regex matching. Default - is 'replace' - type: string - if: - description: 'If represents metricsQL match expression (or list - of expressions): ''{__name__=~"foo_.*"}''' - x-kubernetes-preserve-unknown-fields: true - labels: - additionalProperties: - type: string - description: 'Labels is used together with Match for `action: - graphite`' - type: object - match: - description: 'Match is used together with Labels for `action: - graphite`' - type: string - modulus: - description: Modulus to take of the hash of the source label - values. - format: int64 - type: integer - regex: - description: |- - Regular expression against which the extracted value is matched. Default is '(.*)' - victoriaMetrics supports multiline regex joined with | - https://docs.victoriametrics.com/victoriametrics/vmagent/#relabeling-enhancements - x-kubernetes-preserve-unknown-fields: true - replacement: - description: |- - Replacement value against which a regex replace is performed if the - regular expression matches. Regex capture groups are available. Default is '$1' - type: string - separator: - description: Separator placed between concatenated source label - values. default is ';'. - type: string - source_labels: - description: |- - UnderScoreSourceLabels - additional form of source labels source_labels - for compatibility with original relabel config. - if set both sourceLabels and source_labels, sourceLabels has priority. - for details https://github.com/VictoriaMetrics/operator/issues/131 - items: - type: string - type: array - sourceLabels: - description: |- - The source labels select values from existing labels. Their content is concatenated - using the configured separator and matched against the configured regular expression - for the replace, keep, and drop actions. - items: - type: string - type: array - target_label: - description: |- - UnderScoreTargetLabel - additional form of target label - target_label - for compatibility with original relabel config. - if set both targetLabel and target_label, targetLabel has priority. - for details https://github.com/VictoriaMetrics/operator/issues/131 - type: string - targetLabel: - description: |- - Label to which the resulting value is written in a replace action. - It is mandatory for replace actions. Regex capture groups are available. - type: string - type: object - type: array - scrapeConfigSelector: - description: |- - ScrapeConfigSelector defines VMScrapeConfig to be selected for target discovery. - Works in combination with NamespaceSelector. - properties: - matchExpressions: - description: matchExpressions is a list of label selector requirements. - The requirements are ANDed. - items: - description: |- - A label selector requirement is a selector that contains values, a key, and an operator that - relates the key and values. - properties: - key: - description: key is the label key that the selector applies - to. - type: string - operator: - description: |- - operator represents a key's relationship to a set of values. - Valid operators are In, NotIn, Exists and DoesNotExist. - type: string - values: - description: |- - values is an array of string values. If the operator is In or NotIn, - the values array must be non-empty. If the operator is Exists or DoesNotExist, - the values array must be empty. This array is replaced during a strategic - merge patch. - items: - type: string - type: array - x-kubernetes-list-type: atomic - required: - - key - - operator - type: object - type: array - x-kubernetes-list-type: atomic - matchLabels: - additionalProperties: - type: string - description: |- - matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels - map is equivalent to an element of matchExpressions, whose key field is "key", the - operator is "In", and the values array contains only "value". The requirements are ANDed. - type: object - type: object - x-kubernetes-map-type: atomic - scrapeInterval: - description: ScrapeInterval defines how often scrape targets by default - pattern: '[0-9]+(ms|s|m|h)' - type: string - scrapeTimeout: - description: ScrapeTimeout defines global timeout for targets scrape - pattern: '[0-9]+(ms|s|m|h)' - type: string - secrets: - description: |- - Secrets is a list of Secrets in the same namespace as the Application - object, which shall be mounted into the Application container - at /etc/vm/secrets/SECRET_NAME folder - items: - type: string - type: array - securityContext: - description: |- - SecurityContext holds pod-level security attributes and common container settings. - This defaults to the default PodSecurityContext. - type: object - x-kubernetes-preserve-unknown-fields: true - selectAllByDefault: - description: |- - SelectAllByDefault changes default behavior for empty CRD selectors, such ServiceScrapeSelector. - with selectAllByDefault: true and empty serviceScrapeSelector and ServiceScrapeNamespaceSelector - Operator selects all exist serviceScrapes - with selectAllByDefault: false - selects nothing - type: boolean - serviceAccountName: - description: ServiceAccountName is the name of the ServiceAccount - to use to run the pods - type: string - serviceScrapeNamespaceSelector: - description: |- - ServiceScrapeNamespaceSelector Namespaces to be selected for VMServiceScrape discovery. - Works in combination with Selector. - NamespaceSelector nil - only objects at VMAgent namespace. - Selector nil - only objects at NamespaceSelector namespaces. - If both nil - behaviour controlled by selectAllByDefault - properties: - matchExpressions: - description: matchExpressions is a list of label selector requirements. - The requirements are ANDed. - items: - description: |- - A label selector requirement is a selector that contains values, a key, and an operator that - relates the key and values. - properties: - key: - description: key is the label key that the selector applies - to. - type: string - operator: - description: |- - operator represents a key's relationship to a set of values. - Valid operators are In, NotIn, Exists and DoesNotExist. - type: string - values: - description: |- - values is an array of string values. If the operator is In or NotIn, - the values array must be non-empty. If the operator is Exists or DoesNotExist, - the values array must be empty. This array is replaced during a strategic - merge patch. - items: - type: string - type: array - x-kubernetes-list-type: atomic - required: - - key - - operator - type: object - type: array - x-kubernetes-list-type: atomic - matchLabels: - additionalProperties: - type: string - description: |- - matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels - map is equivalent to an element of matchExpressions, whose key field is "key", the - operator is "In", and the values array contains only "value". The requirements are ANDed. - type: object - type: object - x-kubernetes-map-type: atomic - serviceScrapeRelabelTemplate: - description: |- - ServiceScrapeRelabelTemplate defines relabel config, that will be added to each VMServiceScrape. - it's useful for adding specific labels to all targets - items: - description: |- - RelabelConfig allows dynamic rewriting of the label set - More info: https://docs.victoriametrics.com/victoriametrics/#relabeling - properties: - action: - description: Action to perform based on regex matching. Default - is 'replace' - type: string - if: - description: 'If represents metricsQL match expression (or list - of expressions): ''{__name__=~"foo_.*"}''' - x-kubernetes-preserve-unknown-fields: true - labels: - additionalProperties: - type: string - description: 'Labels is used together with Match for `action: - graphite`' - type: object - match: - description: 'Match is used together with Labels for `action: - graphite`' - type: string - modulus: - description: Modulus to take of the hash of the source label - values. - format: int64 - type: integer - regex: - description: |- - Regular expression against which the extracted value is matched. Default is '(.*)' - victoriaMetrics supports multiline regex joined with | - https://docs.victoriametrics.com/victoriametrics/vmagent/#relabeling-enhancements - x-kubernetes-preserve-unknown-fields: true - replacement: - description: |- - Replacement value against which a regex replace is performed if the - regular expression matches. Regex capture groups are available. Default is '$1' - type: string - separator: - description: Separator placed between concatenated source label - values. default is ';'. - type: string - source_labels: - description: |- - UnderScoreSourceLabels - additional form of source labels source_labels - for compatibility with original relabel config. - if set both sourceLabels and source_labels, sourceLabels has priority. - for details https://github.com/VictoriaMetrics/operator/issues/131 - items: - type: string - type: array - sourceLabels: - description: |- - The source labels select values from existing labels. Their content is concatenated - using the configured separator and matched against the configured regular expression - for the replace, keep, and drop actions. - items: - type: string - type: array - target_label: - description: |- - UnderScoreTargetLabel - additional form of target label - target_label - for compatibility with original relabel config. - if set both targetLabel and target_label, targetLabel has priority. - for details https://github.com/VictoriaMetrics/operator/issues/131 - type: string - targetLabel: - description: |- - Label to which the resulting value is written in a replace action. - It is mandatory for replace actions. Regex capture groups are available. - type: string - type: object - type: array - serviceScrapeSelector: - description: |- - ServiceScrapeSelector defines ServiceScrapes to be selected for target discovery. - Works in combination with NamespaceSelector. - NamespaceSelector nil - only objects at VMAgent namespace. - Selector nil - only objects at NamespaceSelector namespaces. - If both nil - behaviour controlled by selectAllByDefault - properties: - matchExpressions: - description: matchExpressions is a list of label selector requirements. - The requirements are ANDed. - items: - description: |- - A label selector requirement is a selector that contains values, a key, and an operator that - relates the key and values. - properties: - key: - description: key is the label key that the selector applies - to. - type: string - operator: - description: |- - operator represents a key's relationship to a set of values. - Valid operators are In, NotIn, Exists and DoesNotExist. - type: string - values: - description: |- - values is an array of string values. If the operator is In or NotIn, - the values array must be non-empty. If the operator is Exists or DoesNotExist, - the values array must be empty. This array is replaced during a strategic - merge patch. - items: - type: string - type: array - x-kubernetes-list-type: atomic - required: - - key - - operator - type: object - type: array - x-kubernetes-list-type: atomic - matchLabels: - additionalProperties: - type: string - description: |- - matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels - map is equivalent to an element of matchExpressions, whose key field is "key", the - operator is "In", and the values array contains only "value". The requirements are ANDed. - type: object - type: object - x-kubernetes-map-type: atomic - serviceScrapeSpec: - description: ServiceScrapeSpec that will be added to vmagent VMServiceScrape - spec - required: - - endpoints - type: object - x-kubernetes-preserve-unknown-fields: true - serviceSpec: - description: ServiceSpec that will be added to vmagent service spec - properties: - metadata: - description: EmbeddedObjectMetadata defines objectMeta for additional - service. - properties: - annotations: - additionalProperties: - type: string - description: |- - Annotations is an unstructured key value map stored with a resource that may be - set by external tools to store and retrieve arbitrary metadata. They are not - queryable and should be preserved when modifying objects. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations - type: object - labels: - additionalProperties: - type: string - description: |- - Labels Map of string keys and values that can be used to organize and categorize - (scope and select) objects. May match selectors of replication controllers - and services. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels - type: object - name: - description: |- - Name must be unique within a namespace. Is required when creating resources, although - some resources may allow a client to request the generation of an appropriate name - automatically. Name is primarily intended for creation idempotence and configuration - definition. - Cannot be updated. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names#names - type: string - type: object - spec: - description: |- - ServiceSpec describes the attributes that a user creates on a service. - More info: https://kubernetes.io/docs/concepts/services-networking/service/ - type: object - x-kubernetes-preserve-unknown-fields: true - useAsDefault: - description: |- - UseAsDefault applies changes from given service definition to the main object Service - Changing from headless service to clusterIP or loadbalancer may break cross-component communication - type: boolean - required: - - spec - type: object - shardCount: - description: |- - ShardCount - numbers of shards of VMAgent - in this case operator will use 1 deployment/sts per shard with - replicas count according to spec.replicas, - see [here](https://docs.victoriametrics.com/victoriametrics/vmagent/#scraping-big-number-of-targets) - type: integer - startupProbe: - description: StartupProbe that will be added to CRD pod - type: object - x-kubernetes-preserve-unknown-fields: true - statefulMode: - description: |- - StatefulMode enables StatefulSet for `VMAgent` instead of Deployment - it allows using persistent storage for vmagent's persistentQueue - type: boolean - statefulRollingUpdateStrategy: - description: |- - StatefulRollingUpdateStrategy allows configuration for strategyType - set it to RollingUpdate for disabling operator statefulSet rollingUpdate - type: string - statefulStorage: - description: StatefulStorage configures storage for StatefulSet - properties: - disableMountSubPath: - description: |- - Deprecated: subPath usage will be disabled by default in a future release, this option will become unnecessary. - DisableMountSubPath allows to remove any subPath usage in volume mounts. - type: boolean - emptyDir: - description: |- - EmptyDirVolumeSource to be used by the Prometheus StatefulSets. If specified, used in place of any volumeClaimTemplate. More - info: https://kubernetes.io/docs/concepts/storage/volumes/#emptydir - properties: - medium: - description: |- - medium represents what type of storage medium should back this directory. - The default is "" which means to use the node's default medium. - Must be an empty string (default) or Memory. - More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir - type: string - sizeLimit: - anyOf: - - type: integer - - type: string - description: |- - sizeLimit is the total amount of local storage required for this EmptyDir volume. - The size limit is also applicable for memory medium. - The maximum usage on memory medium EmptyDir would be the minimum value between - the SizeLimit specified here and the sum of memory limits of all containers in a pod. - The default is nil which means that the limit is undefined. - More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - type: object - volumeClaimTemplate: - description: A PVC spec to be used by the StatefulSets/Deployments. - properties: - apiVersion: - description: |- - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources - type: string - kind: - description: |- - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. - In CamelCase. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds - type: string - metadata: - description: EmbeddedMetadata contains metadata relevant to - an EmbeddedResource. - properties: - annotations: - additionalProperties: - type: string - description: |- - Annotations is an unstructured key value map stored with a resource that may be - set by external tools to store and retrieve arbitrary metadata. They are not - queryable and should be preserved when modifying objects. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations - type: object - labels: - additionalProperties: - type: string - description: |- - Labels Map of string keys and values that can be used to organize and categorize - (scope and select) objects. May match selectors of replication controllers - and services. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels - type: object - name: - description: |- - Name must be unique within a namespace. Is required when creating resources, although - some resources may allow a client to request the generation of an appropriate name - automatically. Name is primarily intended for creation idempotence and configuration - definition. - Cannot be updated. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names#names - type: string - type: object - spec: - description: |- - Spec defines the desired characteristics of a volume requested by a pod author. - More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims - properties: - accessModes: - description: |- - accessModes contains the desired access modes the volume should have. - More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1 - items: - type: string - type: array - x-kubernetes-list-type: atomic - dataSource: - description: |- - dataSource field can be used to specify either: - * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot) - * An existing PVC (PersistentVolumeClaim) - If the provisioner or an external controller can support the specified data source, - it will create a new volume based on the contents of the specified data source. - When the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef, - and dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified. - If the namespace is specified, then dataSourceRef will not be copied to dataSource. - properties: - apiGroup: - description: |- - APIGroup is the group for the resource being referenced. - If APIGroup is not specified, the specified Kind must be in the core API group. - For any other third-party types, APIGroup is required. - type: string - kind: - description: Kind is the type of resource being referenced - type: string - name: - description: Name is the name of resource being referenced - type: string - required: - - kind - - name - type: object - x-kubernetes-map-type: atomic - dataSourceRef: - description: |- - dataSourceRef specifies the object from which to populate the volume with data, if a non-empty - volume is desired. This may be any object from a non-empty API group (non - core object) or a PersistentVolumeClaim object. - When this field is specified, volume binding will only succeed if the type of - the specified object matches some installed volume populator or dynamic - provisioner. - This field will replace the functionality of the dataSource field and as such - if both fields are non-empty, they must have the same value. For backwards - compatibility, when namespace isn't specified in dataSourceRef, - both fields (dataSource and dataSourceRef) will be set to the same - value automatically if one of them is empty and the other is non-empty. - When namespace is specified in dataSourceRef, - dataSource isn't set to the same value and must be empty. - There are three important differences between dataSource and dataSourceRef: - * While dataSource only allows two specific types of objects, dataSourceRef - allows any non-core object, as well as PersistentVolumeClaim objects. - * While dataSource ignores disallowed values (dropping them), dataSourceRef - preserves all values, and generates an error if a disallowed value is - specified. - * While dataSource only allows local objects, dataSourceRef allows objects - in any namespaces. - (Beta) Using this field requires the AnyVolumeDataSource feature gate to be enabled. - (Alpha) Using the namespace field of dataSourceRef requires the CrossNamespaceVolumeDataSource feature gate to be enabled. - properties: - apiGroup: - description: |- - APIGroup is the group for the resource being referenced. - If APIGroup is not specified, the specified Kind must be in the core API group. - For any other third-party types, APIGroup is required. - type: string - kind: - description: Kind is the type of resource being referenced - type: string - name: - description: Name is the name of resource being referenced - type: string - namespace: - description: |- - Namespace is the namespace of resource being referenced - Note that when a namespace is specified, a gateway.networking.k8s.io/ReferenceGrant object is required in the referent namespace to allow that namespace's owner to accept the reference. See the ReferenceGrant documentation for details. - (Alpha) This field requires the CrossNamespaceVolumeDataSource feature gate to be enabled. - type: string - required: - - kind - - name - type: object - resources: - description: |- - resources represents the minimum resources the volume should have. - If RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements - that are lower than previous value but must still be higher than capacity recorded in the - status field of the claim. - More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources - properties: - limits: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - description: |- - Limits describes the maximum amount of compute resources allowed. - More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ - type: object - requests: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - description: |- - Requests describes the minimum amount of compute resources required. - If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, - otherwise to an implementation-defined value. Requests cannot exceed Limits. - More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ - type: object - type: object - selector: - description: selector is a label query over volumes to - consider for binding. - properties: - matchExpressions: - description: matchExpressions is a list of label selector - requirements. The requirements are ANDed. - items: - description: |- - A label selector requirement is a selector that contains values, a key, and an operator that - relates the key and values. - properties: - key: - description: key is the label key that the selector - applies to. - type: string - operator: - description: |- - operator represents a key's relationship to a set of values. - Valid operators are In, NotIn, Exists and DoesNotExist. - type: string - values: - description: |- - values is an array of string values. If the operator is In or NotIn, - the values array must be non-empty. If the operator is Exists or DoesNotExist, - the values array must be empty. This array is replaced during a strategic - merge patch. - items: - type: string - type: array - x-kubernetes-list-type: atomic - required: - - key - - operator - type: object - type: array - x-kubernetes-list-type: atomic - matchLabels: - additionalProperties: - type: string - description: |- - matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels - map is equivalent to an element of matchExpressions, whose key field is "key", the - operator is "In", and the values array contains only "value". The requirements are ANDed. - type: object - type: object - x-kubernetes-map-type: atomic - storageClassName: - description: |- - storageClassName is the name of the StorageClass required by the claim. - More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1 - type: string - volumeAttributesClassName: - description: |- - volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim. - If specified, the CSI driver will create or update the volume with the attributes defined - in the corresponding VolumeAttributesClass. This has a different purpose than storageClassName, - it can be changed after the claim is created. An empty string value means that no VolumeAttributesClass - will be applied to the claim but it's not allowed to reset this field to empty string once it is set. - If unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass - will be set by the persistentvolume controller if it exists. - If the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be - set to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource - exists. - More info: https://kubernetes.io/docs/concepts/storage/volume-attributes-classes/ - (Beta) Using this field requires the VolumeAttributesClass feature gate to be enabled (off by default). - type: string - volumeMode: - description: |- - volumeMode defines what type of volume is required by the claim. - Value of Filesystem is implied when not included in claim spec. - type: string - volumeName: - description: volumeName is the binding reference to the - PersistentVolume backing this claim. - type: string - type: object - status: - description: |- - Status represents the current information/status of a persistent volume claim. - Read-only. - More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims - properties: - accessModes: - description: |- - accessModes contains the actual access modes the volume backing the PVC has. - More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1 - items: - type: string - type: array - x-kubernetes-list-type: atomic - allocatedResourceStatuses: - additionalProperties: - description: |- - When a controller receives persistentvolume claim update with ClaimResourceStatus for a resource - that it does not recognizes, then it should ignore that update and let other controllers - handle it. - type: string - description: "allocatedResourceStatuses stores status - of resource being resized for the given PVC.\nKey names - follow standard Kubernetes label syntax. Valid values - are either:\n\t* Un-prefixed keys:\n\t\t- storage - - the capacity of the volume.\n\t* Custom resources must - use implementation-defined prefixed names such as \"example.com/my-custom-resource\"\nApart - from above values - keys that are unprefixed or have - kubernetes.io prefix are considered\nreserved and hence - may not be used.\n\nClaimResourceStatus can be in any - of following states:\n\t- ControllerResizeInProgress:\n\t\tState - set when resize controller starts resizing the volume - in control-plane.\n\t- ControllerResizeFailed:\n\t\tState - set when resize has failed in resize controller with - a terminal error.\n\t- NodeResizePending:\n\t\tState - set when resize controller has finished resizing the - volume but further resizing of\n\t\tvolume is needed - on the node.\n\t- NodeResizeInProgress:\n\t\tState set - when kubelet starts resizing the volume.\n\t- NodeResizeFailed:\n\t\tState - set when resizing has failed in kubelet with a terminal - error. Transient errors don't set\n\t\tNodeResizeFailed.\nFor - example: if expanding a PVC for more capacity - this - field can be one of the following states:\n\t- pvc.status.allocatedResourceStatus['storage'] - = \"ControllerResizeInProgress\"\n - pvc.status.allocatedResourceStatus['storage'] - = \"ControllerResizeFailed\"\n - pvc.status.allocatedResourceStatus['storage'] - = \"NodeResizePending\"\n - pvc.status.allocatedResourceStatus['storage'] - = \"NodeResizeInProgress\"\n - pvc.status.allocatedResourceStatus['storage'] - = \"NodeResizeFailed\"\nWhen this field is not set, - it means that no resize operation is in progress for - the given PVC.\n\nA controller that receives PVC update - with previously unknown resourceName or ClaimResourceStatus\nshould - ignore the update for the purpose it was designed. For - example - a controller that\nonly is responsible for - resizing capacity of the volume, should ignore PVC updates - that change other valid\nresources associated with PVC.\n\nThis - is an alpha field and requires enabling RecoverVolumeExpansionFailure - feature." - type: object - x-kubernetes-map-type: granular - allocatedResources: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - description: "allocatedResources tracks the resources - allocated to a PVC including its capacity.\nKey names - follow standard Kubernetes label syntax. Valid values - are either:\n\t* Un-prefixed keys:\n\t\t- storage - - the capacity of the volume.\n\t* Custom resources must - use implementation-defined prefixed names such as \"example.com/my-custom-resource\"\nApart - from above values - keys that are unprefixed or have - kubernetes.io prefix are considered\nreserved and hence - may not be used.\n\nCapacity reported here may be larger - than the actual capacity when a volume expansion operation\nis - requested.\nFor storage quota, the larger value from - allocatedResources and PVC.spec.resources is used.\nIf - allocatedResources is not set, PVC.spec.resources alone - is used for quota calculation.\nIf a volume expansion - capacity request is lowered, allocatedResources is only\nlowered - if there are no expansion operations in progress and - if the actual volume capacity\nis equal or lower than - the requested capacity.\n\nA controller that receives - PVC update with previously unknown resourceName\nshould - ignore the update for the purpose it was designed. For - example - a controller that\nonly is responsible for - resizing capacity of the volume, should ignore PVC updates - that change other valid\nresources associated with PVC.\n\nThis - is an alpha field and requires enabling RecoverVolumeExpansionFailure - feature." - type: object - capacity: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - description: capacity represents the actual resources - of the underlying volume. - type: object - conditions: - description: |- - conditions is the current Condition of persistent volume claim. If underlying persistent volume is being - resized then the Condition will be set to 'Resizing'. - items: - description: PersistentVolumeClaimCondition contains - details about state of pvc - properties: - lastProbeTime: - description: lastProbeTime is the time we probed - the condition. - format: date-time - type: string - lastTransitionTime: - description: lastTransitionTime is the time the - condition transitioned from one status to another. - format: date-time - type: string - message: - description: message is the human-readable message - indicating details about last transition. - type: string - reason: - description: |- - reason is a unique, this should be a short, machine understandable string that gives the reason - for condition's last transition. If it reports "Resizing" that means the underlying - persistent volume is being resized. - type: string - status: - description: |- - Status is the status of the condition. - Can be True, False, Unknown. - More info: https://kubernetes.io/docs/reference/kubernetes-api/config-and-storage-resources/persistent-volume-claim-v1/#:~:text=state%20of%20pvc-,conditions.status,-(string)%2C%20required - type: string - type: - description: |- - Type is the type of the condition. - More info: https://kubernetes.io/docs/reference/kubernetes-api/config-and-storage-resources/persistent-volume-claim-v1/#:~:text=set%20to%20%27ResizeStarted%27.-,PersistentVolumeClaimCondition,-contains%20details%20about - type: string - required: - - status - - type - type: object - type: array - x-kubernetes-list-map-keys: - - type - x-kubernetes-list-type: map - currentVolumeAttributesClassName: - description: |- - currentVolumeAttributesClassName is the current name of the VolumeAttributesClass the PVC is using. - When unset, there is no VolumeAttributeClass applied to this PersistentVolumeClaim - This is a beta field and requires enabling VolumeAttributesClass feature (off by default). - type: string - modifyVolumeStatus: - description: |- - ModifyVolumeStatus represents the status object of ControllerModifyVolume operation. - When this is unset, there is no ModifyVolume operation being attempted. - This is a beta field and requires enabling VolumeAttributesClass feature (off by default). - properties: - status: - description: "status is the status of the ControllerModifyVolume - operation. It can be in any of following states:\n - - Pending\n Pending indicates that the PersistentVolumeClaim - cannot be modified due to unmet requirements, such - as\n the specified VolumeAttributesClass not existing.\n - - InProgress\n InProgress indicates that the volume - is being modified.\n - Infeasible\n Infeasible - indicates that the request has been rejected as - invalid by the CSI driver. To\n\t resolve the error, - a valid VolumeAttributesClass needs to be specified.\nNote: - New statuses can be added in the future. Consumers - should check for unknown statuses and fail appropriately." - type: string - targetVolumeAttributesClassName: - description: targetVolumeAttributesClassName is the - name of the VolumeAttributesClass the PVC currently - being reconciled - type: string - required: - - status - type: object - phase: - description: phase represents the current phase of PersistentVolumeClaim. - type: string - type: object - type: object - type: object - staticScrapeNamespaceSelector: - description: |- - StaticScrapeNamespaceSelector defines Namespaces to be selected for VMStaticScrape discovery. - Works in combination with NamespaceSelector. - NamespaceSelector nil - only objects at VMAgent namespace. - Selector nil - only objects at NamespaceSelector namespaces. - If both nil - behaviour controlled by selectAllByDefault - properties: - matchExpressions: - description: matchExpressions is a list of label selector requirements. - The requirements are ANDed. - items: - description: |- - A label selector requirement is a selector that contains values, a key, and an operator that - relates the key and values. - properties: - key: - description: key is the label key that the selector applies - to. - type: string - operator: - description: |- - operator represents a key's relationship to a set of values. - Valid operators are In, NotIn, Exists and DoesNotExist. - type: string - values: - description: |- - values is an array of string values. If the operator is In or NotIn, - the values array must be non-empty. If the operator is Exists or DoesNotExist, - the values array must be empty. This array is replaced during a strategic - merge patch. - items: - type: string - type: array - x-kubernetes-list-type: atomic - required: - - key - - operator - type: object - type: array - x-kubernetes-list-type: atomic - matchLabels: - additionalProperties: - type: string - description: |- - matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels - map is equivalent to an element of matchExpressions, whose key field is "key", the - operator is "In", and the values array contains only "value". The requirements are ANDed. - type: object - type: object - x-kubernetes-map-type: atomic - staticScrapeRelabelTemplate: - description: |- - StaticScrapeRelabelTemplate defines relabel config, that will be added to each VMStaticScrape. - it's useful for adding specific labels to all targets - items: - description: |- - RelabelConfig allows dynamic rewriting of the label set - More info: https://docs.victoriametrics.com/victoriametrics/#relabeling - properties: - action: - description: Action to perform based on regex matching. Default - is 'replace' - type: string - if: - description: 'If represents metricsQL match expression (or list - of expressions): ''{__name__=~"foo_.*"}''' - x-kubernetes-preserve-unknown-fields: true - labels: - additionalProperties: - type: string - description: 'Labels is used together with Match for `action: - graphite`' - type: object - match: - description: 'Match is used together with Labels for `action: - graphite`' - type: string - modulus: - description: Modulus to take of the hash of the source label - values. - format: int64 - type: integer - regex: - description: |- - Regular expression against which the extracted value is matched. Default is '(.*)' - victoriaMetrics supports multiline regex joined with | - https://docs.victoriametrics.com/victoriametrics/vmagent/#relabeling-enhancements - x-kubernetes-preserve-unknown-fields: true - replacement: - description: |- - Replacement value against which a regex replace is performed if the - regular expression matches. Regex capture groups are available. Default is '$1' - type: string - separator: - description: Separator placed between concatenated source label - values. default is ';'. - type: string - source_labels: - description: |- - UnderScoreSourceLabels - additional form of source labels source_labels - for compatibility with original relabel config. - if set both sourceLabels and source_labels, sourceLabels has priority. - for details https://github.com/VictoriaMetrics/operator/issues/131 - items: - type: string - type: array - sourceLabels: - description: |- - The source labels select values from existing labels. Their content is concatenated - using the configured separator and matched against the configured regular expression - for the replace, keep, and drop actions. - items: - type: string - type: array - target_label: - description: |- - UnderScoreTargetLabel - additional form of target label - target_label - for compatibility with original relabel config. - if set both targetLabel and target_label, targetLabel has priority. - for details https://github.com/VictoriaMetrics/operator/issues/131 - type: string - targetLabel: - description: |- - Label to which the resulting value is written in a replace action. - It is mandatory for replace actions. Regex capture groups are available. - type: string - type: object - type: array - staticScrapeSelector: - description: |- - StaticScrapeSelector defines VMStaticScrape to be selected for target discovery. - Works in combination with NamespaceSelector. - If both nil - match everything. - NamespaceSelector nil - only objects at VMAgent namespace. - Selector nil - only objects at NamespaceSelector namespaces. - properties: - matchExpressions: - description: matchExpressions is a list of label selector requirements. - The requirements are ANDed. - items: - description: |- - A label selector requirement is a selector that contains values, a key, and an operator that - relates the key and values. - properties: - key: - description: key is the label key that the selector applies - to. - type: string - operator: - description: |- - operator represents a key's relationship to a set of values. - Valid operators are In, NotIn, Exists and DoesNotExist. - type: string - values: - description: |- - values is an array of string values. If the operator is In or NotIn, - the values array must be non-empty. If the operator is Exists or DoesNotExist, - the values array must be empty. This array is replaced during a strategic - merge patch. - items: - type: string - type: array - x-kubernetes-list-type: atomic - required: - - key - - operator - type: object - type: array - x-kubernetes-list-type: atomic - matchLabels: - additionalProperties: - type: string - description: |- - matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels - map is equivalent to an element of matchExpressions, whose key field is "key", the - operator is "In", and the values array contains only "value". The requirements are ANDed. - type: object - type: object - x-kubernetes-map-type: atomic - streamAggrConfig: - description: StreamAggrConfig defines global stream aggregation configuration - for VMAgent - properties: - configmap: - description: ConfigMap with stream aggregation rules - properties: - key: - description: The key to select. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the ConfigMap or its key must - be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - dedupInterval: - description: Allows setting different de-duplication intervals - per each configured remote storage - type: string - dropInput: - description: Allow drop all the input samples after the aggregation - type: boolean - dropInputLabels: - description: labels to drop from samples for aggregator before - stream de-duplication and aggregation - items: - type: string - type: array - enableWindows: - description: EnableWindows enables aggregating data in separate - windows ( available from v0.54.0). - type: boolean - ignoreFirstIntervals: - description: IgnoreFirstIntervals instructs to ignore first interval - type: integer - ignoreFirstSampleInterval: - description: IgnoreFirstSampleInterval sets interval for total - and prometheus_total during which first samples will be ignored - type: string - ignoreOldSamples: - description: IgnoreOldSamples instructs to ignore samples with - old timestamps outside the current aggregation interval. - type: boolean - keepInput: - description: Allows writing both raw and aggregate data - type: boolean - rules: - description: Stream aggregation rules - items: - description: StreamAggrRule defines the rule in stream aggregation - config - properties: - by: - description: |- - By is an optional list of labels for grouping input series. - - See also Without. - - If neither By nor Without are set, then the Outputs are calculated - individually per each input time series. - items: - type: string - type: array - dedup_interval: - description: DedupInterval is an optional interval for deduplication. - type: string - drop_input_labels: - description: |- - DropInputLabels is an optional list with labels, which must be dropped before further processing of input samples. - - Labels are dropped before de-duplication and aggregation. - items: - type: string - type: array - enable_windows: - description: EnableWindows enables aggregating data in separate - windows - type: boolean - flush_on_shutdown: - description: |- - FlushOnShutdown defines whether to flush the aggregation state on process termination - or config reload. Is `false` by default. - It is not recommended changing this setting, unless unfinished aggregations states - are preferred to missing data points. - type: boolean - ignore_first_intervals: - type: integer - ignore_old_samples: - description: IgnoreOldSamples instructs to ignore samples - with old timestamps outside the current aggregation interval. - type: boolean - ignoreFirstSampleInterval: - description: IgnoreFirstSampleInterval sets interval for - total and prometheus_total during which first samples - will be ignored - type: string - input_relabel_configs: - description: |- - InputRelabelConfigs is an optional relabeling rules, which are applied on the input - before aggregation. - items: - description: |- - RelabelConfig allows dynamic rewriting of the label set - More info: https://docs.victoriametrics.com/victoriametrics/#relabeling - properties: - action: - description: Action to perform based on regex matching. - Default is 'replace' - type: string - if: - description: 'If represents metricsQL match expression - (or list of expressions): ''{__name__=~"foo_.*"}''' - x-kubernetes-preserve-unknown-fields: true - labels: - additionalProperties: - type: string - description: 'Labels is used together with Match for - `action: graphite`' - type: object - match: - description: 'Match is used together with Labels for - `action: graphite`' - type: string - modulus: - description: Modulus to take of the hash of the source - label values. - format: int64 - type: integer - regex: - description: |- - Regular expression against which the extracted value is matched. Default is '(.*)' - victoriaMetrics supports multiline regex joined with | - https://docs.victoriametrics.com/victoriametrics/vmagent/#relabeling-enhancements - x-kubernetes-preserve-unknown-fields: true - replacement: - description: |- - Replacement value against which a regex replace is performed if the - regular expression matches. Regex capture groups are available. Default is '$1' - type: string - separator: - description: Separator placed between concatenated - source label values. default is ';'. - type: string - source_labels: - description: |- - UnderScoreSourceLabels - additional form of source labels source_labels - for compatibility with original relabel config. - if set both sourceLabels and source_labels, sourceLabels has priority. - for details https://github.com/VictoriaMetrics/operator/issues/131 - items: - type: string - type: array - sourceLabels: - description: |- - The source labels select values from existing labels. Their content is concatenated - using the configured separator and matched against the configured regular expression - for the replace, keep, and drop actions. - items: - type: string - type: array - target_label: - description: |- - UnderScoreTargetLabel - additional form of target label - target_label - for compatibility with original relabel config. - if set both targetLabel and target_label, targetLabel has priority. - for details https://github.com/VictoriaMetrics/operator/issues/131 - type: string - targetLabel: - description: |- - Label to which the resulting value is written in a replace action. - It is mandatory for replace actions. Regex capture groups are available. - type: string - type: object - type: array - interval: - description: Interval is the interval between aggregations. - type: string - keep_metric_names: - description: KeepMetricNames instructs to leave metric names - as is for the output time series without adding any suffix. - type: boolean - match: - description: |- - Match is a label selector (or list of label selectors) for filtering time series for the given selector. - - If the match isn't set, then all the input time series are processed. - x-kubernetes-preserve-unknown-fields: true - no_align_flush_to_interval: - description: |- - NoAlignFlushToInterval disables aligning of flushes to multiples of Interval. - By default flushes are aligned to Interval. - type: boolean - output_relabel_configs: - description: |- - OutputRelabelConfigs is an optional relabeling rules, which are applied - on the aggregated output before being sent to remote storage. - items: - description: |- - RelabelConfig allows dynamic rewriting of the label set - More info: https://docs.victoriametrics.com/victoriametrics/#relabeling - properties: - action: - description: Action to perform based on regex matching. - Default is 'replace' - type: string - if: - description: 'If represents metricsQL match expression - (or list of expressions): ''{__name__=~"foo_.*"}''' - x-kubernetes-preserve-unknown-fields: true - labels: - additionalProperties: - type: string - description: 'Labels is used together with Match for - `action: graphite`' - type: object - match: - description: 'Match is used together with Labels for - `action: graphite`' - type: string - modulus: - description: Modulus to take of the hash of the source - label values. - format: int64 - type: integer - regex: - description: |- - Regular expression against which the extracted value is matched. Default is '(.*)' - victoriaMetrics supports multiline regex joined with | - https://docs.victoriametrics.com/victoriametrics/vmagent/#relabeling-enhancements - x-kubernetes-preserve-unknown-fields: true - replacement: - description: |- - Replacement value against which a regex replace is performed if the - regular expression matches. Regex capture groups are available. Default is '$1' - type: string - separator: - description: Separator placed between concatenated - source label values. default is ';'. - type: string - source_labels: - description: |- - UnderScoreSourceLabels - additional form of source labels source_labels - for compatibility with original relabel config. - if set both sourceLabels and source_labels, sourceLabels has priority. - for details https://github.com/VictoriaMetrics/operator/issues/131 - items: - type: string - type: array - sourceLabels: - description: |- - The source labels select values from existing labels. Their content is concatenated - using the configured separator and matched against the configured regular expression - for the replace, keep, and drop actions. - items: - type: string - type: array - target_label: - description: |- - UnderScoreTargetLabel - additional form of target label - target_label - for compatibility with original relabel config. - if set both targetLabel and target_label, targetLabel has priority. - for details https://github.com/VictoriaMetrics/operator/issues/131 - type: string - targetLabel: - description: |- - Label to which the resulting value is written in a replace action. - It is mandatory for replace actions. Regex capture groups are available. - type: string - type: object - type: array - outputs: - description: |- - Outputs is a list of output aggregate functions to produce. - - The following names are allowed: - - - total - aggregates input counters - - increase - counts the increase over input counters - - count_series - counts the input series - - count_samples - counts the input samples - - sum_samples - sums the input samples - - last - the last biggest sample value - - min - the minimum sample value - - max - the maximum sample value - - avg - the average value across all the samples - - stddev - standard deviation across all the samples - - stdvar - standard variance across all the samples - - histogram_bucket - creates VictoriaMetrics histogram for input samples - - quantiles(phi1, ..., phiN) - quantiles' estimation for phi in the range [0..1] - - The output time series will have the following names: - - input_name:aggr__ - items: - type: string - type: array - staleness_interval: - description: |- - Staleness interval is interval after which the series state will be reset if no samples have been sent during it. - The parameter is only relevant for outputs: total, total_prometheus, increase, increase_prometheus and histogram_bucket. - type: string - without: - description: |- - Without is an optional list of labels, which must be excluded when grouping input series. - - See also By. - - If neither By nor Without are set, then the Outputs are calculated - individually per each input time series. - items: - type: string - type: array - required: - - interval - - outputs - type: object - type: array - type: object - terminationGracePeriodSeconds: - description: TerminationGracePeriodSeconds period for container graceful - termination - format: int64 - type: integer - tolerations: - description: Tolerations If specified, the pod's tolerations. - items: - description: |- - The pod this Toleration is attached to tolerates any taint that matches - the triple using the matching operator . - properties: - effect: - description: |- - Effect indicates the taint effect to match. Empty means match all taint effects. - When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute. - type: string - key: - description: |- - Key is the taint key that the toleration applies to. Empty means match all taint keys. - If the key is empty, operator must be Exists; this combination means to match all values and all keys. - type: string - operator: - description: |- - Operator represents a key's relationship to the value. - Valid operators are Exists and Equal. Defaults to Equal. - Exists is equivalent to wildcard for value, so that a pod can - tolerate all taints of a particular category. - type: string - tolerationSeconds: - description: |- - TolerationSeconds represents the period of time the toleration (which must be - of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, - it is not set, which means tolerate the taint forever (do not evict). Zero and - negative values will be treated as 0 (evict immediately) by the system. - format: int64 - type: integer - value: - description: |- - Value is the taint value the toleration matches to. - If the operator is Exists, the value should be empty, otherwise just a regular string. - type: string - type: object - type: array - topologySpreadConstraints: - description: |- - TopologySpreadConstraints embedded kubernetes pod configuration option, - controls how pods are spread across your cluster among failure-domains - such as regions, zones, nodes, and other user-defined topology domains - https://kubernetes.io/docs/concepts/workloads/pods/pod-topology-spread-constraints/ - items: - description: TopologySpreadConstraint specifies how to spread matching - pods among the given topology. - required: - - maxSkew - - topologyKey - - whenUnsatisfiable - type: object - x-kubernetes-preserve-unknown-fields: true - type: array - updateStrategy: - description: |- - UpdateStrategy - overrides default update strategy. - works only for deployments, statefulset always use OnDelete. - enum: - - Recreate - - RollingUpdate - type: string - useDefaultResources: - description: |- - UseDefaultResources controls resource settings - By default, operator sets built-in resource requirements - type: boolean - useStrictSecurity: - description: |- - UseStrictSecurity enables strict security mode for component - it restricts disk writes access - uses non-root user out of the box - drops not needed security permissions - type: boolean - useVMConfigReloader: - description: |- - UseVMConfigReloader replaces prometheus-like config-reloader - with vm one. It uses secrets watch instead of file watch - which greatly increases speed of config updates - type: boolean - vmAgentExternalLabelName: - description: |- - VMAgentExternalLabelName Name of vmAgent external label used to denote vmAgent instance - name. Defaults to the value of `prometheus`. External label will - _not_ be added when value is set to empty string (`""`). - type: string - volumeMounts: - description: |- - VolumeMounts allows configuration of additional VolumeMounts on the output Deployment/StatefulSet definition. - VolumeMounts specified will be appended to other VolumeMounts in the Application container - items: - description: VolumeMount describes a mounting of a Volume within - a container. - properties: - mountPath: - description: |- - Path within the container at which the volume should be mounted. Must - not contain ':'. - type: string - mountPropagation: - description: |- - mountPropagation determines how mounts are propagated from the host - to container and the other way around. - When not set, MountPropagationNone is used. - This field is beta in 1.10. - When RecursiveReadOnly is set to IfPossible or to Enabled, MountPropagation must be None or unspecified - (which defaults to None). - type: string - name: - description: This must match the Name of a Volume. - type: string - readOnly: - description: |- - Mounted read-only if true, read-write otherwise (false or unspecified). - Defaults to false. - type: boolean - recursiveReadOnly: - description: |- - RecursiveReadOnly specifies whether read-only mounts should be handled - recursively. - - If ReadOnly is false, this field has no meaning and must be unspecified. - - If ReadOnly is true, and this field is set to Disabled, the mount is not made - recursively read-only. If this field is set to IfPossible, the mount is made - recursively read-only, if it is supported by the container runtime. If this - field is set to Enabled, the mount is made recursively read-only if it is - supported by the container runtime, otherwise the pod will not be started and - an error will be generated to indicate the reason. - - If this field is set to IfPossible or Enabled, MountPropagation must be set to - None (or be unspecified, which defaults to None). - - If this field is not specified, it is treated as an equivalent of Disabled. - type: string - subPath: - description: |- - Path within the volume from which the container's volume should be mounted. - Defaults to "" (volume's root). - type: string - subPathExpr: - description: |- - Expanded path within the volume from which the container's volume should be mounted. - Behaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment. - Defaults to "" (volume's root). - SubPathExpr and SubPath are mutually exclusive. - type: string - required: - - mountPath - - name - type: object - type: array - volumes: - description: |- - Volumes allows configuration of additional volumes on the output Deployment/StatefulSet definition. - Volumes specified will be appended to other volumes that are generated. - / +optional - items: - description: Volume represents a named volume in a pod that may - be accessed by any container in the pod. - required: - - name - type: object - x-kubernetes-preserve-unknown-fields: true - type: array - required: - - remoteWrite - type: object - status: - description: VMAgentStatus defines the observed state of VMAgent - properties: - conditions: - description: 'Known .status.conditions.type are: "Available", "Progressing", - and "Degraded"' - items: - description: Condition defines status condition of the resource - properties: - lastTransitionTime: - description: lastTransitionTime is the last time the condition - transitioned from one status to another. - format: date-time - type: string - lastUpdateTime: - description: |- - LastUpdateTime is the last time of given type update. - This value is used for status TTL update and removal - format: date-time - type: string - message: - description: |- - message is a human readable message indicating details about the transition. - This may be an empty string. - maxLength: 32768 - type: string - observedGeneration: - description: |- - observedGeneration represents the .metadata.generation that the condition was set based upon. - For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date - with respect to the current state of the instance. - format: int64 - minimum: 0 - type: integer - reason: - description: |- - reason contains a programmatic identifier indicating the reason for the condition's last transition. - Producers of specific condition types may define expected values and meanings for this field, - and whether the values are considered a guaranteed API. - The value should be a CamelCase string. - This field may not be empty. - maxLength: 1024 - minLength: 1 - type: string - status: - description: status of the condition, one of True, False, Unknown. - enum: - - "True" - - "False" - - Unknown - type: string - type: - description: Type of condition in CamelCase or in name.namespace.resource.victoriametrics.com/CamelCase. - maxLength: 316 - type: string - required: - - lastTransitionTime - - lastUpdateTime - - reason - - status - - type + required: + - lastTransitionTime + - lastUpdateTime + - reason + - status + - type type: object type: array x-kubernetes-list-map-keys: @@ -11368,4338 +728,10 @@ spec: served: true storage: true subresources: - scale: - labelSelectorPath: .status.selector - specReplicasPath: .spec.shardCount - statusReplicasPath: .status.shards - status: {} ---- -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - annotations: - controller-gen.kubebuilder.io/version: v0.18.0 - name: vmalertmanagerconfigs.operator.victoriametrics.com -spec: - group: operator.victoriametrics.com - names: - kind: VMAlertmanagerConfig - listKind: VMAlertmanagerConfigList - plural: vmalertmanagerconfigs - singular: vmalertmanagerconfig - scope: Namespaced - versions: - - additionalPrinterColumns: - - jsonPath: .metadata.creationTimestamp - name: Age - type: date - - jsonPath: .status.updateStatus - name: Status - type: string - - jsonPath: .status.reason - name: Sync Error - type: string - name: v1beta1 - schema: - openAPIV3Schema: - description: VMAlertmanagerConfig is the Schema for the vmalertmanagerconfigs - API - properties: - apiVersion: - description: |- - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources - type: string - kind: - description: |- - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. - In CamelCase. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds - type: string - metadata: - type: object - spec: - description: |- - VMAlertmanagerConfigSpec defines configuration for VMAlertmanagerConfig - it must reference only locally defined objects - properties: - inhibit_rules: - description: |- - InhibitRules will only apply for alerts matching - the resource's namespace. - items: - description: |- - InhibitRule defines an inhibition rule that allows to mute alerts when other - alerts are already firing. - Note, it doesn't support deprecated alertmanager config options. - See https://prometheus.io/docs/alerting/latest/configuration/#inhibit_rule - properties: - equal: - description: |- - Labels that must have an equal value in the source and target alert for - the inhibition to take effect. - items: - type: string - type: array - source_matchers: - description: |- - SourceMatchers defines a list of matchers for which one or more alerts have - to exist for the inhibition to take effect. - items: - type: string - type: array - target_matchers: - description: |- - TargetMatchers defines a list of matchers that have to be fulfilled by the target - alerts to be muted. - items: - type: string - type: array - type: object - type: array - receivers: - description: Receivers defines alert receivers - items: - description: Receiver defines one or more notification integrations. - properties: - discord_configs: - items: - properties: - avatar_url: - description: |- - AvatarURL defines message avatar URL - Available from operator v0.55.0 and alertmanager v0.28.0 - type: string - content: - description: |- - Content defines message content template - Available from operator v0.55.0 and alertmanager v0.28.0 - maxLength: 2000 - type: string - http_config: - description: HTTP client configuration. - properties: - authorization: - description: |- - Authorization header configuration for the client. - This is mutually exclusive with BasicAuth and is only available starting from Alertmanager v0.22+. - properties: - credentials: - description: Reference to the secret with value - for authorization - properties: - key: - description: The key of the secret to select - from. Must be a valid secret key. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the Secret or - its key must be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - credentialsFile: - description: File with value for authorization - type: string - type: - description: Type of authorization, default to - bearer - type: string - type: object - basic_auth: - description: BasicAuth for the client. - properties: - password: - description: |- - Password defines reference for secret with password value - The secret needs to be in the same namespace as scrape object - properties: - key: - description: The key of the secret to select - from. Must be a valid secret key. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the Secret or - its key must be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - password_file: - description: |- - PasswordFile defines path to password file at disk - must be pre-mounted - type: string - username: - description: |- - Username defines reference for secret with username value - The secret needs to be in the same namespace as scrape object - properties: - key: - description: The key of the secret to select - from. Must be a valid secret key. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the Secret or - its key must be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - type: object - bearer_token_file: - description: BearerTokenFile defines filename for - bearer token, it must be mounted to pod. - type: string - bearer_token_secret: - description: |- - The secret's key that contains the bearer token - It must be at them same namespace as CRD - properties: - key: - description: The key of the secret to select from. Must - be a valid secret key. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the Secret or its - key must be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - oauth2: - description: OAuth2 client credentials used to fetch - a token for the targets. - properties: - client_id: - description: The secret or configmap containing - the OAuth2 client id - properties: - configMap: - description: ConfigMap containing data to - use for the targets. - properties: - key: - description: The key to select. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the ConfigMap - or its key must be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - secret: - description: Secret containing data to use - for the targets. - properties: - key: - description: The key of the secret to - select from. Must be a valid secret - key. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the Secret - or its key must be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - type: object - client_secret: - description: The secret containing the OAuth2 - client secret - properties: - key: - description: The key of the secret to select - from. Must be a valid secret key. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the Secret or - its key must be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - client_secret_file: - description: ClientSecretFile defines path for - client secret file. - type: string - endpoint_params: - additionalProperties: - type: string - description: Parameters to append to the token - URL - type: object - proxy_url: - description: |- - The proxy URL for token_url connection - ( available from v0.55.0). - Is only supported by Scrape objects family - type: string - scopes: - description: OAuth2 scopes used for the token - request - items: - type: string - type: array - tls_config: - description: |- - TLSConfig for token_url connection - ( available from v0.55.0). - Is only supported by Scrape objects family - x-kubernetes-preserve-unknown-fields: true - token_url: - description: The URL to fetch the token from - minLength: 1 - type: string - required: - - client_id - - token_url - type: object - proxyURL: - description: Optional proxy URL. - type: string - tls_config: - description: TLS configuration for the client. - properties: - ca: - description: Struct containing the CA cert to - use for the targets. - properties: - configMap: - description: ConfigMap containing data to - use for the targets. - properties: - key: - description: The key to select. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the ConfigMap - or its key must be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - secret: - description: Secret containing data to use - for the targets. - properties: - key: - description: The key of the secret to - select from. Must be a valid secret - key. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the Secret - or its key must be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - type: object - caFile: - description: Path to the CA cert in the container - to use for the targets. - type: string - cert: - description: Struct containing the client cert - file for the targets. - properties: - configMap: - description: ConfigMap containing data to - use for the targets. - properties: - key: - description: The key to select. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the ConfigMap - or its key must be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - secret: - description: Secret containing data to use - for the targets. - properties: - key: - description: The key of the secret to - select from. Must be a valid secret - key. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the Secret - or its key must be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - type: object - certFile: - description: Path to the client cert file in the - container for the targets. - type: string - insecureSkipVerify: - description: Disable target certificate validation. - type: boolean - keyFile: - description: Path to the client key file in the - container for the targets. - type: string - keySecret: - description: Secret containing the client key - file for the targets. - properties: - key: - description: The key of the secret to select - from. Must be a valid secret key. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the Secret or - its key must be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - serverName: - description: Used to verify the hostname for the - targets. - type: string - type: object - type: object - message: - description: The message body template - type: string - send_resolved: - description: SendResolved controls notify about resolved - alerts. - type: boolean - title: - description: The message title template - type: string - username: - description: |- - Username defines message username - Available from operator v0.55.0 and alertmanager v0.28.0 - type: string - webhook_url: - description: |- - The discord webhook URL - one of `urlSecret` and `url` must be defined. - type: string - webhook_url_secret: - description: |- - URLSecret defines secret name and key at the CRD namespace. - It must contain the webhook URL. - one of `urlSecret` and `url` must be defined. - properties: - key: - description: The key of the secret to select from. Must - be a valid secret key. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the Secret or its key - must be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - type: object - type: array - email_configs: - description: EmailConfigs defines email notification configurations. - items: - description: EmailConfig configures notifications via Email. - properties: - auth_identity: - description: The identity to use for authentication. - type: string - auth_password: - description: AuthPassword defines secret name and key - at CRD namespace. - properties: - key: - description: The key of the secret to select from. Must - be a valid secret key. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the Secret or its key - must be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - auth_secret: - description: |- - AuthSecret defines secret name and key at CRD namespace. - It must contain the CRAM-MD5 secret. - properties: - key: - description: The key of the secret to select from. Must - be a valid secret key. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the Secret or its key - must be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - auth_username: - description: The username to use for authentication. - type: string - from: - description: |- - The sender address. - fallback to global setting if empty - type: string - headers: - additionalProperties: - type: string - description: |- - Further headers email header key/value pairs. Overrides any headers - previously set by the notification implementation. - type: object - hello: - description: The hostname to identify to the SMTP server. - type: string - html: - description: The HTML body of the email notification. - type: string - require_tls: - description: |- - The SMTP TLS requirement. - Note that Go does not support unencrypted connections to remote SMTP endpoints. - type: boolean - send_resolved: - description: SendResolved controls notify about resolved - alerts. - type: boolean - smarthost: - description: |- - The SMTP host through which emails are sent. - fallback to global setting if empty - type: string - text: - description: The text body of the email notification. - type: string - tls_config: - description: TLS configuration - properties: - ca: - description: Struct containing the CA cert to use - for the targets. - properties: - configMap: - description: ConfigMap containing data to use - for the targets. - properties: - key: - description: The key to select. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the ConfigMap - or its key must be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - secret: - description: Secret containing data to use for - the targets. - properties: - key: - description: The key of the secret to select - from. Must be a valid secret key. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the Secret or - its key must be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - type: object - caFile: - description: Path to the CA cert in the container - to use for the targets. - type: string - cert: - description: Struct containing the client cert file - for the targets. - properties: - configMap: - description: ConfigMap containing data to use - for the targets. - properties: - key: - description: The key to select. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the ConfigMap - or its key must be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - secret: - description: Secret containing data to use for - the targets. - properties: - key: - description: The key of the secret to select - from. Must be a valid secret key. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the Secret or - its key must be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - type: object - certFile: - description: Path to the client cert file in the container - for the targets. - type: string - insecureSkipVerify: - description: Disable target certificate validation. - type: boolean - keyFile: - description: Path to the client key file in the container - for the targets. - type: string - keySecret: - description: Secret containing the client key file - for the targets. - properties: - key: - description: The key of the secret to select from. Must - be a valid secret key. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the Secret or its - key must be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - serverName: - description: Used to verify the hostname for the targets. - type: string - type: object - to: - description: The email address to send notifications to. - type: string - type: object - type: array - jira_configs: - items: - description: |- - JiraConfig represent alertmanager's jira_config entry - https://prometheus.io/docs/alerting/latest/configuration/#jira_config - available from v0.55.0 operator version - and v0.28.0 alertmanager version - properties: - api_url: - description: |- - The URL to send API requests to. The full API path must be included. - Example: https://company.atlassian.net/rest/api/2/ - type: string - custom_fields: - additionalProperties: - x-kubernetes-preserve-unknown-fields: true - description: |- - Other issue and custom fields. - Jira issue field can have multiple types. - Depends on the field type, the values must be provided differently. - See https://developer.atlassian.com/server/jira/platform/jira-rest-api-examples/#setting-custom-field-data-for-other-field-types for further examples. - type: object - description: - description: Issue description template. - type: string - http_config: - description: |- - The HTTP client's configuration. You must use this configuration to supply the personal access token (PAT) as part of the HTTP `Authorization` header. - For Jira Cloud, use basic_auth with the email address as the username and the PAT as the password. - For Jira Data Center, use the 'authorization' field with 'credentials: '. - x-kubernetes-preserve-unknown-fields: true - issue_type: - description: Type of the issue (e.g. Bug) - type: string - labels: - description: Labels to be added to the issue - items: - type: string - type: array - priority: - description: Priority of the issue - type: string - project: - description: The project key where issues are created - type: string - reopen_duration: - description: |- - If reopen_transition is defined, reopen the issue when it is not older than this value (rounded down to the nearest minute). - The resolutiondate field is used to determine the age of the issue. - pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$ - type: string - reopen_transition: - description: |- - Name of the workflow transition to resolve an issue. - The target status must have the category "done". - type: string - resolve_transition: - description: |- - Name of the workflow transition to reopen an issue. - The target status should not have the category "done". - type: string - send_resolved: - description: SendResolved controls notify about resolved - alerts. - type: boolean - summary: - description: Issue summary template - type: string - wont_fix_resolution: - description: If reopen_transition is defined, ignore issues - with that resolution. - type: string - required: - - issue_type - - project - type: object - type: array - msteams_configs: - items: - properties: - http_config: - description: HTTP client configuration. - properties: - authorization: - description: |- - Authorization header configuration for the client. - This is mutually exclusive with BasicAuth and is only available starting from Alertmanager v0.22+. - properties: - credentials: - description: Reference to the secret with value - for authorization - properties: - key: - description: The key of the secret to select - from. Must be a valid secret key. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the Secret or - its key must be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - credentialsFile: - description: File with value for authorization - type: string - type: - description: Type of authorization, default to - bearer - type: string - type: object - basic_auth: - description: BasicAuth for the client. - properties: - password: - description: |- - Password defines reference for secret with password value - The secret needs to be in the same namespace as scrape object - properties: - key: - description: The key of the secret to select - from. Must be a valid secret key. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the Secret or - its key must be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - password_file: - description: |- - PasswordFile defines path to password file at disk - must be pre-mounted - type: string - username: - description: |- - Username defines reference for secret with username value - The secret needs to be in the same namespace as scrape object - properties: - key: - description: The key of the secret to select - from. Must be a valid secret key. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the Secret or - its key must be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - type: object - bearer_token_file: - description: BearerTokenFile defines filename for - bearer token, it must be mounted to pod. - type: string - bearer_token_secret: - description: |- - The secret's key that contains the bearer token - It must be at them same namespace as CRD - properties: - key: - description: The key of the secret to select from. Must - be a valid secret key. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the Secret or its - key must be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - oauth2: - description: OAuth2 client credentials used to fetch - a token for the targets. - properties: - client_id: - description: The secret or configmap containing - the OAuth2 client id - properties: - configMap: - description: ConfigMap containing data to - use for the targets. - properties: - key: - description: The key to select. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the ConfigMap - or its key must be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - secret: - description: Secret containing data to use - for the targets. - properties: - key: - description: The key of the secret to - select from. Must be a valid secret - key. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the Secret - or its key must be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - type: object - client_secret: - description: The secret containing the OAuth2 - client secret - properties: - key: - description: The key of the secret to select - from. Must be a valid secret key. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the Secret or - its key must be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - client_secret_file: - description: ClientSecretFile defines path for - client secret file. - type: string - endpoint_params: - additionalProperties: - type: string - description: Parameters to append to the token - URL - type: object - proxy_url: - description: |- - The proxy URL for token_url connection - ( available from v0.55.0). - Is only supported by Scrape objects family - type: string - scopes: - description: OAuth2 scopes used for the token - request - items: - type: string - type: array - tls_config: - description: |- - TLSConfig for token_url connection - ( available from v0.55.0). - Is only supported by Scrape objects family - x-kubernetes-preserve-unknown-fields: true - token_url: - description: The URL to fetch the token from - minLength: 1 - type: string - required: - - client_id - - token_url - type: object - proxyURL: - description: Optional proxy URL. - type: string - tls_config: - description: TLS configuration for the client. - properties: - ca: - description: Struct containing the CA cert to - use for the targets. - properties: - configMap: - description: ConfigMap containing data to - use for the targets. - properties: - key: - description: The key to select. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the ConfigMap - or its key must be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - secret: - description: Secret containing data to use - for the targets. - properties: - key: - description: The key of the secret to - select from. Must be a valid secret - key. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the Secret - or its key must be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - type: object - caFile: - description: Path to the CA cert in the container - to use for the targets. - type: string - cert: - description: Struct containing the client cert - file for the targets. - properties: - configMap: - description: ConfigMap containing data to - use for the targets. - properties: - key: - description: The key to select. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the ConfigMap - or its key must be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - secret: - description: Secret containing data to use - for the targets. - properties: - key: - description: The key of the secret to - select from. Must be a valid secret - key. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the Secret - or its key must be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - type: object - certFile: - description: Path to the client cert file in the - container for the targets. - type: string - insecureSkipVerify: - description: Disable target certificate validation. - type: boolean - keyFile: - description: Path to the client key file in the - container for the targets. - type: string - keySecret: - description: Secret containing the client key - file for the targets. - properties: - key: - description: The key of the secret to select - from. Must be a valid secret key. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the Secret or - its key must be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - serverName: - description: Used to verify the hostname for the - targets. - type: string - type: object - type: object - send_resolved: - description: SendResolved controls notify about resolved - alerts. - type: boolean - text: - description: The text body of the teams notification. - type: string - title: - description: The title of the teams notification. - type: string - webhook_url: - description: |- - The incoming webhook URL - one of `urlSecret` and `url` must be defined. - type: string - webhook_url_secret: - description: |- - URLSecret defines secret name and key at the CRD namespace. - It must contain the webhook URL. - one of `urlSecret` and `url` must be defined. - properties: - key: - description: The key of the secret to select from. Must - be a valid secret key. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the Secret or its key - must be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - type: object - type: array - msteamsv2_configs: - items: - description: |- - MSTeamsV2Config sends notifications using the new message format with adaptive cards as required by flows. - https://support.microsoft.com/en-gb/office/create-incoming-webhooks-with-workflows-for-microsoft-teams-8ae491c7-0394-4861-ba59-055e33f75498 - available from v0.55.0 operator version - and v0.28.0 alertmanager version - properties: - http_config: - x-kubernetes-preserve-unknown-fields: true - send_resolved: - description: SendResolved controls notify about resolved - alerts. - type: boolean - text: - description: Message body template. - type: string - title: - description: Message title template. - type: string - webhook_url: - description: |- - The incoming webhook URL - one of `urlSecret` and `url` must be defined. - type: string - webhook_url_secret: - description: |- - URLSecret defines secret name and key at the CRD namespace. - It must contain the webhook URL. - one of `webhook_url` or `webhook_url_secret` must be defined. - properties: - key: - description: The key of the secret to select from. Must - be a valid secret key. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the Secret or its key - must be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - type: object - type: array - name: - description: Name of the receiver. Must be unique across all - items from the list. - minLength: 1 - type: string - opsgenie_configs: - description: OpsGenieConfigs defines ops genie notification - configurations. - items: - description: |- - OpsGenieConfig configures notifications via OpsGenie. - See https://prometheus.io/docs/alerting/latest/configuration/#opsgenie_config - properties: - actions: - description: Comma separated list of actions that will - be available for the alert. - type: string - api_key: - description: |- - The secret's key that contains the OpsGenie API key. - It must be at them same namespace as CRD - fallback to global setting if empty - properties: - key: - description: The key of the secret to select from. Must - be a valid secret key. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the Secret or its key - must be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - apiURL: - description: The URL to send OpsGenie API requests to. - type: string - description: - description: Description of the incident. - type: string - details: - additionalProperties: - type: string - description: A set of arbitrary key/value pairs that provide - further detail about the incident. - type: object - entity: - description: Optional field that can be used to specify - which domain alert is related to. - type: string - http_config: - description: HTTP client configuration. - type: object - x-kubernetes-preserve-unknown-fields: true - message: - description: Alert text limited to 130 characters. - type: string - note: - description: Additional alert note. - type: string - priority: - description: Priority level of alert. Possible values - are P1, P2, P3, P4, and P5. - type: string - responders: - description: List of responders responsible for notifications. - items: - description: |- - OpsGenieConfigResponder defines a responder to an incident. - One of `id`, `name` or `username` has to be defined. - properties: - id: - description: ID of the responder. - type: string - name: - description: Name of the responder. - type: string - type: - description: Type of responder. - minLength: 1 - type: string - username: - description: Username of the responder. - type: string - required: - - type - type: object - type: array - send_resolved: - description: SendResolved controls notify about resolved - alerts. - type: boolean - source: - description: Backlink to the sender of the notification. - type: string - tags: - description: Comma separated list of tags attached to - the notifications. - type: string - update_alerts: - description: |- - Whether to update message and description of the alert in OpsGenie if it already exists - By default, the alert is never updated in OpsGenie, the new message only appears in activity log. - type: boolean - type: object - type: array - pagerduty_configs: - description: PagerDutyConfigs defines pager duty notification - configurations. - items: - description: |- - PagerDutyConfig configures notifications via PagerDuty. - See https://prometheus.io/docs/alerting/latest/configuration/#pagerduty_config - properties: - class: - description: The class/type of the event. - type: string - client: - description: Client identification. - type: string - client_url: - description: Backlink to the sender of notification. - type: string - component: - description: The part or component of the affected system - that is broken. - type: string - description: - description: Description of the incident. - type: string - details: - additionalProperties: - type: string - description: Arbitrary key/value pairs that provide further - detail about the incident. - type: object - group: - description: A cluster or grouping of sources. - type: string - http_config: - description: HTTP client configuration. - type: object - x-kubernetes-preserve-unknown-fields: true - images: - description: Images to attach to the incident. - items: - description: |- - ImageConfig is used to attach images to the incident. - See https://developer.pagerduty.com/docs/ZG9jOjExMDI5NTgx-send-an-alert-event#the-images-property - for more information. - properties: - alt: - type: string - href: - type: string - source: - type: string - required: - - source - type: object - type: array - links: - description: Links to attach to the incident. - items: - description: |- - LinkConfig is used to attach text links to the incident. - See https://developer.pagerduty.com/docs/ZG9jOjExMDI5NTgx-send-an-alert-event#the-links-property - for more information. - properties: - href: - type: string - text: - type: string - required: - - href - type: object - type: array - routing_key: - description: |- - The secret's key that contains the PagerDuty integration key (when using - Events API v2). Either this field or `serviceKey` needs to be defined. - It must be at them same namespace as CRD - properties: - key: - description: The key of the secret to select from. Must - be a valid secret key. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the Secret or its key - must be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - send_resolved: - description: SendResolved controls notify about resolved - alerts. - type: boolean - service_key: - description: |- - The secret's key that contains the PagerDuty service key (when using - integration type "Prometheus"). Either this field or `routingKey` needs to - be defined. - It must be at them same namespace as CRD - properties: - key: - description: The key of the secret to select from. Must - be a valid secret key. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the Secret or its key - must be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - severity: - description: Severity of the incident. - type: string - url: - description: The URL to send requests to. - type: string - type: object - type: array - pushover_configs: - description: PushoverConfigs defines push over notification - configurations. - items: - description: |- - PushoverConfig configures notifications via Pushover. - See https://prometheus.io/docs/alerting/latest/configuration/#pushover_config - properties: - expire: - description: |- - How long your notification will continue to be retried for, unless the user - acknowledges the notification. - type: string - html: - description: Whether notification message is HTML or plain - text. - type: boolean - http_config: - description: HTTP client configuration. - type: object - x-kubernetes-preserve-unknown-fields: true - message: - description: Notification message. - type: string - priority: - description: Priority, see https://pushover.net/api#priority - type: string - retry: - description: |- - How often the Pushover servers will send the same notification to the user. - Must be at least 30 seconds. - type: string - send_resolved: - description: SendResolved controls notify about resolved - alerts. - type: boolean - sound: - description: The name of one of the sounds supported by - device clients to override the user's default sound - choice - type: string - title: - description: Notification title. - type: string - token: - description: |- - The secret's key that contains the registered application’s API token, see https://pushover.net/apps. - It must be at them same namespace as CRD - properties: - key: - description: The key of the secret to select from. Must - be a valid secret key. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the Secret or its key - must be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - url: - description: A supplementary URL shown alongside the message. - type: string - url_title: - description: A title for supplementary URL, otherwise - just the URL is shown - type: string - user_key: - description: |- - The secret's key that contains the recipient user’s user key. - It must be at them same namespace as CRD - properties: - key: - description: The key of the secret to select from. Must - be a valid secret key. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the Secret or its key - must be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - type: object - type: array - rocketchat_configs: - items: - description: |- - RocketchatConfig configures notifications via Rocketchat. - https://prometheus.io/docs/alerting/latest/configuration/#rocketchat_config - available from v0.55.0 operator version - and v0.28.0 alertmanager version - properties: - actions: - items: - description: |- - RocketchatAttachmentAction defines message attachments - https://github.com/RocketChat/Rocket.Chat.Go.SDK/blob/master/models/message.go - properties: - msg: - type: string - text: - type: string - type: - type: string - url: - type: string - type: object - type: array - api_url: - type: string - channel: - description: 'RocketChat channel override, (like #other-channel - or @username).' - type: string - color: - type: string - emoji: - type: string - fields: - items: - description: |- - RocketchatAttachmentField defines API fields - https://developer.rocket.chat/reference/api/rest-api/endpoints/messaging/chat-endpoints/postmessage#attachment-field-objects - properties: - short: - type: boolean - title: - type: string - value: - type: string - type: object - type: array - http_config: - x-kubernetes-preserve-unknown-fields: true - icon_url: - type: string - image_url: - type: string - link_names: - type: boolean - send_resolved: - description: SendResolved controls notify about resolved - alerts. - type: boolean - short_fields: - type: boolean - text: - type: string - thumb_url: - type: string - title: - type: string - title_link: - type: string - token: - description: SecretKeySelector selects a key of a Secret. - properties: - key: - description: The key of the secret to select from. Must - be a valid secret key. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the Secret or its key - must be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - token_id: - description: |- - The sender token and token_id - See https://docs.rocket.chat/use-rocket.chat/user-guides/user-panel/my-account#personal-access-tokens - properties: - key: - description: The key of the secret to select from. Must - be a valid secret key. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the Secret or its key - must be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - type: object - type: array - slack_configs: - description: SlackConfigs defines slack notification configurations. - items: - description: |- - SlackConfig configures notifications via Slack. - See https://prometheus.io/docs/alerting/latest/configuration/#slack_config - properties: - actions: - description: A list of Slack actions that are sent with - each notification. - items: - description: |- - SlackAction configures a single Slack action that is sent with each - notification. - See https://api.slack.com/docs/message-attachments#action_fields and - https://api.slack.com/docs/message-buttons for more information. - properties: - confirm: - description: |- - SlackConfirmationField protect users from destructive actions or - particularly distinguished decisions by asking them to confirm their button - click one more time. - See https://api.slack.com/docs/interactive-message-field-guide#confirmation_fields - for more information. - properties: - dismiss_text: - type: string - ok_text: - type: string - text: - minLength: 1 - type: string - title: - type: string - required: - - text - type: object - name: - type: string - style: - type: string - text: - minLength: 1 - type: string - type: - minLength: 1 - type: string - url: - type: string - value: - type: string - required: - - text - - type - type: object - type: array - api_url: - description: |- - The secret's key that contains the Slack webhook URL. - It must be at them same namespace as CRD - fallback to global setting if empty - properties: - key: - description: The key of the secret to select from. Must - be a valid secret key. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the Secret or its key - must be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - callback_id: - type: string - channel: - description: The channel or user to send notifications - to. - type: string - color: - type: string - fallback: - type: string - fields: - description: A list of Slack fields that are sent with - each notification. - items: - description: |- - SlackField configures a single Slack field that is sent with each notification. - See https://api.slack.com/docs/message-attachments#fields for more information. - properties: - short: - type: boolean - title: - minLength: 1 - type: string - value: - minLength: 1 - type: string - required: - - title - - value - type: object - type: array - footer: - type: string - http_config: - description: HTTP client configuration. - type: object - x-kubernetes-preserve-unknown-fields: true - icon_emoji: - type: string - icon_url: - type: string - image_url: - type: string - link_names: - type: boolean - mrkdwn_in: - items: - type: string - type: array - pretext: - type: string - send_resolved: - description: SendResolved controls notify about resolved - alerts. - type: boolean - short_fields: - type: boolean - text: - type: string - thumb_url: - type: string - title: - type: string - title_link: - type: string - username: - type: string - type: object - type: array - sns_configs: - items: - properties: - api_url: - description: The api URL - type: string - attributes: - additionalProperties: - type: string - description: SNS message attributes - type: object - http_config: - description: HTTP client configuration. - properties: - authorization: - description: |- - Authorization header configuration for the client. - This is mutually exclusive with BasicAuth and is only available starting from Alertmanager v0.22+. - properties: - credentials: - description: Reference to the secret with value - for authorization - properties: - key: - description: The key of the secret to select - from. Must be a valid secret key. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the Secret or - its key must be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - credentialsFile: - description: File with value for authorization - type: string - type: - description: Type of authorization, default to - bearer - type: string - type: object - basic_auth: - description: BasicAuth for the client. - properties: - password: - description: |- - Password defines reference for secret with password value - The secret needs to be in the same namespace as scrape object - properties: - key: - description: The key of the secret to select - from. Must be a valid secret key. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the Secret or - its key must be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - password_file: - description: |- - PasswordFile defines path to password file at disk - must be pre-mounted - type: string - username: - description: |- - Username defines reference for secret with username value - The secret needs to be in the same namespace as scrape object - properties: - key: - description: The key of the secret to select - from. Must be a valid secret key. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the Secret or - its key must be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - type: object - bearer_token_file: - description: BearerTokenFile defines filename for - bearer token, it must be mounted to pod. - type: string - bearer_token_secret: - description: |- - The secret's key that contains the bearer token - It must be at them same namespace as CRD - properties: - key: - description: The key of the secret to select from. Must - be a valid secret key. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the Secret or its - key must be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - oauth2: - description: OAuth2 client credentials used to fetch - a token for the targets. - properties: - client_id: - description: The secret or configmap containing - the OAuth2 client id - properties: - configMap: - description: ConfigMap containing data to - use for the targets. - properties: - key: - description: The key to select. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the ConfigMap - or its key must be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - secret: - description: Secret containing data to use - for the targets. - properties: - key: - description: The key of the secret to - select from. Must be a valid secret - key. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the Secret - or its key must be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - type: object - client_secret: - description: The secret containing the OAuth2 - client secret - properties: - key: - description: The key of the secret to select - from. Must be a valid secret key. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the Secret or - its key must be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - client_secret_file: - description: ClientSecretFile defines path for - client secret file. - type: string - endpoint_params: - additionalProperties: - type: string - description: Parameters to append to the token - URL - type: object - proxy_url: - description: |- - The proxy URL for token_url connection - ( available from v0.55.0). - Is only supported by Scrape objects family - type: string - scopes: - description: OAuth2 scopes used for the token - request - items: - type: string - type: array - tls_config: - description: |- - TLSConfig for token_url connection - ( available from v0.55.0). - Is only supported by Scrape objects family - x-kubernetes-preserve-unknown-fields: true - token_url: - description: The URL to fetch the token from - minLength: 1 - type: string - required: - - client_id - - token_url - type: object - proxyURL: - description: Optional proxy URL. - type: string - tls_config: - description: TLS configuration for the client. - properties: - ca: - description: Struct containing the CA cert to - use for the targets. - properties: - configMap: - description: ConfigMap containing data to - use for the targets. - properties: - key: - description: The key to select. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the ConfigMap - or its key must be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - secret: - description: Secret containing data to use - for the targets. - properties: - key: - description: The key of the secret to - select from. Must be a valid secret - key. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the Secret - or its key must be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - type: object - caFile: - description: Path to the CA cert in the container - to use for the targets. - type: string - cert: - description: Struct containing the client cert - file for the targets. - properties: - configMap: - description: ConfigMap containing data to - use for the targets. - properties: - key: - description: The key to select. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the ConfigMap - or its key must be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - secret: - description: Secret containing data to use - for the targets. - properties: - key: - description: The key of the secret to - select from. Must be a valid secret - key. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the Secret - or its key must be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - type: object - certFile: - description: Path to the client cert file in the - container for the targets. - type: string - insecureSkipVerify: - description: Disable target certificate validation. - type: boolean - keyFile: - description: Path to the client key file in the - container for the targets. - type: string - keySecret: - description: Secret containing the client key - file for the targets. - properties: - key: - description: The key of the secret to select - from. Must be a valid secret key. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the Secret or - its key must be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - serverName: - description: Used to verify the hostname for the - targets. - type: string - type: object - type: object - message: - description: The message content of the SNS notification. - type: string - phone_number: - description: |- - Phone number if message is delivered via SMS - Specify this, topic_arn or target_arn - type: string - send_resolved: - description: SendResolved controls notify about resolved - alerts. - type: boolean - sigv4: - description: Configure the AWS Signature Verification - 4 signing process - properties: - access_key: - description: |- - The AWS API keys. Both access_key and secret_key must be supplied or both must be blank. - If blank the environment variables `AWS_ACCESS_KEY_ID` and `AWS_SECRET_ACCESS_KEY` are used. - type: string - access_key_selector: - description: secret key selector to get the keys from - a Kubernetes Secret - properties: - key: - description: The key of the secret to select from. Must - be a valid secret key. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the Secret or its - key must be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - profile: - description: Named AWS profile used to authenticate - type: string - region: - description: AWS region, if blank the region from - the default credentials chain is used - type: string - role_arn: - description: AWS Role ARN, an alternative to using - AWS API keys - type: string - secret_key_selector: - description: secret key selector to get the keys from - a Kubernetes Secret - properties: - key: - description: The key of the secret to select from. Must - be a valid secret key. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the Secret or its - key must be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - type: object - subject: - description: The subject line if message is delivered - to an email endpoint. - type: string - target_arn: - description: |- - Mobile platform endpoint ARN if message is delivered via mobile notifications - Specify this, topic_arn or phone_number - type: string - topic_arn: - description: SNS topic ARN, either specify this, phone_number - or target_arn - type: string - type: object - type: array - telegram_configs: - items: - description: |- - TelegramConfig configures notification via telegram - https://prometheus.io/docs/alerting/latest/configuration/#telegram_config - properties: - api_url: - description: APIUrl the Telegram API URL i.e. https://api.telegram.org. - type: string - bot_token: - description: |- - BotToken token for the bot - https://core.telegram.org/bots/api - properties: - key: - description: The key of the secret to select from. Must - be a valid secret key. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the Secret or its key - must be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - chat_id: - description: ChatID is ID of the chat where to send the - messages. - type: integer - disable_notifications: - description: DisableNotifications - type: boolean - http_config: - description: HTTP client configuration. - type: object - x-kubernetes-preserve-unknown-fields: true - message: - description: Message is templated message - type: string - message_thread_id: - description: MessageThreadID defines ID of the message - thread where to send the messages. - type: integer - parse_mode: - description: |- - ParseMode for telegram message, - supported values are MarkdownV2, Markdown, Markdown and empty string for plain text. - type: string - send_resolved: - description: SendResolved controls notify about resolved - alerts. - type: boolean - required: - - bot_token - - chat_id - type: object - type: array - victorops_configs: - description: VictorOpsConfigs defines victor ops notification - configurations. - items: - description: |- - VictorOpsConfig configures notifications via VictorOps. - See https://prometheus.io/docs/alerting/latest/configuration/#victorops_config - properties: - api_key: - description: |- - The secret's key that contains the API key to use when talking to the VictorOps API. - It must be at them same namespace as CRD - fallback to global setting if empty - properties: - key: - description: The key of the secret to select from. Must - be a valid secret key. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the Secret or its key - must be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - api_url: - description: The VictorOps API URL. - type: string - custom_fields: - additionalProperties: - type: string - description: |- - Adds optional custom fields - https://github.com/prometheus/alertmanager/blob/v0.24.0/config/notifiers.go#L537 - type: object - entity_display_name: - description: Contains summary of the alerted problem. - type: string - http_config: - description: The HTTP client's configuration. - properties: - authorization: - description: |- - Authorization header configuration for the client. - This is mutually exclusive with BasicAuth and is only available starting from Alertmanager v0.22+. - properties: - credentials: - description: Reference to the secret with value - for authorization - properties: - key: - description: The key of the secret to select - from. Must be a valid secret key. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the Secret or - its key must be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - credentialsFile: - description: File with value for authorization - type: string - type: - description: Type of authorization, default to - bearer - type: string - type: object - basic_auth: - description: BasicAuth for the client. - properties: - password: - description: |- - Password defines reference for secret with password value - The secret needs to be in the same namespace as scrape object - properties: - key: - description: The key of the secret to select - from. Must be a valid secret key. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the Secret or - its key must be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - password_file: - description: |- - PasswordFile defines path to password file at disk - must be pre-mounted - type: string - username: - description: |- - Username defines reference for secret with username value - The secret needs to be in the same namespace as scrape object - properties: - key: - description: The key of the secret to select - from. Must be a valid secret key. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the Secret or - its key must be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - type: object - bearer_token_file: - description: BearerTokenFile defines filename for - bearer token, it must be mounted to pod. - type: string - bearer_token_secret: - description: |- - The secret's key that contains the bearer token - It must be at them same namespace as CRD - properties: - key: - description: The key of the secret to select from. Must - be a valid secret key. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the Secret or its - key must be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - oauth2: - description: OAuth2 client credentials used to fetch - a token for the targets. - properties: - client_id: - description: The secret or configmap containing - the OAuth2 client id - properties: - configMap: - description: ConfigMap containing data to - use for the targets. - properties: - key: - description: The key to select. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the ConfigMap - or its key must be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - secret: - description: Secret containing data to use - for the targets. - properties: - key: - description: The key of the secret to - select from. Must be a valid secret - key. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the Secret - or its key must be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - type: object - client_secret: - description: The secret containing the OAuth2 - client secret - properties: - key: - description: The key of the secret to select - from. Must be a valid secret key. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the Secret or - its key must be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - client_secret_file: - description: ClientSecretFile defines path for - client secret file. - type: string - endpoint_params: - additionalProperties: - type: string - description: Parameters to append to the token - URL - type: object - proxy_url: - description: |- - The proxy URL for token_url connection - ( available from v0.55.0). - Is only supported by Scrape objects family - type: string - scopes: - description: OAuth2 scopes used for the token - request - items: - type: string - type: array - tls_config: - description: |- - TLSConfig for token_url connection - ( available from v0.55.0). - Is only supported by Scrape objects family - x-kubernetes-preserve-unknown-fields: true - token_url: - description: The URL to fetch the token from - minLength: 1 - type: string - required: - - client_id - - token_url - type: object - proxyURL: - description: Optional proxy URL. - type: string - tls_config: - description: TLS configuration for the client. - properties: - ca: - description: Struct containing the CA cert to - use for the targets. - properties: - configMap: - description: ConfigMap containing data to - use for the targets. - properties: - key: - description: The key to select. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the ConfigMap - or its key must be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - secret: - description: Secret containing data to use - for the targets. - properties: - key: - description: The key of the secret to - select from. Must be a valid secret - key. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the Secret - or its key must be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - type: object - caFile: - description: Path to the CA cert in the container - to use for the targets. - type: string - cert: - description: Struct containing the client cert - file for the targets. - properties: - configMap: - description: ConfigMap containing data to - use for the targets. - properties: - key: - description: The key to select. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the ConfigMap - or its key must be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - secret: - description: Secret containing data to use - for the targets. - properties: - key: - description: The key of the secret to - select from. Must be a valid secret - key. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the Secret - or its key must be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - type: object - certFile: - description: Path to the client cert file in the - container for the targets. - type: string - insecureSkipVerify: - description: Disable target certificate validation. - type: boolean - keyFile: - description: Path to the client key file in the - container for the targets. - type: string - keySecret: - description: Secret containing the client key - file for the targets. - properties: - key: - description: The key of the secret to select - from. Must be a valid secret key. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the Secret or - its key must be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - serverName: - description: Used to verify the hostname for the - targets. - type: string - type: object - type: object - message_type: - description: Describes the behavior of the alert (CRITICAL, - WARNING, INFO). - type: string - monitoring_tool: - description: The monitoring tool the state message is - from. - type: string - routing_key: - description: A key used to map the alert to a team. - type: string - send_resolved: - description: SendResolved controls notify about resolved - alerts. - type: boolean - state_message: - description: Contains long explanation of the alerted - problem. - type: string - required: - - routing_key - type: object - type: array - webex_configs: - items: - properties: - api_url: - description: The Webex Teams API URL, i.e. https://webexapis.com/v1/messages - type: string - http_config: - description: HTTP client configuration. You must use this - configuration to supply the bot token as part of the - HTTP `Authorization` header. - properties: - authorization: - description: |- - Authorization header configuration for the client. - This is mutually exclusive with BasicAuth and is only available starting from Alertmanager v0.22+. - properties: - credentials: - description: Reference to the secret with value - for authorization - properties: - key: - description: The key of the secret to select - from. Must be a valid secret key. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the Secret or - its key must be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - credentialsFile: - description: File with value for authorization - type: string - type: - description: Type of authorization, default to - bearer - type: string - type: object - basic_auth: - description: BasicAuth for the client. - properties: - password: - description: |- - Password defines reference for secret with password value - The secret needs to be in the same namespace as scrape object - properties: - key: - description: The key of the secret to select - from. Must be a valid secret key. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the Secret or - its key must be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - password_file: - description: |- - PasswordFile defines path to password file at disk - must be pre-mounted - type: string - username: - description: |- - Username defines reference for secret with username value - The secret needs to be in the same namespace as scrape object - properties: - key: - description: The key of the secret to select - from. Must be a valid secret key. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the Secret or - its key must be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - type: object - bearer_token_file: - description: BearerTokenFile defines filename for - bearer token, it must be mounted to pod. - type: string - bearer_token_secret: - description: |- - The secret's key that contains the bearer token - It must be at them same namespace as CRD - properties: - key: - description: The key of the secret to select from. Must - be a valid secret key. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the Secret or its - key must be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - oauth2: - description: OAuth2 client credentials used to fetch - a token for the targets. - properties: - client_id: - description: The secret or configmap containing - the OAuth2 client id - properties: - configMap: - description: ConfigMap containing data to - use for the targets. - properties: - key: - description: The key to select. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the ConfigMap - or its key must be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - secret: - description: Secret containing data to use - for the targets. - properties: - key: - description: The key of the secret to - select from. Must be a valid secret - key. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the Secret - or its key must be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - type: object - client_secret: - description: The secret containing the OAuth2 - client secret - properties: - key: - description: The key of the secret to select - from. Must be a valid secret key. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the Secret or - its key must be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - client_secret_file: - description: ClientSecretFile defines path for - client secret file. - type: string - endpoint_params: - additionalProperties: - type: string - description: Parameters to append to the token - URL - type: object - proxy_url: - description: |- - The proxy URL for token_url connection - ( available from v0.55.0). - Is only supported by Scrape objects family - type: string - scopes: - description: OAuth2 scopes used for the token - request - items: - type: string - type: array - tls_config: - description: |- - TLSConfig for token_url connection - ( available from v0.55.0). - Is only supported by Scrape objects family - x-kubernetes-preserve-unknown-fields: true - token_url: - description: The URL to fetch the token from - minLength: 1 - type: string - required: - - client_id - - token_url - type: object - proxyURL: - description: Optional proxy URL. - type: string - tls_config: - description: TLS configuration for the client. - properties: - ca: - description: Struct containing the CA cert to - use for the targets. - properties: - configMap: - description: ConfigMap containing data to - use for the targets. - properties: - key: - description: The key to select. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the ConfigMap - or its key must be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - secret: - description: Secret containing data to use - for the targets. - properties: - key: - description: The key of the secret to - select from. Must be a valid secret - key. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the Secret - or its key must be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - type: object - caFile: - description: Path to the CA cert in the container - to use for the targets. - type: string - cert: - description: Struct containing the client cert - file for the targets. - properties: - configMap: - description: ConfigMap containing data to - use for the targets. - properties: - key: - description: The key to select. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the ConfigMap - or its key must be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - secret: - description: Secret containing data to use - for the targets. - properties: - key: - description: The key of the secret to - select from. Must be a valid secret - key. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the Secret - or its key must be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - type: object - certFile: - description: Path to the client cert file in the - container for the targets. - type: string - insecureSkipVerify: - description: Disable target certificate validation. - type: boolean - keyFile: - description: Path to the client key file in the - container for the targets. - type: string - keySecret: - description: Secret containing the client key - file for the targets. - properties: - key: - description: The key of the secret to select - from. Must be a valid secret key. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the Secret or - its key must be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - serverName: - description: Used to verify the hostname for the - targets. - type: string - type: object - type: object - message: - description: The message body template - type: string - room_id: - description: The ID of the Webex Teams room where to send - the messages - type: string - send_resolved: - description: SendResolved controls notify about resolved - alerts. - type: boolean - required: - - room_id - type: object - type: array - webhook_configs: - description: WebhookConfigs defines webhook notification configurations. - items: - description: |- - WebhookConfig configures notifications via a generic receiver supporting the webhook payload. - See https://prometheus.io/docs/alerting/latest/configuration/#webhook_config - properties: - http_config: - description: HTTP client configuration. - type: object - x-kubernetes-preserve-unknown-fields: true - max_alerts: - description: Maximum number of alerts to be sent per webhook - message. When 0, all alerts are included. - format: int32 - minimum: 0 - type: integer - send_resolved: - description: SendResolved controls notify about resolved - alerts. - type: boolean - timeout: - description: |- - Timeout is the maximum time allowed to invoke the webhook - available since v0.28.0 alertmanager version - pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$ - type: string - url: - description: |- - URL to send requests to, - one of `urlSecret` and `url` must be defined. - type: string - url_secret: - description: |- - URLSecret defines secret name and key at the CRD namespace. - It must contain the webhook URL. - one of `urlSecret` and `url` must be defined. - properties: - key: - description: The key of the secret to select from. Must - be a valid secret key. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the Secret or its key - must be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - type: object - type: array - wechat_configs: - description: WeChatConfigs defines wechat notification configurations. - items: - description: |- - WeChatConfig configures notifications via WeChat. - See https://prometheus.io/docs/alerting/latest/configuration/#wechat_config - properties: - agent_id: - type: string - api_secret: - description: |- - The secret's key that contains the WeChat API key. - The secret needs to be in the same namespace as the AlertmanagerConfig - fallback to global alertmanager setting if empty - properties: - key: - description: The key of the secret to select from. Must - be a valid secret key. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the Secret or its key - must be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - api_url: - description: |- - The WeChat API URL. - fallback to global alertmanager setting if empty - type: string - corp_id: - description: |- - The corp id for authentication. - fallback to global alertmanager setting if empty - type: string - http_config: - description: HTTP client configuration. - properties: - authorization: - description: |- - Authorization header configuration for the client. - This is mutually exclusive with BasicAuth and is only available starting from Alertmanager v0.22+. - properties: - credentials: - description: Reference to the secret with value - for authorization - properties: - key: - description: The key of the secret to select - from. Must be a valid secret key. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the Secret or - its key must be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - credentialsFile: - description: File with value for authorization - type: string - type: - description: Type of authorization, default to - bearer - type: string - type: object - basic_auth: - description: BasicAuth for the client. - properties: - password: - description: |- - Password defines reference for secret with password value - The secret needs to be in the same namespace as scrape object - properties: - key: - description: The key of the secret to select - from. Must be a valid secret key. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the Secret or - its key must be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - password_file: - description: |- - PasswordFile defines path to password file at disk - must be pre-mounted - type: string - username: - description: |- - Username defines reference for secret with username value - The secret needs to be in the same namespace as scrape object - properties: - key: - description: The key of the secret to select - from. Must be a valid secret key. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the Secret or - its key must be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - type: object - bearer_token_file: - description: BearerTokenFile defines filename for - bearer token, it must be mounted to pod. - type: string - bearer_token_secret: - description: |- - The secret's key that contains the bearer token - It must be at them same namespace as CRD - properties: - key: - description: The key of the secret to select from. Must - be a valid secret key. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the Secret or its - key must be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - oauth2: - description: OAuth2 client credentials used to fetch - a token for the targets. - properties: - client_id: - description: The secret or configmap containing - the OAuth2 client id - properties: - configMap: - description: ConfigMap containing data to - use for the targets. - properties: - key: - description: The key to select. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the ConfigMap - or its key must be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - secret: - description: Secret containing data to use - for the targets. - properties: - key: - description: The key of the secret to - select from. Must be a valid secret - key. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the Secret - or its key must be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - type: object - client_secret: - description: The secret containing the OAuth2 - client secret - properties: - key: - description: The key of the secret to select - from. Must be a valid secret key. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the Secret or - its key must be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - client_secret_file: - description: ClientSecretFile defines path for - client secret file. - type: string - endpoint_params: - additionalProperties: - type: string - description: Parameters to append to the token - URL - type: object - proxy_url: - description: |- - The proxy URL for token_url connection - ( available from v0.55.0). - Is only supported by Scrape objects family - type: string - scopes: - description: OAuth2 scopes used for the token - request - items: - type: string - type: array - tls_config: - description: |- - TLSConfig for token_url connection - ( available from v0.55.0). - Is only supported by Scrape objects family - x-kubernetes-preserve-unknown-fields: true - token_url: - description: The URL to fetch the token from - minLength: 1 - type: string - required: - - client_id - - token_url - type: object - proxyURL: - description: Optional proxy URL. - type: string - tls_config: - description: TLS configuration for the client. - properties: - ca: - description: Struct containing the CA cert to - use for the targets. - properties: - configMap: - description: ConfigMap containing data to - use for the targets. - properties: - key: - description: The key to select. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the ConfigMap - or its key must be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - secret: - description: Secret containing data to use - for the targets. - properties: - key: - description: The key of the secret to - select from. Must be a valid secret - key. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the Secret - or its key must be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - type: object - caFile: - description: Path to the CA cert in the container - to use for the targets. - type: string - cert: - description: Struct containing the client cert - file for the targets. - properties: - configMap: - description: ConfigMap containing data to - use for the targets. - properties: - key: - description: The key to select. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the ConfigMap - or its key must be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - secret: - description: Secret containing data to use - for the targets. - properties: - key: - description: The key of the secret to - select from. Must be a valid secret - key. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the Secret - or its key must be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - type: object - certFile: - description: Path to the client cert file in the - container for the targets. - type: string - insecureSkipVerify: - description: Disable target certificate validation. - type: boolean - keyFile: - description: Path to the client key file in the - container for the targets. - type: string - keySecret: - description: Secret containing the client key - file for the targets. - properties: - key: - description: The key of the secret to select - from. Must be a valid secret key. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the Secret or - its key must be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - serverName: - description: Used to verify the hostname for the - targets. - type: string - type: object - type: object - message: - description: API request data as defined by the WeChat - API. - type: string - message_type: - type: string - send_resolved: - description: SendResolved controls notify about resolved - alerts. - type: boolean - to_party: - type: string - to_tag: - type: string - to_user: - type: string - type: object - type: array - required: - - name - type: object - type: array - route: - description: Route definition for alertmanager, may include nested - routes. - properties: - active_time_intervals: - description: |- - ActiveTimeIntervals Times when the route should be active - These must match the name at time_intervals - items: - type: string - type: array - continue: - description: |- - Continue indicating whether an alert should continue matching subsequent - sibling nodes. It will always be true for the first-level route if disableRouteContinueEnforce for vmalertmanager not set. - type: boolean - group_by: - description: List of labels to group by. - items: - type: string - type: array - group_interval: - description: How long to wait before sending an updated notification. - pattern: '[0-9]+(ms|s|m|h)' - type: string - group_wait: - description: How long to wait before sending the initial notification. - pattern: '[0-9]+(ms|s|m|h)' - type: string - matchers: - description: |- - List of matchers that the alert’s labels should match. For the first - level route, the operator adds a namespace: "CRD_NS" matcher. - https://prometheus.io/docs/alerting/latest/configuration/#matcher - items: - type: string - type: array - mute_time_intervals: - description: MuteTimeIntervals is a list of interval names that - will mute matched alert - items: - type: string - type: array - receiver: - description: Name of the receiver for this route. - type: string - repeat_interval: - description: How long to wait before repeating the last notification. - pattern: '[0-9]+(ms|s|m|h)' - type: string - routes: - description: |- - Child routes. - https://prometheus.io/docs/alerting/latest/configuration/#route - items: - x-kubernetes-preserve-unknown-fields: true - type: array - required: - - receiver - type: object - time_intervals: - description: |- - TimeIntervals defines named interval for active/mute notifications interval - See https://prometheus.io/docs/alerting/latest/configuration/#time_interval - items: - description: TimeIntervals for alerts - properties: - name: - description: Name of interval - type: string - time_intervals: - description: TimeIntervals interval configuration - items: - description: TimeInterval defines intervals of time - properties: - days_of_month: - description: |- - DayOfMonth defines list of numerical days in the month. Days begin at 1. Negative values are also accepted. - for example, ['1:5', '-3:-1'] - items: - type: string - type: array - location: - description: Location in golang time location form, e.g. - UTC - type: string - months: - description: |- - Months defines list of calendar months identified by a case-insensitive name (e.g. ‘January’) or numeric 1. - For example, ['1:3', 'may:august', 'december'] - items: - type: string - type: array - times: - description: Times defines time range for mute - items: - description: TimeRange ranges inclusive of the starting - time and exclusive of the end time - properties: - end_time: - description: EndTime for example HH:MM - type: string - start_time: - description: StartTime for example HH:MM - type: string - required: - - end_time - - start_time - type: object - type: array - weekdays: - description: Weekdays defines list of days of the week, - where the week begins on Sunday and ends on Saturday. - items: - type: string - type: array - years: - description: |- - Years defines numerical list of years, ranges are accepted. - For example, ['2020:2022', '2030'] - items: - type: string - type: array - type: object - type: array - required: - - name - - time_intervals - type: object - type: array - required: - - receivers - - route - type: object - status: - description: VMAlertmanagerConfigStatus defines the observed state of - VMAlertmanagerConfig - properties: - conditions: - description: 'Known .status.conditions.type are: "Available", "Progressing", - and "Degraded"' - items: - description: Condition defines status condition of the resource - properties: - lastTransitionTime: - description: lastTransitionTime is the last time the condition - transitioned from one status to another. - format: date-time - type: string - lastUpdateTime: - description: |- - LastUpdateTime is the last time of given type update. - This value is used for status TTL update and removal - format: date-time - type: string - message: - description: |- - message is a human readable message indicating details about the transition. - This may be an empty string. - maxLength: 32768 - type: string - observedGeneration: - description: |- - observedGeneration represents the .metadata.generation that the condition was set based upon. - For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date - with respect to the current state of the instance. - format: int64 - minimum: 0 - type: integer - reason: - description: |- - reason contains a programmatic identifier indicating the reason for the condition's last transition. - Producers of specific condition types may define expected values and meanings for this field, - and whether the values are considered a guaranteed API. - The value should be a CamelCase string. - This field may not be empty. - maxLength: 1024 - minLength: 1 - type: string - status: - description: status of the condition, one of True, False, Unknown. - enum: - - "True" - - "False" - - Unknown - type: string - type: - description: Type of condition in CamelCase or in name.namespace.resource.victoriametrics.com/CamelCase. - maxLength: 316 - type: string - required: - - lastTransitionTime - - lastUpdateTime - - reason - - status - - type - type: object - type: array - x-kubernetes-list-map-keys: - - type - x-kubernetes-list-type: map - lastErrorParentAlertmanagerName: - type: string - observedGeneration: - description: |- - ObservedGeneration defines current generation picked by operator for the - reconcile - format: int64 - type: integer - reason: - description: Reason defines human readable error reason - type: string - updateStatus: - description: UpdateStatus defines a status for update rollout - type: string - type: object - type: object - served: true - storage: true - subresources: + scale: + labelSelectorPath: .status.selector + specReplicasPath: .spec.shardCount + statusReplicasPath: .status.shards status: {} --- apiVersion: apiextensions.k8s.io/v1 @@ -15707,2460 +739,61 @@ kind: CustomResourceDefinition metadata: annotations: controller-gen.kubebuilder.io/version: v0.18.0 - name: vmalertmanagers.operator.victoriametrics.com + name: vmalertmanagerconfigs.operator.victoriametrics.com spec: group: operator.victoriametrics.com names: - kind: VMAlertmanager - listKind: VMAlertmanagerList - plural: vmalertmanagers - shortNames: - - vma - singular: vmalertmanager + kind: VMAlertmanagerConfig + listKind: VMAlertmanagerConfigList + plural: vmalertmanagerconfigs + singular: vmalertmanagerconfig scope: Namespaced versions: - additionalPrinterColumns: - - description: The desired replicas number of Alertmanagers - jsonPath: .spec.replicaCount - name: ReplicaCount - type: integer - jsonPath: .metadata.creationTimestamp - name: Age - type: date - - description: Current update status - jsonPath: .status.updateStatus - name: Update Status - type: string - name: v1beta1 - schema: - openAPIV3Schema: - description: VMAlertmanager represents Victoria-Metrics deployment for Alertmanager. - properties: - apiVersion: - description: |- - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources - type: string - kind: - description: |- - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. - In CamelCase. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds - type: string - metadata: - type: object - spec: - description: |- - Specification of the desired behavior of the VMAlertmanager cluster. More info: - https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#spec-and-status - properties: - additionalPeers: - description: AdditionalPeers allows injecting a set of additional - Alertmanagers to peer with to form a highly available cluster. - items: - type: string - type: array - affinity: - description: Affinity If specified, the pod's scheduling constraints. - type: object - x-kubernetes-preserve-unknown-fields: true - claimTemplates: - description: ClaimTemplates allows adding additional VolumeClaimTemplates - for StatefulSet - items: - description: PersistentVolumeClaim is a user's request for and claim - to a persistent volume - properties: - apiVersion: - description: |- - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources - type: string - kind: - description: |- - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. - In CamelCase. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds - type: string - metadata: - description: |- - Standard object's metadata. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata - type: object - x-kubernetes-preserve-unknown-fields: true - spec: - description: |- - spec defines the desired characteristics of a volume requested by a pod author. - More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims - properties: - accessModes: - description: |- - accessModes contains the desired access modes the volume should have. - More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1 - items: - type: string - type: array - x-kubernetes-list-type: atomic - dataSource: - description: |- - dataSource field can be used to specify either: - * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot) - * An existing PVC (PersistentVolumeClaim) - If the provisioner or an external controller can support the specified data source, - it will create a new volume based on the contents of the specified data source. - When the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef, - and dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified. - If the namespace is specified, then dataSourceRef will not be copied to dataSource. - properties: - apiGroup: - description: |- - APIGroup is the group for the resource being referenced. - If APIGroup is not specified, the specified Kind must be in the core API group. - For any other third-party types, APIGroup is required. - type: string - kind: - description: Kind is the type of resource being referenced - type: string - name: - description: Name is the name of resource being referenced - type: string - required: - - kind - - name - type: object - x-kubernetes-map-type: atomic - dataSourceRef: - description: |- - dataSourceRef specifies the object from which to populate the volume with data, if a non-empty - volume is desired. This may be any object from a non-empty API group (non - core object) or a PersistentVolumeClaim object. - When this field is specified, volume binding will only succeed if the type of - the specified object matches some installed volume populator or dynamic - provisioner. - This field will replace the functionality of the dataSource field and as such - if both fields are non-empty, they must have the same value. For backwards - compatibility, when namespace isn't specified in dataSourceRef, - both fields (dataSource and dataSourceRef) will be set to the same - value automatically if one of them is empty and the other is non-empty. - When namespace is specified in dataSourceRef, - dataSource isn't set to the same value and must be empty. - There are three important differences between dataSource and dataSourceRef: - * While dataSource only allows two specific types of objects, dataSourceRef - allows any non-core object, as well as PersistentVolumeClaim objects. - * While dataSource ignores disallowed values (dropping them), dataSourceRef - preserves all values, and generates an error if a disallowed value is - specified. - * While dataSource only allows local objects, dataSourceRef allows objects - in any namespaces. - (Beta) Using this field requires the AnyVolumeDataSource feature gate to be enabled. - (Alpha) Using the namespace field of dataSourceRef requires the CrossNamespaceVolumeDataSource feature gate to be enabled. - properties: - apiGroup: - description: |- - APIGroup is the group for the resource being referenced. - If APIGroup is not specified, the specified Kind must be in the core API group. - For any other third-party types, APIGroup is required. - type: string - kind: - description: Kind is the type of resource being referenced - type: string - name: - description: Name is the name of resource being referenced - type: string - namespace: - description: |- - Namespace is the namespace of resource being referenced - Note that when a namespace is specified, a gateway.networking.k8s.io/ReferenceGrant object is required in the referent namespace to allow that namespace's owner to accept the reference. See the ReferenceGrant documentation for details. - (Alpha) This field requires the CrossNamespaceVolumeDataSource feature gate to be enabled. - type: string - required: - - kind - - name - type: object - resources: - description: |- - resources represents the minimum resources the volume should have. - If RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements - that are lower than previous value but must still be higher than capacity recorded in the - status field of the claim. - More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources - properties: - limits: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - description: |- - Limits describes the maximum amount of compute resources allowed. - More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ - type: object - requests: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - description: |- - Requests describes the minimum amount of compute resources required. - If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, - otherwise to an implementation-defined value. Requests cannot exceed Limits. - More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ - type: object - type: object - selector: - description: selector is a label query over volumes to consider - for binding. - properties: - matchExpressions: - description: matchExpressions is a list of label selector - requirements. The requirements are ANDed. - items: - description: |- - A label selector requirement is a selector that contains values, a key, and an operator that - relates the key and values. - properties: - key: - description: key is the label key that the selector - applies to. - type: string - operator: - description: |- - operator represents a key's relationship to a set of values. - Valid operators are In, NotIn, Exists and DoesNotExist. - type: string - values: - description: |- - values is an array of string values. If the operator is In or NotIn, - the values array must be non-empty. If the operator is Exists or DoesNotExist, - the values array must be empty. This array is replaced during a strategic - merge patch. - items: - type: string - type: array - x-kubernetes-list-type: atomic - required: - - key - - operator - type: object - type: array - x-kubernetes-list-type: atomic - matchLabels: - additionalProperties: - type: string - description: |- - matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels - map is equivalent to an element of matchExpressions, whose key field is "key", the - operator is "In", and the values array contains only "value". The requirements are ANDed. - type: object - type: object - x-kubernetes-map-type: atomic - storageClassName: - description: |- - storageClassName is the name of the StorageClass required by the claim. - More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1 - type: string - volumeAttributesClassName: - description: |- - volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim. - If specified, the CSI driver will create or update the volume with the attributes defined - in the corresponding VolumeAttributesClass. This has a different purpose than storageClassName, - it can be changed after the claim is created. An empty string value means that no VolumeAttributesClass - will be applied to the claim but it's not allowed to reset this field to empty string once it is set. - If unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass - will be set by the persistentvolume controller if it exists. - If the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be - set to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource - exists. - More info: https://kubernetes.io/docs/concepts/storage/volume-attributes-classes/ - (Beta) Using this field requires the VolumeAttributesClass feature gate to be enabled (off by default). - type: string - volumeMode: - description: |- - volumeMode defines what type of volume is required by the claim. - Value of Filesystem is implied when not included in claim spec. - type: string - volumeName: - description: volumeName is the binding reference to the - PersistentVolume backing this claim. - type: string - type: object - status: - description: |- - status represents the current information/status of a persistent volume claim. - Read-only. - More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims - properties: - accessModes: - description: |- - accessModes contains the actual access modes the volume backing the PVC has. - More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1 - items: - type: string - type: array - x-kubernetes-list-type: atomic - allocatedResourceStatuses: - additionalProperties: - description: |- - When a controller receives persistentvolume claim update with ClaimResourceStatus for a resource - that it does not recognizes, then it should ignore that update and let other controllers - handle it. - type: string - description: "allocatedResourceStatuses stores status of - resource being resized for the given PVC.\nKey names follow - standard Kubernetes label syntax. Valid values are either:\n\t* - Un-prefixed keys:\n\t\t- storage - the capacity of the - volume.\n\t* Custom resources must use implementation-defined - prefixed names such as \"example.com/my-custom-resource\"\nApart - from above values - keys that are unprefixed or have kubernetes.io - prefix are considered\nreserved and hence may not be used.\n\nClaimResourceStatus - can be in any of following states:\n\t- ControllerResizeInProgress:\n\t\tState - set when resize controller starts resizing the volume - in control-plane.\n\t- ControllerResizeFailed:\n\t\tState - set when resize has failed in resize controller with a - terminal error.\n\t- NodeResizePending:\n\t\tState set - when resize controller has finished resizing the volume - but further resizing of\n\t\tvolume is needed on the node.\n\t- - NodeResizeInProgress:\n\t\tState set when kubelet starts - resizing the volume.\n\t- NodeResizeFailed:\n\t\tState - set when resizing has failed in kubelet with a terminal - error. Transient errors don't set\n\t\tNodeResizeFailed.\nFor - example: if expanding a PVC for more capacity - this field - can be one of the following states:\n\t- pvc.status.allocatedResourceStatus['storage'] - = \"ControllerResizeInProgress\"\n - pvc.status.allocatedResourceStatus['storage'] - = \"ControllerResizeFailed\"\n - pvc.status.allocatedResourceStatus['storage'] - = \"NodeResizePending\"\n - pvc.status.allocatedResourceStatus['storage'] - = \"NodeResizeInProgress\"\n - pvc.status.allocatedResourceStatus['storage'] - = \"NodeResizeFailed\"\nWhen this field is not set, it - means that no resize operation is in progress for the - given PVC.\n\nA controller that receives PVC update with - previously unknown resourceName or ClaimResourceStatus\nshould - ignore the update for the purpose it was designed. For - example - a controller that\nonly is responsible for resizing - capacity of the volume, should ignore PVC updates that - change other valid\nresources associated with PVC.\n\nThis - is an alpha field and requires enabling RecoverVolumeExpansionFailure - feature." - type: object - x-kubernetes-map-type: granular - allocatedResources: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - description: "allocatedResources tracks the resources allocated - to a PVC including its capacity.\nKey names follow standard - Kubernetes label syntax. Valid values are either:\n\t* - Un-prefixed keys:\n\t\t- storage - the capacity of the - volume.\n\t* Custom resources must use implementation-defined - prefixed names such as \"example.com/my-custom-resource\"\nApart - from above values - keys that are unprefixed or have kubernetes.io - prefix are considered\nreserved and hence may not be used.\n\nCapacity - reported here may be larger than the actual capacity when - a volume expansion operation\nis requested.\nFor storage - quota, the larger value from allocatedResources and PVC.spec.resources - is used.\nIf allocatedResources is not set, PVC.spec.resources - alone is used for quota calculation.\nIf a volume expansion - capacity request is lowered, allocatedResources is only\nlowered - if there are no expansion operations in progress and if - the actual volume capacity\nis equal or lower than the - requested capacity.\n\nA controller that receives PVC - update with previously unknown resourceName\nshould ignore - the update for the purpose it was designed. For example - - a controller that\nonly is responsible for resizing - capacity of the volume, should ignore PVC updates that - change other valid\nresources associated with PVC.\n\nThis - is an alpha field and requires enabling RecoverVolumeExpansionFailure - feature." - type: object - capacity: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - description: capacity represents the actual resources of - the underlying volume. - type: object - conditions: - description: |- - conditions is the current Condition of persistent volume claim. If underlying persistent volume is being - resized then the Condition will be set to 'Resizing'. - items: - description: PersistentVolumeClaimCondition contains details - about state of pvc - properties: - lastProbeTime: - description: lastProbeTime is the time we probed the - condition. - format: date-time - type: string - lastTransitionTime: - description: lastTransitionTime is the time the condition - transitioned from one status to another. - format: date-time - type: string - message: - description: message is the human-readable message - indicating details about last transition. - type: string - reason: - description: |- - reason is a unique, this should be a short, machine understandable string that gives the reason - for condition's last transition. If it reports "Resizing" that means the underlying - persistent volume is being resized. - type: string - status: - description: |- - Status is the status of the condition. - Can be True, False, Unknown. - More info: https://kubernetes.io/docs/reference/kubernetes-api/config-and-storage-resources/persistent-volume-claim-v1/#:~:text=state%20of%20pvc-,conditions.status,-(string)%2C%20required - type: string - type: - description: |- - Type is the type of the condition. - More info: https://kubernetes.io/docs/reference/kubernetes-api/config-and-storage-resources/persistent-volume-claim-v1/#:~:text=set%20to%20%27ResizeStarted%27.-,PersistentVolumeClaimCondition,-contains%20details%20about - type: string - required: - - status - - type - type: object - type: array - x-kubernetes-list-map-keys: - - type - x-kubernetes-list-type: map - currentVolumeAttributesClassName: - description: |- - currentVolumeAttributesClassName is the current name of the VolumeAttributesClass the PVC is using. - When unset, there is no VolumeAttributeClass applied to this PersistentVolumeClaim - This is a beta field and requires enabling VolumeAttributesClass feature (off by default). - type: string - modifyVolumeStatus: - description: |- - ModifyVolumeStatus represents the status object of ControllerModifyVolume operation. - When this is unset, there is no ModifyVolume operation being attempted. - This is a beta field and requires enabling VolumeAttributesClass feature (off by default). - properties: - status: - description: "status is the status of the ControllerModifyVolume - operation. It can be in any of following states:\n - - Pending\n Pending indicates that the PersistentVolumeClaim - cannot be modified due to unmet requirements, such - as\n the specified VolumeAttributesClass not existing.\n - - InProgress\n InProgress indicates that the volume - is being modified.\n - Infeasible\n Infeasible indicates - that the request has been rejected as invalid by the - CSI driver. To\n\t resolve the error, a valid VolumeAttributesClass - needs to be specified.\nNote: New statuses can be - added in the future. Consumers should check for unknown - statuses and fail appropriately." - type: string - targetVolumeAttributesClassName: - description: targetVolumeAttributesClassName is the - name of the VolumeAttributesClass the PVC currently - being reconciled - type: string - required: - - status - type: object - phase: - description: phase represents the current phase of PersistentVolumeClaim. - type: string - type: object - type: object - type: array - clusterAdvertiseAddress: - description: |- - ClusterAdvertiseAddress is the explicit address to advertise in cluster. - Needs to be provided for non RFC1918 [1] (public) addresses. - [1] RFC1918: https://tools.ietf.org/html/rfc1918 - type: string - clusterDomainName: - description: |- - ClusterDomainName defines domain name suffix for in-cluster dns addresses - aka .cluster.local - used to build pod peer addresses for in-cluster communication - type: string - configMaps: - description: |- - ConfigMaps is a list of ConfigMaps in the same namespace as the Application - object, which shall be mounted into the Application container - at /etc/vm/configs/CONFIGMAP_NAME folder - items: - type: string - type: array - configNamespaceSelector: - description: |2- - ConfigNamespaceSelector defines namespace selector for VMAlertmanagerConfig. - Works in combination with Selector. - NamespaceSelector nil - only objects at VMAlertmanager namespace. - Selector nil - only objects at NamespaceSelector namespaces. - If both nil - behaviour controlled by selectAllByDefault - properties: - matchExpressions: - description: matchExpressions is a list of label selector requirements. - The requirements are ANDed. - items: - description: |- - A label selector requirement is a selector that contains values, a key, and an operator that - relates the key and values. - properties: - key: - description: key is the label key that the selector applies - to. - type: string - operator: - description: |- - operator represents a key's relationship to a set of values. - Valid operators are In, NotIn, Exists and DoesNotExist. - type: string - values: - description: |- - values is an array of string values. If the operator is In or NotIn, - the values array must be non-empty. If the operator is Exists or DoesNotExist, - the values array must be empty. This array is replaced during a strategic - merge patch. - items: - type: string - type: array - x-kubernetes-list-type: atomic - required: - - key - - operator - type: object - type: array - x-kubernetes-list-type: atomic - matchLabels: - additionalProperties: - type: string - description: |- - matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels - map is equivalent to an element of matchExpressions, whose key field is "key", the - operator is "In", and the values array contains only "value". The requirements are ANDed. - type: object - type: object - x-kubernetes-map-type: atomic - configRawYaml: - description: |- - ConfigRawYaml - raw configuration for alertmanager, - it helps it to start without secret. - priority -> hardcoded ConfigRaw -> ConfigRaw, provided by user -> ConfigSecret. - type: string - configReloadAuthKeySecret: - description: |- - ConfigReloadAuthKeySecret defines optional secret reference authKey for /-/reload API requests. - Given secret reference will be added to the application and vm-config-reloader as volume - available since v0.57.0 version - properties: - key: - description: The key of the secret to select from. Must be a - valid secret key. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the Secret or its key must be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - configReloaderExtraArgs: - additionalProperties: - type: string - description: |- - ConfigReloaderExtraArgs that will be passed to VMAuths config-reloader container - for example resyncInterval: "30s" - type: object - configReloaderImageTag: - description: ConfigReloaderImageTag defines image:tag for config-reloader - container - type: string - configReloaderResources: - description: |- - ConfigReloaderResources config-reloader container resource request and limits, https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ - if not defined default resources from operator config will be used - properties: - claims: - description: |- - Claims lists the names of resources, defined in spec.resourceClaims, - that are used by this container. - - This is an alpha field and requires enabling the - DynamicResourceAllocation feature gate. - - This field is immutable. It can only be set for containers. - items: - description: ResourceClaim references one entry in PodSpec.ResourceClaims. - properties: - name: - description: |- - Name must match the name of one entry in pod.spec.resourceClaims of - the Pod where this field is used. It makes that resource available - inside a container. - type: string - request: - description: |- - Request is the name chosen for a request in the referenced claim. - If empty, everything from the claim is made available, otherwise - only the result of this request. - type: string - required: - - name - type: object - type: array - x-kubernetes-list-map-keys: - - name - x-kubernetes-list-type: map - limits: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - description: |- - Limits describes the maximum amount of compute resources allowed. - More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ - type: object - requests: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - description: |- - Requests describes the minimum amount of compute resources required. - If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, - otherwise to an implementation-defined value. Requests cannot exceed Limits. - More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ - type: object - type: object - configSecret: - description: |- - ConfigSecret is the name of a Kubernetes Secret in the same namespace as the - VMAlertmanager object, which contains configuration for this VMAlertmanager, - configuration must be inside secret key: alertmanager.yaml. - It must be created by user. - instance. Defaults to 'vmalertmanager-' - The secret is mounted into /etc/alertmanager/config. - type: string - configSelector: - description: |- - ConfigSelector defines selector for VMAlertmanagerConfig, result config will be merged with with Raw or Secret config. - Works in combination with NamespaceSelector. - NamespaceSelector nil - only objects at VMAlertmanager namespace. - Selector nil - only objects at NamespaceSelector namespaces. - If both nil - behaviour controlled by selectAllByDefault - properties: - matchExpressions: - description: matchExpressions is a list of label selector requirements. - The requirements are ANDed. - items: - description: |- - A label selector requirement is a selector that contains values, a key, and an operator that - relates the key and values. - properties: - key: - description: key is the label key that the selector applies - to. - type: string - operator: - description: |- - operator represents a key's relationship to a set of values. - Valid operators are In, NotIn, Exists and DoesNotExist. - type: string - values: - description: |- - values is an array of string values. If the operator is In or NotIn, - the values array must be non-empty. If the operator is Exists or DoesNotExist, - the values array must be empty. This array is replaced during a strategic - merge patch. - items: - type: string - type: array - x-kubernetes-list-type: atomic - required: - - key - - operator - type: object - type: array - x-kubernetes-list-type: atomic - matchLabels: - additionalProperties: - type: string - description: |- - matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels - map is equivalent to an element of matchExpressions, whose key field is "key", the - operator is "In", and the values array contains only "value". The requirements are ANDed. - type: object - type: object - x-kubernetes-map-type: atomic - containers: - description: |- - Containers property allows to inject additions sidecars or to patch existing containers. - It can be useful for proxies, backup, etc. - items: - description: A single application container that you want to run - within a pod. - required: - - name - type: object - x-kubernetes-preserve-unknown-fields: true - type: array - disableAutomountServiceAccountToken: - description: |- - DisableAutomountServiceAccountToken whether to disable serviceAccount auto mount by Kubernetes (available from v0.54.0). - Operator will conditionally create volumes and volumeMounts for containers if it requires k8s API access. - For example, vmagent and vm-config-reloader requires k8s API access. - Operator creates volumes with name: "kube-api-access", which can be used as volumeMount for extraContainers if needed. - And also adds VolumeMounts at /var/run/secrets/kubernetes.io/serviceaccount. - type: boolean - disableNamespaceMatcher: - description: |- - DisableNamespaceMatcher disables adding top route label matcher "namespace = " for VMAlertmanagerConfig - It may be useful if alert doesn't have namespace label for some reason - type: boolean - disableRouteContinueEnforce: - description: DisableRouteContinueEnforce cancel the behavior for VMAlertmanagerConfig - that always enforce first-level route continue to true - type: boolean - disableSelfServiceScrape: - description: |- - DisableSelfServiceScrape controls creation of VMServiceScrape by operator - for the application. - Has priority over `VM_DISABLESELFSERVICESCRAPECREATION` operator env variable - type: boolean - dnsConfig: - description: |- - Specifies the DNS parameters of a pod. - Parameters specified here will be merged to the generated DNS - configuration based on DNSPolicy. - items: - x-kubernetes-preserve-unknown-fields: true - properties: - nameservers: - description: |- - A list of DNS name server IP addresses. - This will be appended to the base nameservers generated from DNSPolicy. - Duplicated nameservers will be removed. - items: - type: string - type: array - x-kubernetes-list-type: atomic - options: - description: |- - A list of DNS resolver options. - This will be merged with the base options generated from DNSPolicy. - Duplicated entries will be removed. Resolution options given in Options - will override those that appear in the base DNSPolicy. - items: - description: PodDNSConfigOption defines DNS resolver options - of a pod. - properties: - name: - description: |- - Name is this DNS resolver option's name. - Required. - type: string - value: - description: Value is this DNS resolver option's value. - type: string - type: object - type: array - x-kubernetes-list-type: atomic - searches: - description: |- - A list of DNS search domains for host-name lookup. - This will be appended to the base search paths generated from DNSPolicy. - Duplicated search paths will be removed. - items: - type: string - type: array - x-kubernetes-list-type: atomic - type: object - dnsPolicy: - description: DNSPolicy sets DNS policy for the pod - type: string - enforcedNamespaceLabel: - description: |- - EnforcedNamespaceLabel defines the namespace label key for top route matcher for VMAlertmanagerConfig - Default is "namespace" - type: string - enforcedTopRouteMatchers: - description: |- - EnforcedTopRouteMatchers defines label matchers to be added for the top route - of VMAlertmanagerConfig - It allows to make some set of labels required for alerts. - https://prometheus.io/docs/alerting/latest/configuration/#matcher - items: - type: string - type: array - externalURL: - description: |- - ExternalURL the VMAlertmanager instances will be available under. This is - necessary to generate correct URLs. This is necessary if VMAlertmanager is not - served from root of a DNS name. - type: string - extraArgs: - additionalProperties: - type: string - description: |- - ExtraArgs that will be passed to the application container - for example remoteWrite.tmpDataPath: /tmp - type: object - extraEnvs: - description: ExtraEnvs that will be passed to the application container - items: - description: EnvVar represents an environment variable present in - a Container. - properties: - name: - description: Name of the environment variable. Must be a C_IDENTIFIER. - type: string - value: - description: |- - Variable references $(VAR_NAME) are expanded - using the previously defined environment variables in the container and - any service environment variables. If a variable cannot be resolved, - the reference in the input string will be unchanged. Double $$ are reduced - to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. - "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". - Escaped references will never be expanded, regardless of whether the variable - exists or not. - Defaults to "". - type: string - required: - - name - type: object - x-kubernetes-preserve-unknown-fields: true - type: array - extraEnvsFrom: - description: |- - ExtraEnvsFrom defines source of env variables for the application container - could either be secret or configmap - items: - description: EnvFromSource represents the source of a set of ConfigMaps - properties: - configMapRef: - description: The ConfigMap to select from - properties: - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the ConfigMap must be defined - type: boolean - type: object - x-kubernetes-map-type: atomic - prefix: - description: An optional identifier to prepend to each key in - the ConfigMap. Must be a C_IDENTIFIER. - type: string - secretRef: - description: The Secret to select from - properties: - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the Secret must be defined - type: boolean - type: object - x-kubernetes-map-type: atomic - type: object - type: array - gossipConfig: - description: GossipConfig defines gossip TLS configuration for Alertmanager - cluster - properties: - tls_client_config: - description: TLSClientConfig defines client TLS configuration - for alertmanager - properties: - ca_file: - description: |- - CAFile defines path to the pre-mounted file with CA - mutually exclusive with CASecretRef - type: string - ca_secret_ref: - description: |- - CA defines reference for secret with CA content under given key - mutually exclusive with CAFile - properties: - key: - description: The key of the secret to select from. Must - be a valid secret key. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the Secret or its key must - be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - cert_file: - description: |- - CertFile defines path to the pre-mounted file with certificate - mutually exclusive with CertSecretRef - type: string - cert_secret_ref: - description: |- - CertSecretRef defines reference for secret with certificate content under given key - mutually exclusive with CertFile - properties: - key: - description: The key of the secret to select from. Must - be a valid secret key. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the Secret or its key must - be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - insecure_skip_verify: - description: |- - Cert defines reference for secret with CA content under given key - mutually exclusive with CertFile - type: boolean - key_file: - description: |- - KeyFile defines path to the pre-mounted file with certificate key - mutually exclusive with KeySecretRef - type: string - key_secret_ref: - description: |- - Key defines reference for secret with certificate key content under given key - mutually exclusive with KeyFile - properties: - key: - description: The key of the secret to select from. Must - be a valid secret key. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the Secret or its key must - be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - server_name: - description: ServerName indicates a name of a server - type: string - type: object - tls_server_config: - description: TLSServerConfig defines server TLS configuration - for alertmanager - properties: - cert_file: - description: |- - CertFile defines path to the pre-mounted file with certificate - mutually exclusive with CertSecretRef - type: string - cert_secret_ref: - description: |- - CertSecretRef defines reference for secret with certificate content under given key - mutually exclusive with CertFile - properties: - key: - description: The key of the secret to select from. Must - be a valid secret key. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the Secret or its key must - be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - cipher_suites: - description: |- - CipherSuites defines list of supported cipher suites for TLS versions up to TLS 1.2 - https://golang.org/pkg/crypto/tls/#pkg-constants - items: - type: string - type: array - client_auth_type: - description: |- - Cert defines reference for secret with CA content under given key - mutually exclusive with CertFile - ClientAuthType defines server policy for client authentication - If you want to enable client authentication (aka mTLS), you need to use RequireAndVerifyClientCert - Note, mTLS is supported only at enterprise version of VictoriaMetrics components - enum: - - NoClientCert - - RequireAndVerifyClientCert - type: string - client_ca_file: - description: |- - ClientCAFile defines path to the pre-mounted file with CA - mutually exclusive with ClientCASecretRef - type: string - client_ca_secret_ref: - description: |- - ClientCASecretRef defines reference for secret with CA content under given key - mutually exclusive with ClientCAFile - properties: - key: - description: The key of the secret to select from. Must - be a valid secret key. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the Secret or its key must - be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - curve_preferences: - description: |- - CurvePreferences defines elliptic curves that will be used in an ECDHE handshake, in preference order. - https://golang.org/pkg/crypto/tls/#CurveID - items: - type: string - type: array - key_file: - description: |- - KeyFile defines path to the pre-mounted file with certificate key - mutually exclusive with KeySecretRef - type: string - key_secret_ref: - description: |- - Key defines reference for secret with certificate key content under given key - mutually exclusive with KeyFile - properties: - key: - description: The key of the secret to select from. Must - be a valid secret key. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the Secret or its key must - be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - max_version: - description: MaxVersion maximum TLS version that is acceptable. - enum: - - TLS10 - - TLS11 - - TLS12 - - TLS13 - type: string - min_version: - description: MinVersion minimum TLS version that is acceptable. - enum: - - TLS10 - - TLS11 - - TLS12 - - TLS13 - type: string - prefer_server_cipher_suites: - description: |- - PreferServerCipherSuites controls whether the server selects the - client's most preferred ciphersuite - type: boolean - type: object - type: object - host_aliases: - description: |- - HostAliasesUnderScore provides mapping for ip and hostname, - that would be propagated to pod, - cannot be used with HostNetwork. - Has Priority over hostAliases field - items: - description: |- - HostAlias holds the mapping between IP and hostnames that will be injected as an entry in the - pod's hosts file. - properties: - hostnames: - description: Hostnames for the above IP address. - items: - type: string - type: array - x-kubernetes-list-type: atomic - ip: - description: IP address of the host file entry. - type: string - required: - - ip - type: object - type: array - hostAliases: - description: |- - HostAliases provides mapping for ip and hostname, - that would be propagated to pod, - cannot be used with HostNetwork. - items: - description: |- - HostAlias holds the mapping between IP and hostnames that will be injected as an entry in the - pod's hosts file. - properties: - hostnames: - description: Hostnames for the above IP address. - items: - type: string - type: array - x-kubernetes-list-type: atomic - ip: - description: IP address of the host file entry. - type: string - required: - - ip - type: object - type: array - hostNetwork: - description: HostNetwork controls whether the pod may use the node - network namespace - type: boolean - image: - description: |- - Image - docker image settings - if no specified operator uses default version from operator config - properties: - pullPolicy: - description: PullPolicy describes how to pull docker image - type: string - repository: - description: Repository contains name of docker image + it's repository - if needed - type: string - tag: - description: Tag contains desired docker image version - type: string - type: object - imagePullSecrets: - description: |- - ImagePullSecrets An optional list of references to secrets in the same namespace - to use for pulling images from registries - see https://kubernetes.io/docs/concepts/containers/images/#referring-to-an-imagepullsecrets-on-a-pod - items: - description: |- - LocalObjectReference contains enough information to let you locate the - referenced object inside the same namespace. - properties: - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - type: object - x-kubernetes-map-type: atomic - type: array - initContainers: - description: |- - InitContainers allows adding initContainers to the pod definition. - Any errors during the execution of an initContainer will lead to a restart of the Pod. - More info: https://kubernetes.io/docs/concepts/workloads/pods/init-containers/ - items: - description: A single application container that you want to run - within a pod. - required: - - name - type: object - x-kubernetes-preserve-unknown-fields: true - type: array - listenLocal: - description: |- - ListenLocal makes the VMAlertmanager server listen on loopback, so that it - does not bind against the Pod IP. Note this is only for the VMAlertmanager - UI, not the gossip communication. - type: boolean - livenessProbe: - description: LivenessProbe that will be added CRD pod - type: object - x-kubernetes-preserve-unknown-fields: true - logFormat: - description: LogFormat for VMAlertmanager to be configured with. - enum: - - logfmt - - json - type: string - logLevel: - description: Log level for VMAlertmanager to be configured with. - enum: - - debug - - info - - warn - - error - - DEBUG - - INFO - - WARN - - ERROR - type: string - managedMetadata: - description: |- - ManagedMetadata defines metadata that will be added to the all objects - created by operator for the given CustomResource - properties: - annotations: - additionalProperties: - type: string - description: |- - Annotations is an unstructured key value map stored with a resource that may be - set by external tools to store and retrieve arbitrary metadata. They are not - queryable and should be preserved when modifying objects. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations - type: object - labels: - additionalProperties: - type: string - description: |- - Labels Map of string keys and values that can be used to organize and categorize - (scope and select) objects. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels - type: object - type: object - minReadySeconds: - description: |- - MinReadySeconds defines a minimum number of seconds to wait before starting update next pod - if previous in healthy state - Has no effect for VLogs and VMSingle - format: int32 - type: integer - nodeSelector: - additionalProperties: - type: string - description: NodeSelector Define which Nodes the Pods are scheduled - on. - type: object - paused: - description: |- - Paused If set to true all actions on the underlying managed objects are not - going to be performed, except for delete actions. - type: boolean - persistentVolumeClaimRetentionPolicy: - description: PersistentVolumeClaimRetentionPolicy allows configuration - of PVC retention policy - properties: - whenDeleted: - description: |- - WhenDeleted specifies what happens to PVCs created from StatefulSet - VolumeClaimTemplates when the StatefulSet is deleted. The default policy - of `Retain` causes PVCs to not be affected by StatefulSet deletion. The - `Delete` policy causes those PVCs to be deleted. - type: string - whenScaled: - description: |- - WhenScaled specifies what happens to PVCs created from StatefulSet - VolumeClaimTemplates when the StatefulSet is scaled down. The default - policy of `Retain` causes PVCs to not be affected by a scaledown. The - `Delete` policy causes the associated PVCs for any excess pods above - the replica count to be deleted. - type: string - type: object - podDisruptionBudget: - description: PodDisruptionBudget created by operator - properties: - maxUnavailable: - anyOf: - - type: integer - - type: string - description: |- - An eviction is allowed if at most "maxUnavailable" pods selected by - "selector" are unavailable after the eviction, i.e. even in absence of - the evicted pod. For example, one can prevent all voluntary evictions - by specifying 0. This is a mutually exclusive setting with "minAvailable". - x-kubernetes-int-or-string: true - minAvailable: - anyOf: - - type: integer - - type: string - description: |- - An eviction is allowed if at least "minAvailable" pods selected by - "selector" will still be available after the eviction, i.e. even in the - absence of the evicted pod. So for example you can prevent all voluntary - evictions by specifying "100%". - x-kubernetes-int-or-string: true - selectorLabels: - additionalProperties: - type: string - description: |- - replaces default labels selector generated by operator - it's useful when you need to create custom budget - type: object - type: object - podMetadata: - description: PodMetadata configures Labels and Annotations which are - propagated to the alertmanager pods. - properties: - annotations: - additionalProperties: - type: string - description: |- - Annotations is an unstructured key value map stored with a resource that may be - set by external tools to store and retrieve arbitrary metadata. They are not - queryable and should be preserved when modifying objects. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations - type: object - labels: - additionalProperties: - type: string - description: |- - Labels Map of string keys and values that can be used to organize and categorize - (scope and select) objects. May match selectors of replication controllers - and services. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels - type: object - name: - description: |- - Name must be unique within a namespace. Is required when creating resources, although - some resources may allow a client to request the generation of an appropriate name - automatically. Name is primarily intended for creation idempotence and configuration - definition. - Cannot be updated. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names#names - type: string - type: object - port: - description: Port listen address - type: string - portName: - description: |- - PortName used for the pods and governing service. - This defaults to web - type: string - priorityClassName: - description: PriorityClassName class assigned to the Pods - type: string - readinessGates: - description: ReadinessGates defines pod readiness gates - items: - description: PodReadinessGate contains the reference to a pod condition - properties: - conditionType: - description: ConditionType refers to a condition in the pod's - condition list with matching type. - type: string - required: - - conditionType - type: object - type: array - readinessProbe: - description: ReadinessProbe that will be added CRD pod - type: object - x-kubernetes-preserve-unknown-fields: true - replicaCount: - description: ReplicaCount is the expected size of the Application. - format: int32 - type: integer - resources: - description: |- - Resources container resource request and limits, https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ - if not defined default resources from operator config will be used - properties: - claims: - description: |- - Claims lists the names of resources, defined in spec.resourceClaims, - that are used by this container. - - This is an alpha field and requires enabling the - DynamicResourceAllocation feature gate. - - This field is immutable. It can only be set for containers. - items: - description: ResourceClaim references one entry in PodSpec.ResourceClaims. - properties: - name: - description: |- - Name must match the name of one entry in pod.spec.resourceClaims of - the Pod where this field is used. It makes that resource available - inside a container. - type: string - request: - description: |- - Request is the name chosen for a request in the referenced claim. - If empty, everything from the claim is made available, otherwise - only the result of this request. - type: string - required: - - name - type: object - type: array - x-kubernetes-list-map-keys: - - name - x-kubernetes-list-type: map - limits: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - description: |- - Limits describes the maximum amount of compute resources allowed. - More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ - type: object - requests: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - description: |- - Requests describes the minimum amount of compute resources required. - If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, - otherwise to an implementation-defined value. Requests cannot exceed Limits. - More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ - type: object - type: object - retention: - description: |- - Retention Time duration VMAlertmanager shall retain data for. Default is '120h', - and must match the regular expression `[0-9]+(ms|s|m|h)` (milliseconds seconds minutes hours). - pattern: '[0-9]+(ms|s|m|h)' - type: string - revisionHistoryLimitCount: - description: |- - The number of old ReplicaSets to retain to allow rollback in deployment or - maximum number of revisions that will be maintained in the Deployment revision history. - Has no effect at StatefulSets - Defaults to 10. - format: int32 - type: integer - rollingUpdateStrategy: - description: |- - RollingUpdateStrategy defines strategy for application updates - Default is OnDelete, in this case operator handles update process - Can be changed for RollingUpdate - type: string - routePrefix: - description: |- - RoutePrefix VMAlertmanager registers HTTP handlers for. This is useful, - if using ExternalURL and a proxy is rewriting HTTP routes of a request, - and the actual ExternalURL is still true, but the server serves requests - under a different route prefix. For example for use with `kubectl proxy`. - type: string - runtimeClassName: - description: |- - RuntimeClassName - defines runtime class for kubernetes pod. - https://kubernetes.io/docs/concepts/containers/runtime-class/ - type: string - schedulerName: - description: SchedulerName - defines kubernetes scheduler name - type: string - secrets: - description: |- - Secrets is a list of Secrets in the same namespace as the Application - object, which shall be mounted into the Application container - at /etc/vm/secrets/SECRET_NAME folder - items: - type: string - type: array - securityContext: - description: |- - SecurityContext holds pod-level security attributes and common container settings. - This defaults to the default PodSecurityContext. - type: object - x-kubernetes-preserve-unknown-fields: true - selectAllByDefault: - description: |- - SelectAllByDefault changes default behavior for empty CRD selectors, such ConfigSelector. - with selectAllByDefault: true and undefined ConfigSelector and ConfigNamespaceSelector - Operator selects all exist alertManagerConfigs - with selectAllByDefault: false - selects nothing - type: boolean - serviceAccountName: - description: ServiceAccountName is the name of the ServiceAccount - to use to run the pods - type: string - serviceScrapeSpec: - description: ServiceScrapeSpec that will be added to vmalertmanager - VMServiceScrape spec - required: - - endpoints - type: object - x-kubernetes-preserve-unknown-fields: true - serviceSpec: - description: ServiceSpec that will be added to vmalertmanager service - spec - properties: - metadata: - description: EmbeddedObjectMetadata defines objectMeta for additional - service. - properties: - annotations: - additionalProperties: - type: string - description: |- - Annotations is an unstructured key value map stored with a resource that may be - set by external tools to store and retrieve arbitrary metadata. They are not - queryable and should be preserved when modifying objects. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations - type: object - labels: - additionalProperties: - type: string - description: |- - Labels Map of string keys and values that can be used to organize and categorize - (scope and select) objects. May match selectors of replication controllers - and services. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels - type: object - name: - description: |- - Name must be unique within a namespace. Is required when creating resources, although - some resources may allow a client to request the generation of an appropriate name - automatically. Name is primarily intended for creation idempotence and configuration - definition. - Cannot be updated. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names#names - type: string - type: object - spec: - description: |- - ServiceSpec describes the attributes that a user creates on a service. - More info: https://kubernetes.io/docs/concepts/services-networking/service/ - type: object - x-kubernetes-preserve-unknown-fields: true - useAsDefault: - description: |- - UseAsDefault applies changes from given service definition to the main object Service - Changing from headless service to clusterIP or loadbalancer may break cross-component communication - type: boolean - required: - - spec - type: object - startupProbe: - description: StartupProbe that will be added to CRD pod - type: object - x-kubernetes-preserve-unknown-fields: true - storage: - description: |- - Storage is the definition of how storage will be used by the VMAlertmanager - instances. - properties: - disableMountSubPath: - description: |- - Deprecated: subPath usage will be disabled by default in a future release, this option will become unnecessary. - DisableMountSubPath allows to remove any subPath usage in volume mounts. - type: boolean - emptyDir: - description: |- - EmptyDirVolumeSource to be used by the Prometheus StatefulSets. If specified, used in place of any volumeClaimTemplate. More - info: https://kubernetes.io/docs/concepts/storage/volumes/#emptydir - properties: - medium: - description: |- - medium represents what type of storage medium should back this directory. - The default is "" which means to use the node's default medium. - Must be an empty string (default) or Memory. - More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir - type: string - sizeLimit: - anyOf: - - type: integer - - type: string - description: |- - sizeLimit is the total amount of local storage required for this EmptyDir volume. - The size limit is also applicable for memory medium. - The maximum usage on memory medium EmptyDir would be the minimum value between - the SizeLimit specified here and the sum of memory limits of all containers in a pod. - The default is nil which means that the limit is undefined. - More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - type: object - volumeClaimTemplate: - description: A PVC spec to be used by the StatefulSets/Deployments. - properties: - apiVersion: - description: |- - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources - type: string - kind: - description: |- - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. - In CamelCase. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds - type: string - metadata: - description: EmbeddedMetadata contains metadata relevant to - an EmbeddedResource. - properties: - annotations: - additionalProperties: - type: string - description: |- - Annotations is an unstructured key value map stored with a resource that may be - set by external tools to store and retrieve arbitrary metadata. They are not - queryable and should be preserved when modifying objects. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations - type: object - labels: - additionalProperties: - type: string - description: |- - Labels Map of string keys and values that can be used to organize and categorize - (scope and select) objects. May match selectors of replication controllers - and services. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels - type: object - name: - description: |- - Name must be unique within a namespace. Is required when creating resources, although - some resources may allow a client to request the generation of an appropriate name - automatically. Name is primarily intended for creation idempotence and configuration - definition. - Cannot be updated. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names#names - type: string - type: object - spec: - description: |- - Spec defines the desired characteristics of a volume requested by a pod author. - More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims - properties: - accessModes: - description: |- - accessModes contains the desired access modes the volume should have. - More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1 - items: - type: string - type: array - x-kubernetes-list-type: atomic - dataSource: - description: |- - dataSource field can be used to specify either: - * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot) - * An existing PVC (PersistentVolumeClaim) - If the provisioner or an external controller can support the specified data source, - it will create a new volume based on the contents of the specified data source. - When the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef, - and dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified. - If the namespace is specified, then dataSourceRef will not be copied to dataSource. - properties: - apiGroup: - description: |- - APIGroup is the group for the resource being referenced. - If APIGroup is not specified, the specified Kind must be in the core API group. - For any other third-party types, APIGroup is required. - type: string - kind: - description: Kind is the type of resource being referenced - type: string - name: - description: Name is the name of resource being referenced - type: string - required: - - kind - - name - type: object - x-kubernetes-map-type: atomic - dataSourceRef: - description: |- - dataSourceRef specifies the object from which to populate the volume with data, if a non-empty - volume is desired. This may be any object from a non-empty API group (non - core object) or a PersistentVolumeClaim object. - When this field is specified, volume binding will only succeed if the type of - the specified object matches some installed volume populator or dynamic - provisioner. - This field will replace the functionality of the dataSource field and as such - if both fields are non-empty, they must have the same value. For backwards - compatibility, when namespace isn't specified in dataSourceRef, - both fields (dataSource and dataSourceRef) will be set to the same - value automatically if one of them is empty and the other is non-empty. - When namespace is specified in dataSourceRef, - dataSource isn't set to the same value and must be empty. - There are three important differences between dataSource and dataSourceRef: - * While dataSource only allows two specific types of objects, dataSourceRef - allows any non-core object, as well as PersistentVolumeClaim objects. - * While dataSource ignores disallowed values (dropping them), dataSourceRef - preserves all values, and generates an error if a disallowed value is - specified. - * While dataSource only allows local objects, dataSourceRef allows objects - in any namespaces. - (Beta) Using this field requires the AnyVolumeDataSource feature gate to be enabled. - (Alpha) Using the namespace field of dataSourceRef requires the CrossNamespaceVolumeDataSource feature gate to be enabled. - properties: - apiGroup: - description: |- - APIGroup is the group for the resource being referenced. - If APIGroup is not specified, the specified Kind must be in the core API group. - For any other third-party types, APIGroup is required. - type: string - kind: - description: Kind is the type of resource being referenced - type: string - name: - description: Name is the name of resource being referenced - type: string - namespace: - description: |- - Namespace is the namespace of resource being referenced - Note that when a namespace is specified, a gateway.networking.k8s.io/ReferenceGrant object is required in the referent namespace to allow that namespace's owner to accept the reference. See the ReferenceGrant documentation for details. - (Alpha) This field requires the CrossNamespaceVolumeDataSource feature gate to be enabled. - type: string - required: - - kind - - name - type: object - resources: - description: |- - resources represents the minimum resources the volume should have. - If RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements - that are lower than previous value but must still be higher than capacity recorded in the - status field of the claim. - More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources - properties: - limits: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - description: |- - Limits describes the maximum amount of compute resources allowed. - More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ - type: object - requests: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - description: |- - Requests describes the minimum amount of compute resources required. - If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, - otherwise to an implementation-defined value. Requests cannot exceed Limits. - More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ - type: object - type: object - selector: - description: selector is a label query over volumes to - consider for binding. - properties: - matchExpressions: - description: matchExpressions is a list of label selector - requirements. The requirements are ANDed. - items: - description: |- - A label selector requirement is a selector that contains values, a key, and an operator that - relates the key and values. - properties: - key: - description: key is the label key that the selector - applies to. - type: string - operator: - description: |- - operator represents a key's relationship to a set of values. - Valid operators are In, NotIn, Exists and DoesNotExist. - type: string - values: - description: |- - values is an array of string values. If the operator is In or NotIn, - the values array must be non-empty. If the operator is Exists or DoesNotExist, - the values array must be empty. This array is replaced during a strategic - merge patch. - items: - type: string - type: array - x-kubernetes-list-type: atomic - required: - - key - - operator - type: object - type: array - x-kubernetes-list-type: atomic - matchLabels: - additionalProperties: - type: string - description: |- - matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels - map is equivalent to an element of matchExpressions, whose key field is "key", the - operator is "In", and the values array contains only "value". The requirements are ANDed. - type: object - type: object - x-kubernetes-map-type: atomic - storageClassName: - description: |- - storageClassName is the name of the StorageClass required by the claim. - More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1 - type: string - volumeAttributesClassName: - description: |- - volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim. - If specified, the CSI driver will create or update the volume with the attributes defined - in the corresponding VolumeAttributesClass. This has a different purpose than storageClassName, - it can be changed after the claim is created. An empty string value means that no VolumeAttributesClass - will be applied to the claim but it's not allowed to reset this field to empty string once it is set. - If unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass - will be set by the persistentvolume controller if it exists. - If the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be - set to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource - exists. - More info: https://kubernetes.io/docs/concepts/storage/volume-attributes-classes/ - (Beta) Using this field requires the VolumeAttributesClass feature gate to be enabled (off by default). - type: string - volumeMode: - description: |- - volumeMode defines what type of volume is required by the claim. - Value of Filesystem is implied when not included in claim spec. - type: string - volumeName: - description: volumeName is the binding reference to the - PersistentVolume backing this claim. - type: string - type: object - status: - description: |- - Status represents the current information/status of a persistent volume claim. - Read-only. - More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims - properties: - accessModes: - description: |- - accessModes contains the actual access modes the volume backing the PVC has. - More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1 - items: - type: string - type: array - x-kubernetes-list-type: atomic - allocatedResourceStatuses: - additionalProperties: - description: |- - When a controller receives persistentvolume claim update with ClaimResourceStatus for a resource - that it does not recognizes, then it should ignore that update and let other controllers - handle it. - type: string - description: "allocatedResourceStatuses stores status - of resource being resized for the given PVC.\nKey names - follow standard Kubernetes label syntax. Valid values - are either:\n\t* Un-prefixed keys:\n\t\t- storage - - the capacity of the volume.\n\t* Custom resources must - use implementation-defined prefixed names such as \"example.com/my-custom-resource\"\nApart - from above values - keys that are unprefixed or have - kubernetes.io prefix are considered\nreserved and hence - may not be used.\n\nClaimResourceStatus can be in any - of following states:\n\t- ControllerResizeInProgress:\n\t\tState - set when resize controller starts resizing the volume - in control-plane.\n\t- ControllerResizeFailed:\n\t\tState - set when resize has failed in resize controller with - a terminal error.\n\t- NodeResizePending:\n\t\tState - set when resize controller has finished resizing the - volume but further resizing of\n\t\tvolume is needed - on the node.\n\t- NodeResizeInProgress:\n\t\tState set - when kubelet starts resizing the volume.\n\t- NodeResizeFailed:\n\t\tState - set when resizing has failed in kubelet with a terminal - error. Transient errors don't set\n\t\tNodeResizeFailed.\nFor - example: if expanding a PVC for more capacity - this - field can be one of the following states:\n\t- pvc.status.allocatedResourceStatus['storage'] - = \"ControllerResizeInProgress\"\n - pvc.status.allocatedResourceStatus['storage'] - = \"ControllerResizeFailed\"\n - pvc.status.allocatedResourceStatus['storage'] - = \"NodeResizePending\"\n - pvc.status.allocatedResourceStatus['storage'] - = \"NodeResizeInProgress\"\n - pvc.status.allocatedResourceStatus['storage'] - = \"NodeResizeFailed\"\nWhen this field is not set, - it means that no resize operation is in progress for - the given PVC.\n\nA controller that receives PVC update - with previously unknown resourceName or ClaimResourceStatus\nshould - ignore the update for the purpose it was designed. For - example - a controller that\nonly is responsible for - resizing capacity of the volume, should ignore PVC updates - that change other valid\nresources associated with PVC.\n\nThis - is an alpha field and requires enabling RecoverVolumeExpansionFailure - feature." - type: object - x-kubernetes-map-type: granular - allocatedResources: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - description: "allocatedResources tracks the resources - allocated to a PVC including its capacity.\nKey names - follow standard Kubernetes label syntax. Valid values - are either:\n\t* Un-prefixed keys:\n\t\t- storage - - the capacity of the volume.\n\t* Custom resources must - use implementation-defined prefixed names such as \"example.com/my-custom-resource\"\nApart - from above values - keys that are unprefixed or have - kubernetes.io prefix are considered\nreserved and hence - may not be used.\n\nCapacity reported here may be larger - than the actual capacity when a volume expansion operation\nis - requested.\nFor storage quota, the larger value from - allocatedResources and PVC.spec.resources is used.\nIf - allocatedResources is not set, PVC.spec.resources alone - is used for quota calculation.\nIf a volume expansion - capacity request is lowered, allocatedResources is only\nlowered - if there are no expansion operations in progress and - if the actual volume capacity\nis equal or lower than - the requested capacity.\n\nA controller that receives - PVC update with previously unknown resourceName\nshould - ignore the update for the purpose it was designed. For - example - a controller that\nonly is responsible for - resizing capacity of the volume, should ignore PVC updates - that change other valid\nresources associated with PVC.\n\nThis - is an alpha field and requires enabling RecoverVolumeExpansionFailure - feature." - type: object - capacity: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - description: capacity represents the actual resources - of the underlying volume. - type: object - conditions: - description: |- - conditions is the current Condition of persistent volume claim. If underlying persistent volume is being - resized then the Condition will be set to 'Resizing'. - items: - description: PersistentVolumeClaimCondition contains - details about state of pvc - properties: - lastProbeTime: - description: lastProbeTime is the time we probed - the condition. - format: date-time - type: string - lastTransitionTime: - description: lastTransitionTime is the time the - condition transitioned from one status to another. - format: date-time - type: string - message: - description: message is the human-readable message - indicating details about last transition. - type: string - reason: - description: |- - reason is a unique, this should be a short, machine understandable string that gives the reason - for condition's last transition. If it reports "Resizing" that means the underlying - persistent volume is being resized. - type: string - status: - description: |- - Status is the status of the condition. - Can be True, False, Unknown. - More info: https://kubernetes.io/docs/reference/kubernetes-api/config-and-storage-resources/persistent-volume-claim-v1/#:~:text=state%20of%20pvc-,conditions.status,-(string)%2C%20required - type: string - type: - description: |- - Type is the type of the condition. - More info: https://kubernetes.io/docs/reference/kubernetes-api/config-and-storage-resources/persistent-volume-claim-v1/#:~:text=set%20to%20%27ResizeStarted%27.-,PersistentVolumeClaimCondition,-contains%20details%20about - type: string - required: - - status - - type - type: object - type: array - x-kubernetes-list-map-keys: - - type - x-kubernetes-list-type: map - currentVolumeAttributesClassName: - description: |- - currentVolumeAttributesClassName is the current name of the VolumeAttributesClass the PVC is using. - When unset, there is no VolumeAttributeClass applied to this PersistentVolumeClaim - This is a beta field and requires enabling VolumeAttributesClass feature (off by default). - type: string - modifyVolumeStatus: - description: |- - ModifyVolumeStatus represents the status object of ControllerModifyVolume operation. - When this is unset, there is no ModifyVolume operation being attempted. - This is a beta field and requires enabling VolumeAttributesClass feature (off by default). - properties: - status: - description: "status is the status of the ControllerModifyVolume - operation. It can be in any of following states:\n - - Pending\n Pending indicates that the PersistentVolumeClaim - cannot be modified due to unmet requirements, such - as\n the specified VolumeAttributesClass not existing.\n - - InProgress\n InProgress indicates that the volume - is being modified.\n - Infeasible\n Infeasible - indicates that the request has been rejected as - invalid by the CSI driver. To\n\t resolve the error, - a valid VolumeAttributesClass needs to be specified.\nNote: - New statuses can be added in the future. Consumers - should check for unknown statuses and fail appropriately." - type: string - targetVolumeAttributesClassName: - description: targetVolumeAttributesClassName is the - name of the VolumeAttributesClass the PVC currently - being reconciled - type: string - required: - - status - type: object - phase: - description: phase represents the current phase of PersistentVolumeClaim. - type: string - type: object - type: object - type: object - templates: - description: |- - Templates is a list of ConfigMap key references for ConfigMaps in the same namespace as the VMAlertmanager - object, which shall be mounted into the VMAlertmanager Pods. - The Templates are mounted into /etc/vm/templates//. - items: - description: ConfigMapKeyReference refers to a key in a ConfigMap. - properties: - key: - description: The ConfigMap key to refer to. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - required: - - key - type: object - x-kubernetes-map-type: atomic - type: array - terminationGracePeriodSeconds: - description: TerminationGracePeriodSeconds period for container graceful - termination - format: int64 - type: integer - tolerations: - description: Tolerations If specified, the pod's tolerations. - items: - description: |- - The pod this Toleration is attached to tolerates any taint that matches - the triple using the matching operator . - properties: - effect: - description: |- - Effect indicates the taint effect to match. Empty means match all taint effects. - When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute. - type: string - key: - description: |- - Key is the taint key that the toleration applies to. Empty means match all taint keys. - If the key is empty, operator must be Exists; this combination means to match all values and all keys. - type: string - operator: - description: |- - Operator represents a key's relationship to the value. - Valid operators are Exists and Equal. Defaults to Equal. - Exists is equivalent to wildcard for value, so that a pod can - tolerate all taints of a particular category. - type: string - tolerationSeconds: - description: |- - TolerationSeconds represents the period of time the toleration (which must be - of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, - it is not set, which means tolerate the taint forever (do not evict). Zero and - negative values will be treated as 0 (evict immediately) by the system. - format: int64 - type: integer - value: - description: |- - Value is the taint value the toleration matches to. - If the operator is Exists, the value should be empty, otherwise just a regular string. - type: string - type: object - type: array - topologySpreadConstraints: - description: |- - TopologySpreadConstraints embedded kubernetes pod configuration option, - controls how pods are spread across your cluster among failure-domains - such as regions, zones, nodes, and other user-defined topology domains - https://kubernetes.io/docs/concepts/workloads/pods/pod-topology-spread-constraints/ - items: - description: TopologySpreadConstraint specifies how to spread matching - pods among the given topology. - required: - - maxSkew - - topologyKey - - whenUnsatisfiable - type: object - x-kubernetes-preserve-unknown-fields: true - type: array - useDefaultResources: - description: |- - UseDefaultResources controls resource settings - By default, operator sets built-in resource requirements - type: boolean - useStrictSecurity: - description: |- - UseStrictSecurity enables strict security mode for component - it restricts disk writes access - uses non-root user out of the box - drops not needed security permissions - type: boolean - useVMConfigReloader: - description: |- - UseVMConfigReloader replaces prometheus-like config-reloader - with vm one. It uses secrets watch instead of file watch - which greatly increases speed of config updates - type: boolean - volumeMounts: - description: |- - VolumeMounts allows configuration of additional VolumeMounts on the output Deployment/StatefulSet definition. - VolumeMounts specified will be appended to other VolumeMounts in the Application container - items: - description: VolumeMount describes a mounting of a Volume within - a container. - properties: - mountPath: - description: |- - Path within the container at which the volume should be mounted. Must - not contain ':'. - type: string - mountPropagation: - description: |- - mountPropagation determines how mounts are propagated from the host - to container and the other way around. - When not set, MountPropagationNone is used. - This field is beta in 1.10. - When RecursiveReadOnly is set to IfPossible or to Enabled, MountPropagation must be None or unspecified - (which defaults to None). - type: string - name: - description: This must match the Name of a Volume. - type: string - readOnly: - description: |- - Mounted read-only if true, read-write otherwise (false or unspecified). - Defaults to false. - type: boolean - recursiveReadOnly: - description: |- - RecursiveReadOnly specifies whether read-only mounts should be handled - recursively. - - If ReadOnly is false, this field has no meaning and must be unspecified. - - If ReadOnly is true, and this field is set to Disabled, the mount is not made - recursively read-only. If this field is set to IfPossible, the mount is made - recursively read-only, if it is supported by the container runtime. If this - field is set to Enabled, the mount is made recursively read-only if it is - supported by the container runtime, otherwise the pod will not be started and - an error will be generated to indicate the reason. - - If this field is set to IfPossible or Enabled, MountPropagation must be set to - None (or be unspecified, which defaults to None). - - If this field is not specified, it is treated as an equivalent of Disabled. - type: string - subPath: - description: |- - Path within the volume from which the container's volume should be mounted. - Defaults to "" (volume's root). - type: string - subPathExpr: - description: |- - Expanded path within the volume from which the container's volume should be mounted. - Behaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment. - Defaults to "" (volume's root). - SubPathExpr and SubPath are mutually exclusive. - type: string - required: - - mountPath - - name - type: object - type: array - volumes: - description: |- - Volumes allows configuration of additional volumes on the output Deployment/StatefulSet definition. - Volumes specified will be appended to other volumes that are generated. - / +optional - items: - description: Volume represents a named volume in a pod that may - be accessed by any container in the pod. - required: - - name - type: object - x-kubernetes-preserve-unknown-fields: true - type: array - webConfig: - description: |- - WebConfig defines configuration for webserver - https://github.com/prometheus/alertmanager/blob/main/docs/https.md - properties: - basic_auth_users: - additionalProperties: - type: string - description: |- - BasicAuthUsers Usernames and hashed passwords that have full access to the web server - Passwords must be hashed with bcrypt - type: object - http_server_config: - description: HTTPServerConfig defines http server configuration - for alertmanager web server - properties: - headers: - additionalProperties: - type: string - description: Headers defines list of headers that can be added - to HTTP responses. - type: object - http2: - description: |- - HTTP2 enables HTTP/2 support. Note that HTTP/2 is only supported with TLS. - This can not be changed on the fly. - type: boolean - type: object - tls_server_config: - description: TLSServerConfig defines server TLS configuration - for alertmanager - properties: - cert_file: - description: |- - CertFile defines path to the pre-mounted file with certificate - mutually exclusive with CertSecretRef - type: string - cert_secret_ref: - description: |- - CertSecretRef defines reference for secret with certificate content under given key - mutually exclusive with CertFile - properties: - key: - description: The key of the secret to select from. Must - be a valid secret key. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the Secret or its key must - be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - cipher_suites: - description: |- - CipherSuites defines list of supported cipher suites for TLS versions up to TLS 1.2 - https://golang.org/pkg/crypto/tls/#pkg-constants - items: - type: string - type: array - client_auth_type: - description: |- - Cert defines reference for secret with CA content under given key - mutually exclusive with CertFile - ClientAuthType defines server policy for client authentication - If you want to enable client authentication (aka mTLS), you need to use RequireAndVerifyClientCert - Note, mTLS is supported only at enterprise version of VictoriaMetrics components - enum: - - NoClientCert - - RequireAndVerifyClientCert - type: string - client_ca_file: - description: |- - ClientCAFile defines path to the pre-mounted file with CA - mutually exclusive with ClientCASecretRef - type: string - client_ca_secret_ref: - description: |- - ClientCASecretRef defines reference for secret with CA content under given key - mutually exclusive with ClientCAFile - properties: - key: - description: The key of the secret to select from. Must - be a valid secret key. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the Secret or its key must - be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - curve_preferences: - description: |- - CurvePreferences defines elliptic curves that will be used in an ECDHE handshake, in preference order. - https://golang.org/pkg/crypto/tls/#CurveID - items: - type: string - type: array - key_file: - description: |- - KeyFile defines path to the pre-mounted file with certificate key - mutually exclusive with KeySecretRef - type: string - key_secret_ref: - description: |- - Key defines reference for secret with certificate key content under given key - mutually exclusive with KeyFile - properties: - key: - description: The key of the secret to select from. Must - be a valid secret key. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the Secret or its key must - be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - max_version: - description: MaxVersion maximum TLS version that is acceptable. - enum: - - TLS10 - - TLS11 - - TLS12 - - TLS13 - type: string - min_version: - description: MinVersion minimum TLS version that is acceptable. - enum: - - TLS10 - - TLS11 - - TLS12 - - TLS13 - type: string - prefer_server_cipher_suites: - description: |- - PreferServerCipherSuites controls whether the server selects the - client's most preferred ciphersuite - type: boolean - type: object - type: object + name: Age + type: date + - jsonPath: .status.updateStatus + name: Status + type: string + - jsonPath: .status.reason + name: Sync Error + type: string + name: v1beta1 + schema: + openAPIV3Schema: + description: VMAlertmanagerConfig is the Schema for the vmalertmanagerconfigs + API + properties: + apiVersion: + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + type: string + kind: + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + type: string + metadata: type: object - status: + spec: description: |- - Most recent observed status of the VMAlertmanager cluster. - Operator API itself. More info: - https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#spec-and-status + VMAlertmanagerConfigSpec defines configuration for VMAlertmanagerConfig + it must reference only locally defined objects + required: + - receivers + - route + type: object + x-kubernetes-preserve-unknown-fields: true + status: + description: VMAlertmanagerConfigStatus defines the observed state of + VMAlertmanagerConfig properties: conditions: description: 'Known .status.conditions.type are: "Available", "Progressing", @@ -18225,6 +858,8 @@ spec: x-kubernetes-list-map-keys: - type x-kubernetes-list-type: map + lastErrorParentAlertmanagerName: + type: string observedGeneration: description: |- ObservedGeneration defines current generation picked by operator for the @@ -18238,8 +873,6 @@ spec: description: UpdateStatus defines a status for update rollout type: string type: object - required: - - spec type: object served: true storage: true @@ -18251,21 +884,19 @@ kind: CustomResourceDefinition metadata: annotations: controller-gen.kubebuilder.io/version: v0.18.0 - name: vmalerts.operator.victoriametrics.com + name: vmalertmanagers.operator.victoriametrics.com spec: group: operator.victoriametrics.com names: - kind: VMAlert - listKind: VMAlertList - plural: vmalerts - singular: vmalert + kind: VMAlertmanager + listKind: VMAlertmanagerList + plural: vmalertmanagers + shortNames: + - vma + singular: vmalertmanager scope: Namespaced versions: - additionalPrinterColumns: - - description: Current status of update rollout - jsonPath: .status.updateStatus - name: Status - type: string - description: The desired replicas number of Alertmanagers jsonPath: .spec.replicaCount name: ReplicaCount @@ -18273,11 +904,14 @@ spec: - jsonPath: .metadata.creationTimestamp name: Age type: date + - description: Current update status + jsonPath: .status.updateStatus + name: Update Status + type: string name: v1beta1 schema: openAPIV3Schema: - description: VMAlert executes a list of given alerting or recording rules - against configured address. + description: VMAlertmanager represents Victoria-Metrics deployment for Alertmanager. properties: apiVersion: description: |- @@ -18297,1878 +931,16 @@ spec: metadata: type: object spec: - description: VMAlertSpec defines the desired state of VMAlert - properties: - affinity: - description: Affinity If specified, the pod's scheduling constraints. - type: object - x-kubernetes-preserve-unknown-fields: true - configMaps: - description: |- - ConfigMaps is a list of ConfigMaps in the same namespace as the Application - object, which shall be mounted into the Application container - at /etc/vm/configs/CONFIGMAP_NAME folder - items: - type: string - type: array - configReloadAuthKeySecret: - description: |- - ConfigReloadAuthKeySecret defines optional secret reference authKey for /-/reload API requests. - Given secret reference will be added to the application and vm-config-reloader as volume - available since v0.57.0 version - properties: - key: - description: The key of the secret to select from. Must be a - valid secret key. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the Secret or its key must be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - configReloaderExtraArgs: - additionalProperties: - type: string - description: |- - ConfigReloaderExtraArgs that will be passed to VMAuths config-reloader container - for example resyncInterval: "30s" - type: object - configReloaderImageTag: - description: ConfigReloaderImageTag defines image:tag for config-reloader - container - type: string - configReloaderResources: - description: |- - ConfigReloaderResources config-reloader container resource request and limits, https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ - if not defined default resources from operator config will be used - properties: - claims: - description: |- - Claims lists the names of resources, defined in spec.resourceClaims, - that are used by this container. - - This is an alpha field and requires enabling the - DynamicResourceAllocation feature gate. - - This field is immutable. It can only be set for containers. - items: - description: ResourceClaim references one entry in PodSpec.ResourceClaims. - properties: - name: - description: |- - Name must match the name of one entry in pod.spec.resourceClaims of - the Pod where this field is used. It makes that resource available - inside a container. - type: string - request: - description: |- - Request is the name chosen for a request in the referenced claim. - If empty, everything from the claim is made available, otherwise - only the result of this request. - type: string - required: - - name - type: object - type: array - x-kubernetes-list-map-keys: - - name - x-kubernetes-list-type: map - limits: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - description: |- - Limits describes the maximum amount of compute resources allowed. - More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ - type: object - requests: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - description: |- - Requests describes the minimum amount of compute resources required. - If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, - otherwise to an implementation-defined value. Requests cannot exceed Limits. - More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ - type: object - type: object - containers: - description: |- - Containers property allows to inject additions sidecars or to patch existing containers. - It can be useful for proxies, backup, etc. - items: - description: A single application container that you want to run - within a pod. - required: - - name - type: object - x-kubernetes-preserve-unknown-fields: true - type: array - datasource: - description: Datasource Victoria Metrics or VMSelect url. Required - parameter. e.g. http://127.0.0.1:8428 - properties: - basicAuth: - description: BasicAuth allow an endpoint to authenticate over - basic authentication - properties: - password: - description: |- - Password defines reference for secret with password value - The secret needs to be in the same namespace as scrape object - properties: - key: - description: The key of the secret to select from. Must - be a valid secret key. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the Secret or its key must - be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - password_file: - description: |- - PasswordFile defines path to password file at disk - must be pre-mounted - type: string - username: - description: |- - Username defines reference for secret with username value - The secret needs to be in the same namespace as scrape object - properties: - key: - description: The key of the secret to select from. Must - be a valid secret key. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the Secret or its key must - be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - type: object - bearerTokenFile: - description: Path to bearer token file - type: string - bearerTokenSecret: - description: Optional bearer auth token to use for -remoteWrite.url - properties: - key: - description: The key of the secret to select from. Must be - a valid secret key. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the Secret or its key must be - defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - headers: - description: |- - Headers allow configuring custom http headers - Must be in form of semicolon separated header with value - e.g. - headerName:headerValue - vmalert supports it since 1.79.0 version - items: - type: string - type: array - oauth2: - description: OAuth2 defines OAuth2 configuration - required: - - client_id - - token_url - type: object - x-kubernetes-preserve-unknown-fields: true - tlsConfig: - description: TLSConfig specifies TLSConfig configuration parameters. - type: object - x-kubernetes-preserve-unknown-fields: true - url: - description: Victoria Metrics or VMSelect url. Required parameter. - E.g. http://127.0.0.1:8428 - type: string - required: - - url - type: object - disableAutomountServiceAccountToken: - description: |- - DisableAutomountServiceAccountToken whether to disable serviceAccount auto mount by Kubernetes (available from v0.54.0). - Operator will conditionally create volumes and volumeMounts for containers if it requires k8s API access. - For example, vmagent and vm-config-reloader requires k8s API access. - Operator creates volumes with name: "kube-api-access", which can be used as volumeMount for extraContainers if needed. - And also adds VolumeMounts at /var/run/secrets/kubernetes.io/serviceaccount. - type: boolean - disableSelfServiceScrape: - description: |- - DisableSelfServiceScrape controls creation of VMServiceScrape by operator - for the application. - Has priority over `VM_DISABLESELFSERVICESCRAPECREATION` operator env variable - type: boolean - dnsConfig: - description: |- - Specifies the DNS parameters of a pod. - Parameters specified here will be merged to the generated DNS - configuration based on DNSPolicy. - items: - x-kubernetes-preserve-unknown-fields: true - properties: - nameservers: - description: |- - A list of DNS name server IP addresses. - This will be appended to the base nameservers generated from DNSPolicy. - Duplicated nameservers will be removed. - items: - type: string - type: array - x-kubernetes-list-type: atomic - options: - description: |- - A list of DNS resolver options. - This will be merged with the base options generated from DNSPolicy. - Duplicated entries will be removed. Resolution options given in Options - will override those that appear in the base DNSPolicy. - items: - description: PodDNSConfigOption defines DNS resolver options - of a pod. - properties: - name: - description: |- - Name is this DNS resolver option's name. - Required. - type: string - value: - description: Value is this DNS resolver option's value. - type: string - type: object - type: array - x-kubernetes-list-type: atomic - searches: - description: |- - A list of DNS search domains for host-name lookup. - This will be appended to the base search paths generated from DNSPolicy. - Duplicated search paths will be removed. - items: - type: string - type: array - x-kubernetes-list-type: atomic - type: object - dnsPolicy: - description: DNSPolicy sets DNS policy for the pod - type: string - enforcedNamespaceLabel: - description: |- - EnforcedNamespaceLabel enforces adding a namespace label of origin for each alert - and metric that is user created. The label value will always be the namespace of the object that is - being created. - type: string - evaluationInterval: - description: EvaluationInterval defines how often to evaluate rules - by default - pattern: '[0-9]+(ms|s|m|h)' - type: string - externalLabels: - additionalProperties: - type: string - description: 'ExternalLabels in the form ''name: value'' to add to - all generated recording rules and alerts.' - type: object - extraArgs: - additionalProperties: - type: string - description: |- - ExtraArgs that will be passed to the application container - for example remoteWrite.tmpDataPath: /tmp - type: object - extraEnvs: - description: ExtraEnvs that will be passed to the application container - items: - description: EnvVar represents an environment variable present in - a Container. - properties: - name: - description: Name of the environment variable. Must be a C_IDENTIFIER. - type: string - value: - description: |- - Variable references $(VAR_NAME) are expanded - using the previously defined environment variables in the container and - any service environment variables. If a variable cannot be resolved, - the reference in the input string will be unchanged. Double $$ are reduced - to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. - "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". - Escaped references will never be expanded, regardless of whether the variable - exists or not. - Defaults to "". - type: string - required: - - name - type: object - x-kubernetes-preserve-unknown-fields: true - type: array - extraEnvsFrom: - description: |- - ExtraEnvsFrom defines source of env variables for the application container - could either be secret or configmap - items: - description: EnvFromSource represents the source of a set of ConfigMaps - properties: - configMapRef: - description: The ConfigMap to select from - properties: - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the ConfigMap must be defined - type: boolean - type: object - x-kubernetes-map-type: atomic - prefix: - description: An optional identifier to prepend to each key in - the ConfigMap. Must be a C_IDENTIFIER. - type: string - secretRef: - description: The Secret to select from - properties: - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the Secret must be defined - type: boolean - type: object - x-kubernetes-map-type: atomic - type: object - type: array - host_aliases: - description: |- - HostAliasesUnderScore provides mapping for ip and hostname, - that would be propagated to pod, - cannot be used with HostNetwork. - Has Priority over hostAliases field - items: - description: |- - HostAlias holds the mapping between IP and hostnames that will be injected as an entry in the - pod's hosts file. - properties: - hostnames: - description: Hostnames for the above IP address. - items: - type: string - type: array - x-kubernetes-list-type: atomic - ip: - description: IP address of the host file entry. - type: string - required: - - ip - type: object - type: array - hostAliases: - description: |- - HostAliases provides mapping for ip and hostname, - that would be propagated to pod, - cannot be used with HostNetwork. - items: - description: |- - HostAlias holds the mapping between IP and hostnames that will be injected as an entry in the - pod's hosts file. - properties: - hostnames: - description: Hostnames for the above IP address. - items: - type: string - type: array - x-kubernetes-list-type: atomic - ip: - description: IP address of the host file entry. - type: string - required: - - ip - type: object - type: array - hostNetwork: - description: HostNetwork controls whether the pod may use the node - network namespace - type: boolean - image: - description: |- - Image - docker image settings - if no specified operator uses default version from operator config - properties: - pullPolicy: - description: PullPolicy describes how to pull docker image - type: string - repository: - description: Repository contains name of docker image + it's repository - if needed - type: string - tag: - description: Tag contains desired docker image version - type: string - type: object - imagePullSecrets: - description: |- - ImagePullSecrets An optional list of references to secrets in the same namespace - to use for pulling images from registries - see https://kubernetes.io/docs/concepts/containers/images/#referring-to-an-imagepullsecrets-on-a-pod - items: - description: |- - LocalObjectReference contains enough information to let you locate the - referenced object inside the same namespace. - properties: - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - type: object - x-kubernetes-map-type: atomic - type: array - initContainers: - description: |- - InitContainers allows adding initContainers to the pod definition. - Any errors during the execution of an initContainer will lead to a restart of the Pod. - More info: https://kubernetes.io/docs/concepts/workloads/pods/init-containers/ - items: - description: A single application container that you want to run - within a pod. - required: - - name - type: object - x-kubernetes-preserve-unknown-fields: true - type: array - license: - description: |- - License allows to configure license key to be used for enterprise features. - Using license key is supported starting from VictoriaMetrics v1.94.0. - See [here](https://docs.victoriametrics.com/victoriametrics/enterprise/) - properties: - forceOffline: - description: Enforce offline verification of the license key. - type: boolean - key: - description: |- - Enterprise license key. This flag is available only in [VictoriaMetrics enterprise](https://docs.victoriametrics.com/victoriametrics/enterprise/). - To request a trial license, [go to](https://victoriametrics.com/products/enterprise/trial) - type: string - keyRef: - description: KeyRef is reference to secret with license key for - enterprise features. - properties: - key: - description: The key of the secret to select from. Must be - a valid secret key. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the Secret or its key must be - defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - reloadInterval: - description: Interval to be used for checking for license key - changes. Note that this is only applicable when using KeyRef. - type: string - type: object - livenessProbe: - description: LivenessProbe that will be added CRD pod - type: object - x-kubernetes-preserve-unknown-fields: true - logFormat: - description: |- - LogFormat for VMAlert to be configured with. - default or json - enum: - - default - - json - type: string - logLevel: - description: LogLevel for VMAlert to be configured with. - enum: - - INFO - - WARN - - ERROR - - FATAL - - PANIC - type: string - managedMetadata: - description: |- - ManagedMetadata defines metadata that will be added to the all objects - created by operator for the given CustomResource - properties: - annotations: - additionalProperties: - type: string - description: |- - Annotations is an unstructured key value map stored with a resource that may be - set by external tools to store and retrieve arbitrary metadata. They are not - queryable and should be preserved when modifying objects. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations - type: object - labels: - additionalProperties: - type: string - description: |- - Labels Map of string keys and values that can be used to organize and categorize - (scope and select) objects. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels - type: object - type: object - minReadySeconds: - description: |- - MinReadySeconds defines a minimum number of seconds to wait before starting update next pod - if previous in healthy state - Has no effect for VLogs and VMSingle - format: int32 - type: integer - nodeSelector: - additionalProperties: - type: string - description: NodeSelector Define which Nodes the Pods are scheduled - on. - type: object - notifier: - description: |- - Notifier prometheus alertmanager endpoint spec. Required at least one of notifier or notifiers when there are alerting rules. e.g. http://127.0.0.1:9093 - If specified both notifier and notifiers, notifier will be added as last element to notifiers. - only one of notifier options could be chosen: notifierConfigRef or notifiers + notifier - properties: - basicAuth: - description: BasicAuth allow an endpoint to authenticate over - basic authentication - properties: - password: - description: |- - Password defines reference for secret with password value - The secret needs to be in the same namespace as scrape object - properties: - key: - description: The key of the secret to select from. Must - be a valid secret key. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the Secret or its key must - be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - password_file: - description: |- - PasswordFile defines path to password file at disk - must be pre-mounted - type: string - username: - description: |- - Username defines reference for secret with username value - The secret needs to be in the same namespace as scrape object - properties: - key: - description: The key of the secret to select from. Must - be a valid secret key. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the Secret or its key must - be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - type: object - bearerTokenFile: - description: Path to bearer token file - type: string - bearerTokenSecret: - description: Optional bearer auth token to use for -remoteWrite.url - properties: - key: - description: The key of the secret to select from. Must be - a valid secret key. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the Secret or its key must be - defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - headers: - description: |- - Headers allow configuring custom http headers - Must be in form of semicolon separated header with value - e.g. - headerName:headerValue - vmalert supports it since 1.79.0 version - items: - type: string - type: array - oauth2: - description: OAuth2 defines OAuth2 configuration - required: - - client_id - - token_url - type: object - x-kubernetes-preserve-unknown-fields: true - selector: - description: |- - Selector allows service discovery for alertmanager - in this case all matched vmalertmanager replicas will be added into vmalert notifier.url - as statefulset pod.fqdn - properties: - labelSelector: - description: |- - A label selector is a label query over a set of resources. The result of matchLabels and - matchExpressions are ANDed. An empty label selector matches all objects. A null - label selector matches no objects. - properties: - matchExpressions: - description: matchExpressions is a list of label selector - requirements. The requirements are ANDed. - items: - description: |- - A label selector requirement is a selector that contains values, a key, and an operator that - relates the key and values. - properties: - key: - description: key is the label key that the selector - applies to. - type: string - operator: - description: |- - operator represents a key's relationship to a set of values. - Valid operators are In, NotIn, Exists and DoesNotExist. - type: string - values: - description: |- - values is an array of string values. If the operator is In or NotIn, - the values array must be non-empty. If the operator is Exists or DoesNotExist, - the values array must be empty. This array is replaced during a strategic - merge patch. - items: - type: string - type: array - x-kubernetes-list-type: atomic - required: - - key - - operator - type: object - type: array - x-kubernetes-list-type: atomic - matchLabels: - additionalProperties: - type: string - description: |- - matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels - map is equivalent to an element of matchExpressions, whose key field is "key", the - operator is "In", and the values array contains only "value". The requirements are ANDed. - type: object - type: object - x-kubernetes-map-type: atomic - namespaceSelector: - description: |- - NamespaceSelector is a selector for selecting either all namespaces or a - list of namespaces. - properties: - any: - description: |- - Boolean describing whether all namespaces are selected in contrast to a - list restricting them. - type: boolean - matchNames: - description: List of namespace names. - items: - type: string - type: array - type: object - type: object - tlsConfig: - description: TLSConfig specifies TLSConfig configuration parameters. - type: object - x-kubernetes-preserve-unknown-fields: true - url: - description: AlertManager url. E.g. http://127.0.0.1:9093 - type: string - type: object - notifierConfigRef: - description: |- - NotifierConfigRef reference for secret with notifier configuration for vmalert - only one of notifier options could be chosen: notifierConfigRef or notifiers + notifier - properties: - key: - description: The key of the secret to select from. Must be a - valid secret key. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the Secret or its key must be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - notifiers: - description: |- - Notifiers prometheus alertmanager endpoints. Required at least one of notifier or notifiers when there are alerting rules. e.g. http://127.0.0.1:9093 - If specified both notifier and notifiers, notifier will be added as last element to notifiers. - only one of notifier options could be chosen: notifierConfigRef or notifiers + notifier - items: - description: VMAlertNotifierSpec defines the notifier url for sending - information about alerts - properties: - basicAuth: - description: BasicAuth allow an endpoint to authenticate over - basic authentication - properties: - password: - description: |- - Password defines reference for secret with password value - The secret needs to be in the same namespace as scrape object - properties: - key: - description: The key of the secret to select from. Must - be a valid secret key. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the Secret or its key must - be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - password_file: - description: |- - PasswordFile defines path to password file at disk - must be pre-mounted - type: string - username: - description: |- - Username defines reference for secret with username value - The secret needs to be in the same namespace as scrape object - properties: - key: - description: The key of the secret to select from. Must - be a valid secret key. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the Secret or its key must - be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - type: object - bearerTokenFile: - description: Path to bearer token file - type: string - bearerTokenSecret: - description: Optional bearer auth token to use for -remoteWrite.url - properties: - key: - description: The key of the secret to select from. Must - be a valid secret key. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the Secret or its key must - be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - headers: - description: |- - Headers allow configuring custom http headers - Must be in form of semicolon separated header with value - e.g. - headerName:headerValue - vmalert supports it since 1.79.0 version - items: - type: string - type: array - oauth2: - description: OAuth2 defines OAuth2 configuration - required: - - client_id - - token_url - type: object - x-kubernetes-preserve-unknown-fields: true - selector: - description: |- - Selector allows service discovery for alertmanager - in this case all matched vmalertmanager replicas will be added into vmalert notifier.url - as statefulset pod.fqdn - properties: - labelSelector: - description: |- - A label selector is a label query over a set of resources. The result of matchLabels and - matchExpressions are ANDed. An empty label selector matches all objects. A null - label selector matches no objects. - properties: - matchExpressions: - description: matchExpressions is a list of label selector - requirements. The requirements are ANDed. - items: - description: |- - A label selector requirement is a selector that contains values, a key, and an operator that - relates the key and values. - properties: - key: - description: key is the label key that the selector - applies to. - type: string - operator: - description: |- - operator represents a key's relationship to a set of values. - Valid operators are In, NotIn, Exists and DoesNotExist. - type: string - values: - description: |- - values is an array of string values. If the operator is In or NotIn, - the values array must be non-empty. If the operator is Exists or DoesNotExist, - the values array must be empty. This array is replaced during a strategic - merge patch. - items: - type: string - type: array - x-kubernetes-list-type: atomic - required: - - key - - operator - type: object - type: array - x-kubernetes-list-type: atomic - matchLabels: - additionalProperties: - type: string - description: |- - matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels - map is equivalent to an element of matchExpressions, whose key field is "key", the - operator is "In", and the values array contains only "value". The requirements are ANDed. - type: object - type: object - x-kubernetes-map-type: atomic - namespaceSelector: - description: |- - NamespaceSelector is a selector for selecting either all namespaces or a - list of namespaces. - properties: - any: - description: |- - Boolean describing whether all namespaces are selected in contrast to a - list restricting them. - type: boolean - matchNames: - description: List of namespace names. - items: - type: string - type: array - type: object - type: object - tlsConfig: - description: TLSConfig specifies TLSConfig configuration parameters. - type: object - x-kubernetes-preserve-unknown-fields: true - url: - description: AlertManager url. E.g. http://127.0.0.1:9093 - type: string - type: object - type: array - paused: - description: |- - Paused If set to true all actions on the underlying managed objects are not - going to be performed, except for delete actions. - type: boolean - podDisruptionBudget: - description: PodDisruptionBudget created by operator - properties: - maxUnavailable: - anyOf: - - type: integer - - type: string - description: |- - An eviction is allowed if at most "maxUnavailable" pods selected by - "selector" are unavailable after the eviction, i.e. even in absence of - the evicted pod. For example, one can prevent all voluntary evictions - by specifying 0. This is a mutually exclusive setting with "minAvailable". - x-kubernetes-int-or-string: true - minAvailable: - anyOf: - - type: integer - - type: string - description: |- - An eviction is allowed if at least "minAvailable" pods selected by - "selector" will still be available after the eviction, i.e. even in the - absence of the evicted pod. So for example you can prevent all voluntary - evictions by specifying "100%". - x-kubernetes-int-or-string: true - selectorLabels: - additionalProperties: - type: string - description: |- - replaces default labels selector generated by operator - it's useful when you need to create custom budget - type: object - type: object - podMetadata: - description: PodMetadata configures Labels and Annotations which are - propagated to the VMAlert pods. - properties: - annotations: - additionalProperties: - type: string - description: |- - Annotations is an unstructured key value map stored with a resource that may be - set by external tools to store and retrieve arbitrary metadata. They are not - queryable and should be preserved when modifying objects. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations - type: object - labels: - additionalProperties: - type: string - description: |- - Labels Map of string keys and values that can be used to organize and categorize - (scope and select) objects. May match selectors of replication controllers - and services. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels - type: object - name: - description: |- - Name must be unique within a namespace. Is required when creating resources, although - some resources may allow a client to request the generation of an appropriate name - automatically. Name is primarily intended for creation idempotence and configuration - definition. - Cannot be updated. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names#names - type: string - type: object - port: - description: Port listen address - type: string - priorityClassName: - description: PriorityClassName class assigned to the Pods - type: string - readinessGates: - description: ReadinessGates defines pod readiness gates - items: - description: PodReadinessGate contains the reference to a pod condition - properties: - conditionType: - description: ConditionType refers to a condition in the pod's - condition list with matching type. - type: string - required: - - conditionType - type: object - type: array - readinessProbe: - description: ReadinessProbe that will be added CRD pod - type: object - x-kubernetes-preserve-unknown-fields: true - remoteRead: - description: |- - RemoteRead Optional URL to read vmalert state (persisted via RemoteWrite) - This configuration only makes sense if alerts state has been successfully - persisted (via RemoteWrite) before. - see -remoteRead.url docs in vmalerts for details. - E.g. http://127.0.0.1:8428 - properties: - basicAuth: - description: BasicAuth allow an endpoint to authenticate over - basic authentication - properties: - password: - description: |- - Password defines reference for secret with password value - The secret needs to be in the same namespace as scrape object - properties: - key: - description: The key of the secret to select from. Must - be a valid secret key. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the Secret or its key must - be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - password_file: - description: |- - PasswordFile defines path to password file at disk - must be pre-mounted - type: string - username: - description: |- - Username defines reference for secret with username value - The secret needs to be in the same namespace as scrape object - properties: - key: - description: The key of the secret to select from. Must - be a valid secret key. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the Secret or its key must - be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - type: object - bearerTokenFile: - description: Path to bearer token file - type: string - bearerTokenSecret: - description: Optional bearer auth token to use for -remoteWrite.url - properties: - key: - description: The key of the secret to select from. Must be - a valid secret key. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the Secret or its key must be - defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - headers: - description: |- - Headers allow configuring custom http headers - Must be in form of semicolon separated header with value - e.g. - headerName:headerValue - vmalert supports it since 1.79.0 version - items: - type: string - type: array - lookback: - description: |- - Lookback defines how far to look into past for alerts timeseries. For example, if lookback=1h then range from now() to now()-1h will be scanned. (default 1h0m0s) - Applied only to RemoteReadSpec - type: string - oauth2: - description: OAuth2 defines OAuth2 configuration - required: - - client_id - - token_url - type: object - x-kubernetes-preserve-unknown-fields: true - tlsConfig: - description: TLSConfig specifies TLSConfig configuration parameters. - type: object - x-kubernetes-preserve-unknown-fields: true - url: - description: URL of the endpoint to send samples to. - type: string - required: - - url - type: object - remoteWrite: - description: |- - RemoteWrite Optional URL to remote-write compatible storage to persist - vmalert state and rule results to. - Rule results will be persisted according to each rule. - Alerts state will be persisted in the form of time series named ALERTS and ALERTS_FOR_STATE - see -remoteWrite.url docs in vmalerts for details. - E.g. http://127.0.0.1:8428 - properties: - basicAuth: - description: BasicAuth allow an endpoint to authenticate over - basic authentication - properties: - password: - description: |- - Password defines reference for secret with password value - The secret needs to be in the same namespace as scrape object - properties: - key: - description: The key of the secret to select from. Must - be a valid secret key. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the Secret or its key must - be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - password_file: - description: |- - PasswordFile defines path to password file at disk - must be pre-mounted - type: string - username: - description: |- - Username defines reference for secret with username value - The secret needs to be in the same namespace as scrape object - properties: - key: - description: The key of the secret to select from. Must - be a valid secret key. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the Secret or its key must - be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - type: object - bearerTokenFile: - description: Path to bearer token file - type: string - bearerTokenSecret: - description: Optional bearer auth token to use for -remoteWrite.url - properties: - key: - description: The key of the secret to select from. Must be - a valid secret key. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the Secret or its key must be - defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - concurrency: - description: Defines number of readers that concurrently write - into remote storage (default 1) - format: int32 - type: integer - flushInterval: - description: Defines interval of flushes to remote write endpoint - (default 5s) - pattern: '[0-9]+(ms|s|m|h)' - type: string - headers: - description: |- - Headers allow configuring custom http headers - Must be in form of semicolon separated header with value - e.g. - headerName:headerValue - vmalert supports it since 1.79.0 version - items: - type: string - type: array - maxBatchSize: - description: Defines defines max number of timeseries to be flushed - at once (default 1000) - format: int32 - type: integer - maxQueueSize: - description: Defines the max number of pending datapoints to remote - write endpoint (default 100000) - format: int32 - type: integer - oauth2: - description: OAuth2 defines OAuth2 configuration - required: - - client_id - - token_url - type: object - x-kubernetes-preserve-unknown-fields: true - tlsConfig: - description: TLSConfig specifies TLSConfig configuration parameters. - type: object - x-kubernetes-preserve-unknown-fields: true - url: - description: URL of the endpoint to send samples to. - type: string - required: - - url - type: object - replicaCount: - description: ReplicaCount is the expected size of the Application. - format: int32 - type: integer - resources: - description: |- - Resources container resource request and limits, https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ - if not defined default resources from operator config will be used - properties: - claims: - description: |- - Claims lists the names of resources, defined in spec.resourceClaims, - that are used by this container. - - This is an alpha field and requires enabling the - DynamicResourceAllocation feature gate. - - This field is immutable. It can only be set for containers. - items: - description: ResourceClaim references one entry in PodSpec.ResourceClaims. - properties: - name: - description: |- - Name must match the name of one entry in pod.spec.resourceClaims of - the Pod where this field is used. It makes that resource available - inside a container. - type: string - request: - description: |- - Request is the name chosen for a request in the referenced claim. - If empty, everything from the claim is made available, otherwise - only the result of this request. - type: string - required: - - name - type: object - type: array - x-kubernetes-list-map-keys: - - name - x-kubernetes-list-type: map - limits: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - description: |- - Limits describes the maximum amount of compute resources allowed. - More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ - type: object - requests: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - description: |- - Requests describes the minimum amount of compute resources required. - If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, - otherwise to an implementation-defined value. Requests cannot exceed Limits. - More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ - type: object - type: object - revisionHistoryLimitCount: - description: |- - The number of old ReplicaSets to retain to allow rollback in deployment or - maximum number of revisions that will be maintained in the Deployment revision history. - Has no effect at StatefulSets - Defaults to 10. - format: int32 - type: integer - rollingUpdate: - description: RollingUpdate - overrides deployment update params. - properties: - maxSurge: - anyOf: - - type: integer - - type: string - description: |- - The maximum number of pods that can be scheduled above the desired number of - pods. - Value can be an absolute number (ex: 5) or a percentage of desired pods (ex: 10%). - This can not be 0 if MaxUnavailable is 0. - Absolute number is calculated from percentage by rounding up. - Defaults to 25%. - Example: when this is set to 30%, the new ReplicaSet can be scaled up immediately when - the rolling update starts, such that the total number of old and new pods do not exceed - 130% of desired pods. Once old pods have been killed, - new ReplicaSet can be scaled up further, ensuring that total number of pods running - at any time during the update is at most 130% of desired pods. - x-kubernetes-int-or-string: true - maxUnavailable: - anyOf: - - type: integer - - type: string - description: |- - The maximum number of pods that can be unavailable during the update. - Value can be an absolute number (ex: 5) or a percentage of desired pods (ex: 10%). - Absolute number is calculated from percentage by rounding down. - This can not be 0 if MaxSurge is 0. - Defaults to 25%. - Example: when this is set to 30%, the old ReplicaSet can be scaled down to 70% of desired pods - immediately when the rolling update starts. Once new pods are ready, old ReplicaSet - can be scaled down further, followed by scaling up the new ReplicaSet, ensuring - that the total number of pods available at all times during the update is at - least 70% of desired pods. - x-kubernetes-int-or-string: true - type: object - ruleNamespaceSelector: - description: |- - RuleNamespaceSelector to be selected for VMRules discovery. - Works in combination with Selector. - If both nil - behaviour controlled by selectAllByDefault - NamespaceSelector nil - only objects at VMAlert namespace. - properties: - matchExpressions: - description: matchExpressions is a list of label selector requirements. - The requirements are ANDed. - items: - description: |- - A label selector requirement is a selector that contains values, a key, and an operator that - relates the key and values. - properties: - key: - description: key is the label key that the selector applies - to. - type: string - operator: - description: |- - operator represents a key's relationship to a set of values. - Valid operators are In, NotIn, Exists and DoesNotExist. - type: string - values: - description: |- - values is an array of string values. If the operator is In or NotIn, - the values array must be non-empty. If the operator is Exists or DoesNotExist, - the values array must be empty. This array is replaced during a strategic - merge patch. - items: - type: string - type: array - x-kubernetes-list-type: atomic - required: - - key - - operator - type: object - type: array - x-kubernetes-list-type: atomic - matchLabels: - additionalProperties: - type: string - description: |- - matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels - map is equivalent to an element of matchExpressions, whose key field is "key", the - operator is "In", and the values array contains only "value". The requirements are ANDed. - type: object - type: object - x-kubernetes-map-type: atomic - rulePath: - description: |- - RulePath to the file with alert rules. - Supports patterns. Flag can be specified multiple times. - Examples: - -rule /path/to/file. Path to a single file with alerting rules - -rule dir/*.yaml -rule /*.yaml. Relative path to all .yaml files in folder, - absolute path to all .yaml files in root. - by default operator adds /etc/vmalert/configs/base/vmalert.yaml - items: - type: string - type: array - ruleSelector: - description: |- - RuleSelector selector to select which VMRules to mount for loading alerting - rules from. - Works in combination with NamespaceSelector. - If both nil - behaviour controlled by selectAllByDefault - NamespaceSelector nil - only objects at VMAlert namespace. - properties: - matchExpressions: - description: matchExpressions is a list of label selector requirements. - The requirements are ANDed. - items: - description: |- - A label selector requirement is a selector that contains values, a key, and an operator that - relates the key and values. - properties: - key: - description: key is the label key that the selector applies - to. - type: string - operator: - description: |- - operator represents a key's relationship to a set of values. - Valid operators are In, NotIn, Exists and DoesNotExist. - type: string - values: - description: |- - values is an array of string values. If the operator is In or NotIn, - the values array must be non-empty. If the operator is Exists or DoesNotExist, - the values array must be empty. This array is replaced during a strategic - merge patch. - items: - type: string - type: array - x-kubernetes-list-type: atomic - required: - - key - - operator - type: object - type: array - x-kubernetes-list-type: atomic - matchLabels: - additionalProperties: - type: string - description: |- - matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels - map is equivalent to an element of matchExpressions, whose key field is "key", the - operator is "In", and the values array contains only "value". The requirements are ANDed. - type: object - type: object - x-kubernetes-map-type: atomic - runtimeClassName: - description: |- - RuntimeClassName - defines runtime class for kubernetes pod. - https://kubernetes.io/docs/concepts/containers/runtime-class/ - type: string - schedulerName: - description: SchedulerName - defines kubernetes scheduler name - type: string - secrets: - description: |- - Secrets is a list of Secrets in the same namespace as the Application - object, which shall be mounted into the Application container - at /etc/vm/secrets/SECRET_NAME folder - items: - type: string - type: array - securityContext: - description: |- - SecurityContext holds pod-level security attributes and common container settings. - This defaults to the default PodSecurityContext. - type: object - x-kubernetes-preserve-unknown-fields: true - selectAllByDefault: - description: |- - SelectAllByDefault changes default behavior for empty CRD selectors, such RuleSelector. - with selectAllByDefault: true and empty serviceScrapeSelector and RuleNamespaceSelector - Operator selects all exist serviceScrapes - with selectAllByDefault: false - selects nothing - type: boolean - serviceAccountName: - description: ServiceAccountName is the name of the ServiceAccount - to use to run the pods - type: string - serviceScrapeSpec: - description: ServiceScrapeSpec that will be added to vmalert VMServiceScrape - spec - required: - - endpoints - type: object - x-kubernetes-preserve-unknown-fields: true - serviceSpec: - description: ServiceSpec that will be added to vmalert service spec - properties: - metadata: - description: EmbeddedObjectMetadata defines objectMeta for additional - service. - properties: - annotations: - additionalProperties: - type: string - description: |- - Annotations is an unstructured key value map stored with a resource that may be - set by external tools to store and retrieve arbitrary metadata. They are not - queryable and should be preserved when modifying objects. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations - type: object - labels: - additionalProperties: - type: string - description: |- - Labels Map of string keys and values that can be used to organize and categorize - (scope and select) objects. May match selectors of replication controllers - and services. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels - type: object - name: - description: |- - Name must be unique within a namespace. Is required when creating resources, although - some resources may allow a client to request the generation of an appropriate name - automatically. Name is primarily intended for creation idempotence and configuration - definition. - Cannot be updated. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names#names - type: string - type: object - spec: - description: |- - ServiceSpec describes the attributes that a user creates on a service. - More info: https://kubernetes.io/docs/concepts/services-networking/service/ - type: object - x-kubernetes-preserve-unknown-fields: true - useAsDefault: - description: |- - UseAsDefault applies changes from given service definition to the main object Service - Changing from headless service to clusterIP or loadbalancer may break cross-component communication - type: boolean - required: - - spec - type: object - startupProbe: - description: StartupProbe that will be added to CRD pod - type: object - x-kubernetes-preserve-unknown-fields: true - terminationGracePeriodSeconds: - description: TerminationGracePeriodSeconds period for container graceful - termination - format: int64 - type: integer - tolerations: - description: Tolerations If specified, the pod's tolerations. - items: - description: |- - The pod this Toleration is attached to tolerates any taint that matches - the triple using the matching operator . - properties: - effect: - description: |- - Effect indicates the taint effect to match. Empty means match all taint effects. - When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute. - type: string - key: - description: |- - Key is the taint key that the toleration applies to. Empty means match all taint keys. - If the key is empty, operator must be Exists; this combination means to match all values and all keys. - type: string - operator: - description: |- - Operator represents a key's relationship to the value. - Valid operators are Exists and Equal. Defaults to Equal. - Exists is equivalent to wildcard for value, so that a pod can - tolerate all taints of a particular category. - type: string - tolerationSeconds: - description: |- - TolerationSeconds represents the period of time the toleration (which must be - of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, - it is not set, which means tolerate the taint forever (do not evict). Zero and - negative values will be treated as 0 (evict immediately) by the system. - format: int64 - type: integer - value: - description: |- - Value is the taint value the toleration matches to. - If the operator is Exists, the value should be empty, otherwise just a regular string. - type: string - type: object - type: array - topologySpreadConstraints: - description: |- - TopologySpreadConstraints embedded kubernetes pod configuration option, - controls how pods are spread across your cluster among failure-domains - such as regions, zones, nodes, and other user-defined topology domains - https://kubernetes.io/docs/concepts/workloads/pods/pod-topology-spread-constraints/ - items: - description: TopologySpreadConstraint specifies how to spread matching - pods among the given topology. - required: - - maxSkew - - topologyKey - - whenUnsatisfiable - type: object - x-kubernetes-preserve-unknown-fields: true - type: array - updateStrategy: - description: UpdateStrategy - overrides default update strategy. - enum: - - Recreate - - RollingUpdate - type: string - useDefaultResources: - description: |- - UseDefaultResources controls resource settings - By default, operator sets built-in resource requirements - type: boolean - useStrictSecurity: - description: |- - UseStrictSecurity enables strict security mode for component - it restricts disk writes access - uses non-root user out of the box - drops not needed security permissions - type: boolean - useVMConfigReloader: - description: |- - UseVMConfigReloader replaces prometheus-like config-reloader - with vm one. It uses secrets watch instead of file watch - which greatly increases speed of config updates - type: boolean - volumeMounts: - description: |- - VolumeMounts allows configuration of additional VolumeMounts on the output Deployment/StatefulSet definition. - VolumeMounts specified will be appended to other VolumeMounts in the Application container - items: - description: VolumeMount describes a mounting of a Volume within - a container. - properties: - mountPath: - description: |- - Path within the container at which the volume should be mounted. Must - not contain ':'. - type: string - mountPropagation: - description: |- - mountPropagation determines how mounts are propagated from the host - to container and the other way around. - When not set, MountPropagationNone is used. - This field is beta in 1.10. - When RecursiveReadOnly is set to IfPossible or to Enabled, MountPropagation must be None or unspecified - (which defaults to None). - type: string - name: - description: This must match the Name of a Volume. - type: string - readOnly: - description: |- - Mounted read-only if true, read-write otherwise (false or unspecified). - Defaults to false. - type: boolean - recursiveReadOnly: - description: |- - RecursiveReadOnly specifies whether read-only mounts should be handled - recursively. - - If ReadOnly is false, this field has no meaning and must be unspecified. - - If ReadOnly is true, and this field is set to Disabled, the mount is not made - recursively read-only. If this field is set to IfPossible, the mount is made - recursively read-only, if it is supported by the container runtime. If this - field is set to Enabled, the mount is made recursively read-only if it is - supported by the container runtime, otherwise the pod will not be started and - an error will be generated to indicate the reason. - - If this field is set to IfPossible or Enabled, MountPropagation must be set to - None (or be unspecified, which defaults to None). - - If this field is not specified, it is treated as an equivalent of Disabled. - type: string - subPath: - description: |- - Path within the volume from which the container's volume should be mounted. - Defaults to "" (volume's root). - type: string - subPathExpr: - description: |- - Expanded path within the volume from which the container's volume should be mounted. - Behaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment. - Defaults to "" (volume's root). - SubPathExpr and SubPath are mutually exclusive. - type: string - required: - - mountPath - - name - type: object - type: array - volumes: - description: |- - Volumes allows configuration of additional volumes on the output Deployment/StatefulSet definition. - Volumes specified will be appended to other volumes that are generated. - / +optional - items: - description: Volume represents a named volume in a pod that may - be accessed by any container in the pod. - required: - - name - type: object - x-kubernetes-preserve-unknown-fields: true - type: array - required: - - datasource + description: |- + Specification of the desired behavior of the VMAlertmanager cluster. More info: + https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#spec-and-status type: object + x-kubernetes-preserve-unknown-fields: true status: - description: VMAlertStatus defines the observed state of VMAlert + description: |- + Most recent observed status of the VMAlertmanager cluster. + Operator API itself. More info: + https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#spec-and-status properties: conditions: description: 'Known .status.conditions.type are: "Available", "Progressing", @@ -20246,6 +1018,8 @@ spec: description: UpdateStatus defines a status for update rollout type: string type: object + required: + - spec type: object served: true storage: true @@ -20257,32 +1031,33 @@ kind: CustomResourceDefinition metadata: annotations: controller-gen.kubebuilder.io/version: v0.18.0 - name: vmanomalies.operator.victoriametrics.com + name: vmalerts.operator.victoriametrics.com spec: group: operator.victoriametrics.com names: - kind: VMAnomaly - listKind: VMAnomalyList - plural: vmanomalies - singular: vmanomaly + kind: VMAlert + listKind: VMAlertList + plural: vmalerts + singular: vmalert scope: Namespaced versions: - additionalPrinterColumns: - - description: current number of shards - jsonPath: .status.shards - name: Shards Count - type: integer - description: Current status of update rollout jsonPath: .status.updateStatus name: Status type: string + - description: The desired replicas number of Alertmanagers + jsonPath: .spec.replicaCount + name: ReplicaCount + type: integer - jsonPath: .metadata.creationTimestamp name: Age type: date - name: v1 + name: v1beta1 schema: openAPIV3Schema: - description: VMAnomaly is the Schema for the vmanomalies API. + description: VMAlert executes a list of given alerting or recording rules + against configured address. properties: apiVersion: description: |- @@ -20302,2583 +1077,152 @@ spec: metadata: type: object spec: - description: VMAnomalySpec defines the desired state of VMAnomaly. + description: VMAlertSpec defines the desired state of VMAlert + required: + - datasource + type: object + x-kubernetes-preserve-unknown-fields: true + status: + description: VMAlertStatus defines the observed state of VMAlert properties: - affinity: - description: Affinity If specified, the pod's scheduling constraints. - type: object - x-kubernetes-preserve-unknown-fields: true - claimTemplates: - description: ClaimTemplates allows adding additional VolumeClaimTemplates - for VMAnomaly + conditions: + description: 'Known .status.conditions.type are: "Available", "Progressing", + and "Degraded"' items: - description: PersistentVolumeClaim is a user's request for and claim - to a persistent volume + description: Condition defines status condition of the resource properties: - apiVersion: - description: |- - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + lastTransitionTime: + description: lastTransitionTime is the last time the condition + transitioned from one status to another. + format: date-time type: string - kind: + lastUpdateTime: description: |- - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. - In CamelCase. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + LastUpdateTime is the last time of given type update. + This value is used for status TTL update and removal + format: date-time type: string - metadata: - description: |- - Standard object's metadata. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata - type: object - x-kubernetes-preserve-unknown-fields: true - spec: - description: |- - spec defines the desired characteristics of a volume requested by a pod author. - More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims - properties: - accessModes: - description: |- - accessModes contains the desired access modes the volume should have. - More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1 - items: - type: string - type: array - x-kubernetes-list-type: atomic - dataSource: - description: |- - dataSource field can be used to specify either: - * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot) - * An existing PVC (PersistentVolumeClaim) - If the provisioner or an external controller can support the specified data source, - it will create a new volume based on the contents of the specified data source. - When the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef, - and dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified. - If the namespace is specified, then dataSourceRef will not be copied to dataSource. - properties: - apiGroup: - description: |- - APIGroup is the group for the resource being referenced. - If APIGroup is not specified, the specified Kind must be in the core API group. - For any other third-party types, APIGroup is required. - type: string - kind: - description: Kind is the type of resource being referenced - type: string - name: - description: Name is the name of resource being referenced - type: string - required: - - kind - - name - type: object - x-kubernetes-map-type: atomic - dataSourceRef: - description: |- - dataSourceRef specifies the object from which to populate the volume with data, if a non-empty - volume is desired. This may be any object from a non-empty API group (non - core object) or a PersistentVolumeClaim object. - When this field is specified, volume binding will only succeed if the type of - the specified object matches some installed volume populator or dynamic - provisioner. - This field will replace the functionality of the dataSource field and as such - if both fields are non-empty, they must have the same value. For backwards - compatibility, when namespace isn't specified in dataSourceRef, - both fields (dataSource and dataSourceRef) will be set to the same - value automatically if one of them is empty and the other is non-empty. - When namespace is specified in dataSourceRef, - dataSource isn't set to the same value and must be empty. - There are three important differences between dataSource and dataSourceRef: - * While dataSource only allows two specific types of objects, dataSourceRef - allows any non-core object, as well as PersistentVolumeClaim objects. - * While dataSource ignores disallowed values (dropping them), dataSourceRef - preserves all values, and generates an error if a disallowed value is - specified. - * While dataSource only allows local objects, dataSourceRef allows objects - in any namespaces. - (Beta) Using this field requires the AnyVolumeDataSource feature gate to be enabled. - (Alpha) Using the namespace field of dataSourceRef requires the CrossNamespaceVolumeDataSource feature gate to be enabled. - properties: - apiGroup: - description: |- - APIGroup is the group for the resource being referenced. - If APIGroup is not specified, the specified Kind must be in the core API group. - For any other third-party types, APIGroup is required. - type: string - kind: - description: Kind is the type of resource being referenced - type: string - name: - description: Name is the name of resource being referenced - type: string - namespace: - description: |- - Namespace is the namespace of resource being referenced - Note that when a namespace is specified, a gateway.networking.k8s.io/ReferenceGrant object is required in the referent namespace to allow that namespace's owner to accept the reference. See the ReferenceGrant documentation for details. - (Alpha) This field requires the CrossNamespaceVolumeDataSource feature gate to be enabled. - type: string - required: - - kind - - name - type: object - resources: - description: |- - resources represents the minimum resources the volume should have. - If RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements - that are lower than previous value but must still be higher than capacity recorded in the - status field of the claim. - More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources - properties: - limits: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - description: |- - Limits describes the maximum amount of compute resources allowed. - More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ - type: object - requests: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - description: |- - Requests describes the minimum amount of compute resources required. - If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, - otherwise to an implementation-defined value. Requests cannot exceed Limits. - More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ - type: object - type: object - selector: - description: selector is a label query over volumes to consider - for binding. - properties: - matchExpressions: - description: matchExpressions is a list of label selector - requirements. The requirements are ANDed. - items: - description: |- - A label selector requirement is a selector that contains values, a key, and an operator that - relates the key and values. - properties: - key: - description: key is the label key that the selector - applies to. - type: string - operator: - description: |- - operator represents a key's relationship to a set of values. - Valid operators are In, NotIn, Exists and DoesNotExist. - type: string - values: - description: |- - values is an array of string values. If the operator is In or NotIn, - the values array must be non-empty. If the operator is Exists or DoesNotExist, - the values array must be empty. This array is replaced during a strategic - merge patch. - items: - type: string - type: array - x-kubernetes-list-type: atomic - required: - - key - - operator - type: object - type: array - x-kubernetes-list-type: atomic - matchLabels: - additionalProperties: - type: string - description: |- - matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels - map is equivalent to an element of matchExpressions, whose key field is "key", the - operator is "In", and the values array contains only "value". The requirements are ANDed. - type: object - type: object - x-kubernetes-map-type: atomic - storageClassName: - description: |- - storageClassName is the name of the StorageClass required by the claim. - More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1 - type: string - volumeAttributesClassName: - description: |- - volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim. - If specified, the CSI driver will create or update the volume with the attributes defined - in the corresponding VolumeAttributesClass. This has a different purpose than storageClassName, - it can be changed after the claim is created. An empty string value means that no VolumeAttributesClass - will be applied to the claim but it's not allowed to reset this field to empty string once it is set. - If unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass - will be set by the persistentvolume controller if it exists. - If the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be - set to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource - exists. - More info: https://kubernetes.io/docs/concepts/storage/volume-attributes-classes/ - (Beta) Using this field requires the VolumeAttributesClass feature gate to be enabled (off by default). - type: string - volumeMode: - description: |- - volumeMode defines what type of volume is required by the claim. - Value of Filesystem is implied when not included in claim spec. - type: string - volumeName: - description: volumeName is the binding reference to the - PersistentVolume backing this claim. - type: string - type: object - status: + message: description: |- - status represents the current information/status of a persistent volume claim. - Read-only. - More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims - properties: - accessModes: - description: |- - accessModes contains the actual access modes the volume backing the PVC has. - More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1 - items: - type: string - type: array - x-kubernetes-list-type: atomic - allocatedResourceStatuses: - additionalProperties: - description: |- - When a controller receives persistentvolume claim update with ClaimResourceStatus for a resource - that it does not recognizes, then it should ignore that update and let other controllers - handle it. - type: string - description: "allocatedResourceStatuses stores status of - resource being resized for the given PVC.\nKey names follow - standard Kubernetes label syntax. Valid values are either:\n\t* - Un-prefixed keys:\n\t\t- storage - the capacity of the - volume.\n\t* Custom resources must use implementation-defined - prefixed names such as \"example.com/my-custom-resource\"\nApart - from above values - keys that are unprefixed or have kubernetes.io - prefix are considered\nreserved and hence may not be used.\n\nClaimResourceStatus - can be in any of following states:\n\t- ControllerResizeInProgress:\n\t\tState - set when resize controller starts resizing the volume - in control-plane.\n\t- ControllerResizeFailed:\n\t\tState - set when resize has failed in resize controller with a - terminal error.\n\t- NodeResizePending:\n\t\tState set - when resize controller has finished resizing the volume - but further resizing of\n\t\tvolume is needed on the node.\n\t- - NodeResizeInProgress:\n\t\tState set when kubelet starts - resizing the volume.\n\t- NodeResizeFailed:\n\t\tState - set when resizing has failed in kubelet with a terminal - error. Transient errors don't set\n\t\tNodeResizeFailed.\nFor - example: if expanding a PVC for more capacity - this field - can be one of the following states:\n\t- pvc.status.allocatedResourceStatus['storage'] - = \"ControllerResizeInProgress\"\n - pvc.status.allocatedResourceStatus['storage'] - = \"ControllerResizeFailed\"\n - pvc.status.allocatedResourceStatus['storage'] - = \"NodeResizePending\"\n - pvc.status.allocatedResourceStatus['storage'] - = \"NodeResizeInProgress\"\n - pvc.status.allocatedResourceStatus['storage'] - = \"NodeResizeFailed\"\nWhen this field is not set, it - means that no resize operation is in progress for the - given PVC.\n\nA controller that receives PVC update with - previously unknown resourceName or ClaimResourceStatus\nshould - ignore the update for the purpose it was designed. For - example - a controller that\nonly is responsible for resizing - capacity of the volume, should ignore PVC updates that - change other valid\nresources associated with PVC.\n\nThis - is an alpha field and requires enabling RecoverVolumeExpansionFailure - feature." - type: object - x-kubernetes-map-type: granular - allocatedResources: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - description: "allocatedResources tracks the resources allocated - to a PVC including its capacity.\nKey names follow standard - Kubernetes label syntax. Valid values are either:\n\t* - Un-prefixed keys:\n\t\t- storage - the capacity of the - volume.\n\t* Custom resources must use implementation-defined - prefixed names such as \"example.com/my-custom-resource\"\nApart - from above values - keys that are unprefixed or have kubernetes.io - prefix are considered\nreserved and hence may not be used.\n\nCapacity - reported here may be larger than the actual capacity when - a volume expansion operation\nis requested.\nFor storage - quota, the larger value from allocatedResources and PVC.spec.resources - is used.\nIf allocatedResources is not set, PVC.spec.resources - alone is used for quota calculation.\nIf a volume expansion - capacity request is lowered, allocatedResources is only\nlowered - if there are no expansion operations in progress and if - the actual volume capacity\nis equal or lower than the - requested capacity.\n\nA controller that receives PVC - update with previously unknown resourceName\nshould ignore - the update for the purpose it was designed. For example - - a controller that\nonly is responsible for resizing - capacity of the volume, should ignore PVC updates that - change other valid\nresources associated with PVC.\n\nThis - is an alpha field and requires enabling RecoverVolumeExpansionFailure - feature." - type: object - capacity: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - description: capacity represents the actual resources of - the underlying volume. - type: object - conditions: - description: |- - conditions is the current Condition of persistent volume claim. If underlying persistent volume is being - resized then the Condition will be set to 'Resizing'. - items: - description: PersistentVolumeClaimCondition contains details - about state of pvc - properties: - lastProbeTime: - description: lastProbeTime is the time we probed the - condition. - format: date-time - type: string - lastTransitionTime: - description: lastTransitionTime is the time the condition - transitioned from one status to another. - format: date-time - type: string - message: - description: message is the human-readable message - indicating details about last transition. - type: string - reason: - description: |- - reason is a unique, this should be a short, machine understandable string that gives the reason - for condition's last transition. If it reports "Resizing" that means the underlying - persistent volume is being resized. - type: string - status: - description: |- - Status is the status of the condition. - Can be True, False, Unknown. - More info: https://kubernetes.io/docs/reference/kubernetes-api/config-and-storage-resources/persistent-volume-claim-v1/#:~:text=state%20of%20pvc-,conditions.status,-(string)%2C%20required - type: string - type: - description: |- - Type is the type of the condition. - More info: https://kubernetes.io/docs/reference/kubernetes-api/config-and-storage-resources/persistent-volume-claim-v1/#:~:text=set%20to%20%27ResizeStarted%27.-,PersistentVolumeClaimCondition,-contains%20details%20about - type: string - required: - - status - - type - type: object - type: array - x-kubernetes-list-map-keys: - - type - x-kubernetes-list-type: map - currentVolumeAttributesClassName: - description: |- - currentVolumeAttributesClassName is the current name of the VolumeAttributesClass the PVC is using. - When unset, there is no VolumeAttributeClass applied to this PersistentVolumeClaim - This is a beta field and requires enabling VolumeAttributesClass feature (off by default). - type: string - modifyVolumeStatus: - description: |- - ModifyVolumeStatus represents the status object of ControllerModifyVolume operation. - When this is unset, there is no ModifyVolume operation being attempted. - This is a beta field and requires enabling VolumeAttributesClass feature (off by default). - properties: - status: - description: "status is the status of the ControllerModifyVolume - operation. It can be in any of following states:\n - - Pending\n Pending indicates that the PersistentVolumeClaim - cannot be modified due to unmet requirements, such - as\n the specified VolumeAttributesClass not existing.\n - - InProgress\n InProgress indicates that the volume - is being modified.\n - Infeasible\n Infeasible indicates - that the request has been rejected as invalid by the - CSI driver. To\n\t resolve the error, a valid VolumeAttributesClass - needs to be specified.\nNote: New statuses can be - added in the future. Consumers should check for unknown - statuses and fail appropriately." - type: string - targetVolumeAttributesClassName: - description: targetVolumeAttributesClassName is the - name of the VolumeAttributesClass the PVC currently - being reconciled - type: string - required: - - status - type: object - phase: - description: phase represents the current phase of PersistentVolumeClaim. - type: string - type: object - type: object - type: array - configMaps: - description: |- - ConfigMaps is a list of ConfigMaps in the same namespace as the Application - object, which shall be mounted into the Application container - at /etc/vm/configs/CONFIGMAP_NAME folder - items: - type: string - type: array - configRawYaml: - description: |- - ConfigRawYaml - raw configuration for anomaly, - it helps it to start without secret. - priority -> hardcoded ConfigRaw -> ConfigRaw, provided by user -> ConfigSecret. - type: string - configSecret: - description: |- - ConfigSecret is the name of a Kubernetes Secret in the same namespace as the - VMAnomaly object, which contains configuration for this VMAnomaly, - configuration must be inside secret key: anomaly.yaml. - It must be created by user. - instance. Defaults to 'vmanomaly-' - The secret is mounted into /etc/anomaly/config. - properties: - key: - description: The key of the secret to select from. Must be a - valid secret key. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the Secret or its key must be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - containers: - description: |- - Containers property allows to inject additions sidecars or to patch existing containers. - It can be useful for proxies, backup, etc. - items: - description: A single application container that you want to run - within a pod. - required: - - name - type: object - x-kubernetes-preserve-unknown-fields: true - type: array - disableAutomountServiceAccountToken: - description: |- - DisableAutomountServiceAccountToken whether to disable serviceAccount auto mount by Kubernetes (available from v0.54.0). - Operator will conditionally create volumes and volumeMounts for containers if it requires k8s API access. - For example, vmagent and vm-config-reloader requires k8s API access. - Operator creates volumes with name: "kube-api-access", which can be used as volumeMount for extraContainers if needed. - And also adds VolumeMounts at /var/run/secrets/kubernetes.io/serviceaccount. - type: boolean - disableSelfServiceScrape: - description: |- - DisableSelfServiceScrape controls creation of VMServiceScrape by operator - for the application. - Has priority over `VM_DISABLESELFSERVICESCRAPECREATION` operator env variable - type: boolean - dnsConfig: - description: |- - Specifies the DNS parameters of a pod. - Parameters specified here will be merged to the generated DNS - configuration based on DNSPolicy. - items: - x-kubernetes-preserve-unknown-fields: true - properties: - nameservers: - description: |- - A list of DNS name server IP addresses. - This will be appended to the base nameservers generated from DNSPolicy. - Duplicated nameservers will be removed. - items: - type: string - type: array - x-kubernetes-list-type: atomic - options: - description: |- - A list of DNS resolver options. - This will be merged with the base options generated from DNSPolicy. - Duplicated entries will be removed. Resolution options given in Options - will override those that appear in the base DNSPolicy. - items: - description: PodDNSConfigOption defines DNS resolver options - of a pod. - properties: - name: - description: |- - Name is this DNS resolver option's name. - Required. - type: string - value: - description: Value is this DNS resolver option's value. - type: string - type: object - type: array - x-kubernetes-list-type: atomic - searches: - description: |- - A list of DNS search domains for host-name lookup. - This will be appended to the base search paths generated from DNSPolicy. - Duplicated search paths will be removed. - items: - type: string - type: array - x-kubernetes-list-type: atomic - type: object - dnsPolicy: - description: DNSPolicy sets DNS policy for the pod - type: string - extraArgs: - additionalProperties: - type: string - description: |- - ExtraArgs that will be passed to the application container - for example remoteWrite.tmpDataPath: /tmp - type: object - extraEnvs: - description: ExtraEnvs that will be passed to the application container - items: - description: EnvVar represents an environment variable present in - a Container. - properties: - name: - description: Name of the environment variable. Must be a C_IDENTIFIER. + message is a human readable message indicating details about the transition. + This may be an empty string. + maxLength: 32768 type: string - value: + observedGeneration: description: |- - Variable references $(VAR_NAME) are expanded - using the previously defined environment variables in the container and - any service environment variables. If a variable cannot be resolved, - the reference in the input string will be unchanged. Double $$ are reduced - to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. - "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". - Escaped references will never be expanded, regardless of whether the variable - exists or not. - Defaults to "". - type: string - required: - - name - type: object - x-kubernetes-preserve-unknown-fields: true - type: array - extraEnvsFrom: - description: |- - ExtraEnvsFrom defines source of env variables for the application container - could either be secret or configmap - items: - description: EnvFromSource represents the source of a set of ConfigMaps - properties: - configMapRef: - description: The ConfigMap to select from - properties: - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the ConfigMap must be defined - type: boolean - type: object - x-kubernetes-map-type: atomic - prefix: - description: An optional identifier to prepend to each key in - the ConfigMap. Must be a C_IDENTIFIER. - type: string - secretRef: - description: The Secret to select from - properties: - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the Secret must be defined - type: boolean - type: object - x-kubernetes-map-type: atomic - type: object - type: array - host_aliases: - description: |- - HostAliasesUnderScore provides mapping for ip and hostname, - that would be propagated to pod, - cannot be used with HostNetwork. - Has Priority over hostAliases field - items: - description: |- - HostAlias holds the mapping between IP and hostnames that will be injected as an entry in the - pod's hosts file. - properties: - hostnames: - description: Hostnames for the above IP address. - items: - type: string - type: array - x-kubernetes-list-type: atomic - ip: - description: IP address of the host file entry. - type: string - required: - - ip - type: object - type: array - hostAliases: - description: |- - HostAliases provides mapping for ip and hostname, - that would be propagated to pod, - cannot be used with HostNetwork. - items: - description: |- - HostAlias holds the mapping between IP and hostnames that will be injected as an entry in the - pod's hosts file. - properties: - hostnames: - description: Hostnames for the above IP address. - items: - type: string - type: array - x-kubernetes-list-type: atomic - ip: - description: IP address of the host file entry. - type: string - required: - - ip - type: object - type: array - hostNetwork: - description: HostNetwork controls whether the pod may use the node - network namespace - type: boolean - image: - description: |- - Image - docker image settings - if no specified operator uses default version from operator config - properties: - pullPolicy: - description: PullPolicy describes how to pull docker image - type: string - repository: - description: Repository contains name of docker image + it's repository - if needed - type: string - tag: - description: Tag contains desired docker image version - type: string - type: object - imagePullSecrets: - description: |- - ImagePullSecrets An optional list of references to secrets in the same namespace - to use for pulling images from registries - see https://kubernetes.io/docs/concepts/containers/images/#referring-to-an-imagepullsecrets-on-a-pod - items: - description: |- - LocalObjectReference contains enough information to let you locate the - referenced object inside the same namespace. - properties: - name: - default: "" + observedGeneration represents the .metadata.generation that the condition was set based upon. + For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date + with respect to the current state of the instance. + format: int64 + minimum: 0 + type: integer + reason: description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - type: object - x-kubernetes-map-type: atomic - type: array - initContainers: - description: |- - InitContainers allows adding initContainers to the pod definition. - Any errors during the execution of an initContainer will lead to a restart of the Pod. - More info: https://kubernetes.io/docs/concepts/workloads/pods/init-containers/ - items: - description: A single application container that you want to run - within a pod. - required: - - name - type: object - x-kubernetes-preserve-unknown-fields: true - type: array - license: - description: |- - License allows to configure license key to be used for enterprise features. - Using license key is supported starting from VictoriaMetrics v1.94.0. - See [here](https://docs.victoriametrics.com/victoriametrics/enterprise/) - properties: - forceOffline: - description: Enforce offline verification of the license key. - type: boolean - key: - description: |- - Enterprise license key. This flag is available only in [VictoriaMetrics enterprise](https://docs.victoriametrics.com/victoriametrics/enterprise/). - To request a trial license, [go to](https://victoriametrics.com/products/enterprise/trial) - type: string - keyRef: - description: KeyRef is reference to secret with license key for - enterprise features. - properties: - key: - description: The key of the secret to select from. Must be - a valid secret key. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the Secret or its key must be - defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - reloadInterval: - description: Interval to be used for checking for license key - changes. Note that this is only applicable when using KeyRef. - type: string - type: object - livenessProbe: - description: LivenessProbe that will be added CRD pod - type: object - x-kubernetes-preserve-unknown-fields: true - logLevel: - description: |- - LogLevel for VMAnomaly to be configured with. - INFO, WARN, ERROR, FATAL, PANIC - enum: - - INFO - - WARN - - ERROR - - FATAL - - PANIC - type: string - managedMetadata: - description: |- - ManagedMetadata defines metadata that will be added to the all objects - created by operator for the given CustomResource - properties: - annotations: - additionalProperties: - type: string - description: |- - Annotations is an unstructured key value map stored with a resource that may be - set by external tools to store and retrieve arbitrary metadata. They are not - queryable and should be preserved when modifying objects. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations - type: object - labels: - additionalProperties: - type: string - description: |- - Labels Map of string keys and values that can be used to organize and categorize - (scope and select) objects. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels - type: object - type: object - minReadySeconds: - description: |- - MinReadySeconds defines a minimum number of seconds to wait before starting update next pod - if previous in healthy state - Has no effect for VLogs and VMSingle - format: int32 - type: integer - monitoring: - description: |- - Monitoring configures how expose anomaly metrics - See https://docs.victoriametrics.com/anomaly-detection/components/monitoring/ - properties: - pull: - description: |- - VMAnomalyMonitoringPullSpec defines pull monitoring configuration - which is enabled by default and served at POD_IP:8490/metrics - properties: - addr: - description: Addr changes listen addr, default is 0.0.0.0 - type: string - port: - description: Port defines a port for metrics scrape - type: string - required: - - port - type: object - push: - description: |- - VMAnomalyMonitoringPushSpec defines metrics push configuration - - VMAnomaly uses prometheus text exposition format - properties: - basicAuth: - description: Basic auth defines basic authorization configuration - properties: - password: - description: |- - Password defines reference for secret with password value - The secret needs to be in the same namespace as scrape object - properties: - key: - description: The key of the secret to select from. Must - be a valid secret key. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the Secret or its key - must be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - password_file: - description: |- - PasswordFile defines path to password file at disk - must be pre-mounted - type: string - username: - description: |- - Username defines reference for secret with username value - The secret needs to be in the same namespace as scrape object - properties: - key: - description: The key of the secret to select from. Must - be a valid secret key. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the Secret or its key - must be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - type: object - bearer: - description: 'BearerAuth defines authorization with Authorization: - Bearer header' - properties: - bearerTokenFile: - description: Path to bearer token file - type: string - bearerTokenSecret: - description: Optional bearer auth token to use for -remoteWrite.url - properties: - key: - description: The key of the secret to select from. Must - be a valid secret key. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the Secret or its key - must be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - type: object - extraLabels: - additionalProperties: - type: string - description: ExtraLabels defines a set of labels to attach - to the pushed metrics - type: object - healthPath: - description: HealthPath defines absolute or relative URL address - where to check availability of the remote webserver - type: string - pushFrequency: - description: PushFrequency defines push interval - type: string - tenantID: - description: TenantID defines for VictoriaMetrics Cluster - version only, tenants are identified by accountID, accountID:projectID - or multitenant. - type: string - timeout: - description: Timeout for the requests, passed as a string - type: string - tlsConfig: - description: TLSConfig defines tls connection configuration - properties: - ca: - description: Struct containing the CA cert to use for - the targets. - properties: - configMap: - description: ConfigMap containing data to use for - the targets. - properties: - key: - description: The key to select. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the ConfigMap or - its key must be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - secret: - description: Secret containing data to use for the - targets. - properties: - key: - description: The key of the secret to select from. Must - be a valid secret key. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the Secret or its - key must be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - type: object - caFile: - description: Path to the CA cert in the container to use - for the targets. - type: string - cert: - description: Struct containing the client cert file for - the targets. - properties: - configMap: - description: ConfigMap containing data to use for - the targets. - properties: - key: - description: The key to select. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the ConfigMap or - its key must be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - secret: - description: Secret containing data to use for the - targets. - properties: - key: - description: The key of the secret to select from. Must - be a valid secret key. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the Secret or its - key must be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - type: object - certFile: - description: Path to the client cert file in the container - for the targets. - type: string - insecureSkipVerify: - description: Disable target certificate validation. - type: boolean - keyFile: - description: Path to the client key file in the container - for the targets. - type: string - keySecret: - description: Secret containing the client key file for - the targets. - properties: - key: - description: The key of the secret to select from. Must - be a valid secret key. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the Secret or its key - must be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - serverName: - description: Used to verify the hostname for the targets. - type: string - type: object - url: - description: defines target url for push requests - type: string - required: - - url - type: object - type: object - nodeSelector: - additionalProperties: - type: string - description: NodeSelector Define which Nodes the Pods are scheduled - on. - type: object - paused: - description: |- - Paused If set to true all actions on the underlying managed objects are not - going to be performed, except for delete actions. - type: boolean - persistentVolumeClaimRetentionPolicy: - description: PersistentVolumeClaimRetentionPolicy allows configuration - of PVC retention policy - properties: - whenDeleted: - description: |- - WhenDeleted specifies what happens to PVCs created from StatefulSet - VolumeClaimTemplates when the StatefulSet is deleted. The default policy - of `Retain` causes PVCs to not be affected by StatefulSet deletion. The - `Delete` policy causes those PVCs to be deleted. - type: string - whenScaled: - description: |- - WhenScaled specifies what happens to PVCs created from StatefulSet - VolumeClaimTemplates when the StatefulSet is scaled down. The default - policy of `Retain` causes PVCs to not be affected by a scaledown. The - `Delete` policy causes the associated PVCs for any excess pods above - the replica count to be deleted. - type: string - type: object - podDisruptionBudget: - description: PodDisruptionBudget created by operator - properties: - maxUnavailable: - anyOf: - - type: integer - - type: string - description: |- - An eviction is allowed if at most "maxUnavailable" pods selected by - "selector" are unavailable after the eviction, i.e. even in absence of - the evicted pod. For example, one can prevent all voluntary evictions - by specifying 0. This is a mutually exclusive setting with "minAvailable". - x-kubernetes-int-or-string: true - minAvailable: - anyOf: - - type: integer - - type: string - description: |- - An eviction is allowed if at least "minAvailable" pods selected by - "selector" will still be available after the eviction, i.e. even in the - absence of the evicted pod. So for example you can prevent all voluntary - evictions by specifying "100%". - x-kubernetes-int-or-string: true - selectorLabels: - additionalProperties: - type: string - description: |- - replaces default labels selector generated by operator - it's useful when you need to create custom budget - type: object - type: object - podMetadata: - description: PodMetadata configures Labels and Annotations which are - propagated to the vmanomaly pods. - properties: - annotations: - additionalProperties: - type: string - description: |- - Annotations is an unstructured key value map stored with a resource that may be - set by external tools to store and retrieve arbitrary metadata. They are not - queryable and should be preserved when modifying objects. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations - type: object - labels: - additionalProperties: - type: string - description: |- - Labels Map of string keys and values that can be used to organize and categorize - (scope and select) objects. May match selectors of replication controllers - and services. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels - type: object - name: - description: |- - Name must be unique within a namespace. Is required when creating resources, although - some resources may allow a client to request the generation of an appropriate name - automatically. Name is primarily intended for creation idempotence and configuration - definition. - Cannot be updated. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names#names - type: string - type: object - port: - description: Port listen address - type: string - priorityClassName: - description: PriorityClassName class assigned to the Pods - type: string - reader: - description: |- - Metrics source for VMAnomaly - See https://docs.victoriametrics.com/anomaly-detection/components/reader/ - properties: - basicAuth: - description: Basic auth defines basic authorization configuration - properties: - password: - description: |- - Password defines reference for secret with password value - The secret needs to be in the same namespace as scrape object - properties: - key: - description: The key of the secret to select from. Must - be a valid secret key. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the Secret or its key must - be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - password_file: - description: |- - PasswordFile defines path to password file at disk - must be pre-mounted - type: string - username: - description: |- - Username defines reference for secret with username value - The secret needs to be in the same namespace as scrape object - properties: - key: - description: The key of the secret to select from. Must - be a valid secret key. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the Secret or its key must - be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - type: object - bearer: - description: 'BearerAuth defines authorization with Authorization: - Bearer header' - properties: - bearerTokenFile: - description: Path to bearer token file - type: string - bearerTokenSecret: - description: Optional bearer auth token to use for -remoteWrite.url - properties: - key: - description: The key of the secret to select from. Must - be a valid secret key. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the Secret or its key must - be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - type: object - dataRange: - description: Optional argumentallows defining valid data ranges - for input of all the queries in queries - items: + reason contains a programmatic identifier indicating the reason for the condition's last transition. + Producers of specific condition types may define expected values and meanings for this field, + and whether the values are considered a guaranteed API. + The value should be a CamelCase string. + This field may not be empty. + maxLength: 1024 + minLength: 1 type: string - type: array - datasourceURL: - description: |- - DatasourceURL address - datasource must serve /api/v1/query and /api/v1/query_range APIs - type: string - extraFilters: - description: List of strings with series selector. - items: + status: + description: status of the condition, one of True, False, Unknown. + enum: + - "True" + - "False" + - Unknown type: string - type: array - healthPath: - description: HealthPath defines absolute or relative URL address - where to check availability of the remote webserver - type: string - latencyOffset: - description: It allows overriding the default -search.latencyOffsetflag - of VictoriaMetrics - type: string - maxPointsPerQuery: - description: Optional argoverrides how search.maxPointsPerTimeseries - flagimpacts vmanomaly on splitting long fitWindow queries into - smaller sub-intervals - type: integer - queryFromLastSeenTimestamp: - description: If True, then query will be performed from the last - seen timestamp for a given series. - type: boolean - queryRangePath: - description: Performs PromQL/MetricsQL range query - type: string - samplingPeriod: - description: Frequency of the points returned - type: string - tenantID: - description: TenantID defines for VictoriaMetrics Cluster version - only, tenants are identified by accountID, accountID:projectID - or multitenant. - type: string - timeout: - description: Timeout for the requests, passed as a string - type: string - tlsConfig: - description: TLSConfig defines tls connection configuration - properties: - ca: - description: Struct containing the CA cert to use for the - targets. - properties: - configMap: - description: ConfigMap containing data to use for the - targets. - properties: - key: - description: The key to select. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the ConfigMap or its - key must be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - secret: - description: Secret containing data to use for the targets. - properties: - key: - description: The key of the secret to select from. Must - be a valid secret key. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the Secret or its key - must be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - type: object - caFile: - description: Path to the CA cert in the container to use for - the targets. - type: string - cert: - description: Struct containing the client cert file for the - targets. - properties: - configMap: - description: ConfigMap containing data to use for the - targets. - properties: - key: - description: The key to select. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the ConfigMap or its - key must be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - secret: - description: Secret containing data to use for the targets. - properties: - key: - description: The key of the secret to select from. Must - be a valid secret key. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the Secret or its key - must be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - type: object - certFile: - description: Path to the client cert file in the container - for the targets. - type: string - insecureSkipVerify: - description: Disable target certificate validation. - type: boolean - keyFile: - description: Path to the client key file in the container - for the targets. - type: string - keySecret: - description: Secret containing the client key file for the - targets. - properties: - key: - description: The key of the secret to select from. Must - be a valid secret key. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the Secret or its key must - be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - serverName: - description: Used to verify the hostname for the targets. - type: string - type: object - tz: - description: Optional argumentspecifies the IANA timezone to account - for local shifts, like DST, in models sensitive to seasonal - patterns - type: string - required: - - datasourceURL - - samplingPeriod - type: object - readinessGates: - description: ReadinessGates defines pod readiness gates - items: - description: PodReadinessGate contains the reference to a pod condition - properties: - conditionType: - description: ConditionType refers to a condition in the pod's - condition list with matching type. + type: + description: Type of condition in CamelCase or in name.namespace.resource.victoriametrics.com/CamelCase. + maxLength: 316 type: string required: - - conditionType + - lastTransitionTime + - lastUpdateTime + - reason + - status + - type type: object type: array - readinessProbe: - description: ReadinessProbe that will be added CRD pod - type: object - x-kubernetes-preserve-unknown-fields: true - replicaCount: - description: ReplicaCount is the expected size of the Application. - format: int32 - type: integer - resources: - description: |- - Resources container resource request and limits, https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ - if not defined default resources from operator config will be used - properties: - claims: - description: |- - Claims lists the names of resources, defined in spec.resourceClaims, - that are used by this container. - - This is an alpha field and requires enabling the - DynamicResourceAllocation feature gate. - - This field is immutable. It can only be set for containers. - items: - description: ResourceClaim references one entry in PodSpec.ResourceClaims. - properties: - name: - description: |- - Name must match the name of one entry in pod.spec.resourceClaims of - the Pod where this field is used. It makes that resource available - inside a container. - type: string - request: - description: |- - Request is the name chosen for a request in the referenced claim. - If empty, everything from the claim is made available, otherwise - only the result of this request. - type: string - required: - - name - type: object - type: array - x-kubernetes-list-map-keys: - - name - x-kubernetes-list-type: map - limits: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - description: |- - Limits describes the maximum amount of compute resources allowed. - More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ - type: object - requests: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - description: |- - Requests describes the minimum amount of compute resources required. - If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, - otherwise to an implementation-defined value. Requests cannot exceed Limits. - More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ - type: object - type: object - revisionHistoryLimitCount: + x-kubernetes-list-map-keys: + - type + x-kubernetes-list-type: map + observedGeneration: description: |- - The number of old ReplicaSets to retain to allow rollback in deployment or - maximum number of revisions that will be maintained in the Deployment revision history. - Has no effect at StatefulSets - Defaults to 10. - format: int32 + ObservedGeneration defines current generation picked by operator for the + reconcile + format: int64 type: integer - rollingUpdateStrategy: - description: |- - RollingUpdateStrategy allows configuration for strategyType - set it to RollingUpdate for disabling operator statefulSet rollingUpdate - type: string - runtimeClassName: - description: |- - RuntimeClassName - defines runtime class for kubernetes pod. - https://kubernetes.io/docs/concepts/containers/runtime-class/ - type: string - schedulerName: - description: SchedulerName - defines kubernetes scheduler name + reason: + description: Reason defines human readable error reason type: string - secrets: - description: |- - Secrets is a list of Secrets in the same namespace as the Application - object, which shall be mounted into the Application container - at /etc/vm/secrets/SECRET_NAME folder - items: - type: string - type: array - securityContext: - description: |- - SecurityContext holds pod-level security attributes and common container settings. - This defaults to the default PodSecurityContext. - type: object - x-kubernetes-preserve-unknown-fields: true - serviceAccountName: - description: ServiceAccountName is the name of the ServiceAccount - to use to run the pods + updateStatus: + description: UpdateStatus defines a status for update rollout type: string - serviceScrapeSpec: - description: ServiceScrapeSpec that will be added to vmanomaly VMPodScrape - spec - required: - - endpoints - type: object - x-kubernetes-preserve-unknown-fields: true - shardCount: - description: |- - ShardCount - numbers of shards of VMAnomaly - in this case operator will use 1 sts per shard with - replicas count according to spec.replicas. - type: integer - startupProbe: - description: StartupProbe that will be added to CRD pod - type: object - x-kubernetes-preserve-unknown-fields: true - storage: - description: Storage configures storage for StatefulSet - properties: - disableMountSubPath: - description: |- - Deprecated: subPath usage will be disabled by default in a future release, this option will become unnecessary. - DisableMountSubPath allows to remove any subPath usage in volume mounts. - type: boolean - emptyDir: - description: |- - EmptyDirVolumeSource to be used by the Prometheus StatefulSets. If specified, used in place of any volumeClaimTemplate. More - info: https://kubernetes.io/docs/concepts/storage/volumes/#emptydir - properties: - medium: - description: |- - medium represents what type of storage medium should back this directory. - The default is "" which means to use the node's default medium. - Must be an empty string (default) or Memory. - More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir - type: string - sizeLimit: - anyOf: - - type: integer - - type: string - description: |- - sizeLimit is the total amount of local storage required for this EmptyDir volume. - The size limit is also applicable for memory medium. - The maximum usage on memory medium EmptyDir would be the minimum value between - the SizeLimit specified here and the sum of memory limits of all containers in a pod. - The default is nil which means that the limit is undefined. - More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - type: object - volumeClaimTemplate: - description: A PVC spec to be used by the StatefulSets/Deployments. - properties: - apiVersion: - description: |- - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources - type: string - kind: - description: |- - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. - In CamelCase. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds - type: string - metadata: - description: EmbeddedMetadata contains metadata relevant to - an EmbeddedResource. - properties: - annotations: - additionalProperties: - type: string - description: |- - Annotations is an unstructured key value map stored with a resource that may be - set by external tools to store and retrieve arbitrary metadata. They are not - queryable and should be preserved when modifying objects. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations - type: object - labels: - additionalProperties: - type: string - description: |- - Labels Map of string keys and values that can be used to organize and categorize - (scope and select) objects. May match selectors of replication controllers - and services. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels - type: object - name: - description: |- - Name must be unique within a namespace. Is required when creating resources, although - some resources may allow a client to request the generation of an appropriate name - automatically. Name is primarily intended for creation idempotence and configuration - definition. - Cannot be updated. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names#names - type: string - type: object - spec: - description: |- - Spec defines the desired characteristics of a volume requested by a pod author. - More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims - properties: - accessModes: - description: |- - accessModes contains the desired access modes the volume should have. - More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1 - items: - type: string - type: array - x-kubernetes-list-type: atomic - dataSource: - description: |- - dataSource field can be used to specify either: - * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot) - * An existing PVC (PersistentVolumeClaim) - If the provisioner or an external controller can support the specified data source, - it will create a new volume based on the contents of the specified data source. - When the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef, - and dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified. - If the namespace is specified, then dataSourceRef will not be copied to dataSource. - properties: - apiGroup: - description: |- - APIGroup is the group for the resource being referenced. - If APIGroup is not specified, the specified Kind must be in the core API group. - For any other third-party types, APIGroup is required. - type: string - kind: - description: Kind is the type of resource being referenced - type: string - name: - description: Name is the name of resource being referenced - type: string - required: - - kind - - name - type: object - x-kubernetes-map-type: atomic - dataSourceRef: - description: |- - dataSourceRef specifies the object from which to populate the volume with data, if a non-empty - volume is desired. This may be any object from a non-empty API group (non - core object) or a PersistentVolumeClaim object. - When this field is specified, volume binding will only succeed if the type of - the specified object matches some installed volume populator or dynamic - provisioner. - This field will replace the functionality of the dataSource field and as such - if both fields are non-empty, they must have the same value. For backwards - compatibility, when namespace isn't specified in dataSourceRef, - both fields (dataSource and dataSourceRef) will be set to the same - value automatically if one of them is empty and the other is non-empty. - When namespace is specified in dataSourceRef, - dataSource isn't set to the same value and must be empty. - There are three important differences between dataSource and dataSourceRef: - * While dataSource only allows two specific types of objects, dataSourceRef - allows any non-core object, as well as PersistentVolumeClaim objects. - * While dataSource ignores disallowed values (dropping them), dataSourceRef - preserves all values, and generates an error if a disallowed value is - specified. - * While dataSource only allows local objects, dataSourceRef allows objects - in any namespaces. - (Beta) Using this field requires the AnyVolumeDataSource feature gate to be enabled. - (Alpha) Using the namespace field of dataSourceRef requires the CrossNamespaceVolumeDataSource feature gate to be enabled. - properties: - apiGroup: - description: |- - APIGroup is the group for the resource being referenced. - If APIGroup is not specified, the specified Kind must be in the core API group. - For any other third-party types, APIGroup is required. - type: string - kind: - description: Kind is the type of resource being referenced - type: string - name: - description: Name is the name of resource being referenced - type: string - namespace: - description: |- - Namespace is the namespace of resource being referenced - Note that when a namespace is specified, a gateway.networking.k8s.io/ReferenceGrant object is required in the referent namespace to allow that namespace's owner to accept the reference. See the ReferenceGrant documentation for details. - (Alpha) This field requires the CrossNamespaceVolumeDataSource feature gate to be enabled. - type: string - required: - - kind - - name - type: object - resources: - description: |- - resources represents the minimum resources the volume should have. - If RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements - that are lower than previous value but must still be higher than capacity recorded in the - status field of the claim. - More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources - properties: - limits: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - description: |- - Limits describes the maximum amount of compute resources allowed. - More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ - type: object - requests: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - description: |- - Requests describes the minimum amount of compute resources required. - If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, - otherwise to an implementation-defined value. Requests cannot exceed Limits. - More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ - type: object - type: object - selector: - description: selector is a label query over volumes to - consider for binding. - properties: - matchExpressions: - description: matchExpressions is a list of label selector - requirements. The requirements are ANDed. - items: - description: |- - A label selector requirement is a selector that contains values, a key, and an operator that - relates the key and values. - properties: - key: - description: key is the label key that the selector - applies to. - type: string - operator: - description: |- - operator represents a key's relationship to a set of values. - Valid operators are In, NotIn, Exists and DoesNotExist. - type: string - values: - description: |- - values is an array of string values. If the operator is In or NotIn, - the values array must be non-empty. If the operator is Exists or DoesNotExist, - the values array must be empty. This array is replaced during a strategic - merge patch. - items: - type: string - type: array - x-kubernetes-list-type: atomic - required: - - key - - operator - type: object - type: array - x-kubernetes-list-type: atomic - matchLabels: - additionalProperties: - type: string - description: |- - matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels - map is equivalent to an element of matchExpressions, whose key field is "key", the - operator is "In", and the values array contains only "value". The requirements are ANDed. - type: object - type: object - x-kubernetes-map-type: atomic - storageClassName: - description: |- - storageClassName is the name of the StorageClass required by the claim. - More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1 - type: string - volumeAttributesClassName: - description: |- - volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim. - If specified, the CSI driver will create or update the volume with the attributes defined - in the corresponding VolumeAttributesClass. This has a different purpose than storageClassName, - it can be changed after the claim is created. An empty string value means that no VolumeAttributesClass - will be applied to the claim but it's not allowed to reset this field to empty string once it is set. - If unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass - will be set by the persistentvolume controller if it exists. - If the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be - set to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource - exists. - More info: https://kubernetes.io/docs/concepts/storage/volume-attributes-classes/ - (Beta) Using this field requires the VolumeAttributesClass feature gate to be enabled (off by default). - type: string - volumeMode: - description: |- - volumeMode defines what type of volume is required by the claim. - Value of Filesystem is implied when not included in claim spec. - type: string - volumeName: - description: volumeName is the binding reference to the - PersistentVolume backing this claim. - type: string - type: object - status: - description: |- - Status represents the current information/status of a persistent volume claim. - Read-only. - More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims - properties: - accessModes: - description: |- - accessModes contains the actual access modes the volume backing the PVC has. - More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1 - items: - type: string - type: array - x-kubernetes-list-type: atomic - allocatedResourceStatuses: - additionalProperties: - description: |- - When a controller receives persistentvolume claim update with ClaimResourceStatus for a resource - that it does not recognizes, then it should ignore that update and let other controllers - handle it. - type: string - description: "allocatedResourceStatuses stores status - of resource being resized for the given PVC.\nKey names - follow standard Kubernetes label syntax. Valid values - are either:\n\t* Un-prefixed keys:\n\t\t- storage - - the capacity of the volume.\n\t* Custom resources must - use implementation-defined prefixed names such as \"example.com/my-custom-resource\"\nApart - from above values - keys that are unprefixed or have - kubernetes.io prefix are considered\nreserved and hence - may not be used.\n\nClaimResourceStatus can be in any - of following states:\n\t- ControllerResizeInProgress:\n\t\tState - set when resize controller starts resizing the volume - in control-plane.\n\t- ControllerResizeFailed:\n\t\tState - set when resize has failed in resize controller with - a terminal error.\n\t- NodeResizePending:\n\t\tState - set when resize controller has finished resizing the - volume but further resizing of\n\t\tvolume is needed - on the node.\n\t- NodeResizeInProgress:\n\t\tState set - when kubelet starts resizing the volume.\n\t- NodeResizeFailed:\n\t\tState - set when resizing has failed in kubelet with a terminal - error. Transient errors don't set\n\t\tNodeResizeFailed.\nFor - example: if expanding a PVC for more capacity - this - field can be one of the following states:\n\t- pvc.status.allocatedResourceStatus['storage'] - = \"ControllerResizeInProgress\"\n - pvc.status.allocatedResourceStatus['storage'] - = \"ControllerResizeFailed\"\n - pvc.status.allocatedResourceStatus['storage'] - = \"NodeResizePending\"\n - pvc.status.allocatedResourceStatus['storage'] - = \"NodeResizeInProgress\"\n - pvc.status.allocatedResourceStatus['storage'] - = \"NodeResizeFailed\"\nWhen this field is not set, - it means that no resize operation is in progress for - the given PVC.\n\nA controller that receives PVC update - with previously unknown resourceName or ClaimResourceStatus\nshould - ignore the update for the purpose it was designed. For - example - a controller that\nonly is responsible for - resizing capacity of the volume, should ignore PVC updates - that change other valid\nresources associated with PVC.\n\nThis - is an alpha field and requires enabling RecoverVolumeExpansionFailure - feature." - type: object - x-kubernetes-map-type: granular - allocatedResources: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - description: "allocatedResources tracks the resources - allocated to a PVC including its capacity.\nKey names - follow standard Kubernetes label syntax. Valid values - are either:\n\t* Un-prefixed keys:\n\t\t- storage - - the capacity of the volume.\n\t* Custom resources must - use implementation-defined prefixed names such as \"example.com/my-custom-resource\"\nApart - from above values - keys that are unprefixed or have - kubernetes.io prefix are considered\nreserved and hence - may not be used.\n\nCapacity reported here may be larger - than the actual capacity when a volume expansion operation\nis - requested.\nFor storage quota, the larger value from - allocatedResources and PVC.spec.resources is used.\nIf - allocatedResources is not set, PVC.spec.resources alone - is used for quota calculation.\nIf a volume expansion - capacity request is lowered, allocatedResources is only\nlowered - if there are no expansion operations in progress and - if the actual volume capacity\nis equal or lower than - the requested capacity.\n\nA controller that receives - PVC update with previously unknown resourceName\nshould - ignore the update for the purpose it was designed. For - example - a controller that\nonly is responsible for - resizing capacity of the volume, should ignore PVC updates - that change other valid\nresources associated with PVC.\n\nThis - is an alpha field and requires enabling RecoverVolumeExpansionFailure - feature." - type: object - capacity: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - description: capacity represents the actual resources - of the underlying volume. - type: object - conditions: - description: |- - conditions is the current Condition of persistent volume claim. If underlying persistent volume is being - resized then the Condition will be set to 'Resizing'. - items: - description: PersistentVolumeClaimCondition contains - details about state of pvc - properties: - lastProbeTime: - description: lastProbeTime is the time we probed - the condition. - format: date-time - type: string - lastTransitionTime: - description: lastTransitionTime is the time the - condition transitioned from one status to another. - format: date-time - type: string - message: - description: message is the human-readable message - indicating details about last transition. - type: string - reason: - description: |- - reason is a unique, this should be a short, machine understandable string that gives the reason - for condition's last transition. If it reports "Resizing" that means the underlying - persistent volume is being resized. - type: string - status: - description: |- - Status is the status of the condition. - Can be True, False, Unknown. - More info: https://kubernetes.io/docs/reference/kubernetes-api/config-and-storage-resources/persistent-volume-claim-v1/#:~:text=state%20of%20pvc-,conditions.status,-(string)%2C%20required - type: string - type: - description: |- - Type is the type of the condition. - More info: https://kubernetes.io/docs/reference/kubernetes-api/config-and-storage-resources/persistent-volume-claim-v1/#:~:text=set%20to%20%27ResizeStarted%27.-,PersistentVolumeClaimCondition,-contains%20details%20about - type: string - required: - - status - - type - type: object - type: array - x-kubernetes-list-map-keys: - - type - x-kubernetes-list-type: map - currentVolumeAttributesClassName: - description: |- - currentVolumeAttributesClassName is the current name of the VolumeAttributesClass the PVC is using. - When unset, there is no VolumeAttributeClass applied to this PersistentVolumeClaim - This is a beta field and requires enabling VolumeAttributesClass feature (off by default). - type: string - modifyVolumeStatus: - description: |- - ModifyVolumeStatus represents the status object of ControllerModifyVolume operation. - When this is unset, there is no ModifyVolume operation being attempted. - This is a beta field and requires enabling VolumeAttributesClass feature (off by default). - properties: - status: - description: "status is the status of the ControllerModifyVolume - operation. It can be in any of following states:\n - - Pending\n Pending indicates that the PersistentVolumeClaim - cannot be modified due to unmet requirements, such - as\n the specified VolumeAttributesClass not existing.\n - - InProgress\n InProgress indicates that the volume - is being modified.\n - Infeasible\n Infeasible - indicates that the request has been rejected as - invalid by the CSI driver. To\n\t resolve the error, - a valid VolumeAttributesClass needs to be specified.\nNote: - New statuses can be added in the future. Consumers - should check for unknown statuses and fail appropriately." - type: string - targetVolumeAttributesClassName: - description: targetVolumeAttributesClassName is the - name of the VolumeAttributesClass the PVC currently - being reconciled - type: string - required: - - status - type: object - phase: - description: phase represents the current phase of PersistentVolumeClaim. - type: string - type: object - type: object - type: object - terminationGracePeriodSeconds: - description: TerminationGracePeriodSeconds period for container graceful - termination - format: int64 - type: integer - tolerations: - description: Tolerations If specified, the pod's tolerations. - items: - description: |- - The pod this Toleration is attached to tolerates any taint that matches - the triple using the matching operator . - properties: - effect: - description: |- - Effect indicates the taint effect to match. Empty means match all taint effects. - When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute. - type: string - key: - description: |- - Key is the taint key that the toleration applies to. Empty means match all taint keys. - If the key is empty, operator must be Exists; this combination means to match all values and all keys. - type: string - operator: - description: |- - Operator represents a key's relationship to the value. - Valid operators are Exists and Equal. Defaults to Equal. - Exists is equivalent to wildcard for value, so that a pod can - tolerate all taints of a particular category. - type: string - tolerationSeconds: - description: |- - TolerationSeconds represents the period of time the toleration (which must be - of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, - it is not set, which means tolerate the taint forever (do not evict). Zero and - negative values will be treated as 0 (evict immediately) by the system. - format: int64 - type: integer - value: - description: |- - Value is the taint value the toleration matches to. - If the operator is Exists, the value should be empty, otherwise just a regular string. - type: string - type: object - type: array - topologySpreadConstraints: - description: |- - TopologySpreadConstraints embedded kubernetes pod configuration option, - controls how pods are spread across your cluster among failure-domains - such as regions, zones, nodes, and other user-defined topology domains - https://kubernetes.io/docs/concepts/workloads/pods/pod-topology-spread-constraints/ - items: - description: TopologySpreadConstraint specifies how to spread matching - pods among the given topology. - required: - - maxSkew - - topologyKey - - whenUnsatisfiable - type: object - x-kubernetes-preserve-unknown-fields: true - type: array - useDefaultResources: - description: |- - UseDefaultResources controls resource settings - By default, operator sets built-in resource requirements - type: boolean - useStrictSecurity: - description: |- - UseStrictSecurity enables strict security mode for component - it restricts disk writes access - uses non-root user out of the box - drops not needed security permissions - type: boolean - volumeMounts: - description: |- - VolumeMounts allows configuration of additional VolumeMounts on the output Deployment/StatefulSet definition. - VolumeMounts specified will be appended to other VolumeMounts in the Application container - items: - description: VolumeMount describes a mounting of a Volume within - a container. - properties: - mountPath: - description: |- - Path within the container at which the volume should be mounted. Must - not contain ':'. - type: string - mountPropagation: - description: |- - mountPropagation determines how mounts are propagated from the host - to container and the other way around. - When not set, MountPropagationNone is used. - This field is beta in 1.10. - When RecursiveReadOnly is set to IfPossible or to Enabled, MountPropagation must be None or unspecified - (which defaults to None). - type: string - name: - description: This must match the Name of a Volume. - type: string - readOnly: - description: |- - Mounted read-only if true, read-write otherwise (false or unspecified). - Defaults to false. - type: boolean - recursiveReadOnly: - description: |- - RecursiveReadOnly specifies whether read-only mounts should be handled - recursively. - - If ReadOnly is false, this field has no meaning and must be unspecified. - - If ReadOnly is true, and this field is set to Disabled, the mount is not made - recursively read-only. If this field is set to IfPossible, the mount is made - recursively read-only, if it is supported by the container runtime. If this - field is set to Enabled, the mount is made recursively read-only if it is - supported by the container runtime, otherwise the pod will not be started and - an error will be generated to indicate the reason. - - If this field is set to IfPossible or Enabled, MountPropagation must be set to - None (or be unspecified, which defaults to None). - - If this field is not specified, it is treated as an equivalent of Disabled. - type: string - subPath: - description: |- - Path within the volume from which the container's volume should be mounted. - Defaults to "" (volume's root). - type: string - subPathExpr: - description: |- - Expanded path within the volume from which the container's volume should be mounted. - Behaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment. - Defaults to "" (volume's root). - SubPathExpr and SubPath are mutually exclusive. - type: string - required: - - mountPath - - name - type: object - type: array - volumes: - description: |- - Volumes allows configuration of additional volumes on the output Deployment/StatefulSet definition. - Volumes specified will be appended to other volumes that are generated. - / +optional - items: - description: Volume represents a named volume in a pod that may - be accessed by any container in the pod. - required: - - name - type: object - x-kubernetes-preserve-unknown-fields: true - type: array - writer: - description: |- - Metrics destination for VMAnomaly - See https://docs.victoriametrics.com/anomaly-detection/components/writer/ - properties: - basicAuth: - description: Basic auth defines basic authorization configuration - properties: - password: - description: |- - Password defines reference for secret with password value - The secret needs to be in the same namespace as scrape object - properties: - key: - description: The key of the secret to select from. Must - be a valid secret key. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the Secret or its key must - be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - password_file: - description: |- - PasswordFile defines path to password file at disk - must be pre-mounted - type: string - username: - description: |- - Username defines reference for secret with username value - The secret needs to be in the same namespace as scrape object - properties: - key: - description: The key of the secret to select from. Must - be a valid secret key. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the Secret or its key must - be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - type: object - bearer: - description: 'BearerAuth defines authorization with Authorization: - Bearer header' - properties: - bearerTokenFile: - description: Path to bearer token file - type: string - bearerTokenSecret: - description: Optional bearer auth token to use for -remoteWrite.url - properties: - key: - description: The key of the secret to select from. Must - be a valid secret key. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the Secret or its key must - be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - type: object - datasourceURL: - description: |- - DatasourceURL defines remote write url for write requests - provided endpoint must serve /api/v1/import path - vmanomaly joins datasourceURL + "/api/v1/import" - type: string - healthPath: - description: HealthPath defines absolute or relative URL address - where to check availability of the remote webserver - type: string - metricFormat: - description: Metrics to save the output (in metric names or labels) - properties: - __name__: - description: |- - Name of result metric - Must have a value with $VAR placeholder in it to distinguish between resulting metrics - type: string - extraLabels: - additionalProperties: - type: string - description: ExtraLabels defines additional labels to be added - to the resulting metrics - type: object - for: - description: For is a special label with $QUERY_KEY placeholder - type: string - required: - - __name__ - - for - type: object - tenantID: - description: TenantID defines for VictoriaMetrics Cluster version - only, tenants are identified by accountID, accountID:projectID - or multitenant. - type: string - timeout: - description: Timeout for the requests, passed as a string - type: string - tlsConfig: - description: TLSConfig defines tls connection configuration - properties: - ca: - description: Struct containing the CA cert to use for the - targets. - properties: - configMap: - description: ConfigMap containing data to use for the - targets. - properties: - key: - description: The key to select. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the ConfigMap or its - key must be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - secret: - description: Secret containing data to use for the targets. - properties: - key: - description: The key of the secret to select from. Must - be a valid secret key. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the Secret or its key - must be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - type: object - caFile: - description: Path to the CA cert in the container to use for - the targets. - type: string - cert: - description: Struct containing the client cert file for the - targets. - properties: - configMap: - description: ConfigMap containing data to use for the - targets. - properties: - key: - description: The key to select. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the ConfigMap or its - key must be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - secret: - description: Secret containing data to use for the targets. - properties: - key: - description: The key of the secret to select from. Must - be a valid secret key. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the Secret or its key - must be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - type: object - certFile: - description: Path to the client cert file in the container - for the targets. - type: string - insecureSkipVerify: - description: Disable target certificate validation. - type: boolean - keyFile: - description: Path to the client key file in the container - for the targets. - type: string - keySecret: - description: Secret containing the client key file for the - targets. - properties: - key: - description: The key of the secret to select from. Must - be a valid secret key. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the Secret or its key must - be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - serverName: - description: Used to verify the hostname for the targets. - type: string - type: object - required: - - datasourceURL - type: object + type: object + type: object + served: true + storage: true + subresources: + status: {} +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.18.0 + name: vmanomalies.operator.victoriametrics.com +spec: + group: operator.victoriametrics.com + names: + kind: VMAnomaly + listKind: VMAnomalyList + plural: vmanomalies + singular: vmanomaly + scope: Namespaced + versions: + - additionalPrinterColumns: + - description: current number of shards + jsonPath: .status.shards + name: Shards Count + type: integer + - description: Current status of update rollout + jsonPath: .status.updateStatus + name: Status + type: string + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + name: v1 + schema: + openAPIV3Schema: + description: VMAnomaly is the Schema for the vmanomalies API. + properties: + apiVersion: + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + type: string + kind: + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + type: string + metadata: + type: object + spec: + description: VMAnomalySpec defines the desired state of VMAnomaly. required: - reader - writer type: object + x-kubernetes-preserve-unknown-fields: true status: description: VMAnomalyStatus defines the observed state of VMAnomaly. properties: @@ -22978,1660 +1322,52 @@ kind: CustomResourceDefinition metadata: annotations: controller-gen.kubebuilder.io/version: v0.18.0 - name: vmauths.operator.victoriametrics.com -spec: - group: operator.victoriametrics.com - names: - kind: VMAuth - listKind: VMAuthList - plural: vmauths - singular: vmauth - scope: Namespaced - versions: - - additionalPrinterColumns: - - description: Current status of update rollout - jsonPath: .status.updateStatus - name: Status - type: string - - jsonPath: .metadata.creationTimestamp - name: Age - type: date - - description: The desired replicas number of Alertmanagers - jsonPath: .spec.replicaCount - name: ReplicaCount - type: integer - name: v1beta1 - schema: - openAPIV3Schema: - description: VMAuth is the Schema for the vmauths API - properties: - apiVersion: - description: |- - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources - type: string - kind: - description: |- - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. - In CamelCase. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds - type: string - metadata: - type: object - spec: - description: VMAuthSpec defines the desired state of VMAuth - properties: - affinity: - description: Affinity If specified, the pod's scheduling constraints. - type: object - x-kubernetes-preserve-unknown-fields: true - configMaps: - description: |- - ConfigMaps is a list of ConfigMaps in the same namespace as the Application - object, which shall be mounted into the Application container - at /etc/vm/configs/CONFIGMAP_NAME folder - items: - type: string - type: array - configReloadAuthKeySecret: - description: |- - ConfigReloadAuthKeySecret defines optional secret reference authKey for /-/reload API requests. - Given secret reference will be added to the application and vm-config-reloader as volume - available since v0.57.0 version - properties: - key: - description: The key of the secret to select from. Must be a - valid secret key. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the Secret or its key must be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - configReloaderExtraArgs: - additionalProperties: - type: string - description: |- - ConfigReloaderExtraArgs that will be passed to VMAuths config-reloader container - for example resyncInterval: "30s" - type: object - configReloaderImageTag: - description: ConfigReloaderImageTag defines image:tag for config-reloader - container - type: string - configReloaderResources: - description: |- - ConfigReloaderResources config-reloader container resource request and limits, https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ - if not defined default resources from operator config will be used - properties: - claims: - description: |- - Claims lists the names of resources, defined in spec.resourceClaims, - that are used by this container. - - This is an alpha field and requires enabling the - DynamicResourceAllocation feature gate. - - This field is immutable. It can only be set for containers. - items: - description: ResourceClaim references one entry in PodSpec.ResourceClaims. - properties: - name: - description: |- - Name must match the name of one entry in pod.spec.resourceClaims of - the Pod where this field is used. It makes that resource available - inside a container. - type: string - request: - description: |- - Request is the name chosen for a request in the referenced claim. - If empty, everything from the claim is made available, otherwise - only the result of this request. - type: string - required: - - name - type: object - type: array - x-kubernetes-list-map-keys: - - name - x-kubernetes-list-type: map - limits: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - description: |- - Limits describes the maximum amount of compute resources allowed. - More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ - type: object - requests: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - description: |- - Requests describes the minimum amount of compute resources required. - If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, - otherwise to an implementation-defined value. Requests cannot exceed Limits. - More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ - type: object - type: object - configSecret: - description: |- - ConfigSecret is the name of a Kubernetes Secret in the same namespace as the - VMAuth object, which contains auth configuration for vmauth, - configuration must be inside secret key: config.yaml. - It must be created and managed manually. - If it's defined, configuration for vmauth becomes unmanaged and operator'll not create any related secrets/config-reloaders - Deprecated: use externalConfig.secretRef instead - type: string - containers: - description: |- - Containers property allows to inject additions sidecars or to patch existing containers. - It can be useful for proxies, backup, etc. - items: - description: A single application container that you want to run - within a pod. - required: - - name - type: object - x-kubernetes-preserve-unknown-fields: true - type: array - disableAutomountServiceAccountToken: - description: |- - DisableAutomountServiceAccountToken whether to disable serviceAccount auto mount by Kubernetes (available from v0.54.0). - Operator will conditionally create volumes and volumeMounts for containers if it requires k8s API access. - For example, vmagent and vm-config-reloader requires k8s API access. - Operator creates volumes with name: "kube-api-access", which can be used as volumeMount for extraContainers if needed. - And also adds VolumeMounts at /var/run/secrets/kubernetes.io/serviceaccount. - type: boolean - disableSelfServiceScrape: - description: |- - DisableSelfServiceScrape controls creation of VMServiceScrape by operator - for the application. - Has priority over `VM_DISABLESELFSERVICESCRAPECREATION` operator env variable - type: boolean - dnsConfig: - description: |- - Specifies the DNS parameters of a pod. - Parameters specified here will be merged to the generated DNS - configuration based on DNSPolicy. - items: - x-kubernetes-preserve-unknown-fields: true - properties: - nameservers: - description: |- - A list of DNS name server IP addresses. - This will be appended to the base nameservers generated from DNSPolicy. - Duplicated nameservers will be removed. - items: - type: string - type: array - x-kubernetes-list-type: atomic - options: - description: |- - A list of DNS resolver options. - This will be merged with the base options generated from DNSPolicy. - Duplicated entries will be removed. Resolution options given in Options - will override those that appear in the base DNSPolicy. - items: - description: PodDNSConfigOption defines DNS resolver options - of a pod. - properties: - name: - description: |- - Name is this DNS resolver option's name. - Required. - type: string - value: - description: Value is this DNS resolver option's value. - type: string - type: object - type: array - x-kubernetes-list-type: atomic - searches: - description: |- - A list of DNS search domains for host-name lookup. - This will be appended to the base search paths generated from DNSPolicy. - Duplicated search paths will be removed. - items: - type: string - type: array - x-kubernetes-list-type: atomic - type: object - dnsPolicy: - description: DNSPolicy sets DNS policy for the pod - type: string - externalConfig: - description: |- - ExternalConfig defines a source of external VMAuth configuration. - If it's defined, configuration for vmauth becomes unmanaged and operator'll not create any related secrets/config-reloaders - properties: - localPath: - description: |- - LocalPath contains static path to a config, which is managed externally for cases - when using secrets is not applicable, e.g.: Vault sidecar. - type: string - secretRef: - description: SecretRef defines selector for externally managed - secret which contains configuration - properties: - key: - description: The key of the secret to select from. Must be - a valid secret key. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the Secret or its key must be - defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - type: object - extraArgs: - additionalProperties: - type: string - description: |- - ExtraArgs that will be passed to the application container - for example remoteWrite.tmpDataPath: /tmp - type: object - extraEnvs: - description: ExtraEnvs that will be passed to the application container - items: - description: EnvVar represents an environment variable present in - a Container. - properties: - name: - description: Name of the environment variable. Must be a C_IDENTIFIER. - type: string - value: - description: |- - Variable references $(VAR_NAME) are expanded - using the previously defined environment variables in the container and - any service environment variables. If a variable cannot be resolved, - the reference in the input string will be unchanged. Double $$ are reduced - to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. - "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". - Escaped references will never be expanded, regardless of whether the variable - exists or not. - Defaults to "". - type: string - required: - - name - type: object - x-kubernetes-preserve-unknown-fields: true - type: array - extraEnvsFrom: - description: |- - ExtraEnvsFrom defines source of env variables for the application container - could either be secret or configmap - items: - description: EnvFromSource represents the source of a set of ConfigMaps - properties: - configMapRef: - description: The ConfigMap to select from - properties: - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the ConfigMap must be defined - type: boolean - type: object - x-kubernetes-map-type: atomic - prefix: - description: An optional identifier to prepend to each key in - the ConfigMap. Must be a C_IDENTIFIER. - type: string - secretRef: - description: The Secret to select from - properties: - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the Secret must be defined - type: boolean - type: object - x-kubernetes-map-type: atomic - type: object - type: array - host_aliases: - description: |- - HostAliasesUnderScore provides mapping for ip and hostname, - that would be propagated to pod, - cannot be used with HostNetwork. - Has Priority over hostAliases field - items: - description: |- - HostAlias holds the mapping between IP and hostnames that will be injected as an entry in the - pod's hosts file. - properties: - hostnames: - description: Hostnames for the above IP address. - items: - type: string - type: array - x-kubernetes-list-type: atomic - ip: - description: IP address of the host file entry. - type: string - required: - - ip - type: object - type: array - hostAliases: - description: |- - HostAliases provides mapping for ip and hostname, - that would be propagated to pod, - cannot be used with HostNetwork. - items: - description: |- - HostAlias holds the mapping between IP and hostnames that will be injected as an entry in the - pod's hosts file. - properties: - hostnames: - description: Hostnames for the above IP address. - items: - type: string - type: array - x-kubernetes-list-type: atomic - ip: - description: IP address of the host file entry. - type: string - required: - - ip - type: object - type: array - hostNetwork: - description: HostNetwork controls whether the pod may use the node - network namespace - type: boolean - image: - description: |- - Image - docker image settings - if no specified operator uses default version from operator config - properties: - pullPolicy: - description: PullPolicy describes how to pull docker image - type: string - repository: - description: Repository contains name of docker image + it's repository - if needed - type: string - tag: - description: Tag contains desired docker image version - type: string - type: object - imagePullSecrets: - description: |- - ImagePullSecrets An optional list of references to secrets in the same namespace - to use for pulling images from registries - see https://kubernetes.io/docs/concepts/containers/images/#referring-to-an-imagepullsecrets-on-a-pod - items: - description: |- - LocalObjectReference contains enough information to let you locate the - referenced object inside the same namespace. - properties: - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - type: object - x-kubernetes-map-type: atomic - type: array - ingress: - description: Ingress enables ingress configuration for VMAuth. - properties: - annotations: - additionalProperties: - type: string - description: |- - Annotations is an unstructured key value map stored with a resource that may be - set by external tools to store and retrieve arbitrary metadata. They are not - queryable and should be preserved when modifying objects. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations - type: object - class_name: - description: ClassName defines ingress class name for VMAuth - type: string - extraRules: - description: |- - ExtraRules - additional rules for ingress, - must be checked for correctness by user. - items: - description: |- - IngressRule represents the rules mapping the paths under a specified host to - the related backend services. Incoming requests are first evaluated for a host - match, then routed to the backend associated with the matching IngressRuleValue. - properties: - host: - description: "host is the fully qualified domain name of - a network host, as defined by RFC 3986.\nNote the following - deviations from the \"host\" part of the\nURI as defined - in RFC 3986:\n1. IPs are not allowed. Currently an IngressRuleValue - can only apply to\n the IP in the Spec of the parent - Ingress.\n2. The `:` delimiter is not respected because - ports are not allowed.\n\t Currently the port of an Ingress - is implicitly :80 for http and\n\t :443 for https.\nBoth - these may change in the future.\nIncoming requests are - matched against the host before the\nIngressRuleValue. - If the host is unspecified, the Ingress routes all\ntraffic - based on the specified IngressRuleValue.\n\nhost can be - \"precise\" which is a domain name without the terminating - dot of\na network host (e.g. \"foo.bar.com\") or \"wildcard\", - which is a domain name\nprefixed with a single wildcard - label (e.g. \"*.foo.com\").\nThe wildcard character '*' - must appear by itself as the first DNS label and\nmatches - only a single label. You cannot have a wildcard label - by itself (e.g. Host == \"*\").\nRequests will be matched - against the Host field in the following way:\n1. If host - is precise, the request matches this rule if the http - host header is equal to Host.\n2. If host is a wildcard, - then the request matches this rule if the http host header\nis - to equal to the suffix (removing the first label) of the - wildcard rule." - type: string - http: - description: |- - HTTPIngressRuleValue is a list of http selectors pointing to backends. - In the example: http:///? -> backend where - where parts of the url correspond to RFC 3986, this resource will be used - to match against everything after the last '/' and before the first '?' - or '#'. - properties: - paths: - description: paths is a collection of paths that map - requests to backends. - items: - description: |- - HTTPIngressPath associates a path with a backend. Incoming urls matching the - path are forwarded to the backend. - properties: - backend: - description: |- - backend defines the referenced service endpoint to which the traffic - will be forwarded to. - properties: - resource: - description: |- - resource is an ObjectRef to another Kubernetes resource in the namespace - of the Ingress object. If resource is specified, a service.Name and - service.Port must not be specified. - This is a mutually exclusive setting with "Service". - properties: - apiGroup: - description: |- - APIGroup is the group for the resource being referenced. - If APIGroup is not specified, the specified Kind must be in the core API group. - For any other third-party types, APIGroup is required. - type: string - kind: - description: Kind is the type of resource - being referenced - type: string - name: - description: Name is the name of resource - being referenced - type: string - required: - - kind - - name - type: object - x-kubernetes-map-type: atomic - service: - description: |- - service references a service as a backend. - This is a mutually exclusive setting with "Resource". - properties: - name: - description: |- - name is the referenced service. The service must exist in - the same namespace as the Ingress object. - type: string - port: - description: |- - port of the referenced service. A port name or port number - is required for a IngressServiceBackend. - properties: - name: - description: |- - name is the name of the port on the Service. - This is a mutually exclusive setting with "Number". - type: string - number: - description: |- - number is the numerical port number (e.g. 80) on the Service. - This is a mutually exclusive setting with "Name". - format: int32 - type: integer - type: object - x-kubernetes-map-type: atomic - required: - - name - type: object - type: object - path: - description: |- - path is matched against the path of an incoming request. Currently it can - contain characters disallowed from the conventional "path" part of a URL - as defined by RFC 3986. Paths must begin with a '/' and must be present - when using PathType with value "Exact" or "Prefix". - type: string - pathType: - description: |- - pathType determines the interpretation of the path matching. PathType can - be one of the following values: - * Exact: Matches the URL path exactly. - * Prefix: Matches based on a URL path prefix split by '/'. Matching is - done on a path element by element basis. A path element refers is the - list of labels in the path split by the '/' separator. A request is a - match for path p if every p is an element-wise prefix of p of the - request path. Note that if the last element of the path is a substring - of the last element in request path, it is not a match (e.g. /foo/bar - matches /foo/bar/baz, but does not match /foo/barbaz). - * ImplementationSpecific: Interpretation of the Path matching is up to - the IngressClass. Implementations can treat this as a separate PathType - or treat it identically to Prefix or Exact path types. - Implementations are required to support all path types. - type: string - required: - - backend - - pathType - type: object - type: array - x-kubernetes-list-type: atomic - required: - - paths - type: object - type: object - type: array - extraTls: - description: |- - ExtraTLS - additional TLS configuration for ingress - must be checked for correctness by user. - items: - description: IngressTLS describes the transport layer security - associated with an ingress. - properties: - hosts: - description: |- - hosts is a list of hosts included in the TLS certificate. The values in - this list must match the name/s used in the tlsSecret. Defaults to the - wildcard host setting for the loadbalancer controller fulfilling this - Ingress, if left unspecified. - items: - type: string - type: array - x-kubernetes-list-type: atomic - secretName: - description: |- - secretName is the name of the secret used to terminate TLS traffic on - port 443. Field is left optional to allow TLS routing based on SNI - hostname alone. If the SNI host in a listener conflicts with the "Host" - header field used by an IngressRule, the SNI host is used for termination - and value of the "Host" header is used for routing. - type: string - type: object - type: array - host: - description: |- - Host defines ingress host parameter for default rule - It will be used, only if TlsHosts is empty - type: string - labels: - additionalProperties: - type: string - description: |- - Labels Map of string keys and values that can be used to organize and categorize - (scope and select) objects. May match selectors of replication controllers - and services. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels - type: object - name: - description: |- - Name must be unique within a namespace. Is required when creating resources, although - some resources may allow a client to request the generation of an appropriate name - automatically. Name is primarily intended for creation idempotence and configuration - definition. - Cannot be updated. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names#names - type: string - tlsHosts: - description: TlsHosts configures TLS access for ingress, tlsSecretName - must be defined for it. - items: - type: string - type: array - tlsSecretName: - description: |- - TlsSecretName defines secretname at the VMAuth namespace with cert and key - https://kubernetes.io/docs/concepts/services-networking/ingress/#tls - type: string - type: object - initContainers: - description: |- - InitContainers allows adding initContainers to the pod definition. - Any errors during the execution of an initContainer will lead to a restart of the Pod. - More info: https://kubernetes.io/docs/concepts/workloads/pods/init-containers/ - items: - description: A single application container that you want to run - within a pod. - required: - - name - type: object - x-kubernetes-preserve-unknown-fields: true - type: array - internalListenPort: - description: |- - InternalListenPort instructs vmauth to serve internal routes at given port - available from v0.56.0 operator - and v1.111.0 vmauth version - related doc https://docs.victoriametrics.com/victoriametrics/vmauth/#security - type: string - license: - description: |- - License allows to configure license key to be used for enterprise features. - Using license key is supported starting from VictoriaMetrics v1.94.0. - See [here](https://docs.victoriametrics.com/victoriametrics/enterprise/) - properties: - forceOffline: - description: Enforce offline verification of the license key. - type: boolean - key: - description: |- - Enterprise license key. This flag is available only in [VictoriaMetrics enterprise](https://docs.victoriametrics.com/victoriametrics/enterprise/). - To request a trial license, [go to](https://victoriametrics.com/products/enterprise/trial) - type: string - keyRef: - description: KeyRef is reference to secret with license key for - enterprise features. - properties: - key: - description: The key of the secret to select from. Must be - a valid secret key. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the Secret or its key must be - defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - reloadInterval: - description: Interval to be used for checking for license key - changes. Note that this is only applicable when using KeyRef. - type: string - type: object - livenessProbe: - description: LivenessProbe that will be added CRD pod - type: object - x-kubernetes-preserve-unknown-fields: true - logFormat: - description: LogFormat for VMAuth to be configured with. - enum: - - default - - json - type: string - logLevel: - description: LogLevel for victoria metrics single to be configured - with. - enum: - - INFO - - WARN - - ERROR - - FATAL - - PANIC - type: string - managedMetadata: - description: |- - ManagedMetadata defines metadata that will be added to the all objects - created by operator for the given CustomResource - properties: - annotations: - additionalProperties: - type: string - description: |- - Annotations is an unstructured key value map stored with a resource that may be - set by external tools to store and retrieve arbitrary metadata. They are not - queryable and should be preserved when modifying objects. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations - type: object - labels: - additionalProperties: - type: string - description: |- - Labels Map of string keys and values that can be used to organize and categorize - (scope and select) objects. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels - type: object - type: object - minReadySeconds: - description: |- - MinReadySeconds defines a minimum number of seconds to wait before starting update next pod - if previous in healthy state - Has no effect for VLogs and VMSingle - format: int32 - type: integer - nodeSelector: - additionalProperties: - type: string - description: NodeSelector Define which Nodes the Pods are scheduled - on. - type: object - paused: - description: |- - Paused If set to true all actions on the underlying managed objects are not - going to be performed, except for delete actions. - type: boolean - podDisruptionBudget: - description: PodDisruptionBudget created by operator - properties: - maxUnavailable: - anyOf: - - type: integer - - type: string - description: |- - An eviction is allowed if at most "maxUnavailable" pods selected by - "selector" are unavailable after the eviction, i.e. even in absence of - the evicted pod. For example, one can prevent all voluntary evictions - by specifying 0. This is a mutually exclusive setting with "minAvailable". - x-kubernetes-int-or-string: true - minAvailable: - anyOf: - - type: integer - - type: string - description: |- - An eviction is allowed if at least "minAvailable" pods selected by - "selector" will still be available after the eviction, i.e. even in the - absence of the evicted pod. So for example you can prevent all voluntary - evictions by specifying "100%". - x-kubernetes-int-or-string: true - selectorLabels: - additionalProperties: - type: string - description: |- - replaces default labels selector generated by operator - it's useful when you need to create custom budget - type: object - type: object - podMetadata: - description: PodMetadata configures Labels and Annotations which are - propagated to the VMAuth pods. - properties: - annotations: - additionalProperties: - type: string - description: |- - Annotations is an unstructured key value map stored with a resource that may be - set by external tools to store and retrieve arbitrary metadata. They are not - queryable and should be preserved when modifying objects. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations - type: object - labels: - additionalProperties: - type: string - description: |- - Labels Map of string keys and values that can be used to organize and categorize - (scope and select) objects. May match selectors of replication controllers - and services. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels - type: object - name: - description: |- - Name must be unique within a namespace. Is required when creating resources, although - some resources may allow a client to request the generation of an appropriate name - automatically. Name is primarily intended for creation idempotence and configuration - definition. - Cannot be updated. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names#names - type: string - type: object - port: - description: Port listen address - type: string - priorityClassName: - description: PriorityClassName class assigned to the Pods - type: string - readinessGates: - description: ReadinessGates defines pod readiness gates - items: - description: PodReadinessGate contains the reference to a pod condition - properties: - conditionType: - description: ConditionType refers to a condition in the pod's - condition list with matching type. - type: string - required: - - conditionType - type: object - type: array - readinessProbe: - description: ReadinessProbe that will be added CRD pod - type: object - x-kubernetes-preserve-unknown-fields: true - replicaCount: - description: ReplicaCount is the expected size of the Application. - format: int32 - type: integer - resources: - description: |- - Resources container resource request and limits, https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ - if not defined default resources from operator config will be used - properties: - claims: - description: |- - Claims lists the names of resources, defined in spec.resourceClaims, - that are used by this container. - - This is an alpha field and requires enabling the - DynamicResourceAllocation feature gate. - - This field is immutable. It can only be set for containers. - items: - description: ResourceClaim references one entry in PodSpec.ResourceClaims. - properties: - name: - description: |- - Name must match the name of one entry in pod.spec.resourceClaims of - the Pod where this field is used. It makes that resource available - inside a container. - type: string - request: - description: |- - Request is the name chosen for a request in the referenced claim. - If empty, everything from the claim is made available, otherwise - only the result of this request. - type: string - required: - - name - type: object - type: array - x-kubernetes-list-map-keys: - - name - x-kubernetes-list-type: map - limits: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - description: |- - Limits describes the maximum amount of compute resources allowed. - More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ - type: object - requests: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - description: |- - Requests describes the minimum amount of compute resources required. - If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, - otherwise to an implementation-defined value. Requests cannot exceed Limits. - More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ - type: object - type: object - revisionHistoryLimitCount: - description: |- - The number of old ReplicaSets to retain to allow rollback in deployment or - maximum number of revisions that will be maintained in the Deployment revision history. - Has no effect at StatefulSets - Defaults to 10. - format: int32 - type: integer - runtimeClassName: - description: |- - RuntimeClassName - defines runtime class for kubernetes pod. - https://kubernetes.io/docs/concepts/containers/runtime-class/ - type: string - schedulerName: - description: SchedulerName - defines kubernetes scheduler name - type: string - secrets: - description: |- - Secrets is a list of Secrets in the same namespace as the Application - object, which shall be mounted into the Application container - at /etc/vm/secrets/SECRET_NAME folder - items: - type: string - type: array - securityContext: - description: |- - SecurityContext holds pod-level security attributes and common container settings. - This defaults to the default PodSecurityContext. - type: object - x-kubernetes-preserve-unknown-fields: true - selectAllByDefault: - description: |- - SelectAllByDefault changes default behavior for empty CRD selectors, such userSelector. - with selectAllByDefault: true and empty userSelector and userNamespaceSelector - Operator selects all exist users - with selectAllByDefault: false - selects nothing - type: boolean - serviceAccountName: - description: ServiceAccountName is the name of the ServiceAccount - to use to run the pods - type: string - serviceScrapeSpec: - description: ServiceScrapeSpec that will be added to vmauth VMServiceScrape - spec - required: - - endpoints - type: object - x-kubernetes-preserve-unknown-fields: true - serviceSpec: - description: ServiceSpec that will be added to vmsingle service spec - properties: - metadata: - description: EmbeddedObjectMetadata defines objectMeta for additional - service. - properties: - annotations: - additionalProperties: - type: string - description: |- - Annotations is an unstructured key value map stored with a resource that may be - set by external tools to store and retrieve arbitrary metadata. They are not - queryable and should be preserved when modifying objects. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations - type: object - labels: - additionalProperties: - type: string - description: |- - Labels Map of string keys and values that can be used to organize and categorize - (scope and select) objects. May match selectors of replication controllers - and services. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels - type: object - name: - description: |- - Name must be unique within a namespace. Is required when creating resources, although - some resources may allow a client to request the generation of an appropriate name - automatically. Name is primarily intended for creation idempotence and configuration - definition. - Cannot be updated. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names#names - type: string - type: object - spec: - description: |- - ServiceSpec describes the attributes that a user creates on a service. - More info: https://kubernetes.io/docs/concepts/services-networking/service/ - type: object - x-kubernetes-preserve-unknown-fields: true - useAsDefault: - description: |- - UseAsDefault applies changes from given service definition to the main object Service - Changing from headless service to clusterIP or loadbalancer may break cross-component communication - type: boolean - required: - - spec - type: object - startupProbe: - description: StartupProbe that will be added to CRD pod - type: object - x-kubernetes-preserve-unknown-fields: true - terminationGracePeriodSeconds: - description: TerminationGracePeriodSeconds period for container graceful - termination - format: int64 - type: integer - tolerations: - description: Tolerations If specified, the pod's tolerations. - items: - description: |- - The pod this Toleration is attached to tolerates any taint that matches - the triple using the matching operator . - properties: - effect: - description: |- - Effect indicates the taint effect to match. Empty means match all taint effects. - When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute. - type: string - key: - description: |- - Key is the taint key that the toleration applies to. Empty means match all taint keys. - If the key is empty, operator must be Exists; this combination means to match all values and all keys. - type: string - operator: - description: |- - Operator represents a key's relationship to the value. - Valid operators are Exists and Equal. Defaults to Equal. - Exists is equivalent to wildcard for value, so that a pod can - tolerate all taints of a particular category. - type: string - tolerationSeconds: - description: |- - TolerationSeconds represents the period of time the toleration (which must be - of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, - it is not set, which means tolerate the taint forever (do not evict). Zero and - negative values will be treated as 0 (evict immediately) by the system. - format: int64 - type: integer - value: - description: |- - Value is the taint value the toleration matches to. - If the operator is Exists, the value should be empty, otherwise just a regular string. - type: string - type: object - type: array - topologySpreadConstraints: - description: |- - TopologySpreadConstraints embedded kubernetes pod configuration option, - controls how pods are spread across your cluster among failure-domains - such as regions, zones, nodes, and other user-defined topology domains - https://kubernetes.io/docs/concepts/workloads/pods/pod-topology-spread-constraints/ - items: - description: TopologySpreadConstraint specifies how to spread matching - pods among the given topology. - required: - - maxSkew - - topologyKey - - whenUnsatisfiable - type: object - x-kubernetes-preserve-unknown-fields: true - type: array - unauthorizedAccessConfig: - description: |- - UnauthorizedAccessConfig configures access for un authorized users - - Deprecated: use unauthorizedUserAccessSpec instead - will be removed at v1.0 release - x-kubernetes-preserve-unknown-fields: true - unauthorizedUserAccessSpec: - description: UnauthorizedUserAccessSpec defines unauthorized_user - config section of vmauth config - properties: - default_url: - description: |- - DefaultURLs backend url for non-matching paths filter - usually used for default backend with error message - items: - type: string - type: array - discover_backend_ips: - description: DiscoverBackendIPs instructs discovering URLPrefix - backend IPs via DNS. - type: boolean - drop_src_path_prefix_parts: - description: |- - DropSrcPathPrefixParts is the number of `/`-delimited request path prefix parts to drop before proxying the request to backend. - See [here](https://docs.victoriametrics.com/victoriametrics/vmauth/#dropping-request-path-prefix) for more details. - type: integer - dump_request_on_errors: - description: |- - DumpRequestOnErrors instructs vmauth to return detailed request params to the client - if routing rules don't allow to forward request to the backends. - Useful for debugging `src_hosts` and `src_headers` based routing rules - - available since v1.107.0 vmauth version - type: boolean - headers: - description: |- - Headers represent additional http headers, that vmauth uses - in form of ["header_key: header_value"] - multiple values for header key: - ["header_key: value1,value2"] - it's available since 1.68.0 version of vmauth - items: - type: string - type: array - ip_filters: - description: |- - IPFilters defines per target src ip filters - supported only with enterprise version of [vmauth](https://docs.victoriametrics.com/victoriametrics/vmauth/#ip-filters) - properties: - allow_list: - items: - type: string - type: array - deny_list: - items: - type: string - type: array - type: object - load_balancing_policy: - description: |- - LoadBalancingPolicy defines load balancing policy to use for backend urls. - Supported policies: least_loaded, first_available. - See [here](https://docs.victoriametrics.com/victoriametrics/vmauth/#load-balancing) for more details (default "least_loaded") - enum: - - least_loaded - - first_available - type: string - max_concurrent_requests: - description: |- - MaxConcurrentRequests defines max concurrent requests per user - 300 is default value for vmauth - type: integer - metric_labels: - additionalProperties: - type: string - description: MetricLabels - additional labels for metrics exported - by vmauth for given user. - type: object - response_headers: - description: |- - ResponseHeaders represent additional http headers, that vmauth adds for request response - in form of ["header_key: header_value"] - multiple values for header key: - ["header_key: value1,value2"] - it's available since 1.93.0 version of vmauth - items: - type: string - type: array - retry_status_codes: - description: |- - RetryStatusCodes defines http status codes in numeric format for request retries - e.g. [429,503] - items: - type: integer - type: array - tlsConfig: - description: TLSConfig defines tls configuration for the backend - connection - properties: - ca: - description: Struct containing the CA cert to use for the - targets. - properties: - configMap: - description: ConfigMap containing data to use for the - targets. - properties: - key: - description: The key to select. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the ConfigMap or its - key must be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - secret: - description: Secret containing data to use for the targets. - properties: - key: - description: The key of the secret to select from. Must - be a valid secret key. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the Secret or its key - must be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - type: object - caFile: - description: Path to the CA cert in the container to use for - the targets. - type: string - cert: - description: Struct containing the client cert file for the - targets. - properties: - configMap: - description: ConfigMap containing data to use for the - targets. - properties: - key: - description: The key to select. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the ConfigMap or its - key must be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - secret: - description: Secret containing data to use for the targets. - properties: - key: - description: The key of the secret to select from. Must - be a valid secret key. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the Secret or its key - must be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - type: object - certFile: - description: Path to the client cert file in the container - for the targets. - type: string - insecureSkipVerify: - description: Disable target certificate validation. - type: boolean - keyFile: - description: Path to the client key file in the container - for the targets. - type: string - keySecret: - description: Secret containing the client key file for the - targets. - properties: - key: - description: The key of the secret to select from. Must - be a valid secret key. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the Secret or its key must - be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - serverName: - description: Used to verify the hostname for the targets. - type: string - type: object - url_map: - items: - description: |- - UnauthorizedAccessConfigURLMap defines element of url_map routing configuration - For UnauthorizedAccessConfig and VMAuthUnauthorizedUserAccessSpec.URLMap - properties: - discover_backend_ips: - description: DiscoverBackendIPs instructs discovering URLPrefix - backend IPs via DNS. - type: boolean - drop_src_path_prefix_parts: - description: |- - DropSrcPathPrefixParts is the number of `/`-delimited request path prefix parts to drop before proxying the request to backend. - See [here](https://docs.victoriametrics.com/victoriametrics/vmauth/#dropping-request-path-prefix) for more details. - type: integer - headers: - description: |- - RequestHeaders represent additional http headers, that vmauth uses - in form of ["header_key: header_value"] - multiple values for header key: - ["header_key: value1,value2"] - it's available since 1.68.0 version of vmauth - items: - type: string - type: array - load_balancing_policy: - description: |- - LoadBalancingPolicy defines load balancing policy to use for backend urls. - Supported policies: least_loaded, first_available. - See [here](https://docs.victoriametrics.com/victoriametrics/vmauth/#load-balancing) for more details (default "least_loaded") - enum: - - least_loaded - - first_available - type: string - response_headers: - description: |- - ResponseHeaders represent additional http headers, that vmauth adds for request response - in form of ["header_key: header_value"] - multiple values for header key: - ["header_key: value1,value2"] - it's available since 1.93.0 version of vmauth - items: - type: string - type: array - retry_status_codes: - description: |- - RetryStatusCodes defines http status codes in numeric format for request retries - Can be defined per target or at VMUser.spec level - e.g. [429,503] - items: - type: integer - type: array - src_headers: - description: SrcHeaders is an optional list of headers, - which must match request headers. - items: - type: string - type: array - src_hosts: - description: SrcHosts is an optional list of regular expressions, - which must match the request hostname. - items: - type: string - type: array - src_paths: - description: SrcPaths is an optional list of regular expressions, - which must match the request path. - items: - type: string - type: array - src_query_args: - description: SrcQueryArgs is an optional list of query args, - which must match request URL query args. - items: - type: string - type: array - url_prefix: - description: |- - UrlPrefix contains backend url prefixes for the proxied request url. - URLPrefix defines prefix prefix for destination - x-kubernetes-preserve-unknown-fields: true - type: object - type: array - url_prefix: - description: URLPrefix defines prefix prefix for destination - x-kubernetes-preserve-unknown-fields: true - type: object - useDefaultResources: - description: |- - UseDefaultResources controls resource settings - By default, operator sets built-in resource requirements - type: boolean - useProxyProtocol: - description: |- - UseProxyProtocol enables proxy protocol for vmauth - https://www.haproxy.org/download/2.3/doc/proxy-protocol.txt - type: boolean - useStrictSecurity: - description: |- - UseStrictSecurity enables strict security mode for component - it restricts disk writes access - uses non-root user out of the box - drops not needed security permissions - type: boolean - useVMConfigReloader: - description: |- - UseVMConfigReloader replaces prometheus-like config-reloader - with vm one. It uses secrets watch instead of file watch - which greatly increases speed of config updates - type: boolean - userNamespaceSelector: - description: |- - UserNamespaceSelector Namespaces to be selected for VMAuth discovery. - Works in combination with Selector. - NamespaceSelector nil - only objects at VMAuth namespace. - Selector nil - only objects at NamespaceSelector namespaces. - If both nil - behaviour controlled by selectAllByDefault - properties: - matchExpressions: - description: matchExpressions is a list of label selector requirements. - The requirements are ANDed. - items: - description: |- - A label selector requirement is a selector that contains values, a key, and an operator that - relates the key and values. - properties: - key: - description: key is the label key that the selector applies - to. - type: string - operator: - description: |- - operator represents a key's relationship to a set of values. - Valid operators are In, NotIn, Exists and DoesNotExist. - type: string - values: - description: |- - values is an array of string values. If the operator is In or NotIn, - the values array must be non-empty. If the operator is Exists or DoesNotExist, - the values array must be empty. This array is replaced during a strategic - merge patch. - items: - type: string - type: array - x-kubernetes-list-type: atomic - required: - - key - - operator - type: object - type: array - x-kubernetes-list-type: atomic - matchLabels: - additionalProperties: - type: string - description: |- - matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels - map is equivalent to an element of matchExpressions, whose key field is "key", the - operator is "In", and the values array contains only "value". The requirements are ANDed. - type: object - type: object - x-kubernetes-map-type: atomic - userSelector: - description: |- - UserSelector defines VMUser to be selected for config file generation. - Works in combination with NamespaceSelector. - NamespaceSelector nil - only objects at VMAuth namespace. - If both nil - behaviour controlled by selectAllByDefault - properties: - matchExpressions: - description: matchExpressions is a list of label selector requirements. - The requirements are ANDed. - items: - description: |- - A label selector requirement is a selector that contains values, a key, and an operator that - relates the key and values. - properties: - key: - description: key is the label key that the selector applies - to. - type: string - operator: - description: |- - operator represents a key's relationship to a set of values. - Valid operators are In, NotIn, Exists and DoesNotExist. - type: string - values: - description: |- - values is an array of string values. If the operator is In or NotIn, - the values array must be non-empty. If the operator is Exists or DoesNotExist, - the values array must be empty. This array is replaced during a strategic - merge patch. - items: - type: string - type: array - x-kubernetes-list-type: atomic - required: - - key - - operator - type: object - type: array - x-kubernetes-list-type: atomic - matchLabels: - additionalProperties: - type: string - description: |- - matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels - map is equivalent to an element of matchExpressions, whose key field is "key", the - operator is "In", and the values array contains only "value". The requirements are ANDed. - type: object - type: object - x-kubernetes-map-type: atomic - volumeMounts: - description: |- - VolumeMounts allows configuration of additional VolumeMounts on the output Deployment/StatefulSet definition. - VolumeMounts specified will be appended to other VolumeMounts in the Application container - items: - description: VolumeMount describes a mounting of a Volume within - a container. - properties: - mountPath: - description: |- - Path within the container at which the volume should be mounted. Must - not contain ':'. - type: string - mountPropagation: - description: |- - mountPropagation determines how mounts are propagated from the host - to container and the other way around. - When not set, MountPropagationNone is used. - This field is beta in 1.10. - When RecursiveReadOnly is set to IfPossible or to Enabled, MountPropagation must be None or unspecified - (which defaults to None). - type: string - name: - description: This must match the Name of a Volume. - type: string - readOnly: - description: |- - Mounted read-only if true, read-write otherwise (false or unspecified). - Defaults to false. - type: boolean - recursiveReadOnly: - description: |- - RecursiveReadOnly specifies whether read-only mounts should be handled - recursively. - - If ReadOnly is false, this field has no meaning and must be unspecified. - - If ReadOnly is true, and this field is set to Disabled, the mount is not made - recursively read-only. If this field is set to IfPossible, the mount is made - recursively read-only, if it is supported by the container runtime. If this - field is set to Enabled, the mount is made recursively read-only if it is - supported by the container runtime, otherwise the pod will not be started and - an error will be generated to indicate the reason. - - If this field is set to IfPossible or Enabled, MountPropagation must be set to - None (or be unspecified, which defaults to None). - - If this field is not specified, it is treated as an equivalent of Disabled. - type: string - subPath: - description: |- - Path within the volume from which the container's volume should be mounted. - Defaults to "" (volume's root). - type: string - subPathExpr: - description: |- - Expanded path within the volume from which the container's volume should be mounted. - Behaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment. - Defaults to "" (volume's root). - SubPathExpr and SubPath are mutually exclusive. - type: string - required: - - mountPath - - name - type: object - type: array - volumes: - description: |- - Volumes allows configuration of additional volumes on the output Deployment/StatefulSet definition. - Volumes specified will be appended to other volumes that are generated. - / +optional - items: - description: Volume represents a named volume in a pod that may - be accessed by any container in the pod. - required: - - name - type: object - x-kubernetes-preserve-unknown-fields: true - type: array + name: vmauths.operator.victoriametrics.com +spec: + group: operator.victoriametrics.com + names: + kind: VMAuth + listKind: VMAuthList + plural: vmauths + singular: vmauth + scope: Namespaced + versions: + - additionalPrinterColumns: + - description: Current status of update rollout + jsonPath: .status.updateStatus + name: Status + type: string + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + - description: The desired replicas number of Alertmanagers + jsonPath: .spec.replicaCount + name: ReplicaCount + type: integer + name: v1beta1 + schema: + openAPIV3Schema: + description: VMAuth is the Schema for the vmauths API + properties: + apiVersion: + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + type: string + kind: + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + type: string + metadata: + type: object + spec: + description: VMAuthSpec defines the desired state of VMAuth type: object x-kubernetes-preserve-unknown-fields: true status: @@ -24780,3497 +1516,8 @@ spec: type: object spec: description: VMClusterSpec defines the desired state of VMCluster - properties: - clusterDomainName: - description: |- - ClusterDomainName defines domain name suffix for in-cluster dns addresses - aka .cluster.local - used by vminsert and vmselect to build vmstorage address - type: string - clusterVersion: - description: |- - ClusterVersion defines default images tag for all components. - it can be overwritten with component specific image.tag value. - type: string - imagePullSecrets: - description: |- - ImagePullSecrets An optional list of references to secrets in the same namespace - to use for pulling images from registries - see https://kubernetes.io/docs/concepts/containers/images/#referring-to-an-imagepullsecrets-on-a-pod - items: - description: |- - LocalObjectReference contains enough information to let you locate the - referenced object inside the same namespace. - properties: - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - type: object - x-kubernetes-map-type: atomic - type: array - license: - description: |- - License allows to configure license key to be used for enterprise features. - Using license key is supported starting from VictoriaMetrics v1.94.0. - See [here](https://docs.victoriametrics.com/victoriametrics/enterprise/) - properties: - forceOffline: - description: Enforce offline verification of the license key. - type: boolean - key: - description: |- - Enterprise license key. This flag is available only in [VictoriaMetrics enterprise](https://docs.victoriametrics.com/victoriametrics/enterprise/). - To request a trial license, [go to](https://victoriametrics.com/products/enterprise/trial) - type: string - keyRef: - description: KeyRef is reference to secret with license key for - enterprise features. - properties: - key: - description: The key of the secret to select from. Must be - a valid secret key. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the Secret or its key must be - defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - reloadInterval: - description: Interval to be used for checking for license key - changes. Note that this is only applicable when using KeyRef. - type: string - type: object - managedMetadata: - description: |- - ManagedMetadata defines metadata that will be added to the all objects - created by operator for the given CustomResource - properties: - annotations: - additionalProperties: - type: string - description: |- - Annotations is an unstructured key value map stored with a resource that may be - set by external tools to store and retrieve arbitrary metadata. They are not - queryable and should be preserved when modifying objects. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations - type: object - labels: - additionalProperties: - type: string - description: |- - Labels Map of string keys and values that can be used to organize and categorize - (scope and select) objects. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels - type: object - type: object - paused: - description: |- - Paused If set to true all actions on the underlying managed objects are not - going to be performed, except for delete actions. - type: boolean - replicationFactor: - description: |- - ReplicationFactor defines how many copies of data make among - distinct storage nodes - format: int32 - type: integer - requestsLoadBalancer: - description: |- - RequestsLoadBalancer configures load-balancing for vminsert and vmselect requests. - It helps to evenly spread load across pods. - Usually it's not possible with Kubernetes TCP-based services. - See more [here](https://docs.victoriametrics.com/operator/resources/vmcluster/#requests-load-balancing) - properties: - disableInsertBalancing: - type: boolean - disableSelectBalancing: - type: boolean - enabled: - type: boolean - spec: - description: |- - VMAuthLoadBalancerSpec defines configuration spec for VMAuth used as load-balancer - for VMCluster component - type: object - x-kubernetes-preserve-unknown-fields: true - type: object - retentionPeriod: - description: |- - RetentionPeriod defines how long to retain stored metrics, specified as a duration (e.g., "1d", "1w", "1m"). - Data with timestamps outside the RetentionPeriod is automatically deleted. The minimum allowed value is 1d, or 24h. - The default value is 1 (one month). - See [retention](https://docs.victoriametrics.com/victoriametrics/single-server-victoriametrics/#retention) docs for details. - pattern: ^[0-9]+(h|d|w|y)?$ - type: string - serviceAccountName: - description: |- - ServiceAccountName is the name of the ServiceAccount to use to run the - VMSelect, VMStorage and VMInsert Pods. - type: string - useStrictSecurity: - description: |- - UseStrictSecurity enables strict security mode for component - it restricts disk writes access - uses non-root user out of the box - drops not needed security permissions - type: boolean - vminsert: - properties: - affinity: - description: Affinity If specified, the pod's scheduling constraints. - type: object - x-kubernetes-preserve-unknown-fields: true - clusterNativeListenPort: - description: |- - ClusterNativePort for multi-level cluster setup. - More [details](https://docs.victoriametrics.com/victoriametrics/cluster-victoriametrics/#multi-level-cluster-setup) - type: string - configMaps: - description: |- - ConfigMaps is a list of ConfigMaps in the same namespace as the Application - object, which shall be mounted into the Application container - at /etc/vm/configs/CONFIGMAP_NAME folder - items: - type: string - type: array - containers: - description: |- - Containers property allows to inject additions sidecars or to patch existing containers. - It can be useful for proxies, backup, etc. - items: - description: A single application container that you want to - run within a pod. - required: - - name - type: object - x-kubernetes-preserve-unknown-fields: true - type: array - disableAutomountServiceAccountToken: - description: |- - DisableAutomountServiceAccountToken whether to disable serviceAccount auto mount by Kubernetes (available from v0.54.0). - Operator will conditionally create volumes and volumeMounts for containers if it requires k8s API access. - For example, vmagent and vm-config-reloader requires k8s API access. - Operator creates volumes with name: "kube-api-access", which can be used as volumeMount for extraContainers if needed. - And also adds VolumeMounts at /var/run/secrets/kubernetes.io/serviceaccount. - type: boolean - disableSelfServiceScrape: - description: |- - DisableSelfServiceScrape controls creation of VMServiceScrape by operator - for the application. - Has priority over `VM_DISABLESELFSERVICESCRAPECREATION` operator env variable - type: boolean - dnsConfig: - description: |- - Specifies the DNS parameters of a pod. - Parameters specified here will be merged to the generated DNS - configuration based on DNSPolicy. - items: - x-kubernetes-preserve-unknown-fields: true - properties: - nameservers: - description: |- - A list of DNS name server IP addresses. - This will be appended to the base nameservers generated from DNSPolicy. - Duplicated nameservers will be removed. - items: - type: string - type: array - x-kubernetes-list-type: atomic - options: - description: |- - A list of DNS resolver options. - This will be merged with the base options generated from DNSPolicy. - Duplicated entries will be removed. Resolution options given in Options - will override those that appear in the base DNSPolicy. - items: - description: PodDNSConfigOption defines DNS resolver options - of a pod. - properties: - name: - description: |- - Name is this DNS resolver option's name. - Required. - type: string - value: - description: Value is this DNS resolver option's value. - type: string - type: object - type: array - x-kubernetes-list-type: atomic - searches: - description: |- - A list of DNS search domains for host-name lookup. - This will be appended to the base search paths generated from DNSPolicy. - Duplicated search paths will be removed. - items: - type: string - type: array - x-kubernetes-list-type: atomic - type: object - dnsPolicy: - description: DNSPolicy sets DNS policy for the pod - type: string - extraArgs: - additionalProperties: - type: string - description: |- - ExtraArgs that will be passed to the application container - for example remoteWrite.tmpDataPath: /tmp - type: object - extraEnvs: - description: ExtraEnvs that will be passed to the application - container - items: - description: EnvVar represents an environment variable present - in a Container. - properties: - name: - description: Name of the environment variable. Must be a - C_IDENTIFIER. - type: string - value: - description: |- - Variable references $(VAR_NAME) are expanded - using the previously defined environment variables in the container and - any service environment variables. If a variable cannot be resolved, - the reference in the input string will be unchanged. Double $$ are reduced - to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. - "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". - Escaped references will never be expanded, regardless of whether the variable - exists or not. - Defaults to "". - type: string - required: - - name - type: object - x-kubernetes-preserve-unknown-fields: true - type: array - extraEnvsFrom: - description: |- - ExtraEnvsFrom defines source of env variables for the application container - could either be secret or configmap - items: - description: EnvFromSource represents the source of a set of - ConfigMaps - properties: - configMapRef: - description: The ConfigMap to select from - properties: - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the ConfigMap must be defined - type: boolean - type: object - x-kubernetes-map-type: atomic - prefix: - description: An optional identifier to prepend to each key - in the ConfigMap. Must be a C_IDENTIFIER. - type: string - secretRef: - description: The Secret to select from - properties: - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the Secret must be defined - type: boolean - type: object - x-kubernetes-map-type: atomic - type: object - type: array - host_aliases: - description: |- - HostAliasesUnderScore provides mapping for ip and hostname, - that would be propagated to pod, - cannot be used with HostNetwork. - Has Priority over hostAliases field - items: - description: |- - HostAlias holds the mapping between IP and hostnames that will be injected as an entry in the - pod's hosts file. - properties: - hostnames: - description: Hostnames for the above IP address. - items: - type: string - type: array - x-kubernetes-list-type: atomic - ip: - description: IP address of the host file entry. - type: string - required: - - ip - type: object - type: array - hostAliases: - description: |- - HostAliases provides mapping for ip and hostname, - that would be propagated to pod, - cannot be used with HostNetwork. - items: - description: |- - HostAlias holds the mapping between IP and hostnames that will be injected as an entry in the - pod's hosts file. - properties: - hostnames: - description: Hostnames for the above IP address. - items: - type: string - type: array - x-kubernetes-list-type: atomic - ip: - description: IP address of the host file entry. - type: string - required: - - ip - type: object - type: array - hostNetwork: - description: HostNetwork controls whether the pod may use the - node network namespace - type: boolean - hpa: - description: HPA defines kubernetes PodAutoScaling configuration - version 2. - type: object - x-kubernetes-preserve-unknown-fields: true - image: - description: |- - Image - docker image settings - if no specified operator uses default version from operator config - properties: - pullPolicy: - description: PullPolicy describes how to pull docker image - type: string - repository: - description: Repository contains name of docker image + it's - repository if needed - type: string - tag: - description: Tag contains desired docker image version - type: string - type: object - imagePullSecrets: - description: |- - ImagePullSecrets An optional list of references to secrets in the same namespace - to use for pulling images from registries - see https://kubernetes.io/docs/concepts/containers/images/#referring-to-an-imagepullsecrets-on-a-pod - items: - description: |- - LocalObjectReference contains enough information to let you locate the - referenced object inside the same namespace. - properties: - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - type: object - x-kubernetes-map-type: atomic - type: array - initContainers: - description: |- - InitContainers allows adding initContainers to the pod definition. - Any errors during the execution of an initContainer will lead to a restart of the Pod. - More info: https://kubernetes.io/docs/concepts/workloads/pods/init-containers/ - items: - description: A single application container that you want to - run within a pod. - required: - - name - type: object - x-kubernetes-preserve-unknown-fields: true - type: array - insertPorts: - description: InsertPorts - additional listen ports for data ingestion. - properties: - graphitePort: - description: GraphitePort listen port - type: string - influxPort: - description: InfluxPort listen port - type: string - openTSDBHTTPPort: - description: OpenTSDBHTTPPort for http connections. - type: string - openTSDBPort: - description: OpenTSDBPort for tcp and udp listen - type: string - type: object - livenessProbe: - description: LivenessProbe that will be added CRD pod - type: object - x-kubernetes-preserve-unknown-fields: true - logFormat: - description: |- - LogFormat for VMInsert to be configured with. - default or json - enum: - - default - - json - type: string - logLevel: - description: LogLevel for VMInsert to be configured with. - enum: - - INFO - - WARN - - ERROR - - FATAL - - PANIC - type: string - minReadySeconds: - description: |- - MinReadySeconds defines a minimum number of seconds to wait before starting update next pod - if previous in healthy state - Has no effect for VLogs and VMSingle - format: int32 - type: integer - nodeSelector: - additionalProperties: - type: string - description: NodeSelector Define which Nodes the Pods are scheduled - on. - type: object - paused: - description: |- - Paused If set to true all actions on the underlying managed objects are not - going to be performed, except for delete actions. - type: boolean - podDisruptionBudget: - description: PodDisruptionBudget created by operator - properties: - maxUnavailable: - anyOf: - - type: integer - - type: string - description: |- - An eviction is allowed if at most "maxUnavailable" pods selected by - "selector" are unavailable after the eviction, i.e. even in absence of - the evicted pod. For example, one can prevent all voluntary evictions - by specifying 0. This is a mutually exclusive setting with "minAvailable". - x-kubernetes-int-or-string: true - minAvailable: - anyOf: - - type: integer - - type: string - description: |- - An eviction is allowed if at least "minAvailable" pods selected by - "selector" will still be available after the eviction, i.e. even in the - absence of the evicted pod. So for example you can prevent all voluntary - evictions by specifying "100%". - x-kubernetes-int-or-string: true - selectorLabels: - additionalProperties: - type: string - description: |- - replaces default labels selector generated by operator - it's useful when you need to create custom budget - type: object - type: object - podMetadata: - description: PodMetadata configures Labels and Annotations which - are propagated to the VMInsert pods. - properties: - annotations: - additionalProperties: - type: string - description: |- - Annotations is an unstructured key value map stored with a resource that may be - set by external tools to store and retrieve arbitrary metadata. They are not - queryable and should be preserved when modifying objects. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations - type: object - labels: - additionalProperties: - type: string - description: |- - Labels Map of string keys and values that can be used to organize and categorize - (scope and select) objects. May match selectors of replication controllers - and services. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels - type: object - name: - description: |- - Name must be unique within a namespace. Is required when creating resources, although - some resources may allow a client to request the generation of an appropriate name - automatically. Name is primarily intended for creation idempotence and configuration - definition. - Cannot be updated. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names#names - type: string - type: object - port: - description: Port listen address - type: string - priorityClassName: - description: PriorityClassName class assigned to the Pods - type: string - readinessGates: - description: ReadinessGates defines pod readiness gates - items: - description: PodReadinessGate contains the reference to a pod - condition - properties: - conditionType: - description: ConditionType refers to a condition in the - pod's condition list with matching type. - type: string - required: - - conditionType - type: object - type: array - readinessProbe: - description: ReadinessProbe that will be added CRD pod - type: object - x-kubernetes-preserve-unknown-fields: true - replicaCount: - description: ReplicaCount is the expected size of the Application. - format: int32 - type: integer - resources: - description: |- - Resources container resource request and limits, https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ - if not defined default resources from operator config will be used - properties: - claims: - description: |- - Claims lists the names of resources, defined in spec.resourceClaims, - that are used by this container. - - This is an alpha field and requires enabling the - DynamicResourceAllocation feature gate. - - This field is immutable. It can only be set for containers. - items: - description: ResourceClaim references one entry in PodSpec.ResourceClaims. - properties: - name: - description: |- - Name must match the name of one entry in pod.spec.resourceClaims of - the Pod where this field is used. It makes that resource available - inside a container. - type: string - request: - description: |- - Request is the name chosen for a request in the referenced claim. - If empty, everything from the claim is made available, otherwise - only the result of this request. - type: string - required: - - name - type: object - type: array - x-kubernetes-list-map-keys: - - name - x-kubernetes-list-type: map - limits: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - description: |- - Limits describes the maximum amount of compute resources allowed. - More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ - type: object - requests: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - description: |- - Requests describes the minimum amount of compute resources required. - If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, - otherwise to an implementation-defined value. Requests cannot exceed Limits. - More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ - type: object - type: object - revisionHistoryLimitCount: - description: |- - The number of old ReplicaSets to retain to allow rollback in deployment or - maximum number of revisions that will be maintained in the Deployment revision history. - Has no effect at StatefulSets - Defaults to 10. - format: int32 - type: integer - rollingUpdate: - description: RollingUpdate - overrides deployment update params. - properties: - maxSurge: - anyOf: - - type: integer - - type: string - description: |- - The maximum number of pods that can be scheduled above the desired number of - pods. - Value can be an absolute number (ex: 5) or a percentage of desired pods (ex: 10%). - This can not be 0 if MaxUnavailable is 0. - Absolute number is calculated from percentage by rounding up. - Defaults to 25%. - Example: when this is set to 30%, the new ReplicaSet can be scaled up immediately when - the rolling update starts, such that the total number of old and new pods do not exceed - 130% of desired pods. Once old pods have been killed, - new ReplicaSet can be scaled up further, ensuring that total number of pods running - at any time during the update is at most 130% of desired pods. - x-kubernetes-int-or-string: true - maxUnavailable: - anyOf: - - type: integer - - type: string - description: |- - The maximum number of pods that can be unavailable during the update. - Value can be an absolute number (ex: 5) or a percentage of desired pods (ex: 10%). - Absolute number is calculated from percentage by rounding down. - This can not be 0 if MaxSurge is 0. - Defaults to 25%. - Example: when this is set to 30%, the old ReplicaSet can be scaled down to 70% of desired pods - immediately when the rolling update starts. Once new pods are ready, old ReplicaSet - can be scaled down further, followed by scaling up the new ReplicaSet, ensuring - that the total number of pods available at all times during the update is at - least 70% of desired pods. - x-kubernetes-int-or-string: true - type: object - runtimeClassName: - description: |- - RuntimeClassName - defines runtime class for kubernetes pod. - https://kubernetes.io/docs/concepts/containers/runtime-class/ - type: string - schedulerName: - description: SchedulerName - defines kubernetes scheduler name - type: string - secrets: - description: |- - Secrets is a list of Secrets in the same namespace as the Application - object, which shall be mounted into the Application container - at /etc/vm/secrets/SECRET_NAME folder - items: - type: string - type: array - securityContext: - description: |- - SecurityContext holds pod-level security attributes and common container settings. - This defaults to the default PodSecurityContext. - type: object - x-kubernetes-preserve-unknown-fields: true - serviceScrapeSpec: - description: ServiceScrapeSpec that will be added to vminsert - VMServiceScrape spec - required: - - endpoints - type: object - x-kubernetes-preserve-unknown-fields: true - serviceSpec: - description: ServiceSpec that will be added to vminsert service - spec - properties: - metadata: - description: EmbeddedObjectMetadata defines objectMeta for - additional service. - properties: - annotations: - additionalProperties: - type: string - description: |- - Annotations is an unstructured key value map stored with a resource that may be - set by external tools to store and retrieve arbitrary metadata. They are not - queryable and should be preserved when modifying objects. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations - type: object - labels: - additionalProperties: - type: string - description: |- - Labels Map of string keys and values that can be used to organize and categorize - (scope and select) objects. May match selectors of replication controllers - and services. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels - type: object - name: - description: |- - Name must be unique within a namespace. Is required when creating resources, although - some resources may allow a client to request the generation of an appropriate name - automatically. Name is primarily intended for creation idempotence and configuration - definition. - Cannot be updated. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names#names - type: string - type: object - spec: - description: |- - ServiceSpec describes the attributes that a user creates on a service. - More info: https://kubernetes.io/docs/concepts/services-networking/service/ - type: object - x-kubernetes-preserve-unknown-fields: true - useAsDefault: - description: |- - UseAsDefault applies changes from given service definition to the main object Service - Changing from headless service to clusterIP or loadbalancer may break cross-component communication - type: boolean - required: - - spec - type: object - startupProbe: - description: StartupProbe that will be added to CRD pod - type: object - x-kubernetes-preserve-unknown-fields: true - terminationGracePeriodSeconds: - description: TerminationGracePeriodSeconds period for container - graceful termination - format: int64 - type: integer - tolerations: - description: Tolerations If specified, the pod's tolerations. - items: - description: |- - The pod this Toleration is attached to tolerates any taint that matches - the triple using the matching operator . - properties: - effect: - description: |- - Effect indicates the taint effect to match. Empty means match all taint effects. - When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute. - type: string - key: - description: |- - Key is the taint key that the toleration applies to. Empty means match all taint keys. - If the key is empty, operator must be Exists; this combination means to match all values and all keys. - type: string - operator: - description: |- - Operator represents a key's relationship to the value. - Valid operators are Exists and Equal. Defaults to Equal. - Exists is equivalent to wildcard for value, so that a pod can - tolerate all taints of a particular category. - type: string - tolerationSeconds: - description: |- - TolerationSeconds represents the period of time the toleration (which must be - of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, - it is not set, which means tolerate the taint forever (do not evict). Zero and - negative values will be treated as 0 (evict immediately) by the system. - format: int64 - type: integer - value: - description: |- - Value is the taint value the toleration matches to. - If the operator is Exists, the value should be empty, otherwise just a regular string. - type: string - type: object - type: array - topologySpreadConstraints: - description: |- - TopologySpreadConstraints embedded kubernetes pod configuration option, - controls how pods are spread across your cluster among failure-domains - such as regions, zones, nodes, and other user-defined topology domains - https://kubernetes.io/docs/concepts/workloads/pods/pod-topology-spread-constraints/ - items: - description: TopologySpreadConstraint specifies how to spread - matching pods among the given topology. - required: - - maxSkew - - topologyKey - - whenUnsatisfiable - type: object - x-kubernetes-preserve-unknown-fields: true - type: array - updateStrategy: - description: UpdateStrategy - overrides default update strategy. - enum: - - Recreate - - RollingUpdate - type: string - useDefaultResources: - description: |- - UseDefaultResources controls resource settings - By default, operator sets built-in resource requirements - type: boolean - useStrictSecurity: - description: |- - UseStrictSecurity enables strict security mode for component - it restricts disk writes access - uses non-root user out of the box - drops not needed security permissions - type: boolean - volumeMounts: - description: |- - VolumeMounts allows configuration of additional VolumeMounts on the output Deployment/StatefulSet definition. - VolumeMounts specified will be appended to other VolumeMounts in the Application container - items: - description: VolumeMount describes a mounting of a Volume within - a container. - properties: - mountPath: - description: |- - Path within the container at which the volume should be mounted. Must - not contain ':'. - type: string - mountPropagation: - description: |- - mountPropagation determines how mounts are propagated from the host - to container and the other way around. - When not set, MountPropagationNone is used. - This field is beta in 1.10. - When RecursiveReadOnly is set to IfPossible or to Enabled, MountPropagation must be None or unspecified - (which defaults to None). - type: string - name: - description: This must match the Name of a Volume. - type: string - readOnly: - description: |- - Mounted read-only if true, read-write otherwise (false or unspecified). - Defaults to false. - type: boolean - recursiveReadOnly: - description: |- - RecursiveReadOnly specifies whether read-only mounts should be handled - recursively. - - If ReadOnly is false, this field has no meaning and must be unspecified. - - If ReadOnly is true, and this field is set to Disabled, the mount is not made - recursively read-only. If this field is set to IfPossible, the mount is made - recursively read-only, if it is supported by the container runtime. If this - field is set to Enabled, the mount is made recursively read-only if it is - supported by the container runtime, otherwise the pod will not be started and - an error will be generated to indicate the reason. - - If this field is set to IfPossible or Enabled, MountPropagation must be set to - None (or be unspecified, which defaults to None). - - If this field is not specified, it is treated as an equivalent of Disabled. - type: string - subPath: - description: |- - Path within the volume from which the container's volume should be mounted. - Defaults to "" (volume's root). - type: string - subPathExpr: - description: |- - Expanded path within the volume from which the container's volume should be mounted. - Behaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment. - Defaults to "" (volume's root). - SubPathExpr and SubPath are mutually exclusive. - type: string - required: - - mountPath - - name - type: object - type: array - volumes: - description: |- - Volumes allows configuration of additional volumes on the output Deployment/StatefulSet definition. - Volumes specified will be appended to other volumes that are generated. - / +optional - items: - description: Volume represents a named volume in a pod that - may be accessed by any container in the pod. - required: - - name - type: object - x-kubernetes-preserve-unknown-fields: true - type: array - type: object - vmselect: - description: VMSelect defines configuration section for vmselect components - of the victoria-metrics cluster - properties: - affinity: - description: Affinity If specified, the pod's scheduling constraints. - type: object - x-kubernetes-preserve-unknown-fields: true - cacheMountPath: - description: |- - CacheMountPath allows to add cache persistent for VMSelect, - will use "/cache" as default if not specified. - type: string - claimTemplates: - description: ClaimTemplates allows adding additional VolumeClaimTemplates - for StatefulSet - items: - description: PersistentVolumeClaim is a user's request for and - claim to a persistent volume - type: object - type: array - clusterNativeListenPort: - description: |- - ClusterNativePort for multi-level cluster setup. - More [details](https://docs.victoriametrics.com/victoriametrics/cluster-victoriametrics/#multi-level-cluster-setup) - type: string - configMaps: - description: |- - ConfigMaps is a list of ConfigMaps in the same namespace as the Application - object, which shall be mounted into the Application container - at /etc/vm/configs/CONFIGMAP_NAME folder - items: - type: string - type: array - containers: - description: |- - Containers property allows to inject additions sidecars or to patch existing containers. - It can be useful for proxies, backup, etc. - items: - description: A single application container that you want to - run within a pod. - required: - - name - type: object - x-kubernetes-preserve-unknown-fields: true - type: array - disableAutomountServiceAccountToken: - description: |- - DisableAutomountServiceAccountToken whether to disable serviceAccount auto mount by Kubernetes (available from v0.54.0). - Operator will conditionally create volumes and volumeMounts for containers if it requires k8s API access. - For example, vmagent and vm-config-reloader requires k8s API access. - Operator creates volumes with name: "kube-api-access", which can be used as volumeMount for extraContainers if needed. - And also adds VolumeMounts at /var/run/secrets/kubernetes.io/serviceaccount. - type: boolean - disableSelfServiceScrape: - description: |- - DisableSelfServiceScrape controls creation of VMServiceScrape by operator - for the application. - Has priority over `VM_DISABLESELFSERVICESCRAPECREATION` operator env variable - type: boolean - dnsConfig: - description: |- - Specifies the DNS parameters of a pod. - Parameters specified here will be merged to the generated DNS - configuration based on DNSPolicy. - items: - x-kubernetes-preserve-unknown-fields: true - properties: - nameservers: - description: |- - A list of DNS name server IP addresses. - This will be appended to the base nameservers generated from DNSPolicy. - Duplicated nameservers will be removed. - items: - type: string - type: array - x-kubernetes-list-type: atomic - options: - description: |- - A list of DNS resolver options. - This will be merged with the base options generated from DNSPolicy. - Duplicated entries will be removed. Resolution options given in Options - will override those that appear in the base DNSPolicy. - items: - description: PodDNSConfigOption defines DNS resolver options - of a pod. - properties: - name: - description: |- - Name is this DNS resolver option's name. - Required. - type: string - value: - description: Value is this DNS resolver option's value. - type: string - type: object - type: array - x-kubernetes-list-type: atomic - searches: - description: |- - A list of DNS search domains for host-name lookup. - This will be appended to the base search paths generated from DNSPolicy. - Duplicated search paths will be removed. - items: - type: string - type: array - x-kubernetes-list-type: atomic - type: object - dnsPolicy: - description: DNSPolicy sets DNS policy for the pod - type: string - extraArgs: - additionalProperties: - type: string - description: |- - ExtraArgs that will be passed to the application container - for example remoteWrite.tmpDataPath: /tmp - type: object - extraEnvs: - description: ExtraEnvs that will be passed to the application - container - items: - description: EnvVar represents an environment variable present - in a Container. - properties: - name: - description: Name of the environment variable. Must be a - C_IDENTIFIER. - type: string - value: - description: |- - Variable references $(VAR_NAME) are expanded - using the previously defined environment variables in the container and - any service environment variables. If a variable cannot be resolved, - the reference in the input string will be unchanged. Double $$ are reduced - to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. - "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". - Escaped references will never be expanded, regardless of whether the variable - exists or not. - Defaults to "". - type: string - required: - - name - type: object - x-kubernetes-preserve-unknown-fields: true - type: array - extraEnvsFrom: - description: |- - ExtraEnvsFrom defines source of env variables for the application container - could either be secret or configmap - items: - description: EnvFromSource represents the source of a set of - ConfigMaps - properties: - configMapRef: - description: The ConfigMap to select from - properties: - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the ConfigMap must be defined - type: boolean - type: object - x-kubernetes-map-type: atomic - prefix: - description: An optional identifier to prepend to each key - in the ConfigMap. Must be a C_IDENTIFIER. - type: string - secretRef: - description: The Secret to select from - properties: - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the Secret must be defined - type: boolean - type: object - x-kubernetes-map-type: atomic - type: object - type: array - host_aliases: - description: |- - HostAliasesUnderScore provides mapping for ip and hostname, - that would be propagated to pod, - cannot be used with HostNetwork. - Has Priority over hostAliases field - items: - description: |- - HostAlias holds the mapping between IP and hostnames that will be injected as an entry in the - pod's hosts file. - properties: - hostnames: - description: Hostnames for the above IP address. - items: - type: string - type: array - x-kubernetes-list-type: atomic - ip: - description: IP address of the host file entry. - type: string - required: - - ip - type: object - type: array - hostAliases: - description: |- - HostAliases provides mapping for ip and hostname, - that would be propagated to pod, - cannot be used with HostNetwork. - items: - description: |- - HostAlias holds the mapping between IP and hostnames that will be injected as an entry in the - pod's hosts file. - properties: - hostnames: - description: Hostnames for the above IP address. - items: - type: string - type: array - x-kubernetes-list-type: atomic - ip: - description: IP address of the host file entry. - type: string - required: - - ip - type: object - type: array - hostNetwork: - description: HostNetwork controls whether the pod may use the - node network namespace - type: boolean - hpa: - description: |- - Configures horizontal pod autoscaling. - Note, enabling this option disables vmselect to vmselect communication. In most cases it's not an issue. - type: object - x-kubernetes-preserve-unknown-fields: true - image: - description: |- - Image - docker image settings - if no specified operator uses default version from operator config - properties: - pullPolicy: - description: PullPolicy describes how to pull docker image - type: string - repository: - description: Repository contains name of docker image + it's - repository if needed - type: string - tag: - description: Tag contains desired docker image version - type: string - type: object - imagePullSecrets: - description: |- - ImagePullSecrets An optional list of references to secrets in the same namespace - to use for pulling images from registries - see https://kubernetes.io/docs/concepts/containers/images/#referring-to-an-imagepullsecrets-on-a-pod - items: - description: |- - LocalObjectReference contains enough information to let you locate the - referenced object inside the same namespace. - properties: - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - type: object - x-kubernetes-map-type: atomic - type: array - initContainers: - description: |- - InitContainers allows adding initContainers to the pod definition. - Any errors during the execution of an initContainer will lead to a restart of the Pod. - More info: https://kubernetes.io/docs/concepts/workloads/pods/init-containers/ - items: - description: A single application container that you want to - run within a pod. - required: - - name - type: object - x-kubernetes-preserve-unknown-fields: true - type: array - livenessProbe: - description: LivenessProbe that will be added CRD pod - type: object - x-kubernetes-preserve-unknown-fields: true - logFormat: - description: |- - LogFormat for VMSelect to be configured with. - default or json - enum: - - default - - json - type: string - logLevel: - description: LogLevel for VMSelect to be configured with. - enum: - - INFO - - WARN - - ERROR - - FATAL - - PANIC - type: string - minReadySeconds: - description: |- - MinReadySeconds defines a minimum number of seconds to wait before starting update next pod - if previous in healthy state - Has no effect for VLogs and VMSingle - format: int32 - type: integer - nodeSelector: - additionalProperties: - type: string - description: NodeSelector Define which Nodes the Pods are scheduled - on. - type: object - paused: - description: |- - Paused If set to true all actions on the underlying managed objects are not - going to be performed, except for delete actions. - type: boolean - persistentVolume: - description: |- - Storage - add persistent volume for cacheMountPath - its useful for persistent cache - use storage instead of persistentVolume. - properties: - disableMountSubPath: - description: |- - Deprecated: subPath usage will be disabled by default in a future release, this option will become unnecessary. - DisableMountSubPath allows to remove any subPath usage in volume mounts. - type: boolean - emptyDir: - description: |- - EmptyDirVolumeSource to be used by the Prometheus StatefulSets. If specified, used in place of any volumeClaimTemplate. More - info: https://kubernetes.io/docs/concepts/storage/volumes/#emptydir - properties: - medium: - description: |- - medium represents what type of storage medium should back this directory. - The default is "" which means to use the node's default medium. - Must be an empty string (default) or Memory. - More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir - type: string - sizeLimit: - anyOf: - - type: integer - - type: string - description: |- - sizeLimit is the total amount of local storage required for this EmptyDir volume. - The size limit is also applicable for memory medium. - The maximum usage on memory medium EmptyDir would be the minimum value between - the SizeLimit specified here and the sum of memory limits of all containers in a pod. - The default is nil which means that the limit is undefined. - More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - type: object - volumeClaimTemplate: - description: A PVC spec to be used by the StatefulSets/Deployments. - type: object - x-kubernetes-preserve-unknown-fields: true - type: object - persistentVolumeClaimRetentionPolicy: - description: PersistentVolumeClaimRetentionPolicy allows configuration - of PVC retention policy - properties: - whenDeleted: - description: |- - WhenDeleted specifies what happens to PVCs created from StatefulSet - VolumeClaimTemplates when the StatefulSet is deleted. The default policy - of `Retain` causes PVCs to not be affected by StatefulSet deletion. The - `Delete` policy causes those PVCs to be deleted. - type: string - whenScaled: - description: |- - WhenScaled specifies what happens to PVCs created from StatefulSet - VolumeClaimTemplates when the StatefulSet is scaled down. The default - policy of `Retain` causes PVCs to not be affected by a scaledown. The - `Delete` policy causes the associated PVCs for any excess pods above - the replica count to be deleted. - type: string - type: object - podDisruptionBudget: - description: PodDisruptionBudget created by operator - properties: - maxUnavailable: - anyOf: - - type: integer - - type: string - description: |- - An eviction is allowed if at most "maxUnavailable" pods selected by - "selector" are unavailable after the eviction, i.e. even in absence of - the evicted pod. For example, one can prevent all voluntary evictions - by specifying 0. This is a mutually exclusive setting with "minAvailable". - x-kubernetes-int-or-string: true - minAvailable: - anyOf: - - type: integer - - type: string - description: |- - An eviction is allowed if at least "minAvailable" pods selected by - "selector" will still be available after the eviction, i.e. even in the - absence of the evicted pod. So for example you can prevent all voluntary - evictions by specifying "100%". - x-kubernetes-int-or-string: true - selectorLabels: - additionalProperties: - type: string - description: |- - replaces default labels selector generated by operator - it's useful when you need to create custom budget - type: object - type: object - podMetadata: - description: PodMetadata configures Labels and Annotations which - are propagated to the VMSelect pods. - properties: - annotations: - additionalProperties: - type: string - description: |- - Annotations is an unstructured key value map stored with a resource that may be - set by external tools to store and retrieve arbitrary metadata. They are not - queryable and should be preserved when modifying objects. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations - type: object - labels: - additionalProperties: - type: string - description: |- - Labels Map of string keys and values that can be used to organize and categorize - (scope and select) objects. May match selectors of replication controllers - and services. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels - type: object - name: - description: |- - Name must be unique within a namespace. Is required when creating resources, although - some resources may allow a client to request the generation of an appropriate name - automatically. Name is primarily intended for creation idempotence and configuration - definition. - Cannot be updated. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names#names - type: string - type: object - port: - description: Port listen address - type: string - priorityClassName: - description: PriorityClassName class assigned to the Pods - type: string - readinessGates: - description: ReadinessGates defines pod readiness gates - items: - description: PodReadinessGate contains the reference to a pod - condition - properties: - conditionType: - description: ConditionType refers to a condition in the - pod's condition list with matching type. - type: string - required: - - conditionType - type: object - type: array - readinessProbe: - description: ReadinessProbe that will be added CRD pod - type: object - x-kubernetes-preserve-unknown-fields: true - replicaCount: - description: ReplicaCount is the expected size of the Application. - format: int32 - type: integer - resources: - description: |- - Resources container resource request and limits, https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ - if not defined default resources from operator config will be used - properties: - claims: - description: |- - Claims lists the names of resources, defined in spec.resourceClaims, - that are used by this container. - - This is an alpha field and requires enabling the - DynamicResourceAllocation feature gate. - - This field is immutable. It can only be set for containers. - items: - description: ResourceClaim references one entry in PodSpec.ResourceClaims. - properties: - name: - description: |- - Name must match the name of one entry in pod.spec.resourceClaims of - the Pod where this field is used. It makes that resource available - inside a container. - type: string - request: - description: |- - Request is the name chosen for a request in the referenced claim. - If empty, everything from the claim is made available, otherwise - only the result of this request. - type: string - required: - - name - type: object - type: array - x-kubernetes-list-map-keys: - - name - x-kubernetes-list-type: map - limits: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - description: |- - Limits describes the maximum amount of compute resources allowed. - More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ - type: object - requests: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - description: |- - Requests describes the minimum amount of compute resources required. - If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, - otherwise to an implementation-defined value. Requests cannot exceed Limits. - More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ - type: object - type: object - revisionHistoryLimitCount: - description: |- - The number of old ReplicaSets to retain to allow rollback in deployment or - maximum number of revisions that will be maintained in the Deployment revision history. - Has no effect at StatefulSets - Defaults to 10. - format: int32 - type: integer - rollingUpdateStrategy: - description: |- - RollingUpdateStrategy defines strategy for application updates - Default is OnDelete, in this case operator handles update process - Can be changed for RollingUpdate - type: string - rollingUpdateStrategyBehavior: - description: |- - RollingUpdateStrategyBehavior defines customized behavior for rolling updates. - It applies if the RollingUpdateStrategy is set to OnDelete, which is the default. - properties: - maxUnavailable: - anyOf: - - type: integer - - type: string - description: |- - MaxUnavailable defines the maximum number of pods that can be unavailable during the update. - It can be specified as an absolute number (e.g. 2) or a percentage of the total pods (e.g. "50%"). - For example, if set to 100%, all pods will be upgraded at once, minimizing downtime when needed. - x-kubernetes-int-or-string: true - type: object - runtimeClassName: - description: |- - RuntimeClassName - defines runtime class for kubernetes pod. - https://kubernetes.io/docs/concepts/containers/runtime-class/ - type: string - schedulerName: - description: SchedulerName - defines kubernetes scheduler name - type: string - secrets: - description: |- - Secrets is a list of Secrets in the same namespace as the Application - object, which shall be mounted into the Application container - at /etc/vm/secrets/SECRET_NAME folder - items: - type: string - type: array - securityContext: - description: |- - SecurityContext holds pod-level security attributes and common container settings. - This defaults to the default PodSecurityContext. - type: object - x-kubernetes-preserve-unknown-fields: true - serviceScrapeSpec: - description: ServiceScrapeSpec that will be added to vmselect - VMServiceScrape spec - required: - - endpoints - type: object - x-kubernetes-preserve-unknown-fields: true - serviceSpec: - description: ServiceSpec that will be added to vmselect service - spec - properties: - metadata: - description: EmbeddedObjectMetadata defines objectMeta for - additional service. - properties: - annotations: - additionalProperties: - type: string - description: |- - Annotations is an unstructured key value map stored with a resource that may be - set by external tools to store and retrieve arbitrary metadata. They are not - queryable and should be preserved when modifying objects. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations - type: object - labels: - additionalProperties: - type: string - description: |- - Labels Map of string keys and values that can be used to organize and categorize - (scope and select) objects. May match selectors of replication controllers - and services. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels - type: object - name: - description: |- - Name must be unique within a namespace. Is required when creating resources, although - some resources may allow a client to request the generation of an appropriate name - automatically. Name is primarily intended for creation idempotence and configuration - definition. - Cannot be updated. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names#names - type: string - type: object - spec: - description: |- - ServiceSpec describes the attributes that a user creates on a service. - More info: https://kubernetes.io/docs/concepts/services-networking/service/ - type: object - x-kubernetes-preserve-unknown-fields: true - useAsDefault: - description: |- - UseAsDefault applies changes from given service definition to the main object Service - Changing from headless service to clusterIP or loadbalancer may break cross-component communication - type: boolean - required: - - spec - type: object - startupProbe: - description: StartupProbe that will be added to CRD pod - type: object - x-kubernetes-preserve-unknown-fields: true - storage: - description: |- - StorageSpec - add persistent volume claim for cacheMountPath - its needed for persistent cache - properties: - disableMountSubPath: - description: |- - Deprecated: subPath usage will be disabled by default in a future release, this option will become unnecessary. - DisableMountSubPath allows to remove any subPath usage in volume mounts. - type: boolean - emptyDir: - description: |- - EmptyDirVolumeSource to be used by the Prometheus StatefulSets. If specified, used in place of any volumeClaimTemplate. More - info: https://kubernetes.io/docs/concepts/storage/volumes/#emptydir - properties: - medium: - description: |- - medium represents what type of storage medium should back this directory. - The default is "" which means to use the node's default medium. - Must be an empty string (default) or Memory. - More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir - type: string - sizeLimit: - anyOf: - - type: integer - - type: string - description: |- - sizeLimit is the total amount of local storage required for this EmptyDir volume. - The size limit is also applicable for memory medium. - The maximum usage on memory medium EmptyDir would be the minimum value between - the SizeLimit specified here and the sum of memory limits of all containers in a pod. - The default is nil which means that the limit is undefined. - More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - type: object - volumeClaimTemplate: - description: A PVC spec to be used by the StatefulSets/Deployments. - properties: - apiVersion: - description: |- - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources - type: string - kind: - description: |- - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. - In CamelCase. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds - type: string - metadata: - description: EmbeddedMetadata contains metadata relevant - to an EmbeddedResource. - properties: - annotations: - additionalProperties: - type: string - description: |- - Annotations is an unstructured key value map stored with a resource that may be - set by external tools to store and retrieve arbitrary metadata. They are not - queryable and should be preserved when modifying objects. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations - type: object - labels: - additionalProperties: - type: string - description: |- - Labels Map of string keys and values that can be used to organize and categorize - (scope and select) objects. May match selectors of replication controllers - and services. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels - type: object - name: - description: |- - Name must be unique within a namespace. Is required when creating resources, although - some resources may allow a client to request the generation of an appropriate name - automatically. Name is primarily intended for creation idempotence and configuration - definition. - Cannot be updated. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names#names - type: string - type: object - spec: - description: |- - Spec defines the desired characteristics of a volume requested by a pod author. - More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims - properties: - accessModes: - description: |- - accessModes contains the desired access modes the volume should have. - More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1 - items: - type: string - type: array - x-kubernetes-list-type: atomic - dataSource: - description: |- - dataSource field can be used to specify either: - * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot) - * An existing PVC (PersistentVolumeClaim) - If the provisioner or an external controller can support the specified data source, - it will create a new volume based on the contents of the specified data source. - When the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef, - and dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified. - If the namespace is specified, then dataSourceRef will not be copied to dataSource. - properties: - apiGroup: - description: |- - APIGroup is the group for the resource being referenced. - If APIGroup is not specified, the specified Kind must be in the core API group. - For any other third-party types, APIGroup is required. - type: string - kind: - description: Kind is the type of resource being - referenced - type: string - name: - description: Name is the name of resource being - referenced - type: string - required: - - kind - - name - type: object - x-kubernetes-map-type: atomic - dataSourceRef: - description: |- - dataSourceRef specifies the object from which to populate the volume with data, if a non-empty - volume is desired. This may be any object from a non-empty API group (non - core object) or a PersistentVolumeClaim object. - When this field is specified, volume binding will only succeed if the type of - the specified object matches some installed volume populator or dynamic - provisioner. - This field will replace the functionality of the dataSource field and as such - if both fields are non-empty, they must have the same value. For backwards - compatibility, when namespace isn't specified in dataSourceRef, - both fields (dataSource and dataSourceRef) will be set to the same - value automatically if one of them is empty and the other is non-empty. - When namespace is specified in dataSourceRef, - dataSource isn't set to the same value and must be empty. - There are three important differences between dataSource and dataSourceRef: - * While dataSource only allows two specific types of objects, dataSourceRef - allows any non-core object, as well as PersistentVolumeClaim objects. - * While dataSource ignores disallowed values (dropping them), dataSourceRef - preserves all values, and generates an error if a disallowed value is - specified. - * While dataSource only allows local objects, dataSourceRef allows objects - in any namespaces. - (Beta) Using this field requires the AnyVolumeDataSource feature gate to be enabled. - (Alpha) Using the namespace field of dataSourceRef requires the CrossNamespaceVolumeDataSource feature gate to be enabled. - properties: - apiGroup: - description: |- - APIGroup is the group for the resource being referenced. - If APIGroup is not specified, the specified Kind must be in the core API group. - For any other third-party types, APIGroup is required. - type: string - kind: - description: Kind is the type of resource being - referenced - type: string - name: - description: Name is the name of resource being - referenced - type: string - namespace: - description: |- - Namespace is the namespace of resource being referenced - Note that when a namespace is specified, a gateway.networking.k8s.io/ReferenceGrant object is required in the referent namespace to allow that namespace's owner to accept the reference. See the ReferenceGrant documentation for details. - (Alpha) This field requires the CrossNamespaceVolumeDataSource feature gate to be enabled. - type: string - required: - - kind - - name - type: object - resources: - description: |- - resources represents the minimum resources the volume should have. - If RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements - that are lower than previous value but must still be higher than capacity recorded in the - status field of the claim. - More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources - properties: - limits: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - description: |- - Limits describes the maximum amount of compute resources allowed. - More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ - type: object - requests: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - description: |- - Requests describes the minimum amount of compute resources required. - If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, - otherwise to an implementation-defined value. Requests cannot exceed Limits. - More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ - type: object - type: object - selector: - description: selector is a label query over volumes - to consider for binding. - properties: - matchExpressions: - description: matchExpressions is a list of label - selector requirements. The requirements are - ANDed. - items: - description: |- - A label selector requirement is a selector that contains values, a key, and an operator that - relates the key and values. - properties: - key: - description: key is the label key that the - selector applies to. - type: string - operator: - description: |- - operator represents a key's relationship to a set of values. - Valid operators are In, NotIn, Exists and DoesNotExist. - type: string - values: - description: |- - values is an array of string values. If the operator is In or NotIn, - the values array must be non-empty. If the operator is Exists or DoesNotExist, - the values array must be empty. This array is replaced during a strategic - merge patch. - items: - type: string - type: array - x-kubernetes-list-type: atomic - required: - - key - - operator - type: object - type: array - x-kubernetes-list-type: atomic - matchLabels: - additionalProperties: - type: string - description: |- - matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels - map is equivalent to an element of matchExpressions, whose key field is "key", the - operator is "In", and the values array contains only "value". The requirements are ANDed. - type: object - type: object - x-kubernetes-map-type: atomic - storageClassName: - description: |- - storageClassName is the name of the StorageClass required by the claim. - More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1 - type: string - volumeAttributesClassName: - description: |- - volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim. - If specified, the CSI driver will create or update the volume with the attributes defined - in the corresponding VolumeAttributesClass. This has a different purpose than storageClassName, - it can be changed after the claim is created. An empty string value means that no VolumeAttributesClass - will be applied to the claim but it's not allowed to reset this field to empty string once it is set. - If unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass - will be set by the persistentvolume controller if it exists. - If the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be - set to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource - exists. - More info: https://kubernetes.io/docs/concepts/storage/volume-attributes-classes/ - (Beta) Using this field requires the VolumeAttributesClass feature gate to be enabled (off by default). - type: string - volumeMode: - description: |- - volumeMode defines what type of volume is required by the claim. - Value of Filesystem is implied when not included in claim spec. - type: string - volumeName: - description: volumeName is the binding reference to - the PersistentVolume backing this claim. - type: string - type: object - status: - description: |- - Status represents the current information/status of a persistent volume claim. - Read-only. - More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims - properties: - accessModes: - description: |- - accessModes contains the actual access modes the volume backing the PVC has. - More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1 - items: - type: string - type: array - x-kubernetes-list-type: atomic - allocatedResourceStatuses: - additionalProperties: - description: |- - When a controller receives persistentvolume claim update with ClaimResourceStatus for a resource - that it does not recognizes, then it should ignore that update and let other controllers - handle it. - type: string - description: "allocatedResourceStatuses stores status - of resource being resized for the given PVC.\nKey - names follow standard Kubernetes label syntax. Valid - values are either:\n\t* Un-prefixed keys:\n\t\t- - storage - the capacity of the volume.\n\t* Custom - resources must use implementation-defined prefixed - names such as \"example.com/my-custom-resource\"\nApart - from above values - keys that are unprefixed or - have kubernetes.io prefix are considered\nreserved - and hence may not be used.\n\nClaimResourceStatus - can be in any of following states:\n\t- ControllerResizeInProgress:\n\t\tState - set when resize controller starts resizing the volume - in control-plane.\n\t- ControllerResizeFailed:\n\t\tState - set when resize has failed in resize controller - with a terminal error.\n\t- NodeResizePending:\n\t\tState - set when resize controller has finished resizing - the volume but further resizing of\n\t\tvolume is - needed on the node.\n\t- NodeResizeInProgress:\n\t\tState - set when kubelet starts resizing the volume.\n\t- - NodeResizeFailed:\n\t\tState set when resizing has - failed in kubelet with a terminal error. Transient - errors don't set\n\t\tNodeResizeFailed.\nFor example: - if expanding a PVC for more capacity - this field - can be one of the following states:\n\t- pvc.status.allocatedResourceStatus['storage'] - = \"ControllerResizeInProgress\"\n - pvc.status.allocatedResourceStatus['storage'] - = \"ControllerResizeFailed\"\n - pvc.status.allocatedResourceStatus['storage'] - = \"NodeResizePending\"\n - pvc.status.allocatedResourceStatus['storage'] - = \"NodeResizeInProgress\"\n - pvc.status.allocatedResourceStatus['storage'] - = \"NodeResizeFailed\"\nWhen this field is not set, - it means that no resize operation is in progress - for the given PVC.\n\nA controller that receives - PVC update with previously unknown resourceName - or ClaimResourceStatus\nshould ignore the update - for the purpose it was designed. For example - a - controller that\nonly is responsible for resizing - capacity of the volume, should ignore PVC updates - that change other valid\nresources associated with - PVC.\n\nThis is an alpha field and requires enabling - RecoverVolumeExpansionFailure feature." - type: object - x-kubernetes-map-type: granular - allocatedResources: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - description: "allocatedResources tracks the resources - allocated to a PVC including its capacity.\nKey - names follow standard Kubernetes label syntax. Valid - values are either:\n\t* Un-prefixed keys:\n\t\t- - storage - the capacity of the volume.\n\t* Custom - resources must use implementation-defined prefixed - names such as \"example.com/my-custom-resource\"\nApart - from above values - keys that are unprefixed or - have kubernetes.io prefix are considered\nreserved - and hence may not be used.\n\nCapacity reported - here may be larger than the actual capacity when - a volume expansion operation\nis requested.\nFor - storage quota, the larger value from allocatedResources - and PVC.spec.resources is used.\nIf allocatedResources - is not set, PVC.spec.resources alone is used for - quota calculation.\nIf a volume expansion capacity - request is lowered, allocatedResources is only\nlowered - if there are no expansion operations in progress - and if the actual volume capacity\nis equal or lower - than the requested capacity.\n\nA controller that - receives PVC update with previously unknown resourceName\nshould - ignore the update for the purpose it was designed. - For example - a controller that\nonly is responsible - for resizing capacity of the volume, should ignore - PVC updates that change other valid\nresources associated - with PVC.\n\nThis is an alpha field and requires - enabling RecoverVolumeExpansionFailure feature." - type: object - capacity: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - description: capacity represents the actual resources - of the underlying volume. - type: object - conditions: - description: |- - conditions is the current Condition of persistent volume claim. If underlying persistent volume is being - resized then the Condition will be set to 'Resizing'. - items: - description: PersistentVolumeClaimCondition contains - details about state of pvc - properties: - lastProbeTime: - description: lastProbeTime is the time we probed - the condition. - format: date-time - type: string - lastTransitionTime: - description: lastTransitionTime is the time - the condition transitioned from one status - to another. - format: date-time - type: string - message: - description: message is the human-readable message - indicating details about last transition. - type: string - reason: - description: |- - reason is a unique, this should be a short, machine understandable string that gives the reason - for condition's last transition. If it reports "Resizing" that means the underlying - persistent volume is being resized. - type: string - status: - description: |- - Status is the status of the condition. - Can be True, False, Unknown. - More info: https://kubernetes.io/docs/reference/kubernetes-api/config-and-storage-resources/persistent-volume-claim-v1/#:~:text=state%20of%20pvc-,conditions.status,-(string)%2C%20required - type: string - type: - description: |- - Type is the type of the condition. - More info: https://kubernetes.io/docs/reference/kubernetes-api/config-and-storage-resources/persistent-volume-claim-v1/#:~:text=set%20to%20%27ResizeStarted%27.-,PersistentVolumeClaimCondition,-contains%20details%20about - type: string - required: - - status - - type - type: object - type: array - x-kubernetes-list-map-keys: - - type - x-kubernetes-list-type: map - currentVolumeAttributesClassName: - description: |- - currentVolumeAttributesClassName is the current name of the VolumeAttributesClass the PVC is using. - When unset, there is no VolumeAttributeClass applied to this PersistentVolumeClaim - This is a beta field and requires enabling VolumeAttributesClass feature (off by default). - type: string - modifyVolumeStatus: - description: |- - ModifyVolumeStatus represents the status object of ControllerModifyVolume operation. - When this is unset, there is no ModifyVolume operation being attempted. - This is a beta field and requires enabling VolumeAttributesClass feature (off by default). - properties: - status: - description: "status is the status of the ControllerModifyVolume - operation. It can be in any of following states:\n - - Pending\n Pending indicates that the PersistentVolumeClaim - cannot be modified due to unmet requirements, - such as\n the specified VolumeAttributesClass - not existing.\n - InProgress\n InProgress - indicates that the volume is being modified.\n - - Infeasible\n Infeasible indicates that the - request has been rejected as invalid by the - CSI driver. To\n\t resolve the error, a valid - VolumeAttributesClass needs to be specified.\nNote: - New statuses can be added in the future. Consumers - should check for unknown statuses and fail appropriately." - type: string - targetVolumeAttributesClassName: - description: targetVolumeAttributesClassName is - the name of the VolumeAttributesClass the PVC - currently being reconciled - type: string - required: - - status - type: object - phase: - description: phase represents the current phase of - PersistentVolumeClaim. - type: string - type: object - type: object - type: object - terminationGracePeriodSeconds: - description: TerminationGracePeriodSeconds period for container - graceful termination - format: int64 - type: integer - tolerations: - description: Tolerations If specified, the pod's tolerations. - items: - description: |- - The pod this Toleration is attached to tolerates any taint that matches - the triple using the matching operator . - properties: - effect: - description: |- - Effect indicates the taint effect to match. Empty means match all taint effects. - When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute. - type: string - key: - description: |- - Key is the taint key that the toleration applies to. Empty means match all taint keys. - If the key is empty, operator must be Exists; this combination means to match all values and all keys. - type: string - operator: - description: |- - Operator represents a key's relationship to the value. - Valid operators are Exists and Equal. Defaults to Equal. - Exists is equivalent to wildcard for value, so that a pod can - tolerate all taints of a particular category. - type: string - tolerationSeconds: - description: |- - TolerationSeconds represents the period of time the toleration (which must be - of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, - it is not set, which means tolerate the taint forever (do not evict). Zero and - negative values will be treated as 0 (evict immediately) by the system. - format: int64 - type: integer - value: - description: |- - Value is the taint value the toleration matches to. - If the operator is Exists, the value should be empty, otherwise just a regular string. - type: string - type: object - type: array - topologySpreadConstraints: - description: |- - TopologySpreadConstraints embedded kubernetes pod configuration option, - controls how pods are spread across your cluster among failure-domains - such as regions, zones, nodes, and other user-defined topology domains - https://kubernetes.io/docs/concepts/workloads/pods/pod-topology-spread-constraints/ - items: - description: TopologySpreadConstraint specifies how to spread - matching pods among the given topology. - required: - - maxSkew - - topologyKey - - whenUnsatisfiable - type: object - x-kubernetes-preserve-unknown-fields: true - type: array - useDefaultResources: - description: |- - UseDefaultResources controls resource settings - By default, operator sets built-in resource requirements - type: boolean - useStrictSecurity: - description: |- - UseStrictSecurity enables strict security mode for component - it restricts disk writes access - uses non-root user out of the box - drops not needed security permissions - type: boolean - volumeMounts: - description: |- - VolumeMounts allows configuration of additional VolumeMounts on the output Deployment/StatefulSet definition. - VolumeMounts specified will be appended to other VolumeMounts in the Application container - items: - description: VolumeMount describes a mounting of a Volume within - a container. - properties: - mountPath: - description: |- - Path within the container at which the volume should be mounted. Must - not contain ':'. - type: string - mountPropagation: - description: |- - mountPropagation determines how mounts are propagated from the host - to container and the other way around. - When not set, MountPropagationNone is used. - This field is beta in 1.10. - When RecursiveReadOnly is set to IfPossible or to Enabled, MountPropagation must be None or unspecified - (which defaults to None). - type: string - name: - description: This must match the Name of a Volume. - type: string - readOnly: - description: |- - Mounted read-only if true, read-write otherwise (false or unspecified). - Defaults to false. - type: boolean - recursiveReadOnly: - description: |- - RecursiveReadOnly specifies whether read-only mounts should be handled - recursively. - - If ReadOnly is false, this field has no meaning and must be unspecified. - - If ReadOnly is true, and this field is set to Disabled, the mount is not made - recursively read-only. If this field is set to IfPossible, the mount is made - recursively read-only, if it is supported by the container runtime. If this - field is set to Enabled, the mount is made recursively read-only if it is - supported by the container runtime, otherwise the pod will not be started and - an error will be generated to indicate the reason. - - If this field is set to IfPossible or Enabled, MountPropagation must be set to - None (or be unspecified, which defaults to None). - - If this field is not specified, it is treated as an equivalent of Disabled. - type: string - subPath: - description: |- - Path within the volume from which the container's volume should be mounted. - Defaults to "" (volume's root). - type: string - subPathExpr: - description: |- - Expanded path within the volume from which the container's volume should be mounted. - Behaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment. - Defaults to "" (volume's root). - SubPathExpr and SubPath are mutually exclusive. - type: string - required: - - mountPath - - name - type: object - type: array - volumes: - description: |- - Volumes allows configuration of additional volumes on the output Deployment/StatefulSet definition. - Volumes specified will be appended to other volumes that are generated. - / +optional - items: - description: Volume represents a named volume in a pod that - may be accessed by any container in the pod. - required: - - name - type: object - x-kubernetes-preserve-unknown-fields: true - type: array - type: object - vmstorage: - properties: - affinity: - description: Affinity If specified, the pod's scheduling constraints. - type: object - x-kubernetes-preserve-unknown-fields: true - claimTemplates: - description: ClaimTemplates allows adding additional VolumeClaimTemplates - for StatefulSet - items: - description: PersistentVolumeClaim is a user's request for and - claim to a persistent volume - type: object - x-kubernetes-preserve-unknown-fields: true - type: array - configMaps: - description: |- - ConfigMaps is a list of ConfigMaps in the same namespace as the Application - object, which shall be mounted into the Application container - at /etc/vm/configs/CONFIGMAP_NAME folder - items: - type: string - type: array - containers: - description: |- - Containers property allows to inject additions sidecars or to patch existing containers. - It can be useful for proxies, backup, etc. - items: - description: A single application container that you want to - run within a pod. - required: - - name - type: object - x-kubernetes-preserve-unknown-fields: true - type: array - disableAutomountServiceAccountToken: - description: |- - DisableAutomountServiceAccountToken whether to disable serviceAccount auto mount by Kubernetes (available from v0.54.0). - Operator will conditionally create volumes and volumeMounts for containers if it requires k8s API access. - For example, vmagent and vm-config-reloader requires k8s API access. - Operator creates volumes with name: "kube-api-access", which can be used as volumeMount for extraContainers if needed. - And also adds VolumeMounts at /var/run/secrets/kubernetes.io/serviceaccount. - type: boolean - disableSelfServiceScrape: - description: |- - DisableSelfServiceScrape controls creation of VMServiceScrape by operator - for the application. - Has priority over `VM_DISABLESELFSERVICESCRAPECREATION` operator env variable - type: boolean - dnsConfig: - description: |- - Specifies the DNS parameters of a pod. - Parameters specified here will be merged to the generated DNS - configuration based on DNSPolicy. - items: - x-kubernetes-preserve-unknown-fields: true - properties: - nameservers: - description: |- - A list of DNS name server IP addresses. - This will be appended to the base nameservers generated from DNSPolicy. - Duplicated nameservers will be removed. - items: - type: string - type: array - x-kubernetes-list-type: atomic - options: - description: |- - A list of DNS resolver options. - This will be merged with the base options generated from DNSPolicy. - Duplicated entries will be removed. Resolution options given in Options - will override those that appear in the base DNSPolicy. - items: - description: PodDNSConfigOption defines DNS resolver options - of a pod. - properties: - name: - description: |- - Name is this DNS resolver option's name. - Required. - type: string - value: - description: Value is this DNS resolver option's value. - type: string - type: object - type: array - x-kubernetes-list-type: atomic - searches: - description: |- - A list of DNS search domains for host-name lookup. - This will be appended to the base search paths generated from DNSPolicy. - Duplicated search paths will be removed. - items: - type: string - type: array - x-kubernetes-list-type: atomic - type: object - dnsPolicy: - description: DNSPolicy sets DNS policy for the pod - type: string - extraArgs: - additionalProperties: - type: string - description: |- - ExtraArgs that will be passed to the application container - for example remoteWrite.tmpDataPath: /tmp - type: object - extraEnvs: - description: ExtraEnvs that will be passed to the application - container - items: - description: EnvVar represents an environment variable present - in a Container. - properties: - name: - description: Name of the environment variable. Must be a - C_IDENTIFIER. - type: string - value: - description: |- - Variable references $(VAR_NAME) are expanded - using the previously defined environment variables in the container and - any service environment variables. If a variable cannot be resolved, - the reference in the input string will be unchanged. Double $$ are reduced - to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. - "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". - Escaped references will never be expanded, regardless of whether the variable - exists or not. - Defaults to "". - type: string - required: - - name - type: object - x-kubernetes-preserve-unknown-fields: true - type: array - extraEnvsFrom: - description: |- - ExtraEnvsFrom defines source of env variables for the application container - could either be secret or configmap - items: - description: EnvFromSource represents the source of a set of - ConfigMaps - properties: - configMapRef: - description: The ConfigMap to select from - properties: - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the ConfigMap must be defined - type: boolean - type: object - x-kubernetes-map-type: atomic - prefix: - description: An optional identifier to prepend to each key - in the ConfigMap. Must be a C_IDENTIFIER. - type: string - secretRef: - description: The Secret to select from - properties: - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the Secret must be defined - type: boolean - type: object - x-kubernetes-map-type: atomic - type: object - type: array - host_aliases: - description: |- - HostAliasesUnderScore provides mapping for ip and hostname, - that would be propagated to pod, - cannot be used with HostNetwork. - Has Priority over hostAliases field - items: - description: |- - HostAlias holds the mapping between IP and hostnames that will be injected as an entry in the - pod's hosts file. - properties: - hostnames: - description: Hostnames for the above IP address. - items: - type: string - type: array - x-kubernetes-list-type: atomic - ip: - description: IP address of the host file entry. - type: string - required: - - ip - type: object - type: array - hostAliases: - description: |- - HostAliases provides mapping for ip and hostname, - that would be propagated to pod, - cannot be used with HostNetwork. - items: - description: |- - HostAlias holds the mapping between IP and hostnames that will be injected as an entry in the - pod's hosts file. - properties: - hostnames: - description: Hostnames for the above IP address. - items: - type: string - type: array - x-kubernetes-list-type: atomic - ip: - description: IP address of the host file entry. - type: string - required: - - ip - type: object - type: array - hostNetwork: - description: HostNetwork controls whether the pod may use the - node network namespace - type: boolean - image: - description: |- - Image - docker image settings - if no specified operator uses default version from operator config - properties: - pullPolicy: - description: PullPolicy describes how to pull docker image - type: string - repository: - description: Repository contains name of docker image + it's - repository if needed - type: string - tag: - description: Tag contains desired docker image version - type: string - type: object - imagePullSecrets: - description: |- - ImagePullSecrets An optional list of references to secrets in the same namespace - to use for pulling images from registries - see https://kubernetes.io/docs/concepts/containers/images/#referring-to-an-imagepullsecrets-on-a-pod - items: - description: |- - LocalObjectReference contains enough information to let you locate the - referenced object inside the same namespace. - properties: - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - type: object - x-kubernetes-map-type: atomic - type: array - initContainers: - description: |- - InitContainers allows adding initContainers to the pod definition. - Any errors during the execution of an initContainer will lead to a restart of the Pod. - More info: https://kubernetes.io/docs/concepts/workloads/pods/init-containers/ - items: - description: A single application container that you want to - run within a pod. - required: - - name - type: object - x-kubernetes-preserve-unknown-fields: true - type: array - livenessProbe: - description: LivenessProbe that will be added CRD pod - type: object - x-kubernetes-preserve-unknown-fields: true - logFormat: - description: |- - LogFormat for VMStorage to be configured with. - default or json - enum: - - default - - json - type: string - logLevel: - description: LogLevel for VMStorage to be configured with. - enum: - - INFO - - WARN - - ERROR - - FATAL - - PANIC - type: string - maintenanceInsertNodeIDs: - description: |- - MaintenanceInsertNodeIDs - excludes given node ids from insert requests routing, must contain pod suffixes - for pod-0, id will be 0 and etc. - lets say, you have pod-0, pod-1, pod-2, pod-3. to exclude pod-0 and pod-3 from insert routing, define nodeIDs: [0,3]. - Useful at storage expanding, when you want to rebalance some data at cluster. - items: - format: int32 - type: integer - type: array - maintenanceSelectNodeIDs: - description: MaintenanceInsertNodeIDs - excludes given node ids - from select requests routing, must contain pod suffixes - for - pod-0, id will be 0 and etc. - items: - format: int32 - type: integer - type: array - minReadySeconds: - description: |- - MinReadySeconds defines a minimum number of seconds to wait before starting update next pod - if previous in healthy state - Has no effect for VLogs and VMSingle - format: int32 - type: integer - nodeSelector: - additionalProperties: - type: string - description: NodeSelector Define which Nodes the Pods are scheduled - on. - type: object - paused: - description: |- - Paused If set to true all actions on the underlying managed objects are not - going to be performed, except for delete actions. - type: boolean - persistentVolumeClaimRetentionPolicy: - description: PersistentVolumeClaimRetentionPolicy allows configuration - of PVC retention policy - properties: - whenDeleted: - description: |- - WhenDeleted specifies what happens to PVCs created from StatefulSet - VolumeClaimTemplates when the StatefulSet is deleted. The default policy - of `Retain` causes PVCs to not be affected by StatefulSet deletion. The - `Delete` policy causes those PVCs to be deleted. - type: string - whenScaled: - description: |- - WhenScaled specifies what happens to PVCs created from StatefulSet - VolumeClaimTemplates when the StatefulSet is scaled down. The default - policy of `Retain` causes PVCs to not be affected by a scaledown. The - `Delete` policy causes the associated PVCs for any excess pods above - the replica count to be deleted. - type: string - type: object - podDisruptionBudget: - description: PodDisruptionBudget created by operator - properties: - maxUnavailable: - anyOf: - - type: integer - - type: string - description: |- - An eviction is allowed if at most "maxUnavailable" pods selected by - "selector" are unavailable after the eviction, i.e. even in absence of - the evicted pod. For example, one can prevent all voluntary evictions - by specifying 0. This is a mutually exclusive setting with "minAvailable". - x-kubernetes-int-or-string: true - minAvailable: - anyOf: - - type: integer - - type: string - description: |- - An eviction is allowed if at least "minAvailable" pods selected by - "selector" will still be available after the eviction, i.e. even in the - absence of the evicted pod. So for example you can prevent all voluntary - evictions by specifying "100%". - x-kubernetes-int-or-string: true - selectorLabels: - additionalProperties: - type: string - description: |- - replaces default labels selector generated by operator - it's useful when you need to create custom budget - type: object - type: object - podMetadata: - description: PodMetadata configures Labels and Annotations which - are propagated to the VMStorage pods. - properties: - annotations: - additionalProperties: - type: string - description: |- - Annotations is an unstructured key value map stored with a resource that may be - set by external tools to store and retrieve arbitrary metadata. They are not - queryable and should be preserved when modifying objects. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations - type: object - labels: - additionalProperties: - type: string - description: |- - Labels Map of string keys and values that can be used to organize and categorize - (scope and select) objects. May match selectors of replication controllers - and services. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels - type: object - name: - description: |- - Name must be unique within a namespace. Is required when creating resources, although - some resources may allow a client to request the generation of an appropriate name - automatically. Name is primarily intended for creation idempotence and configuration - definition. - Cannot be updated. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names#names - type: string - type: object - port: - description: Port listen address - type: string - priorityClassName: - description: PriorityClassName class assigned to the Pods - type: string - readinessGates: - description: ReadinessGates defines pod readiness gates - items: - description: PodReadinessGate contains the reference to a pod - condition - properties: - conditionType: - description: ConditionType refers to a condition in the - pod's condition list with matching type. - type: string - required: - - conditionType - type: object - type: array - readinessProbe: - description: ReadinessProbe that will be added CRD pod - type: object - x-kubernetes-preserve-unknown-fields: true - replicaCount: - description: ReplicaCount is the expected size of the Application. - format: int32 - type: integer - resources: - description: |- - Resources container resource request and limits, https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ - if not defined default resources from operator config will be used - properties: - claims: - description: |- - Claims lists the names of resources, defined in spec.resourceClaims, - that are used by this container. - - This is an alpha field and requires enabling the - DynamicResourceAllocation feature gate. - - This field is immutable. It can only be set for containers. - items: - description: ResourceClaim references one entry in PodSpec.ResourceClaims. - properties: - name: - description: |- - Name must match the name of one entry in pod.spec.resourceClaims of - the Pod where this field is used. It makes that resource available - inside a container. - type: string - request: - description: |- - Request is the name chosen for a request in the referenced claim. - If empty, everything from the claim is made available, otherwise - only the result of this request. - type: string - required: - - name - type: object - type: array - x-kubernetes-list-map-keys: - - name - x-kubernetes-list-type: map - limits: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - description: |- - Limits describes the maximum amount of compute resources allowed. - More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ - type: object - requests: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - description: |- - Requests describes the minimum amount of compute resources required. - If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, - otherwise to an implementation-defined value. Requests cannot exceed Limits. - More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ - type: object - type: object - revisionHistoryLimitCount: - description: |- - The number of old ReplicaSets to retain to allow rollback in deployment or - maximum number of revisions that will be maintained in the Deployment revision history. - Has no effect at StatefulSets - Defaults to 10. - format: int32 - type: integer - rollingUpdateStrategy: - description: |- - RollingUpdateStrategy defines strategy for application updates - Default is OnDelete, in this case operator handles update process - Can be changed for RollingUpdate - type: string - rollingUpdateStrategyBehavior: - description: |- - RollingUpdateStrategyBehavior defines customized behavior for rolling updates. - It applies if the RollingUpdateStrategy is set to OnDelete, which is the default. - properties: - maxUnavailable: - anyOf: - - type: integer - - type: string - description: |- - MaxUnavailable defines the maximum number of pods that can be unavailable during the update. - It can be specified as an absolute number (e.g. 2) or a percentage of the total pods (e.g. "50%"). - For example, if set to 100%, all pods will be upgraded at once, minimizing downtime when needed. - x-kubernetes-int-or-string: true - type: object - runtimeClassName: - description: |- - RuntimeClassName - defines runtime class for kubernetes pod. - https://kubernetes.io/docs/concepts/containers/runtime-class/ - type: string - schedulerName: - description: SchedulerName - defines kubernetes scheduler name - type: string - secrets: - description: |- - Secrets is a list of Secrets in the same namespace as the Application - object, which shall be mounted into the Application container - at /etc/vm/secrets/SECRET_NAME folder - items: - type: string - type: array - securityContext: - description: |- - SecurityContext holds pod-level security attributes and common container settings. - This defaults to the default PodSecurityContext. - type: object - x-kubernetes-preserve-unknown-fields: true - serviceScrapeSpec: - description: ServiceScrapeSpec that will be added to vmstorage - VMServiceScrape spec - required: - - endpoints - type: object - x-kubernetes-preserve-unknown-fields: true - serviceSpec: - description: ServiceSpec that will be create additional service - for vmstorage - properties: - metadata: - description: EmbeddedObjectMetadata defines objectMeta for - additional service. - properties: - annotations: - additionalProperties: - type: string - description: |- - Annotations is an unstructured key value map stored with a resource that may be - set by external tools to store and retrieve arbitrary metadata. They are not - queryable and should be preserved when modifying objects. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations - type: object - labels: - additionalProperties: - type: string - description: |- - Labels Map of string keys and values that can be used to organize and categorize - (scope and select) objects. May match selectors of replication controllers - and services. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels - type: object - name: - description: |- - Name must be unique within a namespace. Is required when creating resources, although - some resources may allow a client to request the generation of an appropriate name - automatically. Name is primarily intended for creation idempotence and configuration - definition. - Cannot be updated. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names#names - type: string - type: object - spec: - description: |- - ServiceSpec describes the attributes that a user creates on a service. - More info: https://kubernetes.io/docs/concepts/services-networking/service/ - type: object - x-kubernetes-preserve-unknown-fields: true - useAsDefault: - description: |- - UseAsDefault applies changes from given service definition to the main object Service - Changing from headless service to clusterIP or loadbalancer may break cross-component communication - type: boolean - required: - - spec - type: object - startupProbe: - description: StartupProbe that will be added to CRD pod - type: object - x-kubernetes-preserve-unknown-fields: true - storage: - description: |- - Storage - add persistent volume for StorageDataPath - its useful for persistent cache - properties: - disableMountSubPath: - description: |- - Deprecated: subPath usage will be disabled by default in a future release, this option will become unnecessary. - DisableMountSubPath allows to remove any subPath usage in volume mounts. - type: boolean - emptyDir: - description: |- - EmptyDirVolumeSource to be used by the Prometheus StatefulSets. If specified, used in place of any volumeClaimTemplate. More - info: https://kubernetes.io/docs/concepts/storage/volumes/#emptydir - properties: - medium: - description: |- - medium represents what type of storage medium should back this directory. - The default is "" which means to use the node's default medium. - Must be an empty string (default) or Memory. - More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir - type: string - sizeLimit: - anyOf: - - type: integer - - type: string - description: |- - sizeLimit is the total amount of local storage required for this EmptyDir volume. - The size limit is also applicable for memory medium. - The maximum usage on memory medium EmptyDir would be the minimum value between - the SizeLimit specified here and the sum of memory limits of all containers in a pod. - The default is nil which means that the limit is undefined. - More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - type: object - volumeClaimTemplate: - description: A PVC spec to be used by the StatefulSets/Deployments. - type: object - x-kubernetes-preserve-unknown-fields: true - type: object - storageDataPath: - description: StorageDataPath - path to storage data - type: string - terminationGracePeriodSeconds: - description: TerminationGracePeriodSeconds period for container - graceful termination - format: int64 - type: integer - tolerations: - description: Tolerations If specified, the pod's tolerations. - items: - description: |- - The pod this Toleration is attached to tolerates any taint that matches - the triple using the matching operator . - properties: - effect: - description: |- - Effect indicates the taint effect to match. Empty means match all taint effects. - When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute. - type: string - key: - description: |- - Key is the taint key that the toleration applies to. Empty means match all taint keys. - If the key is empty, operator must be Exists; this combination means to match all values and all keys. - type: string - operator: - description: |- - Operator represents a key's relationship to the value. - Valid operators are Exists and Equal. Defaults to Equal. - Exists is equivalent to wildcard for value, so that a pod can - tolerate all taints of a particular category. - type: string - tolerationSeconds: - description: |- - TolerationSeconds represents the period of time the toleration (which must be - of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, - it is not set, which means tolerate the taint forever (do not evict). Zero and - negative values will be treated as 0 (evict immediately) by the system. - format: int64 - type: integer - value: - description: |- - Value is the taint value the toleration matches to. - If the operator is Exists, the value should be empty, otherwise just a regular string. - type: string - type: object - type: array - topologySpreadConstraints: - description: |- - TopologySpreadConstraints embedded kubernetes pod configuration option, - controls how pods are spread across your cluster among failure-domains - such as regions, zones, nodes, and other user-defined topology domains - https://kubernetes.io/docs/concepts/workloads/pods/pod-topology-spread-constraints/ - items: - description: TopologySpreadConstraint specifies how to spread - matching pods among the given topology. - required: - - maxSkew - - topologyKey - - whenUnsatisfiable - type: object - x-kubernetes-preserve-unknown-fields: true - type: array - useDefaultResources: - description: |- - UseDefaultResources controls resource settings - By default, operator sets built-in resource requirements - type: boolean - useStrictSecurity: - description: |- - UseStrictSecurity enables strict security mode for component - it restricts disk writes access - uses non-root user out of the box - drops not needed security permissions - type: boolean - vmBackup: - description: VMBackup configuration for backup - properties: - acceptEULA: - description: |- - AcceptEULA accepts enterprise feature usage, must be set to true. - otherwise backupmanager cannot be added to single/cluster version. - https://victoriametrics.com/legal/esa/ - Deprecated: use license.key or license.keyRef instead - type: boolean - concurrency: - description: Defines number of concurrent workers. Higher - concurrency may reduce backup duration (default 10) - format: int32 - type: integer - credentialsSecret: - description: |- - CredentialsSecret is secret in the same namespace for access to remote storage - The secret is mounted into /etc/vm/creds. - properties: - key: - description: The key of the secret to select from. Must - be a valid secret key. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the Secret or its key must - be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - customS3Endpoint: - description: Custom S3 endpoint for use with S3-compatible - storages (e.g. MinIO). S3 is used if not set - type: string - destination: - description: Defines destination for backup - type: string - destinationDisableSuffixAdd: - description: |- - DestinationDisableSuffixAdd - disables suffix adding for cluster version backups - each vmstorage backup must have unique backup folder - so operator adds POD_NAME as suffix for backup destination folder. - type: boolean - disableDaily: - description: Defines if daily backups disabled (default false) - type: boolean - disableHourly: - description: Defines if hourly backups disabled (default false) - type: boolean - disableMonthly: - description: Defines if monthly backups disabled (default - false) - type: boolean - disableWeekly: - description: Defines if weekly backups disabled (default false) - type: boolean - extraArgs: - additionalProperties: - type: string - description: extra args like maxBytesPerSecond default 0 - type: object - extraEnvs: - items: - description: EnvVar represents an environment variable present - in a Container. - properties: - name: - description: Name of the environment variable. Must - be a C_IDENTIFIER. - type: string - value: - description: |- - Variable references $(VAR_NAME) are expanded - using the previously defined environment variables in the container and - any service environment variables. If a variable cannot be resolved, - the reference in the input string will be unchanged. Double $$ are reduced - to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. - "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". - Escaped references will never be expanded, regardless of whether the variable - exists or not. - Defaults to "". - type: string - valueFrom: - description: Source for the environment variable's value. - Cannot be used if value is not empty. - properties: - configMapKeyRef: - description: Selects a key of a ConfigMap. - properties: - key: - description: The key to select. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the ConfigMap or - its key must be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - fieldRef: - description: |- - Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, - spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs. - properties: - apiVersion: - description: Version of the schema the FieldPath - is written in terms of, defaults to "v1". - type: string - fieldPath: - description: Path of the field to select in - the specified API version. - type: string - required: - - fieldPath - type: object - x-kubernetes-map-type: atomic - resourceFieldRef: - description: |- - Selects a resource of the container: only resources limits and requests - (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported. - properties: - containerName: - description: 'Container name: required for volumes, - optional for env vars' - type: string - divisor: - anyOf: - - type: integer - - type: string - description: Specifies the output format of - the exposed resources, defaults to "1" - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - resource: - description: 'Required: resource to select' - type: string - required: - - resource - type: object - x-kubernetes-map-type: atomic - secretKeyRef: - description: Selects a key of a secret in the pod's - namespace - properties: - key: - description: The key of the secret to select - from. Must be a valid secret key. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the Secret or its - key must be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - type: object - required: - - name - type: object - type: array - extraEnvsFrom: - description: |- - ExtraEnvsFrom defines source of env variables for the application container - could either be secret or configmap - items: - description: EnvFromSource represents the source of a set - of ConfigMaps - properties: - configMapRef: - description: The ConfigMap to select from - properties: - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the ConfigMap must - be defined - type: boolean - type: object - x-kubernetes-map-type: atomic - prefix: - description: An optional identifier to prepend to each - key in the ConfigMap. Must be a C_IDENTIFIER. - type: string - secretRef: - description: The Secret to select from - properties: - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the Secret must be - defined - type: boolean - type: object - x-kubernetes-map-type: atomic - type: object - type: array - image: - description: Image - docker image settings for VMBackuper - properties: - pullPolicy: - description: PullPolicy describes how to pull docker image - type: string - repository: - description: Repository contains name of docker image - + it's repository if needed - type: string - tag: - description: Tag contains desired docker image version - type: string - type: object - logFormat: - description: |- - LogFormat for VMBackup to be configured with. - default or json - enum: - - default - - json - type: string - logLevel: - description: LogLevel for VMBackup to be configured with. - enum: - - INFO - - WARN - - ERROR - - FATAL - - PANIC - type: string - port: - description: Port for health check connections - type: string - resources: - description: |- - Resources container resource request and limits, https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ - if not defined default resources from operator config will be used - properties: - claims: - description: |- - Claims lists the names of resources, defined in spec.resourceClaims, - that are used by this container. - - This is an alpha field and requires enabling the - DynamicResourceAllocation feature gate. - - This field is immutable. It can only be set for containers. - items: - description: ResourceClaim references one entry in PodSpec.ResourceClaims. - properties: - name: - description: |- - Name must match the name of one entry in pod.spec.resourceClaims of - the Pod where this field is used. It makes that resource available - inside a container. - type: string - request: - description: |- - Request is the name chosen for a request in the referenced claim. - If empty, everything from the claim is made available, otherwise - only the result of this request. - type: string - required: - - name - type: object - type: array - x-kubernetes-list-map-keys: - - name - x-kubernetes-list-type: map - limits: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - description: |- - Limits describes the maximum amount of compute resources allowed. - More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ - type: object - requests: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - description: |- - Requests describes the minimum amount of compute resources required. - If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, - otherwise to an implementation-defined value. Requests cannot exceed Limits. - More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ - type: object - type: object - restore: - description: |- - Restore Allows to enable restore options for pod - Read [more](https://docs.victoriametrics.com/victoriametrics/vmbackupmanager/#restore-commands) - properties: - onStart: - description: OnStart defines configuration for restore - on pod start - properties: - enabled: - description: Enabled defines if restore on start enabled - type: boolean - type: object - type: object - snapshotCreateURL: - description: SnapshotCreateURL overwrites url for snapshot - create - type: string - snapshotDeleteURL: - description: SnapShotDeleteURL overwrites url for snapshot - delete - type: string - volumeMounts: - description: |- - VolumeMounts allows configuration of additional VolumeMounts on the output Deployment definition. - VolumeMounts specified will be appended to other VolumeMounts in the vmbackupmanager container, - that are generated as a result of StorageSpec objects. - items: - description: VolumeMount describes a mounting of a Volume - within a container. - properties: - mountPath: - description: |- - Path within the container at which the volume should be mounted. Must - not contain ':'. - type: string - mountPropagation: - description: |- - mountPropagation determines how mounts are propagated from the host - to container and the other way around. - When not set, MountPropagationNone is used. - This field is beta in 1.10. - When RecursiveReadOnly is set to IfPossible or to Enabled, MountPropagation must be None or unspecified - (which defaults to None). - type: string - name: - description: This must match the Name of a Volume. - type: string - readOnly: - description: |- - Mounted read-only if true, read-write otherwise (false or unspecified). - Defaults to false. - type: boolean - recursiveReadOnly: - description: |- - RecursiveReadOnly specifies whether read-only mounts should be handled - recursively. - - If ReadOnly is false, this field has no meaning and must be unspecified. - - If ReadOnly is true, and this field is set to Disabled, the mount is not made - recursively read-only. If this field is set to IfPossible, the mount is made - recursively read-only, if it is supported by the container runtime. If this - field is set to Enabled, the mount is made recursively read-only if it is - supported by the container runtime, otherwise the pod will not be started and - an error will be generated to indicate the reason. - - If this field is set to IfPossible or Enabled, MountPropagation must be set to - None (or be unspecified, which defaults to None). - - If this field is not specified, it is treated as an equivalent of Disabled. - type: string - subPath: - description: |- - Path within the volume from which the container's volume should be mounted. - Defaults to "" (volume's root). - type: string - subPathExpr: - description: |- - Expanded path within the volume from which the container's volume should be mounted. - Behaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment. - Defaults to "" (volume's root). - SubPathExpr and SubPath are mutually exclusive. - type: string - required: - - mountPath - - name - type: object - type: array - type: object - vmInsertPort: - description: VMInsertPort for VMInsert connections - type: string - vmSelectPort: - description: VMSelectPort for VMSelect connections - type: string - volumeMounts: - description: |- - VolumeMounts allows configuration of additional VolumeMounts on the output Deployment/StatefulSet definition. - VolumeMounts specified will be appended to other VolumeMounts in the Application container - items: - description: VolumeMount describes a mounting of a Volume within - a container. - properties: - mountPath: - description: |- - Path within the container at which the volume should be mounted. Must - not contain ':'. - type: string - mountPropagation: - description: |- - mountPropagation determines how mounts are propagated from the host - to container and the other way around. - When not set, MountPropagationNone is used. - This field is beta in 1.10. - When RecursiveReadOnly is set to IfPossible or to Enabled, MountPropagation must be None or unspecified - (which defaults to None). - type: string - name: - description: This must match the Name of a Volume. - type: string - readOnly: - description: |- - Mounted read-only if true, read-write otherwise (false or unspecified). - Defaults to false. - type: boolean - recursiveReadOnly: - description: |- - RecursiveReadOnly specifies whether read-only mounts should be handled - recursively. - - If ReadOnly is false, this field has no meaning and must be unspecified. - - If ReadOnly is true, and this field is set to Disabled, the mount is not made - recursively read-only. If this field is set to IfPossible, the mount is made - recursively read-only, if it is supported by the container runtime. If this - field is set to Enabled, the mount is made recursively read-only if it is - supported by the container runtime, otherwise the pod will not be started and - an error will be generated to indicate the reason. - - If this field is set to IfPossible or Enabled, MountPropagation must be set to - None (or be unspecified, which defaults to None). - - If this field is not specified, it is treated as an equivalent of Disabled. - type: string - subPath: - description: |- - Path within the volume from which the container's volume should be mounted. - Defaults to "" (volume's root). - type: string - subPathExpr: - description: |- - Expanded path within the volume from which the container's volume should be mounted. - Behaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment. - Defaults to "" (volume's root). - SubPathExpr and SubPath are mutually exclusive. - type: string - required: - - mountPath - - name - type: object - type: array - volumes: - description: |- - Volumes allows configuration of additional volumes on the output Deployment/StatefulSet definition. - Volumes specified will be appended to other volumes that are generated. - / +optional - items: - description: Volume represents a named volume in a pod that - may be accessed by any container in the pod. - required: - - name - type: object - x-kubernetes-preserve-unknown-fields: true - type: array - type: object type: object + x-kubernetes-preserve-unknown-fields: true status: description: VMClusterStatus defines the observed state of VMCluster properties: @@ -28414,792 +1661,8 @@ spec: type: object spec: description: VMNodeScrapeSpec defines specification for VMNodeScrape. - properties: - authorization: - description: Authorization with http header Authorization - properties: - credentials: - description: Reference to the secret with value for authorization - properties: - key: - description: The key of the secret to select from. Must be - a valid secret key. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the Secret or its key must be - defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - credentialsFile: - description: File with value for authorization - type: string - type: - description: Type of authorization, default to bearer - type: string - type: object - basicAuth: - description: BasicAuth allow an endpoint to authenticate over basic - authentication - properties: - password: - description: |- - Password defines reference for secret with password value - The secret needs to be in the same namespace as scrape object - properties: - key: - description: The key of the secret to select from. Must be - a valid secret key. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the Secret or its key must be - defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - password_file: - description: |- - PasswordFile defines path to password file at disk - must be pre-mounted - type: string - username: - description: |- - Username defines reference for secret with username value - The secret needs to be in the same namespace as scrape object - properties: - key: - description: The key of the secret to select from. Must be - a valid secret key. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the Secret or its key must be - defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - type: object - bearerTokenFile: - description: File to read bearer token for scraping targets. - type: string - bearerTokenSecret: - description: |- - Secret to mount to read bearer token for scraping targets. The secret - needs to be in the same namespace as the scrape object and accessible by - the victoria-metrics operator. - nullable: true - properties: - key: - description: The key of the secret to select from. Must be a - valid secret key. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the Secret or its key must be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - follow_redirects: - description: FollowRedirects controls redirects for scraping. - type: boolean - honorLabels: - description: HonorLabels chooses the metric's labels on collisions - with target labels. - type: boolean - honorTimestamps: - description: HonorTimestamps controls whether vmagent respects the - timestamps present in scraped data. - type: boolean - interval: - description: Interval at which metrics should be scraped - type: string - jobLabel: - description: The label to use to retrieve the job name from. - type: string - max_scrape_size: - description: MaxScrapeSize defines a maximum size of scraped data - for a job - type: string - metricRelabelConfigs: - description: MetricRelabelConfigs to apply to samples after scrapping. - items: - description: |- - RelabelConfig allows dynamic rewriting of the label set - More info: https://docs.victoriametrics.com/victoriametrics/#relabeling - properties: - action: - description: Action to perform based on regex matching. Default - is 'replace' - type: string - if: - description: 'If represents metricsQL match expression (or list - of expressions): ''{__name__=~"foo_.*"}''' - x-kubernetes-preserve-unknown-fields: true - labels: - additionalProperties: - type: string - description: 'Labels is used together with Match for `action: - graphite`' - type: object - match: - description: 'Match is used together with Labels for `action: - graphite`' - type: string - modulus: - description: Modulus to take of the hash of the source label - values. - format: int64 - type: integer - regex: - description: |- - Regular expression against which the extracted value is matched. Default is '(.*)' - victoriaMetrics supports multiline regex joined with | - https://docs.victoriametrics.com/victoriametrics/vmagent/#relabeling-enhancements - x-kubernetes-preserve-unknown-fields: true - replacement: - description: |- - Replacement value against which a regex replace is performed if the - regular expression matches. Regex capture groups are available. Default is '$1' - type: string - separator: - description: Separator placed between concatenated source label - values. default is ';'. - type: string - source_labels: - description: |- - UnderScoreSourceLabels - additional form of source labels source_labels - for compatibility with original relabel config. - if set both sourceLabels and source_labels, sourceLabels has priority. - for details https://github.com/VictoriaMetrics/operator/issues/131 - items: - type: string - type: array - sourceLabels: - description: |- - The source labels select values from existing labels. Their content is concatenated - using the configured separator and matched against the configured regular expression - for the replace, keep, and drop actions. - items: - type: string - type: array - target_label: - description: |- - UnderScoreTargetLabel - additional form of target label - target_label - for compatibility with original relabel config. - if set both targetLabel and target_label, targetLabel has priority. - for details https://github.com/VictoriaMetrics/operator/issues/131 - type: string - targetLabel: - description: |- - Label to which the resulting value is written in a replace action. - It is mandatory for replace actions. Regex capture groups are available. - type: string - type: object - type: array - oauth2: - description: OAuth2 defines auth configuration - properties: - client_id: - description: The secret or configmap containing the OAuth2 client - id - properties: - configMap: - description: ConfigMap containing data to use for the targets. - properties: - key: - description: The key to select. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the ConfigMap or its key - must be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - secret: - description: Secret containing data to use for the targets. - properties: - key: - description: The key of the secret to select from. Must - be a valid secret key. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the Secret or its key must - be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - type: object - client_secret: - description: The secret containing the OAuth2 client secret - properties: - key: - description: The key of the secret to select from. Must be - a valid secret key. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the Secret or its key must be - defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - client_secret_file: - description: ClientSecretFile defines path for client secret file. - type: string - endpoint_params: - additionalProperties: - type: string - description: Parameters to append to the token URL - type: object - proxy_url: - description: |- - The proxy URL for token_url connection - ( available from v0.55.0). - Is only supported by Scrape objects family - type: string - scopes: - description: OAuth2 scopes used for the token request - items: - type: string - type: array - tls_config: - description: |- - TLSConfig for token_url connection - ( available from v0.55.0). - Is only supported by Scrape objects family - x-kubernetes-preserve-unknown-fields: true - token_url: - description: The URL to fetch the token from - minLength: 1 - type: string - required: - - client_id - - token_url - type: object - params: - additionalProperties: - items: - type: string - type: array - description: Optional HTTP URL parameters - type: object - path: - description: HTTP path to scrape for metrics. - type: string - port: - description: Name of the port exposed at Node. - type: string - proxyURL: - description: ProxyURL eg http://proxyserver:2195 Directs scrapes to - proxy through this endpoint. - type: string - relabelConfigs: - description: RelabelConfigs to apply to samples during service discovery. - items: - description: |- - RelabelConfig allows dynamic rewriting of the label set - More info: https://docs.victoriametrics.com/victoriametrics/#relabeling - properties: - action: - description: Action to perform based on regex matching. Default - is 'replace' - type: string - if: - description: 'If represents metricsQL match expression (or list - of expressions): ''{__name__=~"foo_.*"}''' - x-kubernetes-preserve-unknown-fields: true - labels: - additionalProperties: - type: string - description: 'Labels is used together with Match for `action: - graphite`' - type: object - match: - description: 'Match is used together with Labels for `action: - graphite`' - type: string - modulus: - description: Modulus to take of the hash of the source label - values. - format: int64 - type: integer - regex: - description: |- - Regular expression against which the extracted value is matched. Default is '(.*)' - victoriaMetrics supports multiline regex joined with | - https://docs.victoriametrics.com/victoriametrics/vmagent/#relabeling-enhancements - x-kubernetes-preserve-unknown-fields: true - replacement: - description: |- - Replacement value against which a regex replace is performed if the - regular expression matches. Regex capture groups are available. Default is '$1' - type: string - separator: - description: Separator placed between concatenated source label - values. default is ';'. - type: string - source_labels: - description: |- - UnderScoreSourceLabels - additional form of source labels source_labels - for compatibility with original relabel config. - if set both sourceLabels and source_labels, sourceLabels has priority. - for details https://github.com/VictoriaMetrics/operator/issues/131 - items: - type: string - type: array - sourceLabels: - description: |- - The source labels select values from existing labels. Their content is concatenated - using the configured separator and matched against the configured regular expression - for the replace, keep, and drop actions. - items: - type: string - type: array - target_label: - description: |- - UnderScoreTargetLabel - additional form of target label - target_label - for compatibility with original relabel config. - if set both targetLabel and target_label, targetLabel has priority. - for details https://github.com/VictoriaMetrics/operator/issues/131 - type: string - targetLabel: - description: |- - Label to which the resulting value is written in a replace action. - It is mandatory for replace actions. Regex capture groups are available. - type: string - type: object - type: array - sampleLimit: - description: SampleLimit defines per-scrape limit on number of scraped - samples that will be accepted. - format: int64 - type: integer - scheme: - description: HTTP scheme to use for scraping. - enum: - - http - - https - - HTTPS - - HTTP - type: string - scrape_interval: - description: |- - ScrapeInterval is the same as Interval and has priority over it. - one of scrape_interval or interval can be used - type: string - scrapeTimeout: - description: Timeout after which the scrape is ended - type: string - selector: - description: Selector to select kubernetes Nodes. - properties: - matchExpressions: - description: matchExpressions is a list of label selector requirements. - The requirements are ANDed. - items: - description: |- - A label selector requirement is a selector that contains values, a key, and an operator that - relates the key and values. - properties: - key: - description: key is the label key that the selector applies - to. - type: string - operator: - description: |- - operator represents a key's relationship to a set of values. - Valid operators are In, NotIn, Exists and DoesNotExist. - type: string - values: - description: |- - values is an array of string values. If the operator is In or NotIn, - the values array must be non-empty. If the operator is Exists or DoesNotExist, - the values array must be empty. This array is replaced during a strategic - merge patch. - items: - type: string - type: array - x-kubernetes-list-type: atomic - required: - - key - - operator - type: object - type: array - x-kubernetes-list-type: atomic - matchLabels: - additionalProperties: - type: string - description: |- - matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels - map is equivalent to an element of matchExpressions, whose key field is "key", the - operator is "In", and the values array contains only "value". The requirements are ANDed. - type: object - type: object - x-kubernetes-map-type: atomic - seriesLimit: - description: |- - SeriesLimit defines per-scrape limit on number of unique time series - a single target can expose during all the scrapes on the time window of 24h. - format: int64 - type: integer - targetLabels: - description: TargetLabels transfers labels on the Kubernetes Node - onto the target. - items: - type: string - type: array - tlsConfig: - description: TLSConfig configuration to use when scraping the endpoint - properties: - ca: - description: Struct containing the CA cert to use for the targets. - properties: - configMap: - description: ConfigMap containing data to use for the targets. - properties: - key: - description: The key to select. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the ConfigMap or its key - must be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - secret: - description: Secret containing data to use for the targets. - properties: - key: - description: The key of the secret to select from. Must - be a valid secret key. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the Secret or its key must - be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - type: object - caFile: - description: Path to the CA cert in the container to use for the - targets. - type: string - cert: - description: Struct containing the client cert file for the targets. - properties: - configMap: - description: ConfigMap containing data to use for the targets. - properties: - key: - description: The key to select. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the ConfigMap or its key - must be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - secret: - description: Secret containing data to use for the targets. - properties: - key: - description: The key of the secret to select from. Must - be a valid secret key. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the Secret or its key must - be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - type: object - certFile: - description: Path to the client cert file in the container for - the targets. - type: string - insecureSkipVerify: - description: Disable target certificate validation. - type: boolean - keyFile: - description: Path to the client key file in the container for - the targets. - type: string - keySecret: - description: Secret containing the client key file for the targets. - properties: - key: - description: The key of the secret to select from. Must be - a valid secret key. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the Secret or its key must be - defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - serverName: - description: Used to verify the hostname for the targets. - type: string - type: object - vm_scrape_params: - description: VMScrapeParams defines VictoriaMetrics specific scrape - parameters - properties: - disable_compression: - description: DisableCompression - type: boolean - disable_keep_alive: - description: |- - disable_keepalive allows disabling HTTP keep-alive when scraping targets. - By default, HTTP keep-alive is enabled, so TCP connections to scrape targets - could be reused. - See https://docs.victoriametrics.com/victoriametrics/vmagent/#scrape_config-enhancements - type: boolean - headers: - description: |- - Headers allows sending custom headers to scrape targets - must be in of semicolon separated header with it's value - eg: - headerName: headerValue - vmagent supports since 1.79.0 version - items: - type: string - type: array - no_stale_markers: - type: boolean - proxy_client_config: - description: |- - ProxyClientConfig configures proxy auth settings for scraping - See feature description https://docs.victoriametrics.com/victoriametrics/vmagent/#scraping-targets-via-a-proxy - properties: - basic_auth: - description: BasicAuth allow an endpoint to authenticate over - basic authentication - properties: - password: - description: |- - Password defines reference for secret with password value - The secret needs to be in the same namespace as scrape object - properties: - key: - description: The key of the secret to select from. Must - be a valid secret key. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the Secret or its key - must be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - password_file: - description: |- - PasswordFile defines path to password file at disk - must be pre-mounted - type: string - username: - description: |- - Username defines reference for secret with username value - The secret needs to be in the same namespace as scrape object - properties: - key: - description: The key of the secret to select from. Must - be a valid secret key. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the Secret or its key - must be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - type: object - bearer_token: - description: SecretKeySelector selects a key of a Secret. - properties: - key: - description: The key of the secret to select from. Must - be a valid secret key. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the Secret or its key must - be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - bearer_token_file: - type: string - tls_config: - x-kubernetes-preserve-unknown-fields: true - type: object - scrape_align_interval: - type: string - scrape_offset: - type: string - stream_parse: - type: boolean - type: object type: object + x-kubernetes-preserve-unknown-fields: true status: description: ScrapeObjectStatus defines the observed state of ScrapeObjects properties: @@ -29337,880 +1800,10 @@ spec: type: object spec: description: VMPodScrapeSpec defines the desired state of VMPodScrape - properties: - attach_metadata: - description: AttachMetadata configures metadata attaching from service - discovery - properties: - node: - description: |- - Node instructs vmagent to add node specific metadata from service discovery - Valid for roles: pod, endpoints, endpointslice. - type: boolean - type: object - jobLabel: - description: The label to use to retrieve the job name from. - type: string - namespaceSelector: - description: Selector to select which namespaces the Endpoints objects - are discovered from. - properties: - any: - description: |- - Boolean describing whether all namespaces are selected in contrast to a - list restricting them. - type: boolean - matchNames: - description: List of namespace names. - items: - type: string - type: array - type: object - podMetricsEndpoints: - description: A list of endpoints allowed as part of this PodMonitor. - items: - description: PodMetricsEndpoint defines a scrapeable endpoint of - a Kubernetes Pod serving metrics. - properties: - attach_metadata: - description: AttachMetadata configures metadata attaching from - service discovery - properties: - node: - description: |- - Node instructs vmagent to add node specific metadata from service discovery - Valid for roles: pod, endpoints, endpointslice. - type: boolean - type: object - authorization: - description: Authorization with http header Authorization - properties: - credentials: - description: Reference to the secret with value for authorization - properties: - key: - description: The key of the secret to select from. Must - be a valid secret key. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the Secret or its key must - be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - credentialsFile: - description: File with value for authorization - type: string - type: - description: Type of authorization, default to bearer - type: string - type: object - basicAuth: - description: BasicAuth allow an endpoint to authenticate over - basic authentication - properties: - password: - description: |- - Password defines reference for secret with password value - The secret needs to be in the same namespace as scrape object - properties: - key: - description: The key of the secret to select from. Must - be a valid secret key. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the Secret or its key must - be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - password_file: - description: |- - PasswordFile defines path to password file at disk - must be pre-mounted - type: string - username: - description: |- - Username defines reference for secret with username value - The secret needs to be in the same namespace as scrape object - properties: - key: - description: The key of the secret to select from. Must - be a valid secret key. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the Secret or its key must - be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - type: object - bearerTokenFile: - description: File to read bearer token for scraping targets. - type: string - bearerTokenSecret: - description: |- - Secret to mount to read bearer token for scraping targets. The secret - needs to be in the same namespace as the scrape object and accessible by - the victoria-metrics operator. - nullable: true - properties: - key: - description: The key of the secret to select from. Must - be a valid secret key. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the Secret or its key must - be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - filterRunning: - description: |- - FilterRunning applies filter with pod status == running - it prevents from scrapping metrics at failed or succeed state pods. - enabled by default - type: boolean - follow_redirects: - description: FollowRedirects controls redirects for scraping. - type: boolean - honorLabels: - description: HonorLabels chooses the metric's labels on collisions - with target labels. - type: boolean - honorTimestamps: - description: HonorTimestamps controls whether vmagent respects - the timestamps present in scraped data. - type: boolean - interval: - description: Interval at which metrics should be scraped - type: string - max_scrape_size: - description: MaxScrapeSize defines a maximum size of scraped - data for a job - type: string - metricRelabelConfigs: - description: MetricRelabelConfigs to apply to samples after - scrapping. - items: - description: |- - RelabelConfig allows dynamic rewriting of the label set - More info: https://docs.victoriametrics.com/victoriametrics/#relabeling - properties: - action: - description: Action to perform based on regex matching. - Default is 'replace' - type: string - if: - description: 'If represents metricsQL match expression - (or list of expressions): ''{__name__=~"foo_.*"}''' - x-kubernetes-preserve-unknown-fields: true - labels: - additionalProperties: - type: string - description: 'Labels is used together with Match for `action: - graphite`' - type: object - match: - description: 'Match is used together with Labels for `action: - graphite`' - type: string - modulus: - description: Modulus to take of the hash of the source - label values. - format: int64 - type: integer - regex: - description: |- - Regular expression against which the extracted value is matched. Default is '(.*)' - victoriaMetrics supports multiline regex joined with | - https://docs.victoriametrics.com/victoriametrics/vmagent/#relabeling-enhancements - x-kubernetes-preserve-unknown-fields: true - replacement: - description: |- - Replacement value against which a regex replace is performed if the - regular expression matches. Regex capture groups are available. Default is '$1' - type: string - separator: - description: Separator placed between concatenated source - label values. default is ';'. - type: string - source_labels: - description: |- - UnderScoreSourceLabels - additional form of source labels source_labels - for compatibility with original relabel config. - if set both sourceLabels and source_labels, sourceLabels has priority. - for details https://github.com/VictoriaMetrics/operator/issues/131 - items: - type: string - type: array - sourceLabels: - description: |- - The source labels select values from existing labels. Their content is concatenated - using the configured separator and matched against the configured regular expression - for the replace, keep, and drop actions. - items: - type: string - type: array - target_label: - description: |- - UnderScoreTargetLabel - additional form of target label - target_label - for compatibility with original relabel config. - if set both targetLabel and target_label, targetLabel has priority. - for details https://github.com/VictoriaMetrics/operator/issues/131 - type: string - targetLabel: - description: |- - Label to which the resulting value is written in a replace action. - It is mandatory for replace actions. Regex capture groups are available. - type: string - type: object - type: array - oauth2: - description: OAuth2 defines auth configuration - properties: - client_id: - description: The secret or configmap containing the OAuth2 - client id - properties: - configMap: - description: ConfigMap containing data to use for the - targets. - properties: - key: - description: The key to select. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the ConfigMap or its - key must be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - secret: - description: Secret containing data to use for the targets. - properties: - key: - description: The key of the secret to select from. Must - be a valid secret key. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the Secret or its key - must be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - type: object - client_secret: - description: The secret containing the OAuth2 client secret - properties: - key: - description: The key of the secret to select from. Must - be a valid secret key. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the Secret or its key must - be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - client_secret_file: - description: ClientSecretFile defines path for client secret - file. - type: string - endpoint_params: - additionalProperties: - type: string - description: Parameters to append to the token URL - type: object - proxy_url: - description: |- - The proxy URL for token_url connection - ( available from v0.55.0). - Is only supported by Scrape objects family - type: string - scopes: - description: OAuth2 scopes used for the token request - items: - type: string - type: array - tls_config: - description: |- - TLSConfig for token_url connection - ( available from v0.55.0). - Is only supported by Scrape objects family - x-kubernetes-preserve-unknown-fields: true - token_url: - description: The URL to fetch the token from - minLength: 1 - type: string - required: - - client_id - - token_url - type: object - params: - additionalProperties: - items: - type: string - type: array - description: Optional HTTP URL parameters - type: object - path: - description: HTTP path to scrape for metrics. - type: string - port: - description: Name of the port exposed at Pod. - type: string - portNumber: - description: PortNumber defines the `Pod` port number which - exposes the endpoint. - format: int32 - maximum: 65535 - minimum: 1 - type: integer - proxyURL: - description: ProxyURL eg http://proxyserver:2195 Directs scrapes - to proxy through this endpoint. - type: string - relabelConfigs: - description: RelabelConfigs to apply to samples during service - discovery. - items: - description: |- - RelabelConfig allows dynamic rewriting of the label set - More info: https://docs.victoriametrics.com/victoriametrics/#relabeling - properties: - action: - description: Action to perform based on regex matching. - Default is 'replace' - type: string - if: - description: 'If represents metricsQL match expression - (or list of expressions): ''{__name__=~"foo_.*"}''' - x-kubernetes-preserve-unknown-fields: true - labels: - additionalProperties: - type: string - description: 'Labels is used together with Match for `action: - graphite`' - type: object - match: - description: 'Match is used together with Labels for `action: - graphite`' - type: string - modulus: - description: Modulus to take of the hash of the source - label values. - format: int64 - type: integer - regex: - description: |- - Regular expression against which the extracted value is matched. Default is '(.*)' - victoriaMetrics supports multiline regex joined with | - https://docs.victoriametrics.com/victoriametrics/vmagent/#relabeling-enhancements - x-kubernetes-preserve-unknown-fields: true - replacement: - description: |- - Replacement value against which a regex replace is performed if the - regular expression matches. Regex capture groups are available. Default is '$1' - type: string - separator: - description: Separator placed between concatenated source - label values. default is ';'. - type: string - source_labels: - description: |- - UnderScoreSourceLabels - additional form of source labels source_labels - for compatibility with original relabel config. - if set both sourceLabels and source_labels, sourceLabels has priority. - for details https://github.com/VictoriaMetrics/operator/issues/131 - items: - type: string - type: array - sourceLabels: - description: |- - The source labels select values from existing labels. Their content is concatenated - using the configured separator and matched against the configured regular expression - for the replace, keep, and drop actions. - items: - type: string - type: array - target_label: - description: |- - UnderScoreTargetLabel - additional form of target label - target_label - for compatibility with original relabel config. - if set both targetLabel and target_label, targetLabel has priority. - for details https://github.com/VictoriaMetrics/operator/issues/131 - type: string - targetLabel: - description: |- - Label to which the resulting value is written in a replace action. - It is mandatory for replace actions. Regex capture groups are available. - type: string - type: object - type: array - sampleLimit: - description: SampleLimit defines per-scrape limit on number - of scraped samples that will be accepted. - format: int64 - type: integer - scheme: - description: HTTP scheme to use for scraping. - enum: - - http - - https - - HTTPS - - HTTP - type: string - scrape_interval: - description: |- - ScrapeInterval is the same as Interval and has priority over it. - one of scrape_interval or interval can be used - type: string - scrapeTimeout: - description: Timeout after which the scrape is ended - type: string - seriesLimit: - description: |- - SeriesLimit defines per-scrape limit on number of unique time series - a single target can expose during all the scrapes on the time window of 24h. - format: int64 - type: integer - targetPort: - anyOf: - - type: integer - - type: string - description: |- - TargetPort defines name or number of the pod port this endpoint refers to. - Mutually exclusive with Port and PortNumber. - x-kubernetes-int-or-string: true - tlsConfig: - description: TLSConfig configuration to use when scraping the - endpoint - properties: - ca: - description: Struct containing the CA cert to use for the - targets. - properties: - configMap: - description: ConfigMap containing data to use for the - targets. - properties: - key: - description: The key to select. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the ConfigMap or its - key must be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - secret: - description: Secret containing data to use for the targets. - properties: - key: - description: The key of the secret to select from. Must - be a valid secret key. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the Secret or its key - must be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - type: object - caFile: - description: Path to the CA cert in the container to use - for the targets. - type: string - cert: - description: Struct containing the client cert file for - the targets. - properties: - configMap: - description: ConfigMap containing data to use for the - targets. - properties: - key: - description: The key to select. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the ConfigMap or its - key must be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - secret: - description: Secret containing data to use for the targets. - properties: - key: - description: The key of the secret to select from. Must - be a valid secret key. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the Secret or its key - must be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - type: object - certFile: - description: Path to the client cert file in the container - for the targets. - type: string - insecureSkipVerify: - description: Disable target certificate validation. - type: boolean - keyFile: - description: Path to the client key file in the container - for the targets. - type: string - keySecret: - description: Secret containing the client key file for the - targets. - properties: - key: - description: The key of the secret to select from. Must - be a valid secret key. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the Secret or its key must - be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - serverName: - description: Used to verify the hostname for the targets. - type: string - type: object - vm_scrape_params: - description: VMScrapeParams defines VictoriaMetrics specific - scrape parameters - properties: - disable_compression: - description: DisableCompression - type: boolean - disable_keep_alive: - description: |- - disable_keepalive allows disabling HTTP keep-alive when scraping targets. - By default, HTTP keep-alive is enabled, so TCP connections to scrape targets - could be reused. - See https://docs.victoriametrics.com/victoriametrics/vmagent/#scrape_config-enhancements - type: boolean - headers: - description: |- - Headers allows sending custom headers to scrape targets - must be in of semicolon separated header with it's value - eg: - headerName: headerValue - vmagent supports since 1.79.0 version - items: - type: string - type: array - no_stale_markers: - type: boolean - proxy_client_config: - description: |- - ProxyClientConfig configures proxy auth settings for scraping - See feature description https://docs.victoriametrics.com/victoriametrics/vmagent/#scraping-targets-via-a-proxy - properties: - basic_auth: - description: BasicAuth allow an endpoint to authenticate - over basic authentication - properties: - password: - description: |- - Password defines reference for secret with password value - The secret needs to be in the same namespace as scrape object - properties: - key: - description: The key of the secret to select - from. Must be a valid secret key. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the Secret or its - key must be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - password_file: - description: |- - PasswordFile defines path to password file at disk - must be pre-mounted - type: string - username: - description: |- - Username defines reference for secret with username value - The secret needs to be in the same namespace as scrape object - properties: - key: - description: The key of the secret to select - from. Must be a valid secret key. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the Secret or its - key must be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - type: object - bearer_token: - description: SecretKeySelector selects a key of a Secret. - properties: - key: - description: The key of the secret to select from. Must - be a valid secret key. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the Secret or its key - must be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - bearer_token_file: - type: string - tls_config: - x-kubernetes-preserve-unknown-fields: true - type: object - scrape_align_interval: - type: string - scrape_offset: - type: string - stream_parse: - type: boolean - type: object - type: object - type: array - podTargetLabels: - description: PodTargetLabels transfers labels on the Kubernetes Pod - onto the target. - items: - type: string - type: array - sampleLimit: - description: SampleLimit defines per-scrape limit on number of scraped - samples that will be accepted. - format: int64 - type: integer - selector: - description: Selector to select Pod objects. - properties: - matchExpressions: - description: matchExpressions is a list of label selector requirements. - The requirements are ANDed. - items: - description: |- - A label selector requirement is a selector that contains values, a key, and an operator that - relates the key and values. - properties: - key: - description: key is the label key that the selector applies - to. - type: string - operator: - description: |- - operator represents a key's relationship to a set of values. - Valid operators are In, NotIn, Exists and DoesNotExist. - type: string - values: - description: |- - values is an array of string values. If the operator is In or NotIn, - the values array must be non-empty. If the operator is Exists or DoesNotExist, - the values array must be empty. This array is replaced during a strategic - merge patch. - items: - type: string - type: array - x-kubernetes-list-type: atomic - required: - - key - - operator - type: object - type: array - x-kubernetes-list-type: atomic - matchLabels: - additionalProperties: - type: string - description: |- - matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels - map is equivalent to an element of matchExpressions, whose key field is "key", the - operator is "In", and the values array contains only "value". The requirements are ANDed. - type: object - type: object - x-kubernetes-map-type: atomic - seriesLimit: - description: |- - SeriesLimit defines per-scrape limit on number of unique time series - a single target can expose during all the scrapes on the time window of 24h. - format: int64 - type: integer required: - podMetricsEndpoints type: object + x-kubernetes-preserve-unknown-fields: true status: description: ScrapeObjectStatus defines the observed state of ScrapeObjects properties: @@ -30333,951 +1926,25 @@ spec: description: |- APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources - type: string - kind: - description: |- - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. - In CamelCase. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds - type: string - metadata: - type: object - spec: - description: VMProbeSpec contains specification parameters for a Probe. - properties: - authorization: - description: Authorization with http header Authorization - properties: - credentials: - description: Reference to the secret with value for authorization - properties: - key: - description: The key of the secret to select from. Must be - a valid secret key. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the Secret or its key must be - defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - credentialsFile: - description: File with value for authorization - type: string - type: - description: Type of authorization, default to bearer - type: string - type: object - basicAuth: - description: BasicAuth allow an endpoint to authenticate over basic - authentication - properties: - password: - description: |- - Password defines reference for secret with password value - The secret needs to be in the same namespace as scrape object - properties: - key: - description: The key of the secret to select from. Must be - a valid secret key. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the Secret or its key must be - defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - password_file: - description: |- - PasswordFile defines path to password file at disk - must be pre-mounted - type: string - username: - description: |- - Username defines reference for secret with username value - The secret needs to be in the same namespace as scrape object - properties: - key: - description: The key of the secret to select from. Must be - a valid secret key. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the Secret or its key must be - defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - type: object - bearerTokenFile: - description: File to read bearer token for scraping targets. - type: string - bearerTokenSecret: - description: |- - Secret to mount to read bearer token for scraping targets. The secret - needs to be in the same namespace as the scrape object and accessible by - the victoria-metrics operator. - nullable: true - properties: - key: - description: The key of the secret to select from. Must be a - valid secret key. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the Secret or its key must be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - follow_redirects: - description: FollowRedirects controls redirects for scraping. - type: boolean - honorLabels: - description: HonorLabels chooses the metric's labels on collisions - with target labels. - type: boolean - honorTimestamps: - description: HonorTimestamps controls whether vmagent respects the - timestamps present in scraped data. - type: boolean - interval: - description: Interval at which metrics should be scraped - type: string - jobName: - description: The job name assigned to scraped metrics by default. - type: string - max_scrape_size: - description: MaxScrapeSize defines a maximum size of scraped data - for a job - type: string - metricRelabelConfigs: - description: MetricRelabelConfigs to apply to samples after scrapping. - items: - description: |- - RelabelConfig allows dynamic rewriting of the label set - More info: https://docs.victoriametrics.com/victoriametrics/#relabeling - properties: - action: - description: Action to perform based on regex matching. Default - is 'replace' - type: string - if: - description: 'If represents metricsQL match expression (or list - of expressions): ''{__name__=~"foo_.*"}''' - x-kubernetes-preserve-unknown-fields: true - labels: - additionalProperties: - type: string - description: 'Labels is used together with Match for `action: - graphite`' - type: object - match: - description: 'Match is used together with Labels for `action: - graphite`' - type: string - modulus: - description: Modulus to take of the hash of the source label - values. - format: int64 - type: integer - regex: - description: |- - Regular expression against which the extracted value is matched. Default is '(.*)' - victoriaMetrics supports multiline regex joined with | - https://docs.victoriametrics.com/victoriametrics/vmagent/#relabeling-enhancements - x-kubernetes-preserve-unknown-fields: true - replacement: - description: |- - Replacement value against which a regex replace is performed if the - regular expression matches. Regex capture groups are available. Default is '$1' - type: string - separator: - description: Separator placed between concatenated source label - values. default is ';'. - type: string - source_labels: - description: |- - UnderScoreSourceLabels - additional form of source labels source_labels - for compatibility with original relabel config. - if set both sourceLabels and source_labels, sourceLabels has priority. - for details https://github.com/VictoriaMetrics/operator/issues/131 - items: - type: string - type: array - sourceLabels: - description: |- - The source labels select values from existing labels. Their content is concatenated - using the configured separator and matched against the configured regular expression - for the replace, keep, and drop actions. - items: - type: string - type: array - target_label: - description: |- - UnderScoreTargetLabel - additional form of target label - target_label - for compatibility with original relabel config. - if set both targetLabel and target_label, targetLabel has priority. - for details https://github.com/VictoriaMetrics/operator/issues/131 - type: string - targetLabel: - description: |- - Label to which the resulting value is written in a replace action. - It is mandatory for replace actions. Regex capture groups are available. - type: string - type: object - type: array - module: - description: |- - The module to use for probing specifying how to probe the target. - Example module configuring in the blackbox exporter: - https://github.com/prometheus/blackbox_exporter/blob/master/example.yml - type: string - oauth2: - description: OAuth2 defines auth configuration - properties: - client_id: - description: The secret or configmap containing the OAuth2 client - id - properties: - configMap: - description: ConfigMap containing data to use for the targets. - properties: - key: - description: The key to select. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the ConfigMap or its key - must be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - secret: - description: Secret containing data to use for the targets. - properties: - key: - description: The key of the secret to select from. Must - be a valid secret key. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the Secret or its key must - be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - type: object - client_secret: - description: The secret containing the OAuth2 client secret - properties: - key: - description: The key of the secret to select from. Must be - a valid secret key. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the Secret or its key must be - defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - client_secret_file: - description: ClientSecretFile defines path for client secret file. - type: string - endpoint_params: - additionalProperties: - type: string - description: Parameters to append to the token URL - type: object - proxy_url: - description: |- - The proxy URL for token_url connection - ( available from v0.55.0). - Is only supported by Scrape objects family - type: string - scopes: - description: OAuth2 scopes used for the token request - items: - type: string - type: array - tls_config: - description: |- - TLSConfig for token_url connection - ( available from v0.55.0). - Is only supported by Scrape objects family - x-kubernetes-preserve-unknown-fields: true - token_url: - description: The URL to fetch the token from - minLength: 1 - type: string - required: - - client_id - - token_url - type: object - params: - additionalProperties: - items: - type: string - type: array - description: Optional HTTP URL parameters - type: object - path: - description: HTTP path to scrape for metrics. - type: string - proxyURL: - description: ProxyURL eg http://proxyserver:2195 Directs scrapes to - proxy through this endpoint. - type: string - sampleLimit: - description: SampleLimit defines per-scrape limit on number of scraped - samples that will be accepted. - format: int64 - type: integer - scheme: - description: HTTP scheme to use for scraping. - enum: - - http - - https - - HTTPS - - HTTP - type: string - scrape_interval: - description: |- - ScrapeInterval is the same as Interval and has priority over it. - one of scrape_interval or interval can be used - type: string - scrapeTimeout: - description: Timeout after which the scrape is ended - type: string - seriesLimit: - description: |- - SeriesLimit defines per-scrape limit on number of unique time series - a single target can expose during all the scrapes on the time window of 24h. - format: int64 - type: integer - targets: - description: Targets defines a set of static and/or dynamically discovered - targets to be probed using the prober. - properties: - ingress: - description: Ingress defines the set of dynamically discovered - ingress objects which hosts are considered for probing. - properties: - namespaceSelector: - description: Select Ingress objects by namespace. - properties: - any: - description: |- - Boolean describing whether all namespaces are selected in contrast to a - list restricting them. - type: boolean - matchNames: - description: List of namespace names. - items: - type: string - type: array - type: object - relabelingConfigs: - description: RelabelConfigs to apply to samples during service - discovery. - items: - description: |- - RelabelConfig allows dynamic rewriting of the label set - More info: https://docs.victoriametrics.com/victoriametrics/#relabeling - properties: - action: - description: Action to perform based on regex matching. - Default is 'replace' - type: string - if: - description: 'If represents metricsQL match expression - (or list of expressions): ''{__name__=~"foo_.*"}''' - x-kubernetes-preserve-unknown-fields: true - labels: - additionalProperties: - type: string - description: 'Labels is used together with Match for - `action: graphite`' - type: object - match: - description: 'Match is used together with Labels for - `action: graphite`' - type: string - modulus: - description: Modulus to take of the hash of the source - label values. - format: int64 - type: integer - regex: - description: |- - Regular expression against which the extracted value is matched. Default is '(.*)' - victoriaMetrics supports multiline regex joined with | - https://docs.victoriametrics.com/victoriametrics/vmagent/#relabeling-enhancements - x-kubernetes-preserve-unknown-fields: true - replacement: - description: |- - Replacement value against which a regex replace is performed if the - regular expression matches. Regex capture groups are available. Default is '$1' - type: string - separator: - description: Separator placed between concatenated source - label values. default is ';'. - type: string - source_labels: - description: |- - UnderScoreSourceLabels - additional form of source labels source_labels - for compatibility with original relabel config. - if set both sourceLabels and source_labels, sourceLabels has priority. - for details https://github.com/VictoriaMetrics/operator/issues/131 - items: - type: string - type: array - sourceLabels: - description: |- - The source labels select values from existing labels. Their content is concatenated - using the configured separator and matched against the configured regular expression - for the replace, keep, and drop actions. - items: - type: string - type: array - target_label: - description: |- - UnderScoreTargetLabel - additional form of target label - target_label - for compatibility with original relabel config. - if set both targetLabel and target_label, targetLabel has priority. - for details https://github.com/VictoriaMetrics/operator/issues/131 - type: string - targetLabel: - description: |- - Label to which the resulting value is written in a replace action. - It is mandatory for replace actions. Regex capture groups are available. - type: string - type: object - type: array - selector: - description: Select Ingress objects by labels. - properties: - matchExpressions: - description: matchExpressions is a list of label selector - requirements. The requirements are ANDed. - items: - description: |- - A label selector requirement is a selector that contains values, a key, and an operator that - relates the key and values. - properties: - key: - description: key is the label key that the selector - applies to. - type: string - operator: - description: |- - operator represents a key's relationship to a set of values. - Valid operators are In, NotIn, Exists and DoesNotExist. - type: string - values: - description: |- - values is an array of string values. If the operator is In or NotIn, - the values array must be non-empty. If the operator is Exists or DoesNotExist, - the values array must be empty. This array is replaced during a strategic - merge patch. - items: - type: string - type: array - x-kubernetes-list-type: atomic - required: - - key - - operator - type: object - type: array - x-kubernetes-list-type: atomic - matchLabels: - additionalProperties: - type: string - description: |- - matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels - map is equivalent to an element of matchExpressions, whose key field is "key", the - operator is "In", and the values array contains only "value". The requirements are ANDed. - type: object - type: object - x-kubernetes-map-type: atomic - type: object - staticConfig: - description: StaticConfig defines static targets which are considers - for probing. - properties: - labels: - additionalProperties: - type: string - description: Labels assigned to all metrics scraped from the - targets. - type: object - relabelingConfigs: - description: RelabelConfigs to apply to samples during service - discovery. - items: - description: |- - RelabelConfig allows dynamic rewriting of the label set - More info: https://docs.victoriametrics.com/victoriametrics/#relabeling - properties: - action: - description: Action to perform based on regex matching. - Default is 'replace' - type: string - if: - description: 'If represents metricsQL match expression - (or list of expressions): ''{__name__=~"foo_.*"}''' - x-kubernetes-preserve-unknown-fields: true - labels: - additionalProperties: - type: string - description: 'Labels is used together with Match for - `action: graphite`' - type: object - match: - description: 'Match is used together with Labels for - `action: graphite`' - type: string - modulus: - description: Modulus to take of the hash of the source - label values. - format: int64 - type: integer - regex: - description: |- - Regular expression against which the extracted value is matched. Default is '(.*)' - victoriaMetrics supports multiline regex joined with | - https://docs.victoriametrics.com/victoriametrics/vmagent/#relabeling-enhancements - x-kubernetes-preserve-unknown-fields: true - replacement: - description: |- - Replacement value against which a regex replace is performed if the - regular expression matches. Regex capture groups are available. Default is '$1' - type: string - separator: - description: Separator placed between concatenated source - label values. default is ';'. - type: string - source_labels: - description: |- - UnderScoreSourceLabels - additional form of source labels source_labels - for compatibility with original relabel config. - if set both sourceLabels and source_labels, sourceLabels has priority. - for details https://github.com/VictoriaMetrics/operator/issues/131 - items: - type: string - type: array - sourceLabels: - description: |- - The source labels select values from existing labels. Their content is concatenated - using the configured separator and matched against the configured regular expression - for the replace, keep, and drop actions. - items: - type: string - type: array - target_label: - description: |- - UnderScoreTargetLabel - additional form of target label - target_label - for compatibility with original relabel config. - if set both targetLabel and target_label, targetLabel has priority. - for details https://github.com/VictoriaMetrics/operator/issues/131 - type: string - targetLabel: - description: |- - Label to which the resulting value is written in a replace action. - It is mandatory for replace actions. Regex capture groups are available. - type: string - type: object - type: array - targets: - description: Targets is a list of URLs to probe using the - configured prober. - items: - type: string - type: array - required: - - targets - type: object - type: object - tlsConfig: - description: TLSConfig configuration to use when scraping the endpoint - properties: - ca: - description: Struct containing the CA cert to use for the targets. - properties: - configMap: - description: ConfigMap containing data to use for the targets. - properties: - key: - description: The key to select. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the ConfigMap or its key - must be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - secret: - description: Secret containing data to use for the targets. - properties: - key: - description: The key of the secret to select from. Must - be a valid secret key. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the Secret or its key must - be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - type: object - caFile: - description: Path to the CA cert in the container to use for the - targets. - type: string - cert: - description: Struct containing the client cert file for the targets. - properties: - configMap: - description: ConfigMap containing data to use for the targets. - properties: - key: - description: The key to select. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the ConfigMap or its key - must be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - secret: - description: Secret containing data to use for the targets. - properties: - key: - description: The key of the secret to select from. Must - be a valid secret key. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the Secret or its key must - be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - type: object - certFile: - description: Path to the client cert file in the container for - the targets. - type: string - insecureSkipVerify: - description: Disable target certificate validation. - type: boolean - keyFile: - description: Path to the client key file in the container for - the targets. - type: string - keySecret: - description: Secret containing the client key file for the targets. - properties: - key: - description: The key of the secret to select from. Must be - a valid secret key. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the Secret or its key must be - defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - serverName: - description: Used to verify the hostname for the targets. - type: string - type: object - vm_scrape_params: - description: VMScrapeParams defines VictoriaMetrics specific scrape - parameters - properties: - disable_compression: - description: DisableCompression - type: boolean - disable_keep_alive: - description: |- - disable_keepalive allows disabling HTTP keep-alive when scraping targets. - By default, HTTP keep-alive is enabled, so TCP connections to scrape targets - could be reused. - See https://docs.victoriametrics.com/victoriametrics/vmagent/#scrape_config-enhancements - type: boolean - headers: - description: |- - Headers allows sending custom headers to scrape targets - must be in of semicolon separated header with it's value - eg: - headerName: headerValue - vmagent supports since 1.79.0 version - items: - type: string - type: array - no_stale_markers: - type: boolean - proxy_client_config: - description: |- - ProxyClientConfig configures proxy auth settings for scraping - See feature description https://docs.victoriametrics.com/victoriametrics/vmagent/#scraping-targets-via-a-proxy - properties: - basic_auth: - description: BasicAuth allow an endpoint to authenticate over - basic authentication - properties: - password: - description: |- - Password defines reference for secret with password value - The secret needs to be in the same namespace as scrape object - properties: - key: - description: The key of the secret to select from. Must - be a valid secret key. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the Secret or its key - must be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - password_file: - description: |- - PasswordFile defines path to password file at disk - must be pre-mounted - type: string - username: - description: |- - Username defines reference for secret with username value - The secret needs to be in the same namespace as scrape object - properties: - key: - description: The key of the secret to select from. Must - be a valid secret key. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the Secret or its key - must be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - type: object - bearer_token: - description: SecretKeySelector selects a key of a Secret. - properties: - key: - description: The key of the secret to select from. Must - be a valid secret key. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the Secret or its key must - be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - bearer_token_file: - type: string - tls_config: - x-kubernetes-preserve-unknown-fields: true - type: object - scrape_align_interval: - type: string - scrape_offset: - type: string - stream_parse: - type: boolean - type: object - vmProberSpec: - description: |- - Specification for the prober to use for probing targets. - The prober.URL parameter is required. Targets cannot be probed if left empty. - properties: - path: - description: |- - Path to collect metrics from. - Defaults to `/probe`. - type: string - scheme: - description: |- - HTTP scheme to use for scraping. - Defaults to `http`. - enum: - - http - - https - type: string - url: - description: Mandatory URL of the prober. - type: string - required: - - url - type: object + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + type: string + kind: + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + type: string + metadata: + type: object + spec: + description: VMProbeSpec contains specification parameters for a Probe. required: - vmProberSpec type: object + x-kubernetes-preserve-unknown-fields: true status: description: ScrapeObjectStatus defines the observed state of ScrapeObjects properties: @@ -31414,160 +2081,10 @@ spec: type: object spec: description: VMRuleSpec defines the desired state of VMRule - properties: - groups: - description: Groups list of group rules - items: - description: RuleGroup is a list of sequentially evaluated recording - and alerting rules. - properties: - concurrency: - description: Concurrency defines how many rules execute at once. - type: integer - eval_alignment: - description: |- - Optional - The evaluation timestamp will be aligned with group's interval, - instead of using the actual timestamp that evaluation happens at. - It is enabled by default to get more predictable results - and to visually align with graphs plotted via Grafana or vmui. - type: boolean - eval_delay: - description: |- - Optional - Adjust the `time` parameter of group evaluation requests to compensate intentional query delay from the datasource. - type: string - eval_offset: - description: |- - Optional - Group will be evaluated at the exact offset in the range of [0...interval]. - type: string - extra_filter_labels: - additionalProperties: - type: string - description: |- - ExtraFilterLabels optional list of label filters applied to every rule's - request within a group. Is compatible only with VM datasource. - See more details [here](https://docs.victoriametrics.com/victoriametrics/#prometheus-querying-api-enhancements) - Deprecated: use params instead - type: object - headers: - description: |- - Headers contains optional HTTP headers added to each rule request - Must be in form `header-name: value` - For example: - headers: - - "CustomHeader: foo" - - "CustomHeader2: bar" - items: - type: string - type: array - interval: - description: evaluation interval for group - type: string - labels: - additionalProperties: - type: string - description: |- - Labels optional list of labels added to every rule within a group. - It has priority over the external labels. - Labels are commonly used for adding environment - or tenant-specific tag. - type: object - limit: - description: |- - Limit the number of alerts an alerting rule and series a recording - rule can produce - type: integer - name: - description: Name of group - type: string - notifier_headers: - description: |- - NotifierHeaders contains optional HTTP headers added to each alert request which will send to notifier - Must be in form `header-name: value` - For example: - headers: - - "CustomHeader: foo" - - "CustomHeader2: bar" - items: - type: string - type: array - params: - additionalProperties: - items: - type: string - type: array - description: Params optional HTTP URL parameters added to each - rule request - type: object - rules: - description: Rules list of alert rules - items: - description: Rule describes an alerting or recording rule. - properties: - alert: - description: Alert is a name for alert - type: string - annotations: - additionalProperties: - type: string - description: Annotations will be added to rule configuration - type: object - debug: - description: |- - Debug enables logging for rule - it useful for tracking - type: boolean - expr: - description: Expr is query, that will be evaluated at - dataSource - type: string - for: - description: |- - For evaluation interval in time.Duration format - 30s, 1m, 1h or nanoseconds - type: string - keep_firing_for: - description: |- - KeepFiringFor will make alert continue firing for this long - even when the alerting expression no longer has results. - Use time.Duration format, 30s, 1m, 1h or nanoseconds - type: string - labels: - additionalProperties: - type: string - description: Labels will be added to rule configuration - type: object - record: - description: Record represents a query, that will be recorded - to dataSource - type: string - update_entries_limit: - description: |- - UpdateEntriesLimit defines max number of rule's state updates stored in memory. - Overrides `-rule.updateEntriesLimit` in vmalert. - type: integer - type: object - type: array - tenant: - description: |- - Tenant id for group, can be used only with enterprise version of vmalert. - See more details [here](https://docs.victoriametrics.com/victoriametrics/vmalert/#multitenancy). - type: string - type: - description: |- - Type defines datasource type for enterprise version of vmalert - possible values - prometheus,graphite,vlogs - type: string - required: - - name - - rules - type: object - type: array required: - groups type: object + x-kubernetes-preserve-unknown-fields: true status: description: VMRuleStatus defines the observed state of VMRule properties: @@ -31678,3207 +2195,35 @@ spec: name: Status type: string - jsonPath: .status.reason - name: Sync Error - type: string - name: v1beta1 - schema: - openAPIV3Schema: - description: VMScrapeConfig specifies a set of targets and parameters describing - how to scrape them. - properties: - apiVersion: - description: |- - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources - type: string - kind: - description: |- - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. - In CamelCase. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds - type: string - metadata: - type: object - spec: - description: VMScrapeConfigSpec defines the desired state of VMScrapeConfig - properties: - authorization: - description: Authorization with http header Authorization - properties: - credentials: - description: Reference to the secret with value for authorization - properties: - key: - description: The key of the secret to select from. Must be - a valid secret key. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the Secret or its key must be - defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - credentialsFile: - description: File with value for authorization - type: string - type: - description: Type of authorization, default to bearer - type: string - type: object - azureSDConfigs: - description: AzureSDConfigs defines a list of Azure service discovery - configurations. - items: - description: |- - AzureSDConfig allow retrieving scrape targets from Azure VMs. - See [here](https://docs.victoriametrics.com/victoriametrics/sd_configs/#azure_sd_configs) - properties: - authenticationMethod: - description: |- - # The authentication method, either OAuth or ManagedIdentity. - See https://docs.microsoft.com/en-us/azure/active-directory/managed-identities-azure-resources/overview - enum: - - OAuth - - ManagedIdentity - type: string - clientID: - description: Optional client ID. Only required with the OAuth - authentication method. - type: string - clientSecret: - description: Optional client secret. Only required with the - OAuth authentication method. - properties: - key: - description: The key of the secret to select from. Must - be a valid secret key. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the Secret or its key must - be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - environment: - description: The Azure environment. - type: string - port: - description: |- - The port to scrape metrics from. If using the public IP address, this must - instead be specified in the relabeling rule. - type: integer - resourceGroup: - description: Optional resource group name. Limits discovery - to this resource group. - type: string - subscriptionID: - description: The subscription ID. Always required. - minLength: 1 - type: string - tenantID: - description: Optional tenant ID. Only required with the OAuth - authentication method. - type: string - required: - - subscriptionID - type: object - type: array - basicAuth: - description: BasicAuth allow an endpoint to authenticate over basic - authentication - properties: - password: - description: |- - Password defines reference for secret with password value - The secret needs to be in the same namespace as scrape object - properties: - key: - description: The key of the secret to select from. Must be - a valid secret key. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the Secret or its key must be - defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - password_file: - description: |- - PasswordFile defines path to password file at disk - must be pre-mounted - type: string - username: - description: |- - Username defines reference for secret with username value - The secret needs to be in the same namespace as scrape object - properties: - key: - description: The key of the secret to select from. Must be - a valid secret key. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the Secret or its key must be - defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - type: object - bearerTokenFile: - description: File to read bearer token for scraping targets. - type: string - bearerTokenSecret: - description: |- - Secret to mount to read bearer token for scraping targets. The secret - needs to be in the same namespace as the scrape object and accessible by - the victoria-metrics operator. - nullable: true - properties: - key: - description: The key of the secret to select from. Must be a - valid secret key. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the Secret or its key must be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - consulSDConfigs: - description: ConsulSDConfigs defines a list of Consul service discovery - configurations. - items: - description: |- - ConsulSDConfig defines a Consul service discovery configuration. - See [here](https://docs.victoriametrics.com/victoriametrics/sd_configs/#consul_sd_configs) - properties: - allowStale: - description: |- - Allow stale Consul results (see https://developer.hashicorp.com/consul/api-docs/features/consistency ). Will reduce load on Consul. - If unset, use its default value. - type: boolean - authorization: - description: Authorization header to use on every scrape request. - properties: - credentials: - description: Reference to the secret with value for authorization - properties: - key: - description: The key of the secret to select from. Must - be a valid secret key. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the Secret or its key must - be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - credentialsFile: - description: File with value for authorization - type: string - type: - description: Type of authorization, default to bearer - type: string - type: object - basicAuth: - description: BasicAuth information to use on every scrape request. - properties: - password: - description: |- - Password defines reference for secret with password value - The secret needs to be in the same namespace as scrape object - properties: - key: - description: The key of the secret to select from. Must - be a valid secret key. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the Secret or its key must - be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - password_file: - description: |- - PasswordFile defines path to password file at disk - must be pre-mounted - type: string - username: - description: |- - Username defines reference for secret with username value - The secret needs to be in the same namespace as scrape object - properties: - key: - description: The key of the secret to select from. Must - be a valid secret key. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the Secret or its key must - be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - type: object - datacenter: - description: Consul Datacenter name, if not provided it will - use the local Consul Agent Datacenter. - type: string - filter: - description: |- - Filter defines filter for /v1/catalog/services requests - See https://developer.hashicorp.com/consul/api-docs/features/filtering - type: string - followRedirects: - description: |- - Configure whether HTTP requests follow HTTP 3xx redirects. - If unset, use its default value. - type: boolean - namespace: - description: Namespaces are only supported in Consul Enterprise. - type: string - nodeMeta: - additionalProperties: - type: string - description: Node metadata key/value pairs to filter nodes for - a given service. - type: object - x-kubernetes-map-type: atomic - oauth2: - description: OAuth2 defines auth configuration - properties: - client_id: - description: The secret or configmap containing the OAuth2 - client id - properties: - configMap: - description: ConfigMap containing data to use for the - targets. - properties: - key: - description: The key to select. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the ConfigMap or its - key must be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - secret: - description: Secret containing data to use for the targets. - properties: - key: - description: The key of the secret to select from. Must - be a valid secret key. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the Secret or its key - must be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - type: object - client_secret: - description: The secret containing the OAuth2 client secret - properties: - key: - description: The key of the secret to select from. Must - be a valid secret key. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the Secret or its key must - be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - client_secret_file: - description: ClientSecretFile defines path for client secret - file. - type: string - endpoint_params: - additionalProperties: - type: string - description: Parameters to append to the token URL - type: object - proxy_url: - description: |- - The proxy URL for token_url connection - ( available from v0.55.0). - Is only supported by Scrape objects family - type: string - scopes: - description: OAuth2 scopes used for the token request - items: - type: string - type: array - tls_config: - description: |- - TLSConfig for token_url connection - ( available from v0.55.0). - Is only supported by Scrape objects family - x-kubernetes-preserve-unknown-fields: true - token_url: - description: The URL to fetch the token from - minLength: 1 - type: string - required: - - client_id - - token_url - type: object - partition: - description: Admin Partitions are only supported in Consul Enterprise. - type: string - proxy_client_config: - description: |- - ProxyClientConfig configures proxy auth settings for scraping - See [feature description](https://docs.victoriametrics.com/victoriametrics/vmagent/#scraping-targets-via-a-proxy) - properties: - basic_auth: - description: BasicAuth allow an endpoint to authenticate - over basic authentication - properties: - password: - description: |- - Password defines reference for secret with password value - The secret needs to be in the same namespace as scrape object - properties: - key: - description: The key of the secret to select from. Must - be a valid secret key. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the Secret or its key - must be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - password_file: - description: |- - PasswordFile defines path to password file at disk - must be pre-mounted - type: string - username: - description: |- - Username defines reference for secret with username value - The secret needs to be in the same namespace as scrape object - properties: - key: - description: The key of the secret to select from. Must - be a valid secret key. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the Secret or its key - must be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - type: object - bearer_token: - description: SecretKeySelector selects a key of a Secret. - properties: - key: - description: The key of the secret to select from. Must - be a valid secret key. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the Secret or its key must - be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - bearer_token_file: - type: string - tls_config: - x-kubernetes-preserve-unknown-fields: true - type: object - proxyURL: - description: ProxyURL eg http://proxyserver:2195 Directs scrapes - to proxy through this endpoint. - type: string - scheme: - description: HTTP Scheme default "http" - enum: - - HTTP - - HTTPS - type: string - server: - description: A valid string consisting of a hostname or IP followed - by an optional port number. - minLength: 1 - type: string - services: - description: A list of services for which targets are retrieved. - If omitted, all services are scraped. - items: - type: string - type: array - x-kubernetes-list-type: atomic - tagSeparator: - description: |- - The string by which Consul tags are joined into the tag label. - If unset, use its default value. - type: string - tags: - description: An optional list of tags used to filter nodes for - a given service. Services must contain all tags in the list. - items: - type: string - type: array - x-kubernetes-list-type: atomic - tlsConfig: - description: TLS configuration to use on every scrape request - properties: - ca: - description: Struct containing the CA cert to use for the - targets. - properties: - configMap: - description: ConfigMap containing data to use for the - targets. - properties: - key: - description: The key to select. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the ConfigMap or its - key must be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - secret: - description: Secret containing data to use for the targets. - properties: - key: - description: The key of the secret to select from. Must - be a valid secret key. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the Secret or its key - must be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - type: object - caFile: - description: Path to the CA cert in the container to use - for the targets. - type: string - cert: - description: Struct containing the client cert file for - the targets. - properties: - configMap: - description: ConfigMap containing data to use for the - targets. - properties: - key: - description: The key to select. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the ConfigMap or its - key must be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - secret: - description: Secret containing data to use for the targets. - properties: - key: - description: The key of the secret to select from. Must - be a valid secret key. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the Secret or its key - must be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - type: object - certFile: - description: Path to the client cert file in the container - for the targets. - type: string - insecureSkipVerify: - description: Disable target certificate validation. - type: boolean - keyFile: - description: Path to the client key file in the container - for the targets. - type: string - keySecret: - description: Secret containing the client key file for the - targets. - properties: - key: - description: The key of the secret to select from. Must - be a valid secret key. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the Secret or its key must - be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - serverName: - description: Used to verify the hostname for the targets. - type: string - type: object - tokenRef: - description: Consul ACL TokenRef, if not provided it will use - the ACL from the local Consul Agent. - properties: - key: - description: The key of the secret to select from. Must - be a valid secret key. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the Secret or its key must - be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - required: - - server - type: object - type: array - digitalOceanSDConfigs: - description: DigitalOceanSDConfigs defines a list of DigitalOcean - service discovery configurations. - items: - description: |- - DigitalOceanSDConfig allow retrieving scrape targets from DigitalOcean's Droplets API. - This service discovery uses the public IPv4 address by default, by that can be changed with relabeling. - See [here](https://docs.victoriametrics.com/victoriametrics/sd_configs/#digitalocean_sd_configs) - properties: - authorization: - description: Authorization header to use on every scrape request. - properties: - credentials: - description: Reference to the secret with value for authorization - properties: - key: - description: The key of the secret to select from. Must - be a valid secret key. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the Secret or its key must - be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - credentialsFile: - description: File with value for authorization - type: string - type: - description: Type of authorization, default to bearer - type: string - type: object - followRedirects: - description: Configure whether HTTP requests follow HTTP 3xx - redirects. - type: boolean - oauth2: - description: OAuth2 defines auth configuration - properties: - client_id: - description: The secret or configmap containing the OAuth2 - client id - properties: - configMap: - description: ConfigMap containing data to use for the - targets. - properties: - key: - description: The key to select. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the ConfigMap or its - key must be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - secret: - description: Secret containing data to use for the targets. - properties: - key: - description: The key of the secret to select from. Must - be a valid secret key. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the Secret or its key - must be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - type: object - client_secret: - description: The secret containing the OAuth2 client secret - properties: - key: - description: The key of the secret to select from. Must - be a valid secret key. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the Secret or its key must - be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - client_secret_file: - description: ClientSecretFile defines path for client secret - file. - type: string - endpoint_params: - additionalProperties: - type: string - description: Parameters to append to the token URL - type: object - proxy_url: - description: |- - The proxy URL for token_url connection - ( available from v0.55.0). - Is only supported by Scrape objects family - type: string - scopes: - description: OAuth2 scopes used for the token request - items: - type: string - type: array - tls_config: - description: |- - TLSConfig for token_url connection - ( available from v0.55.0). - Is only supported by Scrape objects family - x-kubernetes-preserve-unknown-fields: true - token_url: - description: The URL to fetch the token from - minLength: 1 - type: string - required: - - client_id - - token_url - type: object - port: - description: The port to scrape metrics from. - type: integer - proxy_client_config: - description: |- - ProxyClientConfig configures proxy auth settings for scraping - See [feature description](https://docs.victoriametrics.com/victoriametrics/vmagent/#scraping-targets-via-a-proxy) - properties: - basic_auth: - description: BasicAuth allow an endpoint to authenticate - over basic authentication - properties: - password: - description: |- - Password defines reference for secret with password value - The secret needs to be in the same namespace as scrape object - properties: - key: - description: The key of the secret to select from. Must - be a valid secret key. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the Secret or its key - must be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - password_file: - description: |- - PasswordFile defines path to password file at disk - must be pre-mounted - type: string - username: - description: |- - Username defines reference for secret with username value - The secret needs to be in the same namespace as scrape object - properties: - key: - description: The key of the secret to select from. Must - be a valid secret key. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the Secret or its key - must be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - type: object - bearer_token: - description: SecretKeySelector selects a key of a Secret. - properties: - key: - description: The key of the secret to select from. Must - be a valid secret key. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the Secret or its key must - be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - bearer_token_file: - type: string - tls_config: - x-kubernetes-preserve-unknown-fields: true - type: object - proxyURL: - description: ProxyURL eg http://proxyserver:2195 Directs scrapes - to proxy through this endpoint. - type: string - tlsConfig: - description: TLS configuration to use on every scrape request - properties: - ca: - description: Struct containing the CA cert to use for the - targets. - properties: - configMap: - description: ConfigMap containing data to use for the - targets. - properties: - key: - description: The key to select. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the ConfigMap or its - key must be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - secret: - description: Secret containing data to use for the targets. - properties: - key: - description: The key of the secret to select from. Must - be a valid secret key. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the Secret or its key - must be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - type: object - caFile: - description: Path to the CA cert in the container to use - for the targets. - type: string - cert: - description: Struct containing the client cert file for - the targets. - properties: - configMap: - description: ConfigMap containing data to use for the - targets. - properties: - key: - description: The key to select. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the ConfigMap or its - key must be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - secret: - description: Secret containing data to use for the targets. - properties: - key: - description: The key of the secret to select from. Must - be a valid secret key. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the Secret or its key - must be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - type: object - certFile: - description: Path to the client cert file in the container - for the targets. - type: string - insecureSkipVerify: - description: Disable target certificate validation. - type: boolean - keyFile: - description: Path to the client key file in the container - for the targets. - type: string - keySecret: - description: Secret containing the client key file for the - targets. - properties: - key: - description: The key of the secret to select from. Must - be a valid secret key. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the Secret or its key must - be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - serverName: - description: Used to verify the hostname for the targets. - type: string - type: object - type: object - type: array - dnsSDConfigs: - description: DNSSDConfigs defines a list of DNS service discovery - configurations. - items: - description: |- - DNSSDConfig allows specifying a set of DNS domain names which are periodically queried to discover a list of targets. - The DNS servers to be contacted are read from /etc/resolv.conf. - See [here](https://docs.victoriametrics.com/victoriametrics/sd_configs/#dns_sd_configs) - properties: - names: - description: A list of DNS domain names to be queried. - items: - type: string - minItems: 1 - type: array - port: - description: |- - The port number used if the query type is not SRV - Ignored for SRV records - type: integer - type: - enum: - - SRV - - A - - AAAA - - MX - type: string - required: - - names - type: object - type: array - ec2SDConfigs: - description: EC2SDConfigs defines a list of EC2 service discovery - configurations. - items: - description: |- - EC2SDConfig allow retrieving scrape targets from AWS EC2 instances. - The private IP address is used by default, but may be changed to the public IP address with relabeling. - The IAM credentials used must have the ec2:DescribeInstances permission to discover scrape targets. - See [here](https://docs.victoriametrics.com/victoriametrics/sd_configs/#ec2_sd_configs) - properties: - accessKey: - description: AccessKey is the AWS API key. - properties: - key: - description: The key of the secret to select from. Must - be a valid secret key. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the Secret or its key must - be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - filters: - description: |- - Filters can be used optionally to filter the instance list by other criteria. - Available filter criteria can be found here: - https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeInstances.html - Filter API documentation: https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_Filter.html - items: - description: EC2Filter is the configuration for filtering - EC2 instances. - properties: - name: - type: string - values: - items: - type: string - type: array - required: - - name - - values - type: object - type: array - port: - description: |- - The port to scrape metrics from. If using the public IP address, this must - instead be specified in the relabeling rule. - type: integer - region: - description: The AWS region - type: string - roleARN: - description: AWS Role ARN, an alternative to using AWS API keys. - type: string - secretKey: - description: SecretKey is the AWS API secret. - properties: - key: - description: The key of the secret to select from. Must - be a valid secret key. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the Secret or its key must - be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - type: object - type: array - fileSDConfigs: - description: FileSDConfigs defines a list of file service discovery - configurations. - items: - description: |- - FileSDConfig defines a file service discovery configuration. - See [here](https://docs.victoriametrics.com/victoriametrics/sd_configs/#file_sd_configs) - properties: - files: - description: List of files to be used for file discovery. - items: - type: string - minItems: 1 - type: array - required: - - files - type: object - type: array - follow_redirects: - description: FollowRedirects controls redirects for scraping. - type: boolean - gceSDConfigs: - description: GCESDConfigs defines a list of GCE service discovery - configurations. - items: - description: |- - GCESDConfig configures scrape targets from GCP GCE instances. - The private IP address is used by default, but may be changed to - the public IP address with relabeling. - See [here](https://docs.victoriametrics.com/victoriametrics/sd_configs/#gce_sd_configs) - - The GCE service discovery will load the Google Cloud credentials - from the file specified by the GOOGLE_APPLICATION_CREDENTIALS environment variable. - See https://cloud.google.com/kubernetes-engine/docs/tutorials/authenticating-to-cloud-platform - properties: - filter: - description: |- - Filter can be used optionally to filter the instance list by other criteria - Syntax of this filter is described in the filter query parameter section: - https://cloud.google.com/compute/docs/reference/latest/instances/list - type: string - port: - description: |- - The port to scrape metrics from. If using the public IP address, this must - instead be specified in the relabeling rule. - type: integer - project: - description: The Google Cloud Project ID - minLength: 1 - type: string - tagSeparator: - description: The tag separator is used to separate the tags - on concatenation - type: string - zone: - description: The zone of the scrape targets. If you need multiple - zones use multiple GCESDConfigs. - x-kubernetes-preserve-unknown-fields: true - required: - - project - - zone - type: object - type: array - honorLabels: - description: HonorLabels chooses the metric's labels on collisions - with target labels. - type: boolean - honorTimestamps: - description: HonorTimestamps controls whether vmagent respects the - timestamps present in scraped data. - type: boolean - httpSDConfigs: - description: HTTPSDConfigs defines a list of HTTP service discovery - configurations. - items: - description: |- - HTTPSDConfig defines a HTTP service discovery configuration. - See [here](https://docs.victoriametrics.com/victoriametrics/sd_configs/#http_sd_configs) - properties: - authorization: - description: Authorization header to use on every scrape request. - properties: - credentials: - description: Reference to the secret with value for authorization - properties: - key: - description: The key of the secret to select from. Must - be a valid secret key. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the Secret or its key must - be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - credentialsFile: - description: File with value for authorization - type: string - type: - description: Type of authorization, default to bearer - type: string - type: object - basicAuth: - description: BasicAuth information to use on every scrape request. - properties: - password: - description: |- - Password defines reference for secret with password value - The secret needs to be in the same namespace as scrape object - properties: - key: - description: The key of the secret to select from. Must - be a valid secret key. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the Secret or its key must - be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - password_file: - description: |- - PasswordFile defines path to password file at disk - must be pre-mounted - type: string - username: - description: |- - Username defines reference for secret with username value - The secret needs to be in the same namespace as scrape object - properties: - key: - description: The key of the secret to select from. Must - be a valid secret key. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the Secret or its key must - be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - type: object - proxy_client_config: - description: |- - ProxyClientConfig configures proxy auth settings for scraping - See [feature description](https://docs.victoriametrics.com/victoriametrics/vmagent/#scraping-targets-via-a-proxy) - properties: - basic_auth: - description: BasicAuth allow an endpoint to authenticate - over basic authentication - properties: - password: - description: |- - Password defines reference for secret with password value - The secret needs to be in the same namespace as scrape object - properties: - key: - description: The key of the secret to select from. Must - be a valid secret key. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the Secret or its key - must be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - password_file: - description: |- - PasswordFile defines path to password file at disk - must be pre-mounted - type: string - username: - description: |- - Username defines reference for secret with username value - The secret needs to be in the same namespace as scrape object - properties: - key: - description: The key of the secret to select from. Must - be a valid secret key. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the Secret or its key - must be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - type: object - bearer_token: - description: SecretKeySelector selects a key of a Secret. - properties: - key: - description: The key of the secret to select from. Must - be a valid secret key. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the Secret or its key must - be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - bearer_token_file: - type: string - tls_config: - x-kubernetes-preserve-unknown-fields: true - type: object - proxyURL: - description: ProxyURL eg http://proxyserver:2195 Directs scrapes - to proxy through this endpoint. - type: string - tlsConfig: - description: TLS configuration to use on every scrape request - properties: - ca: - description: Struct containing the CA cert to use for the - targets. - properties: - configMap: - description: ConfigMap containing data to use for the - targets. - properties: - key: - description: The key to select. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the ConfigMap or its - key must be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - secret: - description: Secret containing data to use for the targets. - properties: - key: - description: The key of the secret to select from. Must - be a valid secret key. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the Secret or its key - must be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - type: object - caFile: - description: Path to the CA cert in the container to use - for the targets. - type: string - cert: - description: Struct containing the client cert file for - the targets. - properties: - configMap: - description: ConfigMap containing data to use for the - targets. - properties: - key: - description: The key to select. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the ConfigMap or its - key must be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - secret: - description: Secret containing data to use for the targets. - properties: - key: - description: The key of the secret to select from. Must - be a valid secret key. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the Secret or its key - must be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - type: object - certFile: - description: Path to the client cert file in the container - for the targets. - type: string - insecureSkipVerify: - description: Disable target certificate validation. - type: boolean - keyFile: - description: Path to the client key file in the container - for the targets. - type: string - keySecret: - description: Secret containing the client key file for the - targets. - properties: - key: - description: The key of the secret to select from. Must - be a valid secret key. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the Secret or its key must - be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - serverName: - description: Used to verify the hostname for the targets. - type: string - type: object - url: - description: URL from which the targets are fetched. - minLength: 1 - pattern: ^http(s)?://.+$ - type: string - required: - - url - type: object - type: array - interval: - description: Interval at which metrics should be scraped - type: string - kubernetesSDConfigs: - description: KubernetesSDConfigs defines a list of Kubernetes service - discovery configurations. - items: - description: |- - KubernetesSDConfig allows retrieving scrape targets from Kubernetes' REST API. - See [here](https://docs.victoriametrics.com/victoriametrics/sd_configs/#kubernetes_sd_configs) - properties: - apiServer: - description: |- - The API server address consisting of a hostname or IP address followed - by an optional port number. - If left empty, assuming process is running inside - of the cluster. It will discover API servers automatically and use the pod's - CA certificate and bearer token file at /var/run/secrets/kubernetes.io/serviceaccount/. - type: string - attach_metadata: - description: AttachMetadata configures metadata attaching from - service discovery - properties: - node: - description: |- - Node instructs vmagent to add node specific metadata from service discovery - Valid for roles: pod, endpoints, endpointslice. - type: boolean - type: object - authorization: - description: Authorization header to use on every scrape request. - properties: - credentials: - description: Reference to the secret with value for authorization - properties: - key: - description: The key of the secret to select from. Must - be a valid secret key. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the Secret or its key must - be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - credentialsFile: - description: File with value for authorization - type: string - type: - description: Type of authorization, default to bearer - type: string - type: object - basicAuth: - description: BasicAuth information to use on every scrape request. - properties: - password: - description: |- - Password defines reference for secret with password value - The secret needs to be in the same namespace as scrape object - properties: - key: - description: The key of the secret to select from. Must - be a valid secret key. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the Secret or its key must - be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - password_file: - description: |- - PasswordFile defines path to password file at disk - must be pre-mounted - type: string - username: - description: |- - Username defines reference for secret with username value - The secret needs to be in the same namespace as scrape object - properties: - key: - description: The key of the secret to select from. Must - be a valid secret key. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the Secret or its key must - be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - type: object - followRedirects: - description: Configure whether HTTP requests follow HTTP 3xx - redirects. - type: boolean - namespaces: - description: Optional namespace discovery. If omitted, discover - targets across all namespaces. - properties: - names: - description: |- - List of namespaces where to watch for resources. - If empty and `ownNamespace` isn't true, watch for resources in all namespaces. - items: - type: string - type: array - ownNamespace: - description: Includes the namespace in which the pod exists - to the list of watched namespaces. - type: boolean - type: object - oauth2: - description: OAuth2 defines auth configuration - properties: - client_id: - description: The secret or configmap containing the OAuth2 - client id - properties: - configMap: - description: ConfigMap containing data to use for the - targets. - properties: - key: - description: The key to select. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the ConfigMap or its - key must be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - secret: - description: Secret containing data to use for the targets. - properties: - key: - description: The key of the secret to select from. Must - be a valid secret key. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the Secret or its key - must be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - type: object - client_secret: - description: The secret containing the OAuth2 client secret - properties: - key: - description: The key of the secret to select from. Must - be a valid secret key. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the Secret or its key must - be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - client_secret_file: - description: ClientSecretFile defines path for client secret - file. - type: string - endpoint_params: - additionalProperties: - type: string - description: Parameters to append to the token URL - type: object - proxy_url: - description: |- - The proxy URL for token_url connection - ( available from v0.55.0). - Is only supported by Scrape objects family - type: string - scopes: - description: OAuth2 scopes used for the token request - items: - type: string - type: array - tls_config: - description: |- - TLSConfig for token_url connection - ( available from v0.55.0). - Is only supported by Scrape objects family - x-kubernetes-preserve-unknown-fields: true - token_url: - description: The URL to fetch the token from - minLength: 1 - type: string - required: - - client_id - - token_url - type: object - proxy_client_config: - description: |- - ProxyClientConfig configures proxy auth settings for scraping - See [feature description](https://docs.victoriametrics.com/victoriametrics/vmagent/#scraping-targets-via-a-proxy) - properties: - basic_auth: - description: BasicAuth allow an endpoint to authenticate - over basic authentication - properties: - password: - description: |- - Password defines reference for secret with password value - The secret needs to be in the same namespace as scrape object - properties: - key: - description: The key of the secret to select from. Must - be a valid secret key. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the Secret or its key - must be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - password_file: - description: |- - PasswordFile defines path to password file at disk - must be pre-mounted - type: string - username: - description: |- - Username defines reference for secret with username value - The secret needs to be in the same namespace as scrape object - properties: - key: - description: The key of the secret to select from. Must - be a valid secret key. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the Secret or its key - must be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - type: object - bearer_token: - description: SecretKeySelector selects a key of a Secret. - properties: - key: - description: The key of the secret to select from. Must - be a valid secret key. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the Secret or its key must - be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - bearer_token_file: - type: string - tls_config: - x-kubernetes-preserve-unknown-fields: true - type: object - proxyURL: - description: ProxyURL eg http://proxyserver:2195 Directs scrapes - to proxy through this endpoint. - type: string - role: - description: Role of the Kubernetes entities that should be - discovered. - type: string - selectors: - description: Selector to select objects. - items: - description: K8SSelectorConfig is Kubernetes Selector Config - properties: - field: - type: string - label: - type: string - role: - type: string - required: - - role - type: object - type: array - x-kubernetes-list-map-keys: - - role - x-kubernetes-list-type: map - tlsConfig: - description: TLS configuration to use on every scrape request - properties: - ca: - description: Struct containing the CA cert to use for the - targets. - properties: - configMap: - description: ConfigMap containing data to use for the - targets. - properties: - key: - description: The key to select. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the ConfigMap or its - key must be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - secret: - description: Secret containing data to use for the targets. - properties: - key: - description: The key of the secret to select from. Must - be a valid secret key. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the Secret or its key - must be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - type: object - caFile: - description: Path to the CA cert in the container to use - for the targets. - type: string - cert: - description: Struct containing the client cert file for - the targets. - properties: - configMap: - description: ConfigMap containing data to use for the - targets. - properties: - key: - description: The key to select. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the ConfigMap or its - key must be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - secret: - description: Secret containing data to use for the targets. - properties: - key: - description: The key of the secret to select from. Must - be a valid secret key. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the Secret or its key - must be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - type: object - certFile: - description: Path to the client cert file in the container - for the targets. - type: string - insecureSkipVerify: - description: Disable target certificate validation. - type: boolean - keyFile: - description: Path to the client key file in the container - for the targets. - type: string - keySecret: - description: Secret containing the client key file for the - targets. - properties: - key: - description: The key of the secret to select from. Must - be a valid secret key. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the Secret or its key must - be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - serverName: - description: Used to verify the hostname for the targets. - type: string - type: object - required: - - role - type: object - type: array - max_scrape_size: - description: MaxScrapeSize defines a maximum size of scraped data - for a job - type: string - metricRelabelConfigs: - description: MetricRelabelConfigs to apply to samples after scrapping. - items: - description: |- - RelabelConfig allows dynamic rewriting of the label set - More info: https://docs.victoriametrics.com/victoriametrics/#relabeling - properties: - action: - description: Action to perform based on regex matching. Default - is 'replace' - type: string - if: - description: 'If represents metricsQL match expression (or list - of expressions): ''{__name__=~"foo_.*"}''' - x-kubernetes-preserve-unknown-fields: true - labels: - additionalProperties: - type: string - description: 'Labels is used together with Match for `action: - graphite`' - type: object - match: - description: 'Match is used together with Labels for `action: - graphite`' - type: string - modulus: - description: Modulus to take of the hash of the source label - values. - format: int64 - type: integer - regex: - description: |- - Regular expression against which the extracted value is matched. Default is '(.*)' - victoriaMetrics supports multiline regex joined with | - https://docs.victoriametrics.com/victoriametrics/vmagent/#relabeling-enhancements - x-kubernetes-preserve-unknown-fields: true - replacement: - description: |- - Replacement value against which a regex replace is performed if the - regular expression matches. Regex capture groups are available. Default is '$1' - type: string - separator: - description: Separator placed between concatenated source label - values. default is ';'. - type: string - source_labels: - description: |- - UnderScoreSourceLabels - additional form of source labels source_labels - for compatibility with original relabel config. - if set both sourceLabels and source_labels, sourceLabels has priority. - for details https://github.com/VictoriaMetrics/operator/issues/131 - items: - type: string - type: array - sourceLabels: - description: |- - The source labels select values from existing labels. Their content is concatenated - using the configured separator and matched against the configured regular expression - for the replace, keep, and drop actions. - items: - type: string - type: array - target_label: - description: |- - UnderScoreTargetLabel - additional form of target label - target_label - for compatibility with original relabel config. - if set both targetLabel and target_label, targetLabel has priority. - for details https://github.com/VictoriaMetrics/operator/issues/131 - type: string - targetLabel: - description: |- - Label to which the resulting value is written in a replace action. - It is mandatory for replace actions. Regex capture groups are available. - type: string - type: object - type: array - oauth2: - description: OAuth2 defines auth configuration - properties: - client_id: - description: The secret or configmap containing the OAuth2 client - id - properties: - configMap: - description: ConfigMap containing data to use for the targets. - properties: - key: - description: The key to select. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the ConfigMap or its key - must be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - secret: - description: Secret containing data to use for the targets. - properties: - key: - description: The key of the secret to select from. Must - be a valid secret key. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the Secret or its key must - be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - type: object - client_secret: - description: The secret containing the OAuth2 client secret - properties: - key: - description: The key of the secret to select from. Must be - a valid secret key. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the Secret or its key must be - defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - client_secret_file: - description: ClientSecretFile defines path for client secret file. - type: string - endpoint_params: - additionalProperties: - type: string - description: Parameters to append to the token URL - type: object - proxy_url: - description: |- - The proxy URL for token_url connection - ( available from v0.55.0). - Is only supported by Scrape objects family - type: string - scopes: - description: OAuth2 scopes used for the token request - items: - type: string - type: array - tls_config: - description: |- - TLSConfig for token_url connection - ( available from v0.55.0). - Is only supported by Scrape objects family - x-kubernetes-preserve-unknown-fields: true - token_url: - description: The URL to fetch the token from - minLength: 1 - type: string - required: - - client_id - - token_url - type: object - openstackSDConfigs: - description: OpenStackSDConfigs defines a list of OpenStack service - discovery configurations. - items: - description: |- - OpenStackSDConfig allow retrieving scrape targets from OpenStack Nova instances. - See [here](https://docs.victoriametrics.com/victoriametrics/sd_configs/#openstack_sd_configs) - properties: - allTenants: - description: |- - Whether the service discovery should list all instances for all projects. - It is only relevant for the 'instance' role and usually requires admin permissions. - type: boolean - applicationCredentialId: - description: ApplicationCredentialID - type: string - applicationCredentialName: - description: |- - The ApplicationCredentialID or ApplicationCredentialName fields are - required if using an application credential to authenticate. Some providers - allow you to create an application credential to authenticate rather than a - password. - type: string - applicationCredentialSecret: - description: |- - The applicationCredentialSecret field is required if using an application - credential to authenticate. - properties: - key: - description: The key of the secret to select from. Must - be a valid secret key. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the Secret or its key must - be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - availability: - description: Availability of the endpoint to connect to. - enum: - - Public - - public - - Admin - - admin - - Internal - - internal - type: string - domainID: - description: DomainID - type: string - domainName: - description: |- - At most one of domainId and domainName must be provided if using username - with Identity V3. Otherwise, either are optional. - type: string - identityEndpoint: - description: |- - IdentityEndpoint specifies the HTTP endpoint that is required to work with - the Identity API of the appropriate version. - type: string - password: - description: |- - Password for the Identity V2 and V3 APIs. Consult with your provider's - control panel to discover your account's preferred method of authentication. - properties: - key: - description: The key of the secret to select from. Must - be a valid secret key. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the Secret or its key must - be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - port: - description: |- - The port to scrape metrics from. If using the public IP address, this must - instead be specified in the relabeling rule. - type: integer - projectID: - description: ' ProjectID' - type: string - projectName: - description: |- - The ProjectId and ProjectName fields are optional for the Identity V2 API. - Some providers allow you to specify a ProjectName instead of the ProjectId. - Some require both. Your provider's authentication policies will determine - how these fields influence authentication. - type: string - region: - description: The OpenStack Region. - minLength: 1 - type: string - role: - description: The OpenStack role of entities that should be discovered. - enum: - - Instance - - instance - - Hypervisor - - hypervisor - type: string - tlsConfig: - description: TLS configuration to use on every scrape request - properties: - ca: - description: Struct containing the CA cert to use for the - targets. - properties: - configMap: - description: ConfigMap containing data to use for the - targets. - properties: - key: - description: The key to select. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the ConfigMap or its - key must be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - secret: - description: Secret containing data to use for the targets. - properties: - key: - description: The key of the secret to select from. Must - be a valid secret key. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the Secret or its key - must be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - type: object - caFile: - description: Path to the CA cert in the container to use - for the targets. - type: string - cert: - description: Struct containing the client cert file for - the targets. - properties: - configMap: - description: ConfigMap containing data to use for the - targets. - properties: - key: - description: The key to select. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the ConfigMap or its - key must be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - secret: - description: Secret containing data to use for the targets. - properties: - key: - description: The key of the secret to select from. Must - be a valid secret key. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the Secret or its key - must be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - type: object - certFile: - description: Path to the client cert file in the container - for the targets. - type: string - insecureSkipVerify: - description: Disable target certificate validation. - type: boolean - keyFile: - description: Path to the client key file in the container - for the targets. - type: string - keySecret: - description: Secret containing the client key file for the - targets. - properties: - key: - description: The key of the secret to select from. Must - be a valid secret key. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the Secret or its key must - be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - serverName: - description: Used to verify the hostname for the targets. - type: string - type: object - userid: - description: UserID - type: string - username: - description: |- - Username is required if using Identity V2 API. Consult with your provider's - control panel to discover your account's username. - In Identity V3, either userid or a combination of username - and domainId or domainName are needed - type: string - required: - - region - - role - type: object - type: array - params: - additionalProperties: - items: - type: string - type: array - description: Optional HTTP URL parameters - type: object - path: - description: HTTP path to scrape for metrics. - type: string - proxyURL: - description: ProxyURL eg http://proxyserver:2195 Directs scrapes to - proxy through this endpoint. - type: string - relabelConfigs: - description: RelabelConfigs to apply to samples during service discovery. - items: - description: |- - RelabelConfig allows dynamic rewriting of the label set - More info: https://docs.victoriametrics.com/victoriametrics/#relabeling - properties: - action: - description: Action to perform based on regex matching. Default - is 'replace' - type: string - if: - description: 'If represents metricsQL match expression (or list - of expressions): ''{__name__=~"foo_.*"}''' - x-kubernetes-preserve-unknown-fields: true - labels: - additionalProperties: - type: string - description: 'Labels is used together with Match for `action: - graphite`' - type: object - match: - description: 'Match is used together with Labels for `action: - graphite`' - type: string - modulus: - description: Modulus to take of the hash of the source label - values. - format: int64 - type: integer - regex: - description: |- - Regular expression against which the extracted value is matched. Default is '(.*)' - victoriaMetrics supports multiline regex joined with | - https://docs.victoriametrics.com/victoriametrics/vmagent/#relabeling-enhancements - x-kubernetes-preserve-unknown-fields: true - replacement: - description: |- - Replacement value against which a regex replace is performed if the - regular expression matches. Regex capture groups are available. Default is '$1' - type: string - separator: - description: Separator placed between concatenated source label - values. default is ';'. - type: string - source_labels: - description: |- - UnderScoreSourceLabels - additional form of source labels source_labels - for compatibility with original relabel config. - if set both sourceLabels and source_labels, sourceLabels has priority. - for details https://github.com/VictoriaMetrics/operator/issues/131 - items: - type: string - type: array - sourceLabels: - description: |- - The source labels select values from existing labels. Their content is concatenated - using the configured separator and matched against the configured regular expression - for the replace, keep, and drop actions. - items: - type: string - type: array - target_label: - description: |- - UnderScoreTargetLabel - additional form of target label - target_label - for compatibility with original relabel config. - if set both targetLabel and target_label, targetLabel has priority. - for details https://github.com/VictoriaMetrics/operator/issues/131 - type: string - targetLabel: - description: |- - Label to which the resulting value is written in a replace action. - It is mandatory for replace actions. Regex capture groups are available. - type: string - type: object - type: array - sampleLimit: - description: SampleLimit defines per-scrape limit on number of scraped - samples that will be accepted. - format: int64 - type: integer - scheme: - description: HTTP scheme to use for scraping. - enum: - - http - - https - - HTTPS - - HTTP - type: string - scrape_interval: - description: |- - ScrapeInterval is the same as Interval and has priority over it. - one of scrape_interval or interval can be used - type: string - scrapeTimeout: - description: Timeout after which the scrape is ended - type: string - seriesLimit: - description: |- - SeriesLimit defines per-scrape limit on number of unique time series - a single target can expose during all the scrapes on the time window of 24h. - format: int64 - type: integer - staticConfigs: - description: StaticConfigs defines a list of static targets with a - common label set. - items: - description: |- - StaticConfig defines a static configuration. - See [here](https://docs.victoriametrics.com/victoriametrics/sd_configs/#static_configs) - properties: - labels: - additionalProperties: - type: string - description: Labels assigned to all metrics scraped from the - targets. - type: object - x-kubernetes-map-type: atomic - targets: - description: List of targets for this static configuration. - items: - type: string - type: array - type: object - type: array - tlsConfig: - description: TLSConfig configuration to use when scraping the endpoint - properties: - ca: - description: Struct containing the CA cert to use for the targets. - properties: - configMap: - description: ConfigMap containing data to use for the targets. - properties: - key: - description: The key to select. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the ConfigMap or its key - must be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - secret: - description: Secret containing data to use for the targets. - properties: - key: - description: The key of the secret to select from. Must - be a valid secret key. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the Secret or its key must - be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - type: object - caFile: - description: Path to the CA cert in the container to use for the - targets. - type: string - cert: - description: Struct containing the client cert file for the targets. - properties: - configMap: - description: ConfigMap containing data to use for the targets. - properties: - key: - description: The key to select. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the ConfigMap or its key - must be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - secret: - description: Secret containing data to use for the targets. - properties: - key: - description: The key of the secret to select from. Must - be a valid secret key. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the Secret or its key must - be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - type: object - certFile: - description: Path to the client cert file in the container for - the targets. - type: string - insecureSkipVerify: - description: Disable target certificate validation. - type: boolean - keyFile: - description: Path to the client key file in the container for - the targets. - type: string - keySecret: - description: Secret containing the client key file for the targets. - properties: - key: - description: The key of the secret to select from. Must be - a valid secret key. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the Secret or its key must be - defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - serverName: - description: Used to verify the hostname for the targets. - type: string - type: object - vm_scrape_params: - description: VMScrapeParams defines VictoriaMetrics specific scrape - parameters - properties: - disable_compression: - description: DisableCompression - type: boolean - disable_keep_alive: - description: |- - disable_keepalive allows disabling HTTP keep-alive when scraping targets. - By default, HTTP keep-alive is enabled, so TCP connections to scrape targets - could be reused. - See https://docs.victoriametrics.com/victoriametrics/vmagent/#scrape_config-enhancements - type: boolean - headers: - description: |- - Headers allows sending custom headers to scrape targets - must be in of semicolon separated header with it's value - eg: - headerName: headerValue - vmagent supports since 1.79.0 version - items: - type: string - type: array - no_stale_markers: - type: boolean - proxy_client_config: - description: |- - ProxyClientConfig configures proxy auth settings for scraping - See feature description https://docs.victoriametrics.com/victoriametrics/vmagent/#scraping-targets-via-a-proxy - properties: - basic_auth: - description: BasicAuth allow an endpoint to authenticate over - basic authentication - properties: - password: - description: |- - Password defines reference for secret with password value - The secret needs to be in the same namespace as scrape object - properties: - key: - description: The key of the secret to select from. Must - be a valid secret key. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the Secret or its key - must be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - password_file: - description: |- - PasswordFile defines path to password file at disk - must be pre-mounted - type: string - username: - description: |- - Username defines reference for secret with username value - The secret needs to be in the same namespace as scrape object - properties: - key: - description: The key of the secret to select from. Must - be a valid secret key. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the Secret or its key - must be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - type: object - bearer_token: - description: SecretKeySelector selects a key of a Secret. - properties: - key: - description: The key of the secret to select from. Must - be a valid secret key. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the Secret or its key must - be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - bearer_token_file: - type: string - tls_config: - x-kubernetes-preserve-unknown-fields: true - type: object - scrape_align_interval: - type: string - scrape_offset: - type: string - stream_parse: - type: boolean - type: object + name: Sync Error + type: string + name: v1beta1 + schema: + openAPIV3Schema: + description: VMScrapeConfig specifies a set of targets and parameters describing + how to scrape them. + properties: + apiVersion: + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + type: string + kind: + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + type: string + metadata: type: object + spec: + description: VMScrapeConfigSpec defines the desired state of VMScrapeConfig + type: object + x-kubernetes-preserve-unknown-fields: true status: description: ScrapeObjectStatus defines the observed state of ScrapeObjects properties: @@ -35017,885 +2362,10 @@ spec: type: object spec: description: VMServiceScrapeSpec defines the desired state of VMServiceScrape - properties: - attach_metadata: - description: AttachMetadata configures metadata attaching from service - discovery - properties: - node: - description: |- - Node instructs vmagent to add node specific metadata from service discovery - Valid for roles: pod, endpoints, endpointslice. - type: boolean - type: object - discoveryRole: - description: |- - DiscoveryRole - defines kubernetes_sd role for objects discovery. - by default, its endpoints. - can be changed to service or endpointslices. - note, that with service setting, you have to use port: "name" - and cannot use targetPort for endpoints. - enum: - - endpoints - - service - - endpointslices - type: string - endpoints: - description: A list of endpoints allowed as part of this ServiceScrape. - items: - description: Endpoint defines a scrapeable endpoint serving metrics. - properties: - attach_metadata: - description: AttachMetadata configures metadata attaching from - service discovery - properties: - node: - description: |- - Node instructs vmagent to add node specific metadata from service discovery - Valid for roles: pod, endpoints, endpointslice. - type: boolean - type: object - authorization: - description: Authorization with http header Authorization - properties: - credentials: - description: Reference to the secret with value for authorization - properties: - key: - description: The key of the secret to select from. Must - be a valid secret key. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the Secret or its key must - be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - credentialsFile: - description: File with value for authorization - type: string - type: - description: Type of authorization, default to bearer - type: string - type: object - basicAuth: - description: BasicAuth allow an endpoint to authenticate over - basic authentication - properties: - password: - description: |- - Password defines reference for secret with password value - The secret needs to be in the same namespace as scrape object - properties: - key: - description: The key of the secret to select from. Must - be a valid secret key. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the Secret or its key must - be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - password_file: - description: |- - PasswordFile defines path to password file at disk - must be pre-mounted - type: string - username: - description: |- - Username defines reference for secret with username value - The secret needs to be in the same namespace as scrape object - properties: - key: - description: The key of the secret to select from. Must - be a valid secret key. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the Secret or its key must - be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - type: object - bearerTokenFile: - description: File to read bearer token for scraping targets. - type: string - bearerTokenSecret: - description: |- - Secret to mount to read bearer token for scraping targets. The secret - needs to be in the same namespace as the scrape object and accessible by - the victoria-metrics operator. - nullable: true - properties: - key: - description: The key of the secret to select from. Must - be a valid secret key. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the Secret or its key must - be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - follow_redirects: - description: FollowRedirects controls redirects for scraping. - type: boolean - honorLabels: - description: HonorLabels chooses the metric's labels on collisions - with target labels. - type: boolean - honorTimestamps: - description: HonorTimestamps controls whether vmagent respects - the timestamps present in scraped data. - type: boolean - interval: - description: Interval at which metrics should be scraped - type: string - max_scrape_size: - description: MaxScrapeSize defines a maximum size of scraped - data for a job - type: string - metricRelabelConfigs: - description: MetricRelabelConfigs to apply to samples after - scrapping. - items: - description: |- - RelabelConfig allows dynamic rewriting of the label set - More info: https://docs.victoriametrics.com/victoriametrics/#relabeling - properties: - action: - description: Action to perform based on regex matching. - Default is 'replace' - type: string - if: - description: 'If represents metricsQL match expression - (or list of expressions): ''{__name__=~"foo_.*"}''' - x-kubernetes-preserve-unknown-fields: true - labels: - additionalProperties: - type: string - description: 'Labels is used together with Match for `action: - graphite`' - type: object - match: - description: 'Match is used together with Labels for `action: - graphite`' - type: string - modulus: - description: Modulus to take of the hash of the source - label values. - format: int64 - type: integer - regex: - description: |- - Regular expression against which the extracted value is matched. Default is '(.*)' - victoriaMetrics supports multiline regex joined with | - https://docs.victoriametrics.com/victoriametrics/vmagent/#relabeling-enhancements - x-kubernetes-preserve-unknown-fields: true - replacement: - description: |- - Replacement value against which a regex replace is performed if the - regular expression matches. Regex capture groups are available. Default is '$1' - type: string - separator: - description: Separator placed between concatenated source - label values. default is ';'. - type: string - source_labels: - description: |- - UnderScoreSourceLabels - additional form of source labels source_labels - for compatibility with original relabel config. - if set both sourceLabels and source_labels, sourceLabels has priority. - for details https://github.com/VictoriaMetrics/operator/issues/131 - items: - type: string - type: array - sourceLabels: - description: |- - The source labels select values from existing labels. Their content is concatenated - using the configured separator and matched against the configured regular expression - for the replace, keep, and drop actions. - items: - type: string - type: array - target_label: - description: |- - UnderScoreTargetLabel - additional form of target label - target_label - for compatibility with original relabel config. - if set both targetLabel and target_label, targetLabel has priority. - for details https://github.com/VictoriaMetrics/operator/issues/131 - type: string - targetLabel: - description: |- - Label to which the resulting value is written in a replace action. - It is mandatory for replace actions. Regex capture groups are available. - type: string - type: object - type: array - oauth2: - description: OAuth2 defines auth configuration - properties: - client_id: - description: The secret or configmap containing the OAuth2 - client id - properties: - configMap: - description: ConfigMap containing data to use for the - targets. - properties: - key: - description: The key to select. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the ConfigMap or its - key must be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - secret: - description: Secret containing data to use for the targets. - properties: - key: - description: The key of the secret to select from. Must - be a valid secret key. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the Secret or its key - must be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - type: object - client_secret: - description: The secret containing the OAuth2 client secret - properties: - key: - description: The key of the secret to select from. Must - be a valid secret key. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the Secret or its key must - be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - client_secret_file: - description: ClientSecretFile defines path for client secret - file. - type: string - endpoint_params: - additionalProperties: - type: string - description: Parameters to append to the token URL - type: object - proxy_url: - description: |- - The proxy URL for token_url connection - ( available from v0.55.0). - Is only supported by Scrape objects family - type: string - scopes: - description: OAuth2 scopes used for the token request - items: - type: string - type: array - tls_config: - description: |- - TLSConfig for token_url connection - ( available from v0.55.0). - Is only supported by Scrape objects family - x-kubernetes-preserve-unknown-fields: true - token_url: - description: The URL to fetch the token from - minLength: 1 - type: string - required: - - client_id - - token_url - type: object - params: - additionalProperties: - items: - type: string - type: array - description: Optional HTTP URL parameters - type: object - path: - description: HTTP path to scrape for metrics. - type: string - port: - description: Name of the port exposed at Service. - type: string - proxyURL: - description: ProxyURL eg http://proxyserver:2195 Directs scrapes - to proxy through this endpoint. - type: string - relabelConfigs: - description: RelabelConfigs to apply to samples during service - discovery. - items: - description: |- - RelabelConfig allows dynamic rewriting of the label set - More info: https://docs.victoriametrics.com/victoriametrics/#relabeling - properties: - action: - description: Action to perform based on regex matching. - Default is 'replace' - type: string - if: - description: 'If represents metricsQL match expression - (or list of expressions): ''{__name__=~"foo_.*"}''' - x-kubernetes-preserve-unknown-fields: true - labels: - additionalProperties: - type: string - description: 'Labels is used together with Match for `action: - graphite`' - type: object - match: - description: 'Match is used together with Labels for `action: - graphite`' - type: string - modulus: - description: Modulus to take of the hash of the source - label values. - format: int64 - type: integer - regex: - description: |- - Regular expression against which the extracted value is matched. Default is '(.*)' - victoriaMetrics supports multiline regex joined with | - https://docs.victoriametrics.com/victoriametrics/vmagent/#relabeling-enhancements - x-kubernetes-preserve-unknown-fields: true - replacement: - description: |- - Replacement value against which a regex replace is performed if the - regular expression matches. Regex capture groups are available. Default is '$1' - type: string - separator: - description: Separator placed between concatenated source - label values. default is ';'. - type: string - source_labels: - description: |- - UnderScoreSourceLabels - additional form of source labels source_labels - for compatibility with original relabel config. - if set both sourceLabels and source_labels, sourceLabels has priority. - for details https://github.com/VictoriaMetrics/operator/issues/131 - items: - type: string - type: array - sourceLabels: - description: |- - The source labels select values from existing labels. Their content is concatenated - using the configured separator and matched against the configured regular expression - for the replace, keep, and drop actions. - items: - type: string - type: array - target_label: - description: |- - UnderScoreTargetLabel - additional form of target label - target_label - for compatibility with original relabel config. - if set both targetLabel and target_label, targetLabel has priority. - for details https://github.com/VictoriaMetrics/operator/issues/131 - type: string - targetLabel: - description: |- - Label to which the resulting value is written in a replace action. - It is mandatory for replace actions. Regex capture groups are available. - type: string - type: object - type: array - sampleLimit: - description: SampleLimit defines per-scrape limit on number - of scraped samples that will be accepted. - format: int64 - type: integer - scheme: - description: HTTP scheme to use for scraping. - enum: - - http - - https - - HTTPS - - HTTP - type: string - scrape_interval: - description: |- - ScrapeInterval is the same as Interval and has priority over it. - one of scrape_interval or interval can be used - type: string - scrapeTimeout: - description: Timeout after which the scrape is ended - type: string - seriesLimit: - description: |- - SeriesLimit defines per-scrape limit on number of unique time series - a single target can expose during all the scrapes on the time window of 24h. - format: int64 - type: integer - targetPort: - anyOf: - - type: integer - - type: string - description: |- - TargetPort - Name or number of the pod port this endpoint refers to. Mutually exclusive with port. - x-kubernetes-int-or-string: true - tlsConfig: - description: TLSConfig configuration to use when scraping the - endpoint - properties: - ca: - description: Struct containing the CA cert to use for the - targets. - properties: - configMap: - description: ConfigMap containing data to use for the - targets. - properties: - key: - description: The key to select. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the ConfigMap or its - key must be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - secret: - description: Secret containing data to use for the targets. - properties: - key: - description: The key of the secret to select from. Must - be a valid secret key. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the Secret or its key - must be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - type: object - caFile: - description: Path to the CA cert in the container to use - for the targets. - type: string - cert: - description: Struct containing the client cert file for - the targets. - properties: - configMap: - description: ConfigMap containing data to use for the - targets. - properties: - key: - description: The key to select. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the ConfigMap or its - key must be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - secret: - description: Secret containing data to use for the targets. - properties: - key: - description: The key of the secret to select from. Must - be a valid secret key. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the Secret or its key - must be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - type: object - certFile: - description: Path to the client cert file in the container - for the targets. - type: string - insecureSkipVerify: - description: Disable target certificate validation. - type: boolean - keyFile: - description: Path to the client key file in the container - for the targets. - type: string - keySecret: - description: Secret containing the client key file for the - targets. - properties: - key: - description: The key of the secret to select from. Must - be a valid secret key. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the Secret or its key must - be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - serverName: - description: Used to verify the hostname for the targets. - type: string - type: object - vm_scrape_params: - description: VMScrapeParams defines VictoriaMetrics specific - scrape parameters - properties: - disable_compression: - description: DisableCompression - type: boolean - disable_keep_alive: - description: |- - disable_keepalive allows disabling HTTP keep-alive when scraping targets. - By default, HTTP keep-alive is enabled, so TCP connections to scrape targets - could be reused. - See https://docs.victoriametrics.com/victoriametrics/vmagent/#scrape_config-enhancements - type: boolean - headers: - description: |- - Headers allows sending custom headers to scrape targets - must be in of semicolon separated header with it's value - eg: - headerName: headerValue - vmagent supports since 1.79.0 version - items: - type: string - type: array - no_stale_markers: - type: boolean - proxy_client_config: - description: |- - ProxyClientConfig configures proxy auth settings for scraping - See feature description https://docs.victoriametrics.com/victoriametrics/vmagent/#scraping-targets-via-a-proxy - properties: - basic_auth: - description: BasicAuth allow an endpoint to authenticate - over basic authentication - properties: - password: - description: |- - Password defines reference for secret with password value - The secret needs to be in the same namespace as scrape object - properties: - key: - description: The key of the secret to select - from. Must be a valid secret key. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the Secret or its - key must be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - password_file: - description: |- - PasswordFile defines path to password file at disk - must be pre-mounted - type: string - username: - description: |- - Username defines reference for secret with username value - The secret needs to be in the same namespace as scrape object - properties: - key: - description: The key of the secret to select - from. Must be a valid secret key. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the Secret or its - key must be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - type: object - bearer_token: - description: SecretKeySelector selects a key of a Secret. - properties: - key: - description: The key of the secret to select from. Must - be a valid secret key. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the Secret or its key - must be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - bearer_token_file: - type: string - tls_config: - x-kubernetes-preserve-unknown-fields: true - type: object - scrape_align_interval: - type: string - scrape_offset: - type: string - stream_parse: - type: boolean - type: object - type: object - type: array - jobLabel: - description: The label to use to retrieve the job name from. - type: string - namespaceSelector: - description: Selector to select which namespaces the Endpoints objects - are discovered from. - properties: - any: - description: |- - Boolean describing whether all namespaces are selected in contrast to a - list restricting them. - type: boolean - matchNames: - description: List of namespace names. - items: - type: string - type: array - type: object - podTargetLabels: - description: PodTargetLabels transfers labels on the Kubernetes Pod - onto the target. - items: - type: string - type: array - sampleLimit: - description: SampleLimit defines per-scrape limit on number of scraped - samples that will be accepted. - format: int64 - type: integer - selector: - description: Selector to select Endpoints objects by corresponding - Service labels. - properties: - matchExpressions: - description: matchExpressions is a list of label selector requirements. - The requirements are ANDed. - items: - description: |- - A label selector requirement is a selector that contains values, a key, and an operator that - relates the key and values. - properties: - key: - description: key is the label key that the selector applies - to. - type: string - operator: - description: |- - operator represents a key's relationship to a set of values. - Valid operators are In, NotIn, Exists and DoesNotExist. - type: string - values: - description: |- - values is an array of string values. If the operator is In or NotIn, - the values array must be non-empty. If the operator is Exists or DoesNotExist, - the values array must be empty. This array is replaced during a strategic - merge patch. - items: - type: string - type: array - x-kubernetes-list-type: atomic - required: - - key - - operator - type: object - type: array - x-kubernetes-list-type: atomic - matchLabels: - additionalProperties: - type: string - description: |- - matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels - map is equivalent to an element of matchExpressions, whose key field is "key", the - operator is "In", and the values array contains only "value". The requirements are ANDed. - type: object - type: object - x-kubernetes-map-type: atomic - seriesLimit: - description: |- - SeriesLimit defines per-scrape limit on number of unique time series - a single target can expose during all the scrapes on the time window of 24h. - format: int64 - type: integer - targetLabels: - description: TargetLabels transfers labels on the Kubernetes Service - onto the target. - items: - type: string - type: array required: - endpoints type: object + x-kubernetes-preserve-unknown-fields: true status: description: ScrapeObjectStatus defines the observed state of ScrapeObjects properties: @@ -36030,1768 +2500,8 @@ spec: type: object spec: description: VMSingleSpec defines the desired state of VMSingle - properties: - affinity: - description: Affinity If specified, the pod's scheduling constraints. - type: object - x-kubernetes-preserve-unknown-fields: true - configMaps: - description: |- - ConfigMaps is a list of ConfigMaps in the same namespace as the Application - object, which shall be mounted into the Application container - at /etc/vm/configs/CONFIGMAP_NAME folder - items: - type: string - type: array - containers: - description: |- - Containers property allows to inject additions sidecars or to patch existing containers. - It can be useful for proxies, backup, etc. - items: - description: A single application container that you want to run - within a pod. - required: - - name - type: object - x-kubernetes-preserve-unknown-fields: true - type: array - disableAutomountServiceAccountToken: - description: |- - DisableAutomountServiceAccountToken whether to disable serviceAccount auto mount by Kubernetes (available from v0.54.0). - Operator will conditionally create volumes and volumeMounts for containers if it requires k8s API access. - For example, vmagent and vm-config-reloader requires k8s API access. - Operator creates volumes with name: "kube-api-access", which can be used as volumeMount for extraContainers if needed. - And also adds VolumeMounts at /var/run/secrets/kubernetes.io/serviceaccount. - type: boolean - disableSelfServiceScrape: - description: |- - DisableSelfServiceScrape controls creation of VMServiceScrape by operator - for the application. - Has priority over `VM_DISABLESELFSERVICESCRAPECREATION` operator env variable - type: boolean - dnsConfig: - description: |- - Specifies the DNS parameters of a pod. - Parameters specified here will be merged to the generated DNS - configuration based on DNSPolicy. - items: - x-kubernetes-preserve-unknown-fields: true - properties: - nameservers: - description: |- - A list of DNS name server IP addresses. - This will be appended to the base nameservers generated from DNSPolicy. - Duplicated nameservers will be removed. - items: - type: string - type: array - x-kubernetes-list-type: atomic - options: - description: |- - A list of DNS resolver options. - This will be merged with the base options generated from DNSPolicy. - Duplicated entries will be removed. Resolution options given in Options - will override those that appear in the base DNSPolicy. - items: - description: PodDNSConfigOption defines DNS resolver options - of a pod. - properties: - name: - description: |- - Name is this DNS resolver option's name. - Required. - type: string - value: - description: Value is this DNS resolver option's value. - type: string - type: object - type: array - x-kubernetes-list-type: atomic - searches: - description: |- - A list of DNS search domains for host-name lookup. - This will be appended to the base search paths generated from DNSPolicy. - Duplicated search paths will be removed. - items: - type: string - type: array - x-kubernetes-list-type: atomic - type: object - dnsPolicy: - description: DNSPolicy sets DNS policy for the pod - type: string - extraArgs: - additionalProperties: - type: string - description: |- - ExtraArgs that will be passed to the application container - for example remoteWrite.tmpDataPath: /tmp - type: object - extraEnvs: - description: ExtraEnvs that will be passed to the application container - items: - description: EnvVar represents an environment variable present in - a Container. - properties: - name: - description: Name of the environment variable. Must be a C_IDENTIFIER. - type: string - value: - description: |- - Variable references $(VAR_NAME) are expanded - using the previously defined environment variables in the container and - any service environment variables. If a variable cannot be resolved, - the reference in the input string will be unchanged. Double $$ are reduced - to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. - "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". - Escaped references will never be expanded, regardless of whether the variable - exists or not. - Defaults to "". - type: string - required: - - name - type: object - x-kubernetes-preserve-unknown-fields: true - type: array - extraEnvsFrom: - description: |- - ExtraEnvsFrom defines source of env variables for the application container - could either be secret or configmap - items: - description: EnvFromSource represents the source of a set of ConfigMaps - properties: - configMapRef: - description: The ConfigMap to select from - properties: - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the ConfigMap must be defined - type: boolean - type: object - x-kubernetes-map-type: atomic - prefix: - description: An optional identifier to prepend to each key in - the ConfigMap. Must be a C_IDENTIFIER. - type: string - secretRef: - description: The Secret to select from - properties: - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the Secret must be defined - type: boolean - type: object - x-kubernetes-map-type: atomic - type: object - type: array - host_aliases: - description: |- - HostAliasesUnderScore provides mapping for ip and hostname, - that would be propagated to pod, - cannot be used with HostNetwork. - Has Priority over hostAliases field - items: - description: |- - HostAlias holds the mapping between IP and hostnames that will be injected as an entry in the - pod's hosts file. - properties: - hostnames: - description: Hostnames for the above IP address. - items: - type: string - type: array - x-kubernetes-list-type: atomic - ip: - description: IP address of the host file entry. - type: string - required: - - ip - type: object - type: array - hostAliases: - description: |- - HostAliases provides mapping for ip and hostname, - that would be propagated to pod, - cannot be used with HostNetwork. - items: - description: |- - HostAlias holds the mapping between IP and hostnames that will be injected as an entry in the - pod's hosts file. - properties: - hostnames: - description: Hostnames for the above IP address. - items: - type: string - type: array - x-kubernetes-list-type: atomic - ip: - description: IP address of the host file entry. - type: string - required: - - ip - type: object - type: array - hostNetwork: - description: HostNetwork controls whether the pod may use the node - network namespace - type: boolean - image: - description: |- - Image - docker image settings - if no specified operator uses default version from operator config - properties: - pullPolicy: - description: PullPolicy describes how to pull docker image - type: string - repository: - description: Repository contains name of docker image + it's repository - if needed - type: string - tag: - description: Tag contains desired docker image version - type: string - type: object - imagePullSecrets: - description: |- - ImagePullSecrets An optional list of references to secrets in the same namespace - to use for pulling images from registries - see https://kubernetes.io/docs/concepts/containers/images/#referring-to-an-imagepullsecrets-on-a-pod - items: - description: |- - LocalObjectReference contains enough information to let you locate the - referenced object inside the same namespace. - properties: - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - type: object - x-kubernetes-map-type: atomic - type: array - initContainers: - description: |- - InitContainers allows adding initContainers to the pod definition. - Any errors during the execution of an initContainer will lead to a restart of the Pod. - More info: https://kubernetes.io/docs/concepts/workloads/pods/init-containers/ - items: - description: A single application container that you want to run - within a pod. - required: - - name - type: object - x-kubernetes-preserve-unknown-fields: true - type: array - insertPorts: - description: InsertPorts - additional listen ports for data ingestion. - properties: - graphitePort: - description: GraphitePort listen port - type: string - influxPort: - description: InfluxPort listen port - type: string - openTSDBHTTPPort: - description: OpenTSDBHTTPPort for http connections. - type: string - openTSDBPort: - description: OpenTSDBPort for tcp and udp listen - type: string - type: object - license: - description: |- - License allows to configure license key to be used for enterprise features. - Using license key is supported starting from VictoriaMetrics v1.94.0. - See [here](https://docs.victoriametrics.com/victoriametrics/enterprise/) - properties: - forceOffline: - description: Enforce offline verification of the license key. - type: boolean - key: - description: |- - Enterprise license key. This flag is available only in [VictoriaMetrics enterprise](https://docs.victoriametrics.com/victoriametrics/enterprise/). - To request a trial license, [go to](https://victoriametrics.com/products/enterprise/trial) - type: string - keyRef: - description: KeyRef is reference to secret with license key for - enterprise features. - properties: - key: - description: The key of the secret to select from. Must be - a valid secret key. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the Secret or its key must be - defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - reloadInterval: - description: Interval to be used for checking for license key - changes. Note that this is only applicable when using KeyRef. - type: string - type: object - livenessProbe: - description: LivenessProbe that will be added CRD pod - type: object - x-kubernetes-preserve-unknown-fields: true - logFormat: - description: LogFormat for VMSingle to be configured with. - enum: - - default - - json - type: string - logLevel: - description: LogLevel for victoria metrics single to be configured - with. - enum: - - INFO - - WARN - - ERROR - - FATAL - - PANIC - type: string - managedMetadata: - description: |- - ManagedMetadata defines metadata that will be added to the all objects - created by operator for the given CustomResource - properties: - annotations: - additionalProperties: - type: string - description: |- - Annotations is an unstructured key value map stored with a resource that may be - set by external tools to store and retrieve arbitrary metadata. They are not - queryable and should be preserved when modifying objects. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations - type: object - labels: - additionalProperties: - type: string - description: |- - Labels Map of string keys and values that can be used to organize and categorize - (scope and select) objects. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels - type: object - type: object - minReadySeconds: - description: |- - MinReadySeconds defines a minimum number of seconds to wait before starting update next pod - if previous in healthy state - Has no effect for VLogs and VMSingle - format: int32 - type: integer - nodeSelector: - additionalProperties: - type: string - description: NodeSelector Define which Nodes the Pods are scheduled - on. - type: object - paused: - description: |- - Paused If set to true all actions on the underlying managed objects are not - going to be performed, except for delete actions. - type: boolean - podMetadata: - description: PodMetadata configures Labels and Annotations which are - propagated to the VMSingle pods. - properties: - annotations: - additionalProperties: - type: string - description: |- - Annotations is an unstructured key value map stored with a resource that may be - set by external tools to store and retrieve arbitrary metadata. They are not - queryable and should be preserved when modifying objects. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations - type: object - labels: - additionalProperties: - type: string - description: |- - Labels Map of string keys and values that can be used to organize and categorize - (scope and select) objects. May match selectors of replication controllers - and services. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels - type: object - name: - description: |- - Name must be unique within a namespace. Is required when creating resources, although - some resources may allow a client to request the generation of an appropriate name - automatically. Name is primarily intended for creation idempotence and configuration - definition. - Cannot be updated. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names#names - type: string - type: object - port: - description: Port listen address - type: string - priorityClassName: - description: PriorityClassName class assigned to the Pods - type: string - readinessGates: - description: ReadinessGates defines pod readiness gates - items: - description: PodReadinessGate contains the reference to a pod condition - properties: - conditionType: - description: ConditionType refers to a condition in the pod's - condition list with matching type. - type: string - required: - - conditionType - type: object - type: array - readinessProbe: - description: ReadinessProbe that will be added CRD pod - type: object - x-kubernetes-preserve-unknown-fields: true - removePvcAfterDelete: - description: |- - RemovePvcAfterDelete - if true, controller adds ownership to pvc - and after VMSingle object deletion - pvc will be garbage collected - by controller manager - type: boolean - replicaCount: - description: ReplicaCount is the expected size of the Application. - format: int32 - type: integer - resources: - description: |- - Resources container resource request and limits, https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ - if not defined default resources from operator config will be used - properties: - claims: - description: |- - Claims lists the names of resources, defined in spec.resourceClaims, - that are used by this container. - - This is an alpha field and requires enabling the - DynamicResourceAllocation feature gate. - - This field is immutable. It can only be set for containers. - items: - description: ResourceClaim references one entry in PodSpec.ResourceClaims. - properties: - name: - description: |- - Name must match the name of one entry in pod.spec.resourceClaims of - the Pod where this field is used. It makes that resource available - inside a container. - type: string - request: - description: |- - Request is the name chosen for a request in the referenced claim. - If empty, everything from the claim is made available, otherwise - only the result of this request. - type: string - required: - - name - type: object - type: array - x-kubernetes-list-map-keys: - - name - x-kubernetes-list-type: map - limits: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - description: |- - Limits describes the maximum amount of compute resources allowed. - More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ - type: object - requests: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - description: |- - Requests describes the minimum amount of compute resources required. - If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, - otherwise to an implementation-defined value. Requests cannot exceed Limits. - More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ - type: object - type: object - retentionPeriod: - description: |- - RetentionPeriod defines how long to retain stored metrics, specified as a duration (e.g., "1d", "1w", "1m"). - Data with timestamps outside the RetentionPeriod is automatically deleted. The minimum allowed value is 1d, or 24h. - The default value is 1 (one month). - See [retention](https://docs.victoriametrics.com/victoriametrics/single-server-victoriametrics/#retention) docs for details. - pattern: ^[0-9]+(h|d|w|y)?$ - type: string - revisionHistoryLimitCount: - description: |- - The number of old ReplicaSets to retain to allow rollback in deployment or - maximum number of revisions that will be maintained in the Deployment revision history. - Has no effect at StatefulSets - Defaults to 10. - format: int32 - type: integer - runtimeClassName: - description: |- - RuntimeClassName - defines runtime class for kubernetes pod. - https://kubernetes.io/docs/concepts/containers/runtime-class/ - type: string - schedulerName: - description: SchedulerName - defines kubernetes scheduler name - type: string - secrets: - description: |- - Secrets is a list of Secrets in the same namespace as the Application - object, which shall be mounted into the Application container - at /etc/vm/secrets/SECRET_NAME folder - items: - type: string - type: array - securityContext: - description: |- - SecurityContext holds pod-level security attributes and common container settings. - This defaults to the default PodSecurityContext. - type: object - x-kubernetes-preserve-unknown-fields: true - serviceAccountName: - description: ServiceAccountName is the name of the ServiceAccount - to use to run the pods - type: string - serviceScrapeSpec: - description: ServiceScrapeSpec that will be added to vmsingle VMServiceScrape - spec - required: - - endpoints - type: object - x-kubernetes-preserve-unknown-fields: true - serviceSpec: - description: ServiceSpec that will be added to vmsingle service spec - properties: - metadata: - description: EmbeddedObjectMetadata defines objectMeta for additional - service. - properties: - annotations: - additionalProperties: - type: string - description: |- - Annotations is an unstructured key value map stored with a resource that may be - set by external tools to store and retrieve arbitrary metadata. They are not - queryable and should be preserved when modifying objects. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations - type: object - labels: - additionalProperties: - type: string - description: |- - Labels Map of string keys and values that can be used to organize and categorize - (scope and select) objects. May match selectors of replication controllers - and services. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels - type: object - name: - description: |- - Name must be unique within a namespace. Is required when creating resources, although - some resources may allow a client to request the generation of an appropriate name - automatically. Name is primarily intended for creation idempotence and configuration - definition. - Cannot be updated. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names#names - type: string - type: object - spec: - description: |- - ServiceSpec describes the attributes that a user creates on a service. - More info: https://kubernetes.io/docs/concepts/services-networking/service/ - type: object - x-kubernetes-preserve-unknown-fields: true - useAsDefault: - description: |- - UseAsDefault applies changes from given service definition to the main object Service - Changing from headless service to clusterIP or loadbalancer may break cross-component communication - type: boolean - required: - - spec - type: object - startupProbe: - description: StartupProbe that will be added to CRD pod - type: object - x-kubernetes-preserve-unknown-fields: true - storage: - description: |- - Storage is the definition of how storage will be used by the VMSingle - by default it`s empty dir - this option is ignored if storageDataPath is set - properties: - accessModes: - description: |- - accessModes contains the desired access modes the volume should have. - More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1 - items: - type: string - type: array - x-kubernetes-list-type: atomic - dataSource: - description: |- - dataSource field can be used to specify either: - * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot) - * An existing PVC (PersistentVolumeClaim) - If the provisioner or an external controller can support the specified data source, - it will create a new volume based on the contents of the specified data source. - When the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef, - and dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified. - If the namespace is specified, then dataSourceRef will not be copied to dataSource. - properties: - apiGroup: - description: |- - APIGroup is the group for the resource being referenced. - If APIGroup is not specified, the specified Kind must be in the core API group. - For any other third-party types, APIGroup is required. - type: string - kind: - description: Kind is the type of resource being referenced - type: string - name: - description: Name is the name of resource being referenced - type: string - required: - - kind - - name - type: object - x-kubernetes-map-type: atomic - dataSourceRef: - description: |- - dataSourceRef specifies the object from which to populate the volume with data, if a non-empty - volume is desired. This may be any object from a non-empty API group (non - core object) or a PersistentVolumeClaim object. - When this field is specified, volume binding will only succeed if the type of - the specified object matches some installed volume populator or dynamic - provisioner. - This field will replace the functionality of the dataSource field and as such - if both fields are non-empty, they must have the same value. For backwards - compatibility, when namespace isn't specified in dataSourceRef, - both fields (dataSource and dataSourceRef) will be set to the same - value automatically if one of them is empty and the other is non-empty. - When namespace is specified in dataSourceRef, - dataSource isn't set to the same value and must be empty. - There are three important differences between dataSource and dataSourceRef: - * While dataSource only allows two specific types of objects, dataSourceRef - allows any non-core object, as well as PersistentVolumeClaim objects. - * While dataSource ignores disallowed values (dropping them), dataSourceRef - preserves all values, and generates an error if a disallowed value is - specified. - * While dataSource only allows local objects, dataSourceRef allows objects - in any namespaces. - (Beta) Using this field requires the AnyVolumeDataSource feature gate to be enabled. - (Alpha) Using the namespace field of dataSourceRef requires the CrossNamespaceVolumeDataSource feature gate to be enabled. - properties: - apiGroup: - description: |- - APIGroup is the group for the resource being referenced. - If APIGroup is not specified, the specified Kind must be in the core API group. - For any other third-party types, APIGroup is required. - type: string - kind: - description: Kind is the type of resource being referenced - type: string - name: - description: Name is the name of resource being referenced - type: string - namespace: - description: |- - Namespace is the namespace of resource being referenced - Note that when a namespace is specified, a gateway.networking.k8s.io/ReferenceGrant object is required in the referent namespace to allow that namespace's owner to accept the reference. See the ReferenceGrant documentation for details. - (Alpha) This field requires the CrossNamespaceVolumeDataSource feature gate to be enabled. - type: string - required: - - kind - - name - type: object - resources: - description: |- - resources represents the minimum resources the volume should have. - If RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements - that are lower than previous value but must still be higher than capacity recorded in the - status field of the claim. - More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources - properties: - limits: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - description: |- - Limits describes the maximum amount of compute resources allowed. - More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ - type: object - requests: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - description: |- - Requests describes the minimum amount of compute resources required. - If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, - otherwise to an implementation-defined value. Requests cannot exceed Limits. - More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ - type: object - type: object - selector: - description: selector is a label query over volumes to consider - for binding. - properties: - matchExpressions: - description: matchExpressions is a list of label selector - requirements. The requirements are ANDed. - items: - description: |- - A label selector requirement is a selector that contains values, a key, and an operator that - relates the key and values. - properties: - key: - description: key is the label key that the selector - applies to. - type: string - operator: - description: |- - operator represents a key's relationship to a set of values. - Valid operators are In, NotIn, Exists and DoesNotExist. - type: string - values: - description: |- - values is an array of string values. If the operator is In or NotIn, - the values array must be non-empty. If the operator is Exists or DoesNotExist, - the values array must be empty. This array is replaced during a strategic - merge patch. - items: - type: string - type: array - x-kubernetes-list-type: atomic - required: - - key - - operator - type: object - type: array - x-kubernetes-list-type: atomic - matchLabels: - additionalProperties: - type: string - description: |- - matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels - map is equivalent to an element of matchExpressions, whose key field is "key", the - operator is "In", and the values array contains only "value". The requirements are ANDed. - type: object - type: object - x-kubernetes-map-type: atomic - storageClassName: - description: |- - storageClassName is the name of the StorageClass required by the claim. - More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1 - type: string - volumeAttributesClassName: - description: |- - volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim. - If specified, the CSI driver will create or update the volume with the attributes defined - in the corresponding VolumeAttributesClass. This has a different purpose than storageClassName, - it can be changed after the claim is created. An empty string value means that no VolumeAttributesClass - will be applied to the claim but it's not allowed to reset this field to empty string once it is set. - If unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass - will be set by the persistentvolume controller if it exists. - If the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be - set to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource - exists. - More info: https://kubernetes.io/docs/concepts/storage/volume-attributes-classes/ - (Beta) Using this field requires the VolumeAttributesClass feature gate to be enabled (off by default). - type: string - volumeMode: - description: |- - volumeMode defines what type of volume is required by the claim. - Value of Filesystem is implied when not included in claim spec. - type: string - volumeName: - description: volumeName is the binding reference to the PersistentVolume - backing this claim. - type: string - type: object - storageDataPath: - description: |- - StorageDataPath disables spec.storage option and overrides arg for victoria-metrics binary --storageDataPath, - its users responsibility to mount proper device into given path. - It requires to provide spec.volumes and spec.volumeMounts with at least 1 value - type: string - storageMetadata: - description: StorageMeta defines annotations and labels attached to - PVC for given vmsingle CR - properties: - annotations: - additionalProperties: - type: string - description: |- - Annotations is an unstructured key value map stored with a resource that may be - set by external tools to store and retrieve arbitrary metadata. They are not - queryable and should be preserved when modifying objects. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations - type: object - labels: - additionalProperties: - type: string - description: |- - Labels Map of string keys and values that can be used to organize and categorize - (scope and select) objects. May match selectors of replication controllers - and services. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels - type: object - name: - description: |- - Name must be unique within a namespace. Is required when creating resources, although - some resources may allow a client to request the generation of an appropriate name - automatically. Name is primarily intended for creation idempotence and configuration - definition. - Cannot be updated. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names#names - type: string - type: object - streamAggrConfig: - description: StreamAggrConfig defines stream aggregation configuration - for VMSingle - properties: - configmap: - description: ConfigMap with stream aggregation rules - properties: - key: - description: The key to select. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the ConfigMap or its key must - be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - dedupInterval: - description: Allows setting different de-duplication intervals - per each configured remote storage - type: string - dropInput: - description: Allow drop all the input samples after the aggregation - type: boolean - dropInputLabels: - description: labels to drop from samples for aggregator before - stream de-duplication and aggregation - items: - type: string - type: array - enableWindows: - description: EnableWindows enables aggregating data in separate - windows ( available from v0.54.0). - type: boolean - ignoreFirstIntervals: - description: IgnoreFirstIntervals instructs to ignore first interval - type: integer - ignoreFirstSampleInterval: - description: IgnoreFirstSampleInterval sets interval for total - and prometheus_total during which first samples will be ignored - type: string - ignoreOldSamples: - description: IgnoreOldSamples instructs to ignore samples with - old timestamps outside the current aggregation interval. - type: boolean - keepInput: - description: Allows writing both raw and aggregate data - type: boolean - rules: - description: Stream aggregation rules - items: - description: StreamAggrRule defines the rule in stream aggregation - config - properties: - by: - description: |- - By is an optional list of labels for grouping input series. - - See also Without. - - If neither By nor Without are set, then the Outputs are calculated - individually per each input time series. - items: - type: string - type: array - dedup_interval: - description: DedupInterval is an optional interval for deduplication. - type: string - drop_input_labels: - description: |- - DropInputLabels is an optional list with labels, which must be dropped before further processing of input samples. - - Labels are dropped before de-duplication and aggregation. - items: - type: string - type: array - enable_windows: - description: EnableWindows enables aggregating data in separate - windows - type: boolean - flush_on_shutdown: - description: |- - FlushOnShutdown defines whether to flush the aggregation state on process termination - or config reload. Is `false` by default. - It is not recommended changing this setting, unless unfinished aggregations states - are preferred to missing data points. - type: boolean - ignore_first_intervals: - type: integer - ignore_old_samples: - description: IgnoreOldSamples instructs to ignore samples - with old timestamps outside the current aggregation interval. - type: boolean - ignoreFirstSampleInterval: - description: IgnoreFirstSampleInterval sets interval for - total and prometheus_total during which first samples - will be ignored - type: string - input_relabel_configs: - description: |- - InputRelabelConfigs is an optional relabeling rules, which are applied on the input - before aggregation. - items: - description: |- - RelabelConfig allows dynamic rewriting of the label set - More info: https://docs.victoriametrics.com/victoriametrics/#relabeling - properties: - action: - description: Action to perform based on regex matching. - Default is 'replace' - type: string - if: - description: 'If represents metricsQL match expression - (or list of expressions): ''{__name__=~"foo_.*"}''' - x-kubernetes-preserve-unknown-fields: true - labels: - additionalProperties: - type: string - description: 'Labels is used together with Match for - `action: graphite`' - type: object - match: - description: 'Match is used together with Labels for - `action: graphite`' - type: string - modulus: - description: Modulus to take of the hash of the source - label values. - format: int64 - type: integer - regex: - description: |- - Regular expression against which the extracted value is matched. Default is '(.*)' - victoriaMetrics supports multiline regex joined with | - https://docs.victoriametrics.com/victoriametrics/vmagent/#relabeling-enhancements - x-kubernetes-preserve-unknown-fields: true - replacement: - description: |- - Replacement value against which a regex replace is performed if the - regular expression matches. Regex capture groups are available. Default is '$1' - type: string - separator: - description: Separator placed between concatenated - source label values. default is ';'. - type: string - source_labels: - description: |- - UnderScoreSourceLabels - additional form of source labels source_labels - for compatibility with original relabel config. - if set both sourceLabels and source_labels, sourceLabels has priority. - for details https://github.com/VictoriaMetrics/operator/issues/131 - items: - type: string - type: array - sourceLabels: - description: |- - The source labels select values from existing labels. Their content is concatenated - using the configured separator and matched against the configured regular expression - for the replace, keep, and drop actions. - items: - type: string - type: array - target_label: - description: |- - UnderScoreTargetLabel - additional form of target label - target_label - for compatibility with original relabel config. - if set both targetLabel and target_label, targetLabel has priority. - for details https://github.com/VictoriaMetrics/operator/issues/131 - type: string - targetLabel: - description: |- - Label to which the resulting value is written in a replace action. - It is mandatory for replace actions. Regex capture groups are available. - type: string - type: object - type: array - interval: - description: Interval is the interval between aggregations. - type: string - keep_metric_names: - description: KeepMetricNames instructs to leave metric names - as is for the output time series without adding any suffix. - type: boolean - match: - description: |- - Match is a label selector (or list of label selectors) for filtering time series for the given selector. - - If the match isn't set, then all the input time series are processed. - x-kubernetes-preserve-unknown-fields: true - no_align_flush_to_interval: - description: |- - NoAlignFlushToInterval disables aligning of flushes to multiples of Interval. - By default flushes are aligned to Interval. - type: boolean - output_relabel_configs: - description: |- - OutputRelabelConfigs is an optional relabeling rules, which are applied - on the aggregated output before being sent to remote storage. - items: - description: |- - RelabelConfig allows dynamic rewriting of the label set - More info: https://docs.victoriametrics.com/victoriametrics/#relabeling - properties: - action: - description: Action to perform based on regex matching. - Default is 'replace' - type: string - if: - description: 'If represents metricsQL match expression - (or list of expressions): ''{__name__=~"foo_.*"}''' - x-kubernetes-preserve-unknown-fields: true - labels: - additionalProperties: - type: string - description: 'Labels is used together with Match for - `action: graphite`' - type: object - match: - description: 'Match is used together with Labels for - `action: graphite`' - type: string - modulus: - description: Modulus to take of the hash of the source - label values. - format: int64 - type: integer - regex: - description: |- - Regular expression against which the extracted value is matched. Default is '(.*)' - victoriaMetrics supports multiline regex joined with | - https://docs.victoriametrics.com/victoriametrics/vmagent/#relabeling-enhancements - x-kubernetes-preserve-unknown-fields: true - replacement: - description: |- - Replacement value against which a regex replace is performed if the - regular expression matches. Regex capture groups are available. Default is '$1' - type: string - separator: - description: Separator placed between concatenated - source label values. default is ';'. - type: string - source_labels: - description: |- - UnderScoreSourceLabels - additional form of source labels source_labels - for compatibility with original relabel config. - if set both sourceLabels and source_labels, sourceLabels has priority. - for details https://github.com/VictoriaMetrics/operator/issues/131 - items: - type: string - type: array - sourceLabels: - description: |- - The source labels select values from existing labels. Their content is concatenated - using the configured separator and matched against the configured regular expression - for the replace, keep, and drop actions. - items: - type: string - type: array - target_label: - description: |- - UnderScoreTargetLabel - additional form of target label - target_label - for compatibility with original relabel config. - if set both targetLabel and target_label, targetLabel has priority. - for details https://github.com/VictoriaMetrics/operator/issues/131 - type: string - targetLabel: - description: |- - Label to which the resulting value is written in a replace action. - It is mandatory for replace actions. Regex capture groups are available. - type: string - type: object - type: array - outputs: - description: |- - Outputs is a list of output aggregate functions to produce. - - The following names are allowed: - - - total - aggregates input counters - - increase - counts the increase over input counters - - count_series - counts the input series - - count_samples - counts the input samples - - sum_samples - sums the input samples - - last - the last biggest sample value - - min - the minimum sample value - - max - the maximum sample value - - avg - the average value across all the samples - - stddev - standard deviation across all the samples - - stdvar - standard variance across all the samples - - histogram_bucket - creates VictoriaMetrics histogram for input samples - - quantiles(phi1, ..., phiN) - quantiles' estimation for phi in the range [0..1] - - The output time series will have the following names: - - input_name:aggr__ - items: - type: string - type: array - staleness_interval: - description: |- - Staleness interval is interval after which the series state will be reset if no samples have been sent during it. - The parameter is only relevant for outputs: total, total_prometheus, increase, increase_prometheus and histogram_bucket. - type: string - without: - description: |- - Without is an optional list of labels, which must be excluded when grouping input series. - - See also By. - - If neither By nor Without are set, then the Outputs are calculated - individually per each input time series. - items: - type: string - type: array - required: - - interval - - outputs - type: object - type: array - type: object - terminationGracePeriodSeconds: - description: TerminationGracePeriodSeconds period for container graceful - termination - format: int64 - type: integer - tolerations: - description: Tolerations If specified, the pod's tolerations. - items: - description: |- - The pod this Toleration is attached to tolerates any taint that matches - the triple using the matching operator . - properties: - effect: - description: |- - Effect indicates the taint effect to match. Empty means match all taint effects. - When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute. - type: string - key: - description: |- - Key is the taint key that the toleration applies to. Empty means match all taint keys. - If the key is empty, operator must be Exists; this combination means to match all values and all keys. - type: string - operator: - description: |- - Operator represents a key's relationship to the value. - Valid operators are Exists and Equal. Defaults to Equal. - Exists is equivalent to wildcard for value, so that a pod can - tolerate all taints of a particular category. - type: string - tolerationSeconds: - description: |- - TolerationSeconds represents the period of time the toleration (which must be - of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, - it is not set, which means tolerate the taint forever (do not evict). Zero and - negative values will be treated as 0 (evict immediately) by the system. - format: int64 - type: integer - value: - description: |- - Value is the taint value the toleration matches to. - If the operator is Exists, the value should be empty, otherwise just a regular string. - type: string - type: object - type: array - topologySpreadConstraints: - description: |- - TopologySpreadConstraints embedded kubernetes pod configuration option, - controls how pods are spread across your cluster among failure-domains - such as regions, zones, nodes, and other user-defined topology domains - https://kubernetes.io/docs/concepts/workloads/pods/pod-topology-spread-constraints/ - items: - description: TopologySpreadConstraint specifies how to spread matching - pods among the given topology. - required: - - maxSkew - - topologyKey - - whenUnsatisfiable - type: object - x-kubernetes-preserve-unknown-fields: true - type: array - useDefaultResources: - description: |- - UseDefaultResources controls resource settings - By default, operator sets built-in resource requirements - type: boolean - useStrictSecurity: - description: |- - UseStrictSecurity enables strict security mode for component - it restricts disk writes access - uses non-root user out of the box - drops not needed security permissions - type: boolean - vmBackup: - description: VMBackup configuration for backup - properties: - acceptEULA: - description: |- - AcceptEULA accepts enterprise feature usage, must be set to true. - otherwise backupmanager cannot be added to single/cluster version. - https://victoriametrics.com/legal/esa/ - Deprecated: use license.key or license.keyRef instead - type: boolean - concurrency: - description: Defines number of concurrent workers. Higher concurrency - may reduce backup duration (default 10) - format: int32 - type: integer - credentialsSecret: - description: |- - CredentialsSecret is secret in the same namespace for access to remote storage - The secret is mounted into /etc/vm/creds. - properties: - key: - description: The key of the secret to select from. Must be - a valid secret key. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the Secret or its key must be - defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - customS3Endpoint: - description: Custom S3 endpoint for use with S3-compatible storages - (e.g. MinIO). S3 is used if not set - type: string - destination: - description: Defines destination for backup - type: string - destinationDisableSuffixAdd: - description: |- - DestinationDisableSuffixAdd - disables suffix adding for cluster version backups - each vmstorage backup must have unique backup folder - so operator adds POD_NAME as suffix for backup destination folder. - type: boolean - disableDaily: - description: Defines if daily backups disabled (default false) - type: boolean - disableHourly: - description: Defines if hourly backups disabled (default false) - type: boolean - disableMonthly: - description: Defines if monthly backups disabled (default false) - type: boolean - disableWeekly: - description: Defines if weekly backups disabled (default false) - type: boolean - extraArgs: - additionalProperties: - type: string - description: extra args like maxBytesPerSecond default 0 - type: object - extraEnvs: - items: - description: EnvVar represents an environment variable present - in a Container. - properties: - name: - description: Name of the environment variable. Must be a - C_IDENTIFIER. - type: string - value: - description: |- - Variable references $(VAR_NAME) are expanded - using the previously defined environment variables in the container and - any service environment variables. If a variable cannot be resolved, - the reference in the input string will be unchanged. Double $$ are reduced - to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. - "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". - Escaped references will never be expanded, regardless of whether the variable - exists or not. - Defaults to "". - type: string - valueFrom: - description: Source for the environment variable's value. - Cannot be used if value is not empty. - properties: - configMapKeyRef: - description: Selects a key of a ConfigMap. - properties: - key: - description: The key to select. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the ConfigMap or its - key must be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - fieldRef: - description: |- - Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, - spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs. - properties: - apiVersion: - description: Version of the schema the FieldPath - is written in terms of, defaults to "v1". - type: string - fieldPath: - description: Path of the field to select in the - specified API version. - type: string - required: - - fieldPath - type: object - x-kubernetes-map-type: atomic - resourceFieldRef: - description: |- - Selects a resource of the container: only resources limits and requests - (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported. - properties: - containerName: - description: 'Container name: required for volumes, - optional for env vars' - type: string - divisor: - anyOf: - - type: integer - - type: string - description: Specifies the output format of the - exposed resources, defaults to "1" - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - resource: - description: 'Required: resource to select' - type: string - required: - - resource - type: object - x-kubernetes-map-type: atomic - secretKeyRef: - description: Selects a key of a secret in the pod's - namespace - properties: - key: - description: The key of the secret to select from. Must - be a valid secret key. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the Secret or its key - must be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - type: object - required: - - name - type: object - type: array - extraEnvsFrom: - description: |- - ExtraEnvsFrom defines source of env variables for the application container - could either be secret or configmap - items: - description: EnvFromSource represents the source of a set of - ConfigMaps - properties: - configMapRef: - description: The ConfigMap to select from - properties: - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the ConfigMap must be defined - type: boolean - type: object - x-kubernetes-map-type: atomic - prefix: - description: An optional identifier to prepend to each key - in the ConfigMap. Must be a C_IDENTIFIER. - type: string - secretRef: - description: The Secret to select from - properties: - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the Secret must be defined - type: boolean - type: object - x-kubernetes-map-type: atomic - type: object - type: array - image: - description: Image - docker image settings for VMBackuper - properties: - pullPolicy: - description: PullPolicy describes how to pull docker image - type: string - repository: - description: Repository contains name of docker image + it's - repository if needed - type: string - tag: - description: Tag contains desired docker image version - type: string - type: object - logFormat: - description: |- - LogFormat for VMBackup to be configured with. - default or json - enum: - - default - - json - type: string - logLevel: - description: LogLevel for VMBackup to be configured with. - enum: - - INFO - - WARN - - ERROR - - FATAL - - PANIC - type: string - port: - description: Port for health check connections - type: string - resources: - description: |- - Resources container resource request and limits, https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ - if not defined default resources from operator config will be used - properties: - claims: - description: |- - Claims lists the names of resources, defined in spec.resourceClaims, - that are used by this container. - - This is an alpha field and requires enabling the - DynamicResourceAllocation feature gate. - - This field is immutable. It can only be set for containers. - items: - description: ResourceClaim references one entry in PodSpec.ResourceClaims. - properties: - name: - description: |- - Name must match the name of one entry in pod.spec.resourceClaims of - the Pod where this field is used. It makes that resource available - inside a container. - type: string - request: - description: |- - Request is the name chosen for a request in the referenced claim. - If empty, everything from the claim is made available, otherwise - only the result of this request. - type: string - required: - - name - type: object - type: array - x-kubernetes-list-map-keys: - - name - x-kubernetes-list-type: map - limits: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - description: |- - Limits describes the maximum amount of compute resources allowed. - More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ - type: object - requests: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - description: |- - Requests describes the minimum amount of compute resources required. - If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, - otherwise to an implementation-defined value. Requests cannot exceed Limits. - More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ - type: object - type: object - restore: - description: |- - Restore Allows to enable restore options for pod - Read [more](https://docs.victoriametrics.com/victoriametrics/vmbackupmanager/#restore-commands) - properties: - onStart: - description: OnStart defines configuration for restore on - pod start - properties: - enabled: - description: Enabled defines if restore on start enabled - type: boolean - type: object - type: object - snapshotCreateURL: - description: SnapshotCreateURL overwrites url for snapshot create - type: string - snapshotDeleteURL: - description: SnapShotDeleteURL overwrites url for snapshot delete - type: string - volumeMounts: - description: |- - VolumeMounts allows configuration of additional VolumeMounts on the output Deployment definition. - VolumeMounts specified will be appended to other VolumeMounts in the vmbackupmanager container, - that are generated as a result of StorageSpec objects. - items: - description: VolumeMount describes a mounting of a Volume within - a container. - properties: - mountPath: - description: |- - Path within the container at which the volume should be mounted. Must - not contain ':'. - type: string - mountPropagation: - description: |- - mountPropagation determines how mounts are propagated from the host - to container and the other way around. - When not set, MountPropagationNone is used. - This field is beta in 1.10. - When RecursiveReadOnly is set to IfPossible or to Enabled, MountPropagation must be None or unspecified - (which defaults to None). - type: string - name: - description: This must match the Name of a Volume. - type: string - readOnly: - description: |- - Mounted read-only if true, read-write otherwise (false or unspecified). - Defaults to false. - type: boolean - recursiveReadOnly: - description: |- - RecursiveReadOnly specifies whether read-only mounts should be handled - recursively. - - If ReadOnly is false, this field has no meaning and must be unspecified. - - If ReadOnly is true, and this field is set to Disabled, the mount is not made - recursively read-only. If this field is set to IfPossible, the mount is made - recursively read-only, if it is supported by the container runtime. If this - field is set to Enabled, the mount is made recursively read-only if it is - supported by the container runtime, otherwise the pod will not be started and - an error will be generated to indicate the reason. - - If this field is set to IfPossible or Enabled, MountPropagation must be set to - None (or be unspecified, which defaults to None). - - If this field is not specified, it is treated as an equivalent of Disabled. - type: string - subPath: - description: |- - Path within the volume from which the container's volume should be mounted. - Defaults to "" (volume's root). - type: string - subPathExpr: - description: |- - Expanded path within the volume from which the container's volume should be mounted. - Behaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment. - Defaults to "" (volume's root). - SubPathExpr and SubPath are mutually exclusive. - type: string - required: - - mountPath - - name - type: object - type: array - type: object - volumeMounts: - description: |- - VolumeMounts allows configuration of additional VolumeMounts on the output Deployment/StatefulSet definition. - VolumeMounts specified will be appended to other VolumeMounts in the Application container - items: - description: VolumeMount describes a mounting of a Volume within - a container. - properties: - mountPath: - description: |- - Path within the container at which the volume should be mounted. Must - not contain ':'. - type: string - mountPropagation: - description: |- - mountPropagation determines how mounts are propagated from the host - to container and the other way around. - When not set, MountPropagationNone is used. - This field is beta in 1.10. - When RecursiveReadOnly is set to IfPossible or to Enabled, MountPropagation must be None or unspecified - (which defaults to None). - type: string - name: - description: This must match the Name of a Volume. - type: string - readOnly: - description: |- - Mounted read-only if true, read-write otherwise (false or unspecified). - Defaults to false. - type: boolean - recursiveReadOnly: - description: |- - RecursiveReadOnly specifies whether read-only mounts should be handled - recursively. - - If ReadOnly is false, this field has no meaning and must be unspecified. - - If ReadOnly is true, and this field is set to Disabled, the mount is not made - recursively read-only. If this field is set to IfPossible, the mount is made - recursively read-only, if it is supported by the container runtime. If this - field is set to Enabled, the mount is made recursively read-only if it is - supported by the container runtime, otherwise the pod will not be started and - an error will be generated to indicate the reason. - - If this field is set to IfPossible or Enabled, MountPropagation must be set to - None (or be unspecified, which defaults to None). - - If this field is not specified, it is treated as an equivalent of Disabled. - type: string - subPath: - description: |- - Path within the volume from which the container's volume should be mounted. - Defaults to "" (volume's root). - type: string - subPathExpr: - description: |- - Expanded path within the volume from which the container's volume should be mounted. - Behaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment. - Defaults to "" (volume's root). - SubPathExpr and SubPath are mutually exclusive. - type: string - required: - - mountPath - - name - type: object - type: array - volumes: - description: |- - Volumes allows configuration of additional volumes on the output Deployment/StatefulSet definition. - Volumes specified will be appended to other volumes that are generated. - / +optional - items: - description: Volume represents a named volume in a pod that may - be accessed by any container in the pod. - required: - - name - type: object - x-kubernetes-preserve-unknown-fields: true - type: array type: object + x-kubernetes-preserve-unknown-fields: true status: description: VMSingleStatus defines the observed state of VMSingle properties: @@ -37921,790 +2631,19 @@ spec: kind: description: |- Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. - In CamelCase. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds - type: string - metadata: - type: object - spec: - description: VMStaticScrapeSpec defines the desired state of VMStaticScrape. - properties: - jobName: - description: JobName name of job. - type: string - sampleLimit: - description: SampleLimit defines per-scrape limit on number of scraped - samples that will be accepted. - format: int64 - type: integer - seriesLimit: - description: |- - SeriesLimit defines per-scrape limit on number of unique time series - a single target can expose during all the scrapes on the time window of 24h. - format: int64 - type: integer - targetEndpoints: - description: A list of target endpoints to scrape metrics from. - items: - description: TargetEndpoint defines single static target endpoint. - properties: - authorization: - description: Authorization with http header Authorization - properties: - credentials: - description: Reference to the secret with value for authorization - properties: - key: - description: The key of the secret to select from. Must - be a valid secret key. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the Secret or its key must - be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - credentialsFile: - description: File with value for authorization - type: string - type: - description: Type of authorization, default to bearer - type: string - type: object - basicAuth: - description: BasicAuth allow an endpoint to authenticate over - basic authentication - properties: - password: - description: |- - Password defines reference for secret with password value - The secret needs to be in the same namespace as scrape object - properties: - key: - description: The key of the secret to select from. Must - be a valid secret key. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the Secret or its key must - be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - password_file: - description: |- - PasswordFile defines path to password file at disk - must be pre-mounted - type: string - username: - description: |- - Username defines reference for secret with username value - The secret needs to be in the same namespace as scrape object - properties: - key: - description: The key of the secret to select from. Must - be a valid secret key. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the Secret or its key must - be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - type: object - bearerTokenFile: - description: File to read bearer token for scraping targets. - type: string - bearerTokenSecret: - description: |- - Secret to mount to read bearer token for scraping targets. The secret - needs to be in the same namespace as the scrape object and accessible by - the victoria-metrics operator. - nullable: true - properties: - key: - description: The key of the secret to select from. Must - be a valid secret key. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the Secret or its key must - be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - follow_redirects: - description: FollowRedirects controls redirects for scraping. - type: boolean - honorLabels: - description: HonorLabels chooses the metric's labels on collisions - with target labels. - type: boolean - honorTimestamps: - description: HonorTimestamps controls whether vmagent respects - the timestamps present in scraped data. - type: boolean - interval: - description: Interval at which metrics should be scraped - type: string - labels: - additionalProperties: - type: string - description: Labels static labels for targets. - type: object - max_scrape_size: - description: MaxScrapeSize defines a maximum size of scraped - data for a job - type: string - metricRelabelConfigs: - description: MetricRelabelConfigs to apply to samples after - scrapping. - items: - description: |- - RelabelConfig allows dynamic rewriting of the label set - More info: https://docs.victoriametrics.com/victoriametrics/#relabeling - properties: - action: - description: Action to perform based on regex matching. - Default is 'replace' - type: string - if: - description: 'If represents metricsQL match expression - (or list of expressions): ''{__name__=~"foo_.*"}''' - x-kubernetes-preserve-unknown-fields: true - labels: - additionalProperties: - type: string - description: 'Labels is used together with Match for `action: - graphite`' - type: object - match: - description: 'Match is used together with Labels for `action: - graphite`' - type: string - modulus: - description: Modulus to take of the hash of the source - label values. - format: int64 - type: integer - regex: - description: |- - Regular expression against which the extracted value is matched. Default is '(.*)' - victoriaMetrics supports multiline regex joined with | - https://docs.victoriametrics.com/victoriametrics/vmagent/#relabeling-enhancements - x-kubernetes-preserve-unknown-fields: true - replacement: - description: |- - Replacement value against which a regex replace is performed if the - regular expression matches. Regex capture groups are available. Default is '$1' - type: string - separator: - description: Separator placed between concatenated source - label values. default is ';'. - type: string - source_labels: - description: |- - UnderScoreSourceLabels - additional form of source labels source_labels - for compatibility with original relabel config. - if set both sourceLabels and source_labels, sourceLabels has priority. - for details https://github.com/VictoriaMetrics/operator/issues/131 - items: - type: string - type: array - sourceLabels: - description: |- - The source labels select values from existing labels. Their content is concatenated - using the configured separator and matched against the configured regular expression - for the replace, keep, and drop actions. - items: - type: string - type: array - target_label: - description: |- - UnderScoreTargetLabel - additional form of target label - target_label - for compatibility with original relabel config. - if set both targetLabel and target_label, targetLabel has priority. - for details https://github.com/VictoriaMetrics/operator/issues/131 - type: string - targetLabel: - description: |- - Label to which the resulting value is written in a replace action. - It is mandatory for replace actions. Regex capture groups are available. - type: string - type: object - type: array - oauth2: - description: OAuth2 defines auth configuration - properties: - client_id: - description: The secret or configmap containing the OAuth2 - client id - properties: - configMap: - description: ConfigMap containing data to use for the - targets. - properties: - key: - description: The key to select. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the ConfigMap or its - key must be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - secret: - description: Secret containing data to use for the targets. - properties: - key: - description: The key of the secret to select from. Must - be a valid secret key. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the Secret or its key - must be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - type: object - client_secret: - description: The secret containing the OAuth2 client secret - properties: - key: - description: The key of the secret to select from. Must - be a valid secret key. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the Secret or its key must - be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - client_secret_file: - description: ClientSecretFile defines path for client secret - file. - type: string - endpoint_params: - additionalProperties: - type: string - description: Parameters to append to the token URL - type: object - proxy_url: - description: |- - The proxy URL for token_url connection - ( available from v0.55.0). - Is only supported by Scrape objects family - type: string - scopes: - description: OAuth2 scopes used for the token request - items: - type: string - type: array - tls_config: - description: |- - TLSConfig for token_url connection - ( available from v0.55.0). - Is only supported by Scrape objects family - x-kubernetes-preserve-unknown-fields: true - token_url: - description: The URL to fetch the token from - minLength: 1 - type: string - required: - - client_id - - token_url - type: object - params: - additionalProperties: - items: - type: string - type: array - description: Optional HTTP URL parameters - type: object - path: - description: HTTP path to scrape for metrics. - type: string - proxyURL: - description: ProxyURL eg http://proxyserver:2195 Directs scrapes - to proxy through this endpoint. - type: string - relabelConfigs: - description: RelabelConfigs to apply to samples during service - discovery. - items: - description: |- - RelabelConfig allows dynamic rewriting of the label set - More info: https://docs.victoriametrics.com/victoriametrics/#relabeling - properties: - action: - description: Action to perform based on regex matching. - Default is 'replace' - type: string - if: - description: 'If represents metricsQL match expression - (or list of expressions): ''{__name__=~"foo_.*"}''' - x-kubernetes-preserve-unknown-fields: true - labels: - additionalProperties: - type: string - description: 'Labels is used together with Match for `action: - graphite`' - type: object - match: - description: 'Match is used together with Labels for `action: - graphite`' - type: string - modulus: - description: Modulus to take of the hash of the source - label values. - format: int64 - type: integer - regex: - description: |- - Regular expression against which the extracted value is matched. Default is '(.*)' - victoriaMetrics supports multiline regex joined with | - https://docs.victoriametrics.com/victoriametrics/vmagent/#relabeling-enhancements - x-kubernetes-preserve-unknown-fields: true - replacement: - description: |- - Replacement value against which a regex replace is performed if the - regular expression matches. Regex capture groups are available. Default is '$1' - type: string - separator: - description: Separator placed between concatenated source - label values. default is ';'. - type: string - source_labels: - description: |- - UnderScoreSourceLabels - additional form of source labels source_labels - for compatibility with original relabel config. - if set both sourceLabels and source_labels, sourceLabels has priority. - for details https://github.com/VictoriaMetrics/operator/issues/131 - items: - type: string - type: array - sourceLabels: - description: |- - The source labels select values from existing labels. Their content is concatenated - using the configured separator and matched against the configured regular expression - for the replace, keep, and drop actions. - items: - type: string - type: array - target_label: - description: |- - UnderScoreTargetLabel - additional form of target label - target_label - for compatibility with original relabel config. - if set both targetLabel and target_label, targetLabel has priority. - for details https://github.com/VictoriaMetrics/operator/issues/131 - type: string - targetLabel: - description: |- - Label to which the resulting value is written in a replace action. - It is mandatory for replace actions. Regex capture groups are available. - type: string - type: object - type: array - sampleLimit: - description: SampleLimit defines per-scrape limit on number - of scraped samples that will be accepted. - format: int64 - type: integer - scheme: - description: HTTP scheme to use for scraping. - enum: - - http - - https - - HTTPS - - HTTP - type: string - scrape_interval: - description: |- - ScrapeInterval is the same as Interval and has priority over it. - one of scrape_interval or interval can be used - type: string - scrapeTimeout: - description: Timeout after which the scrape is ended - type: string - seriesLimit: - description: |- - SeriesLimit defines per-scrape limit on number of unique time series - a single target can expose during all the scrapes on the time window of 24h. - format: int64 - type: integer - targets: - description: Targets static targets addresses in form of ["192.122.55.55:9100","some-name:9100"]. - items: - type: string - minItems: 1 - type: array - tlsConfig: - description: TLSConfig configuration to use when scraping the - endpoint - properties: - ca: - description: Struct containing the CA cert to use for the - targets. - properties: - configMap: - description: ConfigMap containing data to use for the - targets. - properties: - key: - description: The key to select. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the ConfigMap or its - key must be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - secret: - description: Secret containing data to use for the targets. - properties: - key: - description: The key of the secret to select from. Must - be a valid secret key. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the Secret or its key - must be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - type: object - caFile: - description: Path to the CA cert in the container to use - for the targets. - type: string - cert: - description: Struct containing the client cert file for - the targets. - properties: - configMap: - description: ConfigMap containing data to use for the - targets. - properties: - key: - description: The key to select. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the ConfigMap or its - key must be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - secret: - description: Secret containing data to use for the targets. - properties: - key: - description: The key of the secret to select from. Must - be a valid secret key. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the Secret or its key - must be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - type: object - certFile: - description: Path to the client cert file in the container - for the targets. - type: string - insecureSkipVerify: - description: Disable target certificate validation. - type: boolean - keyFile: - description: Path to the client key file in the container - for the targets. - type: string - keySecret: - description: Secret containing the client key file for the - targets. - properties: - key: - description: The key of the secret to select from. Must - be a valid secret key. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the Secret or its key must - be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - serverName: - description: Used to verify the hostname for the targets. - type: string - type: object - vm_scrape_params: - description: VMScrapeParams defines VictoriaMetrics specific - scrape parameters - properties: - disable_compression: - description: DisableCompression - type: boolean - disable_keep_alive: - description: |- - disable_keepalive allows disabling HTTP keep-alive when scraping targets. - By default, HTTP keep-alive is enabled, so TCP connections to scrape targets - could be reused. - See https://docs.victoriametrics.com/victoriametrics/vmagent/#scrape_config-enhancements - type: boolean - headers: - description: |- - Headers allows sending custom headers to scrape targets - must be in of semicolon separated header with it's value - eg: - headerName: headerValue - vmagent supports since 1.79.0 version - items: - type: string - type: array - no_stale_markers: - type: boolean - proxy_client_config: - description: |- - ProxyClientConfig configures proxy auth settings for scraping - See feature description https://docs.victoriametrics.com/victoriametrics/vmagent/#scraping-targets-via-a-proxy - properties: - basic_auth: - description: BasicAuth allow an endpoint to authenticate - over basic authentication - properties: - password: - description: |- - Password defines reference for secret with password value - The secret needs to be in the same namespace as scrape object - properties: - key: - description: The key of the secret to select - from. Must be a valid secret key. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the Secret or its - key must be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - password_file: - description: |- - PasswordFile defines path to password file at disk - must be pre-mounted - type: string - username: - description: |- - Username defines reference for secret with username value - The secret needs to be in the same namespace as scrape object - properties: - key: - description: The key of the secret to select - from. Must be a valid secret key. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the Secret or its - key must be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - type: object - bearer_token: - description: SecretKeySelector selects a key of a Secret. - properties: - key: - description: The key of the secret to select from. Must - be a valid secret key. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the Secret or its key - must be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - bearer_token_file: - type: string - tls_config: - x-kubernetes-preserve-unknown-fields: true - type: object - scrape_align_interval: - type: string - scrape_offset: - type: string - stream_parse: - type: boolean - type: object - required: - - targets - type: object - type: array + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + type: string + metadata: + type: object + spec: + description: VMStaticScrapeSpec defines the desired state of VMStaticScrape. required: - targetEndpoints type: object + x-kubernetes-preserve-unknown-fields: true status: description: ScrapeObjectStatus defines the observed state of ScrapeObjects properties: @@ -38839,517 +2778,10 @@ spec: type: object spec: description: VMUserSpec defines the desired state of VMUser - properties: - bearerToken: - description: BearerToken Authorization header value for accessing - protected endpoint. - type: string - default_url: - description: |- - DefaultURLs backend url for non-matching paths filter - usually used for default backend with error message - items: - type: string - type: array - disable_secret_creation: - description: DisableSecretCreation skips related secret creation for - vmuser - type: boolean - discover_backend_ips: - description: DiscoverBackendIPs instructs discovering URLPrefix backend - IPs via DNS. - type: boolean - drop_src_path_prefix_parts: - description: |- - DropSrcPathPrefixParts is the number of `/`-delimited request path prefix parts to drop before proxying the request to backend. - See [here](https://docs.victoriametrics.com/victoriametrics/vmauth/#dropping-request-path-prefix) for more details. - type: integer - dump_request_on_errors: - description: |- - DumpRequestOnErrors instructs vmauth to return detailed request params to the client - if routing rules don't allow to forward request to the backends. - Useful for debugging `src_hosts` and `src_headers` based routing rules - - available since v1.107.0 vmauth version - type: boolean - generatePassword: - description: |- - GeneratePassword instructs operator to generate password for user - if spec.password if empty. - type: boolean - headers: - description: |- - Headers represent additional http headers, that vmauth uses - in form of ["header_key: header_value"] - multiple values for header key: - ["header_key: value1,value2"] - it's available since 1.68.0 version of vmauth - items: - type: string - type: array - ip_filters: - description: |- - IPFilters defines per target src ip filters - supported only with enterprise version of [vmauth](https://docs.victoriametrics.com/victoriametrics/vmauth/#ip-filters) - properties: - allow_list: - items: - type: string - type: array - deny_list: - items: - type: string - type: array - type: object - load_balancing_policy: - description: |- - LoadBalancingPolicy defines load balancing policy to use for backend urls. - Supported policies: least_loaded, first_available. - See [here](https://docs.victoriametrics.com/victoriametrics/vmauth/#load-balancing) for more details (default "least_loaded") - enum: - - least_loaded - - first_available - type: string - max_concurrent_requests: - description: |- - MaxConcurrentRequests defines max concurrent requests per user - 300 is default value for vmauth - type: integer - metric_labels: - additionalProperties: - type: string - description: MetricLabels - additional labels for metrics exported - by vmauth for given user. - type: object - name: - description: Name of the VMUser object. - type: string - password: - description: Password basic auth password for accessing protected - endpoint. - type: string - passwordRef: - description: PasswordRef allows fetching password from user-create - secret by its name and key. - properties: - key: - description: The key of the secret to select from. Must be a - valid secret key. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the Secret or its key must be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - response_headers: - description: |- - ResponseHeaders represent additional http headers, that vmauth adds for request response - in form of ["header_key: header_value"] - multiple values for header key: - ["header_key: value1,value2"] - it's available since 1.93.0 version of vmauth - items: - type: string - type: array - retry_status_codes: - description: |- - RetryStatusCodes defines http status codes in numeric format for request retries - e.g. [429,503] - items: - type: integer - type: array - targetRefs: - description: TargetRefs - reference to endpoints, which user may access. - items: - description: |- - TargetRef describes target for user traffic forwarding. - one of target types can be chosen: - crd or static per targetRef. - user can define multiple targetRefs with different ref Types. - properties: - crd: - description: |- - CRD describes exist operator's CRD object, - operator generates access url based on CRD params. - properties: - kind: - description: |- - Kind one of: - VMAgent,VMAlert, VMSingle, VMCluster/vmselect, VMCluster/vmstorage,VMCluster/vminsert,VMAlertManager, VLSingle, VLCluster/vlinsert, VLCluster/vlselect, VLCluster/vlstorage, VTSingle, VTCluster/vtinsert, VTCluster/vtselect, VTCluster/vtstorage and VLAgent - enum: - - VMAgent - - VMAlert - - VMSingle - - VLogs - - VMAlertManager - - VMAlertmanager - - VMCluster/vmselect - - VMCluster/vmstorage - - VMCluster/vminsert - - VLSingle - - VLCluster/vlinsert - - VLCluster/vlselect - - VLCluster/vlstorage - - VLAgent - - VTCluster/vtinsert - - VTCluster/vtselect - - VTCluster/vtstorage - - VTSingle - type: string - name: - description: Name target CRD object name - type: string - namespace: - description: Namespace target CRD object namespace. - type: string - required: - - kind - - name - - namespace - type: object - discover_backend_ips: - description: DiscoverBackendIPs instructs discovering URLPrefix - backend IPs via DNS. - type: boolean - drop_src_path_prefix_parts: - description: |- - DropSrcPathPrefixParts is the number of `/`-delimited request path prefix parts to drop before proxying the request to backend. - See [here](https://docs.victoriametrics.com/victoriametrics/vmauth/#dropping-request-path-prefix) for more details. - type: integer - headers: - description: |- - RequestHeaders represent additional http headers, that vmauth uses - in form of ["header_key: header_value"] - multiple values for header key: - ["header_key: value1,value2"] - it's available since 1.68.0 version of vmauth - items: - type: string - type: array - hosts: - items: - type: string - type: array - load_balancing_policy: - description: |- - LoadBalancingPolicy defines load balancing policy to use for backend urls. - Supported policies: least_loaded, first_available. - See [here](https://docs.victoriametrics.com/victoriametrics/vmauth/#load-balancing) for more details (default "least_loaded") - enum: - - least_loaded - - first_available - type: string - paths: - description: Paths - matched path to route. - items: - type: string - type: array - response_headers: - description: |- - ResponseHeaders represent additional http headers, that vmauth adds for request response - in form of ["header_key: header_value"] - multiple values for header key: - ["header_key: value1,value2"] - it's available since 1.93.0 version of vmauth - items: - type: string - type: array - retry_status_codes: - description: |- - RetryStatusCodes defines http status codes in numeric format for request retries - Can be defined per target or at VMUser.spec level - e.g. [429,503] - items: - type: integer - type: array - src_headers: - description: SrcHeaders is an optional list of headers, which - must match request headers. - items: - type: string - type: array - src_query_args: - description: SrcQueryArgs is an optional list of query args, - which must match request URL query args. - items: - type: string - type: array - static: - description: |- - Static - user defined url for traffic forward, - for instance http://vmsingle:8428 - properties: - url: - description: URL http url for given staticRef. - type: string - urls: - description: URLs allows setting multiple urls for load-balancing - at vmauth-side. - items: - type: string - type: array - type: object - target_path_suffix: - description: |- - TargetPathSuffix allows to add some suffix to the target path - It allows to hide tenant configuration from user with crd as ref. - it also may contain any url encoded params. - type: string - targetRefBasicAuth: - description: TargetRefBasicAuth allow an target endpoint to - authenticate over basic authentication - properties: - password: - description: |- - The secret in the service scrape namespace that contains the password - for authentication. - It must be at them same namespace as CRD - properties: - key: - description: The key of the secret to select from. Must - be a valid secret key. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the Secret or its key must - be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - username: - description: |- - The secret in the service scrape namespace that contains the username - for authentication. - It must be at them same namespace as CRD - properties: - key: - description: The key of the secret to select from. Must - be a valid secret key. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the Secret or its key must - be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - required: - - password - - username - type: object - type: object - type: array - tlsConfig: - description: TLSConfig defines tls configuration for the backend connection - properties: - ca: - description: Struct containing the CA cert to use for the targets. - properties: - configMap: - description: ConfigMap containing data to use for the targets. - properties: - key: - description: The key to select. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the ConfigMap or its key - must be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - secret: - description: Secret containing data to use for the targets. - properties: - key: - description: The key of the secret to select from. Must - be a valid secret key. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the Secret or its key must - be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - type: object - caFile: - description: Path to the CA cert in the container to use for the - targets. - type: string - cert: - description: Struct containing the client cert file for the targets. - properties: - configMap: - description: ConfigMap containing data to use for the targets. - properties: - key: - description: The key to select. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the ConfigMap or its key - must be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - secret: - description: Secret containing data to use for the targets. - properties: - key: - description: The key of the secret to select from. Must - be a valid secret key. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the Secret or its key must - be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - type: object - certFile: - description: Path to the client cert file in the container for - the targets. - type: string - insecureSkipVerify: - description: Disable target certificate validation. - type: boolean - keyFile: - description: Path to the client key file in the container for - the targets. - type: string - keySecret: - description: Secret containing the client key file for the targets. - properties: - key: - description: The key of the secret to select from. Must be - a valid secret key. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the Secret or its key must be - defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - serverName: - description: Used to verify the hostname for the targets. - type: string - type: object - tokenRef: - description: TokenRef allows fetching token from user-created secrets - by its name and key. - properties: - key: - description: The key of the secret to select from. Must be a - valid secret key. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the Secret or its key must be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - username: - description: |- - UserName basic auth user name for accessing protected endpoint, - will be replaced with metadata.name of VMUser if omitted. - type: string required: - targetRefs type: object + x-kubernetes-preserve-unknown-fields: true status: description: VMUserStatus defines the observed state of VMUser properties: @@ -39494,2470 +2926,8 @@ spec: type: object spec: description: VTClusterSpec defines the desired state of VTCluster - properties: - clusterDomainName: - description: |- - ClusterDomainName defines domain name suffix for in-cluster dns addresses - aka .cluster.local - used by vtinsert and vtselect to build vtstorage address - type: string - clusterVersion: - description: |- - ClusterVersion defines default images tag for all components. - it can be overwritten with component specific image.tag value. - type: string - imagePullSecrets: - description: |- - ImagePullSecrets An optional list of references to secrets in the same namespace - to use for pulling images from registries - see https://kubernetes.io/docs/concepts/containers/images/#referring-to-an-imagepullsecrets-on-a-pod - items: - description: |- - LocalObjectReference contains enough information to let you locate the - referenced object inside the same namespace. - properties: - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - type: object - x-kubernetes-map-type: atomic - type: array - insert: - description: VTInsert defines vtinsert component configuration at - victoria-traces cluster - properties: - affinity: - description: Affinity If specified, the pod's scheduling constraints. - type: object - x-kubernetes-preserve-unknown-fields: true - configMaps: - description: |- - ConfigMaps is a list of ConfigMaps in the same namespace as the Application - object, which shall be mounted into the Application container - at /etc/vm/configs/CONFIGMAP_NAME folder - items: - type: string - type: array - containers: - description: |- - Containers property allows to inject additions sidecars or to patch existing containers. - It can be useful for proxies, backup, etc. - items: - description: A single application container that you want to - run within a pod. - required: - - name - type: object - x-kubernetes-preserve-unknown-fields: true - type: array - disableAutomountServiceAccountToken: - description: |- - DisableAutomountServiceAccountToken whether to disable serviceAccount auto mount by Kubernetes (available from v0.54.0). - Operator will conditionally create volumes and volumeMounts for containers if it requires k8s API access. - For example, vmagent and vm-config-reloader requires k8s API access. - Operator creates volumes with name: "kube-api-access", which can be used as volumeMount for extraContainers if needed. - And also adds VolumeMounts at /var/run/secrets/kubernetes.io/serviceaccount. - type: boolean - disableSelfServiceScrape: - description: |- - DisableSelfServiceScrape controls creation of VMServiceScrape by operator - for the application. - Has priority over `VM_DISABLESELFSERVICESCRAPECREATION` operator env variable - type: boolean - dnsConfig: - description: |- - Specifies the DNS parameters of a pod. - Parameters specified here will be merged to the generated DNS - configuration based on DNSPolicy. - items: - x-kubernetes-preserve-unknown-fields: true - properties: - nameservers: - description: |- - A list of DNS name server IP addresses. - This will be appended to the base nameservers generated from DNSPolicy. - Duplicated nameservers will be removed. - items: - type: string - type: array - x-kubernetes-list-type: atomic - options: - description: |- - A list of DNS resolver options. - This will be merged with the base options generated from DNSPolicy. - Duplicated entries will be removed. Resolution options given in Options - will override those that appear in the base DNSPolicy. - items: - description: PodDNSConfigOption defines DNS resolver options - of a pod. - properties: - name: - description: |- - Name is this DNS resolver option's name. - Required. - type: string - value: - description: Value is this DNS resolver option's value. - type: string - type: object - type: array - x-kubernetes-list-type: atomic - searches: - description: |- - A list of DNS search domains for host-name lookup. - This will be appended to the base search paths generated from DNSPolicy. - Duplicated search paths will be removed. - items: - type: string - type: array - x-kubernetes-list-type: atomic - type: object - dnsPolicy: - description: DNSPolicy sets DNS policy for the pod - type: string - extraArgs: - additionalProperties: - type: string - description: |- - ExtraArgs that will be passed to the application container - for example remoteWrite.tmpDataPath: /tmp - type: object - extraEnvs: - description: ExtraEnvs that will be passed to the application - container - items: - description: EnvVar represents an environment variable present - in a Container. - properties: - name: - description: Name of the environment variable. Must be a - C_IDENTIFIER. - type: string - value: - description: |- - Variable references $(VAR_NAME) are expanded - using the previously defined environment variables in the container and - any service environment variables. If a variable cannot be resolved, - the reference in the input string will be unchanged. Double $$ are reduced - to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. - "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". - Escaped references will never be expanded, regardless of whether the variable - exists or not. - Defaults to "". - type: string - required: - - name - type: object - x-kubernetes-preserve-unknown-fields: true - type: array - extraEnvsFrom: - description: |- - ExtraEnvsFrom defines source of env variables for the application container - could either be secret or configmap - items: - description: EnvFromSource represents the source of a set of - ConfigMaps - properties: - configMapRef: - description: The ConfigMap to select from - properties: - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the ConfigMap must be defined - type: boolean - type: object - x-kubernetes-map-type: atomic - prefix: - description: An optional identifier to prepend to each key - in the ConfigMap. Must be a C_IDENTIFIER. - type: string - secretRef: - description: The Secret to select from - properties: - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the Secret must be defined - type: boolean - type: object - x-kubernetes-map-type: atomic - type: object - type: array - host_aliases: - description: |- - HostAliasesUnderScore provides mapping for ip and hostname, - that would be propagated to pod, - cannot be used with HostNetwork. - Has Priority over hostAliases field - items: - description: |- - HostAlias holds the mapping between IP and hostnames that will be injected as an entry in the - pod's hosts file. - properties: - hostnames: - description: Hostnames for the above IP address. - items: - type: string - type: array - x-kubernetes-list-type: atomic - ip: - description: IP address of the host file entry. - type: string - required: - - ip - type: object - type: array - hostAliases: - description: |- - HostAliases provides mapping for ip and hostname, - that would be propagated to pod, - cannot be used with HostNetwork. - items: - description: |- - HostAlias holds the mapping between IP and hostnames that will be injected as an entry in the - pod's hosts file. - properties: - hostnames: - description: Hostnames for the above IP address. - items: - type: string - type: array - x-kubernetes-list-type: atomic - ip: - description: IP address of the host file entry. - type: string - required: - - ip - type: object - type: array - hostNetwork: - description: HostNetwork controls whether the pod may use the - node network namespace - type: boolean - hpa: - description: Configures horizontal pod autoscaling. - type: object - x-kubernetes-preserve-unknown-fields: true - image: - description: |- - Image - docker image settings - if no specified operator uses default version from operator config - properties: - pullPolicy: - description: PullPolicy describes how to pull docker image - type: string - repository: - description: Repository contains name of docker image + it's - repository if needed - type: string - tag: - description: Tag contains desired docker image version - type: string - type: object - imagePullSecrets: - description: |- - ImagePullSecrets An optional list of references to secrets in the same namespace - to use for pulling images from registries - see https://kubernetes.io/docs/concepts/containers/images/#referring-to-an-imagepullsecrets-on-a-pod - items: - description: |- - LocalObjectReference contains enough information to let you locate the - referenced object inside the same namespace. - properties: - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - type: object - x-kubernetes-map-type: atomic - type: array - initContainers: - description: |- - InitContainers allows adding initContainers to the pod definition. - Any errors during the execution of an initContainer will lead to a restart of the Pod. - More info: https://kubernetes.io/docs/concepts/workloads/pods/init-containers/ - items: - description: A single application container that you want to - run within a pod. - required: - - name - type: object - x-kubernetes-preserve-unknown-fields: true - type: array - livenessProbe: - description: LivenessProbe that will be added CRD pod - type: object - x-kubernetes-preserve-unknown-fields: true - logFormat: - description: |- - LogFormat for VTSelect to be configured with. - default or json - enum: - - default - - json - type: string - logLevel: - description: LogLevel for VTSelect to be configured with. - enum: - - INFO - - WARN - - ERROR - - FATAL - - PANIC - type: string - minReadySeconds: - description: |- - MinReadySeconds defines a minimum number of seconds to wait before starting update next pod - if previous in healthy state - Has no effect for VLogs and VMSingle - format: int32 - type: integer - nodeSelector: - additionalProperties: - type: string - description: NodeSelector Define which Nodes the Pods are scheduled - on. - type: object - paused: - description: |- - Paused If set to true all actions on the underlying managed objects are not - going to be performed, except for delete actions. - type: boolean - podDisruptionBudget: - description: PodDisruptionBudget created by operator - properties: - maxUnavailable: - anyOf: - - type: integer - - type: string - description: |- - An eviction is allowed if at most "maxUnavailable" pods selected by - "selector" are unavailable after the eviction, i.e. even in absence of - the evicted pod. For example, one can prevent all voluntary evictions - by specifying 0. This is a mutually exclusive setting with "minAvailable". - x-kubernetes-int-or-string: true - minAvailable: - anyOf: - - type: integer - - type: string - description: |- - An eviction is allowed if at least "minAvailable" pods selected by - "selector" will still be available after the eviction, i.e. even in the - absence of the evicted pod. So for example you can prevent all voluntary - evictions by specifying "100%". - x-kubernetes-int-or-string: true - selectorLabels: - additionalProperties: - type: string - description: |- - replaces default labels selector generated by operator - it's useful when you need to create custom budget - type: object - type: object - podMetadata: - description: PodMetadata configures Labels and Annotations which - are propagated to the VTSelect pods. - properties: - annotations: - additionalProperties: - type: string - description: |- - Annotations is an unstructured key value map stored with a resource that may be - set by external tools to store and retrieve arbitrary metadata. They are not - queryable and should be preserved when modifying objects. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations - type: object - labels: - additionalProperties: - type: string - description: |- - Labels Map of string keys and values that can be used to organize and categorize - (scope and select) objects. May match selectors of replication controllers - and services. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels - type: object - name: - description: |- - Name must be unique within a namespace. Is required when creating resources, although - some resources may allow a client to request the generation of an appropriate name - automatically. Name is primarily intended for creation idempotence and configuration - definition. - Cannot be updated. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names#names - type: string - type: object - port: - description: Port listen address - type: string - priorityClassName: - description: PriorityClassName class assigned to the Pods - type: string - readinessGates: - description: ReadinessGates defines pod readiness gates - items: - description: PodReadinessGate contains the reference to a pod - condition - properties: - conditionType: - description: ConditionType refers to a condition in the - pod's condition list with matching type. - type: string - required: - - conditionType - type: object - type: array - readinessProbe: - description: ReadinessProbe that will be added CRD pod - type: object - x-kubernetes-preserve-unknown-fields: true - replicaCount: - description: ReplicaCount is the expected size of the Application. - format: int32 - type: integer - resources: - description: |- - Resources container resource request and limits, https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ - if not defined default resources from operator config will be used - properties: - claims: - description: |- - Claims lists the names of resources, defined in spec.resourceClaims, - that are used by this container. - - This is an alpha field and requires enabling the - DynamicResourceAllocation feature gate. - - This field is immutable. It can only be set for containers. - items: - description: ResourceClaim references one entry in PodSpec.ResourceClaims. - properties: - name: - description: |- - Name must match the name of one entry in pod.spec.resourceClaims of - the Pod where this field is used. It makes that resource available - inside a container. - type: string - request: - description: |- - Request is the name chosen for a request in the referenced claim. - If empty, everything from the claim is made available, otherwise - only the result of this request. - type: string - required: - - name - type: object - type: array - x-kubernetes-list-map-keys: - - name - x-kubernetes-list-type: map - limits: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - description: |- - Limits describes the maximum amount of compute resources allowed. - More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ - type: object - requests: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - description: |- - Requests describes the minimum amount of compute resources required. - If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, - otherwise to an implementation-defined value. Requests cannot exceed Limits. - More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ - type: object - type: object - revisionHistoryLimitCount: - description: |- - The number of old ReplicaSets to retain to allow rollback in deployment or - maximum number of revisions that will be maintained in the Deployment revision history. - Has no effect at StatefulSets - Defaults to 10. - format: int32 - type: integer - rollingUpdate: - description: RollingUpdate - overrides deployment update params. - properties: - maxSurge: - anyOf: - - type: integer - - type: string - description: |- - The maximum number of pods that can be scheduled above the desired number of - pods. - Value can be an absolute number (ex: 5) or a percentage of desired pods (ex: 10%). - This can not be 0 if MaxUnavailable is 0. - Absolute number is calculated from percentage by rounding up. - Defaults to 25%. - Example: when this is set to 30%, the new ReplicaSet can be scaled up immediately when - the rolling update starts, such that the total number of old and new pods do not exceed - 130% of desired pods. Once old pods have been killed, - new ReplicaSet can be scaled up further, ensuring that total number of pods running - at any time during the update is at most 130% of desired pods. - x-kubernetes-int-or-string: true - maxUnavailable: - anyOf: - - type: integer - - type: string - description: |- - The maximum number of pods that can be unavailable during the update. - Value can be an absolute number (ex: 5) or a percentage of desired pods (ex: 10%). - Absolute number is calculated from percentage by rounding down. - This can not be 0 if MaxSurge is 0. - Defaults to 25%. - Example: when this is set to 30%, the old ReplicaSet can be scaled down to 70% of desired pods - immediately when the rolling update starts. Once new pods are ready, old ReplicaSet - can be scaled down further, followed by scaling up the new ReplicaSet, ensuring - that the total number of pods available at all times during the update is at - least 70% of desired pods. - x-kubernetes-int-or-string: true - type: object - runtimeClassName: - description: |- - RuntimeClassName - defines runtime class for kubernetes pod. - https://kubernetes.io/docs/concepts/containers/runtime-class/ - type: string - schedulerName: - description: SchedulerName - defines kubernetes scheduler name - type: string - secrets: - description: |- - Secrets is a list of Secrets in the same namespace as the Application - object, which shall be mounted into the Application container - at /etc/vm/secrets/SECRET_NAME folder - items: - type: string - type: array - securityContext: - description: |- - SecurityContext holds pod-level security attributes and common container settings. - This defaults to the default PodSecurityContext. - type: object - x-kubernetes-preserve-unknown-fields: true - serviceScrapeSpec: - description: ServiceScrapeSpec that will be added to vtselect - VMServiceScrape spec - required: - - endpoints - type: object - x-kubernetes-preserve-unknown-fields: true - serviceSpec: - description: ServiceSpec that will be added to vtselect service - spec - properties: - metadata: - description: EmbeddedObjectMetadata defines objectMeta for - additional service. - properties: - annotations: - additionalProperties: - type: string - description: |- - Annotations is an unstructured key value map stored with a resource that may be - set by external tools to store and retrieve arbitrary metadata. They are not - queryable and should be preserved when modifying objects. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations - type: object - labels: - additionalProperties: - type: string - description: |- - Labels Map of string keys and values that can be used to organize and categorize - (scope and select) objects. May match selectors of replication controllers - and services. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels - type: object - name: - description: |- - Name must be unique within a namespace. Is required when creating resources, although - some resources may allow a client to request the generation of an appropriate name - automatically. Name is primarily intended for creation idempotence and configuration - definition. - Cannot be updated. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names#names - type: string - type: object - spec: - description: |- - ServiceSpec describes the attributes that a user creates on a service. - More info: https://kubernetes.io/docs/concepts/services-networking/service/ - type: object - x-kubernetes-preserve-unknown-fields: true - useAsDefault: - description: |- - UseAsDefault applies changes from given service definition to the main object Service - Changing from headless service to clusterIP or loadbalancer may break cross-component communication - type: boolean - required: - - spec - type: object - startupProbe: - description: StartupProbe that will be added to CRD pod - type: object - x-kubernetes-preserve-unknown-fields: true - terminationGracePeriodSeconds: - description: TerminationGracePeriodSeconds period for container - graceful termination - format: int64 - type: integer - tolerations: - description: Tolerations If specified, the pod's tolerations. - items: - description: |- - The pod this Toleration is attached to tolerates any taint that matches - the triple using the matching operator . - properties: - effect: - description: |- - Effect indicates the taint effect to match. Empty means match all taint effects. - When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute. - type: string - key: - description: |- - Key is the taint key that the toleration applies to. Empty means match all taint keys. - If the key is empty, operator must be Exists; this combination means to match all values and all keys. - type: string - operator: - description: |- - Operator represents a key's relationship to the value. - Valid operators are Exists and Equal. Defaults to Equal. - Exists is equivalent to wildcard for value, so that a pod can - tolerate all taints of a particular category. - type: string - tolerationSeconds: - description: |- - TolerationSeconds represents the period of time the toleration (which must be - of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, - it is not set, which means tolerate the taint forever (do not evict). Zero and - negative values will be treated as 0 (evict immediately) by the system. - format: int64 - type: integer - value: - description: |- - Value is the taint value the toleration matches to. - If the operator is Exists, the value should be empty, otherwise just a regular string. - type: string - type: object - type: array - topologySpreadConstraints: - description: |- - TopologySpreadConstraints embedded kubernetes pod configuration option, - controls how pods are spread across your cluster among failure-domains - such as regions, zones, nodes, and other user-defined topology domains - https://kubernetes.io/docs/concepts/workloads/pods/pod-topology-spread-constraints/ - items: - description: TopologySpreadConstraint specifies how to spread - matching pods among the given topology. - required: - - maxSkew - - topologyKey - - whenUnsatisfiable - type: object - x-kubernetes-preserve-unknown-fields: true - type: array - updateStrategy: - description: UpdateStrategy - overrides default update strategy. - enum: - - Recreate - - RollingUpdate - type: string - useDefaultResources: - description: |- - UseDefaultResources controls resource settings - By default, operator sets built-in resource requirements - type: boolean - useStrictSecurity: - description: |- - UseStrictSecurity enables strict security mode for component - it restricts disk writes access - uses non-root user out of the box - drops not needed security permissions - type: boolean - volumeMounts: - description: |- - VolumeMounts allows configuration of additional VolumeMounts on the output Deployment/StatefulSet definition. - VolumeMounts specified will be appended to other VolumeMounts in the Application container - items: - description: VolumeMount describes a mounting of a Volume within - a container. - properties: - mountPath: - description: |- - Path within the container at which the volume should be mounted. Must - not contain ':'. - type: string - mountPropagation: - description: |- - mountPropagation determines how mounts are propagated from the host - to container and the other way around. - When not set, MountPropagationNone is used. - This field is beta in 1.10. - When RecursiveReadOnly is set to IfPossible or to Enabled, MountPropagation must be None or unspecified - (which defaults to None). - type: string - name: - description: This must match the Name of a Volume. - type: string - readOnly: - description: |- - Mounted read-only if true, read-write otherwise (false or unspecified). - Defaults to false. - type: boolean - recursiveReadOnly: - description: |- - RecursiveReadOnly specifies whether read-only mounts should be handled - recursively. - - If ReadOnly is false, this field has no meaning and must be unspecified. - - If ReadOnly is true, and this field is set to Disabled, the mount is not made - recursively read-only. If this field is set to IfPossible, the mount is made - recursively read-only, if it is supported by the container runtime. If this - field is set to Enabled, the mount is made recursively read-only if it is - supported by the container runtime, otherwise the pod will not be started and - an error will be generated to indicate the reason. - - If this field is set to IfPossible or Enabled, MountPropagation must be set to - None (or be unspecified, which defaults to None). - - If this field is not specified, it is treated as an equivalent of Disabled. - type: string - subPath: - description: |- - Path within the volume from which the container's volume should be mounted. - Defaults to "" (volume's root). - type: string - subPathExpr: - description: |- - Expanded path within the volume from which the container's volume should be mounted. - Behaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment. - Defaults to "" (volume's root). - SubPathExpr and SubPath are mutually exclusive. - type: string - required: - - mountPath - - name - type: object - type: array - volumes: - description: |- - Volumes allows configuration of additional volumes on the output Deployment/StatefulSet definition. - Volumes specified will be appended to other volumes that are generated. - / +optional - items: - description: Volume represents a named volume in a pod that - may be accessed by any container in the pod. - required: - - name - type: object - x-kubernetes-preserve-unknown-fields: true - type: array - type: object - managedMetadata: - description: |- - ManagedMetadata defines metadata that will be added to the all objects - created by operator for the given CustomResource - properties: - annotations: - additionalProperties: - type: string - description: |- - Annotations is an unstructured key value map stored with a resource that may be - set by external tools to store and retrieve arbitrary metadata. They are not - queryable and should be preserved when modifying objects. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations - type: object - labels: - additionalProperties: - type: string - description: |- - Labels Map of string keys and values that can be used to organize and categorize - (scope and select) objects. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels - type: object - type: object - paused: - description: |- - Paused If set to true all actions on the underlying managed objects are not - going to be performed, except for delete actions. - type: boolean - requestsLoadBalancer: - description: |- - RequestsLoadBalancer configures load-balancing for vtinsert and vtselect requests. - It helps to evenly spread load across pods. - Usually it's not possible with Kubernetes TCP-based services. - properties: - disableInsertBalancing: - type: boolean - disableSelectBalancing: - type: boolean - enabled: - type: boolean - spec: - description: |- - VMAuthLoadBalancerSpec defines configuration spec for VMAuth used as load-balancer - for VMCluster component - type: object - x-kubernetes-preserve-unknown-fields: true - type: object - select: - description: VTSelect defines vtselect component configuration at - victoria-traces cluster - properties: - affinity: - description: Affinity If specified, the pod's scheduling constraints. - type: object - x-kubernetes-preserve-unknown-fields: true - configMaps: - description: |- - ConfigMaps is a list of ConfigMaps in the same namespace as the Application - object, which shall be mounted into the Application container - at /etc/vm/configs/CONFIGMAP_NAME folder - items: - type: string - type: array - containers: - description: |- - Containers property allows to inject additions sidecars or to patch existing containers. - It can be useful for proxies, backup, etc. - items: - description: A single application container that you want to - run within a pod. - required: - - name - type: object - x-kubernetes-preserve-unknown-fields: true - type: array - disableAutomountServiceAccountToken: - description: |- - DisableAutomountServiceAccountToken whether to disable serviceAccount auto mount by Kubernetes (available from v0.54.0). - Operator will conditionally create volumes and volumeMounts for containers if it requires k8s API access. - For example, vmagent and vm-config-reloader requires k8s API access. - Operator creates volumes with name: "kube-api-access", which can be used as volumeMount for extraContainers if needed. - And also adds VolumeMounts at /var/run/secrets/kubernetes.io/serviceaccount. - type: boolean - disableSelfServiceScrape: - description: |- - DisableSelfServiceScrape controls creation of VMServiceScrape by operator - for the application. - Has priority over `VM_DISABLESELFSERVICESCRAPECREATION` operator env variable - type: boolean - dnsConfig: - description: |- - Specifies the DNS parameters of a pod. - Parameters specified here will be merged to the generated DNS - configuration based on DNSPolicy. - items: - x-kubernetes-preserve-unknown-fields: true - properties: - nameservers: - description: |- - A list of DNS name server IP addresses. - This will be appended to the base nameservers generated from DNSPolicy. - Duplicated nameservers will be removed. - items: - type: string - type: array - x-kubernetes-list-type: atomic - options: - description: |- - A list of DNS resolver options. - This will be merged with the base options generated from DNSPolicy. - Duplicated entries will be removed. Resolution options given in Options - will override those that appear in the base DNSPolicy. - items: - description: PodDNSConfigOption defines DNS resolver options - of a pod. - properties: - name: - description: |- - Name is this DNS resolver option's name. - Required. - type: string - value: - description: Value is this DNS resolver option's value. - type: string - type: object - type: array - x-kubernetes-list-type: atomic - searches: - description: |- - A list of DNS search domains for host-name lookup. - This will be appended to the base search paths generated from DNSPolicy. - Duplicated search paths will be removed. - items: - type: string - type: array - x-kubernetes-list-type: atomic - type: object - dnsPolicy: - description: DNSPolicy sets DNS policy for the pod - type: string - extraArgs: - additionalProperties: - type: string - description: |- - ExtraArgs that will be passed to the application container - for example remoteWrite.tmpDataPath: /tmp - type: object - extraEnvs: - description: ExtraEnvs that will be passed to the application - container - items: - description: EnvVar represents an environment variable present - in a Container. - properties: - name: - description: Name of the environment variable. Must be a - C_IDENTIFIER. - type: string - value: - description: |- - Variable references $(VAR_NAME) are expanded - using the previously defined environment variables in the container and - any service environment variables. If a variable cannot be resolved, - the reference in the input string will be unchanged. Double $$ are reduced - to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. - "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". - Escaped references will never be expanded, regardless of whether the variable - exists or not. - Defaults to "". - type: string - required: - - name - type: object - x-kubernetes-preserve-unknown-fields: true - type: array - extraEnvsFrom: - description: |- - ExtraEnvsFrom defines source of env variables for the application container - could either be secret or configmap - items: - description: EnvFromSource represents the source of a set of - ConfigMaps - properties: - configMapRef: - description: The ConfigMap to select from - properties: - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the ConfigMap must be defined - type: boolean - type: object - x-kubernetes-map-type: atomic - prefix: - description: An optional identifier to prepend to each key - in the ConfigMap. Must be a C_IDENTIFIER. - type: string - secretRef: - description: The Secret to select from - properties: - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the Secret must be defined - type: boolean - type: object - x-kubernetes-map-type: atomic - type: object - type: array - host_aliases: - description: |- - HostAliasesUnderScore provides mapping for ip and hostname, - that would be propagated to pod, - cannot be used with HostNetwork. - Has Priority over hostAliases field - items: - description: |- - HostAlias holds the mapping between IP and hostnames that will be injected as an entry in the - pod's hosts file. - properties: - hostnames: - description: Hostnames for the above IP address. - items: - type: string - type: array - x-kubernetes-list-type: atomic - ip: - description: IP address of the host file entry. - type: string - required: - - ip - type: object - type: array - hostAliases: - description: |- - HostAliases provides mapping for ip and hostname, - that would be propagated to pod, - cannot be used with HostNetwork. - items: - description: |- - HostAlias holds the mapping between IP and hostnames that will be injected as an entry in the - pod's hosts file. - properties: - hostnames: - description: Hostnames for the above IP address. - items: - type: string - type: array - x-kubernetes-list-type: atomic - ip: - description: IP address of the host file entry. - type: string - required: - - ip - type: object - type: array - hostNetwork: - description: HostNetwork controls whether the pod may use the - node network namespace - type: boolean - hpa: - description: Configures horizontal pod autoscaling. - type: object - x-kubernetes-preserve-unknown-fields: true - image: - description: |- - Image - docker image settings - if no specified operator uses default version from operator config - properties: - pullPolicy: - description: PullPolicy describes how to pull docker image - type: string - repository: - description: Repository contains name of docker image + it's - repository if needed - type: string - tag: - description: Tag contains desired docker image version - type: string - type: object - imagePullSecrets: - description: |- - ImagePullSecrets An optional list of references to secrets in the same namespace - to use for pulling images from registries - see https://kubernetes.io/docs/concepts/containers/images/#referring-to-an-imagepullsecrets-on-a-pod - items: - description: |- - LocalObjectReference contains enough information to let you locate the - referenced object inside the same namespace. - properties: - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - type: object - x-kubernetes-map-type: atomic - type: array - initContainers: - description: |- - InitContainers allows adding initContainers to the pod definition. - Any errors during the execution of an initContainer will lead to a restart of the Pod. - More info: https://kubernetes.io/docs/concepts/workloads/pods/init-containers/ - items: - description: A single application container that you want to - run within a pod. - required: - - name - type: object - x-kubernetes-preserve-unknown-fields: true - type: array - livenessProbe: - description: LivenessProbe that will be added CRD pod - type: object - x-kubernetes-preserve-unknown-fields: true - logFormat: - description: |- - LogFormat for VTSelect to be configured with. - default or json - enum: - - default - - json - type: string - logLevel: - description: LogLevel for VTSelect to be configured with. - enum: - - INFO - - WARN - - ERROR - - FATAL - - PANIC - type: string - minReadySeconds: - description: |- - MinReadySeconds defines a minimum number of seconds to wait before starting update next pod - if previous in healthy state - Has no effect for VLogs and VMSingle - format: int32 - type: integer - nodeSelector: - additionalProperties: - type: string - description: NodeSelector Define which Nodes the Pods are scheduled - on. - type: object - paused: - description: |- - Paused If set to true all actions on the underlying managed objects are not - going to be performed, except for delete actions. - type: boolean - podDisruptionBudget: - description: PodDisruptionBudget created by operator - properties: - maxUnavailable: - anyOf: - - type: integer - - type: string - description: |- - An eviction is allowed if at most "maxUnavailable" pods selected by - "selector" are unavailable after the eviction, i.e. even in absence of - the evicted pod. For example, one can prevent all voluntary evictions - by specifying 0. This is a mutually exclusive setting with "minAvailable". - x-kubernetes-int-or-string: true - minAvailable: - anyOf: - - type: integer - - type: string - description: |- - An eviction is allowed if at least "minAvailable" pods selected by - "selector" will still be available after the eviction, i.e. even in the - absence of the evicted pod. So for example you can prevent all voluntary - evictions by specifying "100%". - x-kubernetes-int-or-string: true - selectorLabels: - additionalProperties: - type: string - description: |- - replaces default labels selector generated by operator - it's useful when you need to create custom budget - type: object - type: object - podMetadata: - description: PodMetadata configures Labels and Annotations which - are propagated to the VTSelect pods. - properties: - annotations: - additionalProperties: - type: string - description: |- - Annotations is an unstructured key value map stored with a resource that may be - set by external tools to store and retrieve arbitrary metadata. They are not - queryable and should be preserved when modifying objects. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations - type: object - labels: - additionalProperties: - type: string - description: |- - Labels Map of string keys and values that can be used to organize and categorize - (scope and select) objects. May match selectors of replication controllers - and services. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels - type: object - name: - description: |- - Name must be unique within a namespace. Is required when creating resources, although - some resources may allow a client to request the generation of an appropriate name - automatically. Name is primarily intended for creation idempotence and configuration - definition. - Cannot be updated. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names#names - type: string - type: object - port: - description: Port listen address - type: string - priorityClassName: - description: PriorityClassName class assigned to the Pods - type: string - readinessGates: - description: ReadinessGates defines pod readiness gates - items: - description: PodReadinessGate contains the reference to a pod - condition - properties: - conditionType: - description: ConditionType refers to a condition in the - pod's condition list with matching type. - type: string - required: - - conditionType - type: object - type: array - readinessProbe: - description: ReadinessProbe that will be added CRD pod - type: object - x-kubernetes-preserve-unknown-fields: true - replicaCount: - description: ReplicaCount is the expected size of the Application. - format: int32 - type: integer - resources: - description: |- - Resources container resource request and limits, https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ - if not defined default resources from operator config will be used - properties: - claims: - description: |- - Claims lists the names of resources, defined in spec.resourceClaims, - that are used by this container. - - This is an alpha field and requires enabling the - DynamicResourceAllocation feature gate. - - This field is immutable. It can only be set for containers. - items: - description: ResourceClaim references one entry in PodSpec.ResourceClaims. - properties: - name: - description: |- - Name must match the name of one entry in pod.spec.resourceClaims of - the Pod where this field is used. It makes that resource available - inside a container. - type: string - request: - description: |- - Request is the name chosen for a request in the referenced claim. - If empty, everything from the claim is made available, otherwise - only the result of this request. - type: string - required: - - name - type: object - type: array - x-kubernetes-list-map-keys: - - name - x-kubernetes-list-type: map - limits: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - description: |- - Limits describes the maximum amount of compute resources allowed. - More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ - type: object - requests: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - description: |- - Requests describes the minimum amount of compute resources required. - If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, - otherwise to an implementation-defined value. Requests cannot exceed Limits. - More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ - type: object - type: object - revisionHistoryLimitCount: - description: |- - The number of old ReplicaSets to retain to allow rollback in deployment or - maximum number of revisions that will be maintained in the Deployment revision history. - Has no effect at StatefulSets - Defaults to 10. - format: int32 - type: integer - rollingUpdate: - description: RollingUpdate - overrides deployment update params. - properties: - maxSurge: - anyOf: - - type: integer - - type: string - description: |- - The maximum number of pods that can be scheduled above the desired number of - pods. - Value can be an absolute number (ex: 5) or a percentage of desired pods (ex: 10%). - This can not be 0 if MaxUnavailable is 0. - Absolute number is calculated from percentage by rounding up. - Defaults to 25%. - Example: when this is set to 30%, the new ReplicaSet can be scaled up immediately when - the rolling update starts, such that the total number of old and new pods do not exceed - 130% of desired pods. Once old pods have been killed, - new ReplicaSet can be scaled up further, ensuring that total number of pods running - at any time during the update is at most 130% of desired pods. - x-kubernetes-int-or-string: true - maxUnavailable: - anyOf: - - type: integer - - type: string - description: |- - The maximum number of pods that can be unavailable during the update. - Value can be an absolute number (ex: 5) or a percentage of desired pods (ex: 10%). - Absolute number is calculated from percentage by rounding down. - This can not be 0 if MaxSurge is 0. - Defaults to 25%. - Example: when this is set to 30%, the old ReplicaSet can be scaled down to 70% of desired pods - immediately when the rolling update starts. Once new pods are ready, old ReplicaSet - can be scaled down further, followed by scaling up the new ReplicaSet, ensuring - that the total number of pods available at all times during the update is at - least 70% of desired pods. - x-kubernetes-int-or-string: true - type: object - runtimeClassName: - description: |- - RuntimeClassName - defines runtime class for kubernetes pod. - https://kubernetes.io/docs/concepts/containers/runtime-class/ - type: string - schedulerName: - description: SchedulerName - defines kubernetes scheduler name - type: string - secrets: - description: |- - Secrets is a list of Secrets in the same namespace as the Application - object, which shall be mounted into the Application container - at /etc/vm/secrets/SECRET_NAME folder - items: - type: string - type: array - securityContext: - description: |- - SecurityContext holds pod-level security attributes and common container settings. - This defaults to the default PodSecurityContext. - type: object - x-kubernetes-preserve-unknown-fields: true - serviceScrapeSpec: - description: ServiceScrapeSpec that will be added to vtselect - VMServiceScrape spec - required: - - endpoints - type: object - x-kubernetes-preserve-unknown-fields: true - serviceSpec: - description: ServiceSpec that will be added to vtselect service - spec - properties: - metadata: - description: EmbeddedObjectMetadata defines objectMeta for - additional service. - properties: - annotations: - additionalProperties: - type: string - description: |- - Annotations is an unstructured key value map stored with a resource that may be - set by external tools to store and retrieve arbitrary metadata. They are not - queryable and should be preserved when modifying objects. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations - type: object - labels: - additionalProperties: - type: string - description: |- - Labels Map of string keys and values that can be used to organize and categorize - (scope and select) objects. May match selectors of replication controllers - and services. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels - type: object - name: - description: |- - Name must be unique within a namespace. Is required when creating resources, although - some resources may allow a client to request the generation of an appropriate name - automatically. Name is primarily intended for creation idempotence and configuration - definition. - Cannot be updated. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names#names - type: string - type: object - spec: - description: |- - ServiceSpec describes the attributes that a user creates on a service. - More info: https://kubernetes.io/docs/concepts/services-networking/service/ - type: object - x-kubernetes-preserve-unknown-fields: true - useAsDefault: - description: |- - UseAsDefault applies changes from given service definition to the main object Service - Changing from headless service to clusterIP or loadbalancer may break cross-component communication - type: boolean - required: - - spec - type: object - startupProbe: - description: StartupProbe that will be added to CRD pod - type: object - x-kubernetes-preserve-unknown-fields: true - terminationGracePeriodSeconds: - description: TerminationGracePeriodSeconds period for container - graceful termination - format: int64 - type: integer - tolerations: - description: Tolerations If specified, the pod's tolerations. - items: - description: |- - The pod this Toleration is attached to tolerates any taint that matches - the triple using the matching operator . - properties: - effect: - description: |- - Effect indicates the taint effect to match. Empty means match all taint effects. - When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute. - type: string - key: - description: |- - Key is the taint key that the toleration applies to. Empty means match all taint keys. - If the key is empty, operator must be Exists; this combination means to match all values and all keys. - type: string - operator: - description: |- - Operator represents a key's relationship to the value. - Valid operators are Exists and Equal. Defaults to Equal. - Exists is equivalent to wildcard for value, so that a pod can - tolerate all taints of a particular category. - type: string - tolerationSeconds: - description: |- - TolerationSeconds represents the period of time the toleration (which must be - of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, - it is not set, which means tolerate the taint forever (do not evict). Zero and - negative values will be treated as 0 (evict immediately) by the system. - format: int64 - type: integer - value: - description: |- - Value is the taint value the toleration matches to. - If the operator is Exists, the value should be empty, otherwise just a regular string. - type: string - type: object - type: array - topologySpreadConstraints: - description: |- - TopologySpreadConstraints embedded kubernetes pod configuration option, - controls how pods are spread across your cluster among failure-domains - such as regions, zones, nodes, and other user-defined topology domains - https://kubernetes.io/docs/concepts/workloads/pods/pod-topology-spread-constraints/ - items: - description: TopologySpreadConstraint specifies how to spread - matching pods among the given topology. - required: - - maxSkew - - topologyKey - - whenUnsatisfiable - type: object - x-kubernetes-preserve-unknown-fields: true - type: array - updateStrategy: - description: UpdateStrategy - overrides default update strategy. - enum: - - Recreate - - RollingUpdate - type: string - useDefaultResources: - description: |- - UseDefaultResources controls resource settings - By default, operator sets built-in resource requirements - type: boolean - useStrictSecurity: - description: |- - UseStrictSecurity enables strict security mode for component - it restricts disk writes access - uses non-root user out of the box - drops not needed security permissions - type: boolean - volumeMounts: - description: |- - VolumeMounts allows configuration of additional VolumeMounts on the output Deployment/StatefulSet definition. - VolumeMounts specified will be appended to other VolumeMounts in the Application container - items: - description: VolumeMount describes a mounting of a Volume within - a container. - properties: - mountPath: - description: |- - Path within the container at which the volume should be mounted. Must - not contain ':'. - type: string - mountPropagation: - description: |- - mountPropagation determines how mounts are propagated from the host - to container and the other way around. - When not set, MountPropagationNone is used. - This field is beta in 1.10. - When RecursiveReadOnly is set to IfPossible or to Enabled, MountPropagation must be None or unspecified - (which defaults to None). - type: string - name: - description: This must match the Name of a Volume. - type: string - readOnly: - description: |- - Mounted read-only if true, read-write otherwise (false or unspecified). - Defaults to false. - type: boolean - recursiveReadOnly: - description: |- - RecursiveReadOnly specifies whether read-only mounts should be handled - recursively. - - If ReadOnly is false, this field has no meaning and must be unspecified. - - If ReadOnly is true, and this field is set to Disabled, the mount is not made - recursively read-only. If this field is set to IfPossible, the mount is made - recursively read-only, if it is supported by the container runtime. If this - field is set to Enabled, the mount is made recursively read-only if it is - supported by the container runtime, otherwise the pod will not be started and - an error will be generated to indicate the reason. - - If this field is set to IfPossible or Enabled, MountPropagation must be set to - None (or be unspecified, which defaults to None). - - If this field is not specified, it is treated as an equivalent of Disabled. - type: string - subPath: - description: |- - Path within the volume from which the container's volume should be mounted. - Defaults to "" (volume's root). - type: string - subPathExpr: - description: |- - Expanded path within the volume from which the container's volume should be mounted. - Behaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment. - Defaults to "" (volume's root). - SubPathExpr and SubPath are mutually exclusive. - type: string - required: - - mountPath - - name - type: object - type: array - volumes: - description: |- - Volumes allows configuration of additional volumes on the output Deployment/StatefulSet definition. - Volumes specified will be appended to other volumes that are generated. - / +optional - items: - description: Volume represents a named volume in a pod that - may be accessed by any container in the pod. - required: - - name - type: object - x-kubernetes-preserve-unknown-fields: true - type: array - type: object - serviceAccountName: - description: |- - ServiceAccountName is the name of the ServiceAccount to use to run the - VTSelect, VTInsert and VTStorage Pods. - type: string - storage: - description: VTStorage defines vtstorage component configuration at - victoria-traces cluster - properties: - affinity: - description: Affinity If specified, the pod's scheduling constraints. - type: object - x-kubernetes-preserve-unknown-fields: true - claimTemplates: - description: ClaimTemplates allows adding additional VolumeClaimTemplates - for StatefulSet - items: - description: PersistentVolumeClaim is a user's request for and - claim to a persistent volume - type: object - x-kubernetes-preserve-unknown-fields: true - type: array - configMaps: - description: |- - ConfigMaps is a list of ConfigMaps in the same namespace as the Application - object, which shall be mounted into the Application container - at /etc/vm/configs/CONFIGMAP_NAME folder - items: - type: string - type: array - containers: - description: |- - Containers property allows to inject additions sidecars or to patch existing containers. - It can be useful for proxies, backup, etc. - items: - description: A single application container that you want to - run within a pod. - required: - - name - type: object - x-kubernetes-preserve-unknown-fields: true - type: array - disableAutomountServiceAccountToken: - description: |- - DisableAutomountServiceAccountToken whether to disable serviceAccount auto mount by Kubernetes (available from v0.54.0). - Operator will conditionally create volumes and volumeMounts for containers if it requires k8s API access. - For example, vmagent and vm-config-reloader requires k8s API access. - Operator creates volumes with name: "kube-api-access", which can be used as volumeMount for extraContainers if needed. - And also adds VolumeMounts at /var/run/secrets/kubernetes.io/serviceaccount. - type: boolean - disableSelfServiceScrape: - description: |- - DisableSelfServiceScrape controls creation of VMServiceScrape by operator - for the application. - Has priority over `VM_DISABLESELFSERVICESCRAPECREATION` operator env variable - type: boolean - dnsConfig: - description: |- - Specifies the DNS parameters of a pod. - Parameters specified here will be merged to the generated DNS - configuration based on DNSPolicy. - items: - x-kubernetes-preserve-unknown-fields: true - properties: - nameservers: - description: |- - A list of DNS name server IP addresses. - This will be appended to the base nameservers generated from DNSPolicy. - Duplicated nameservers will be removed. - items: - type: string - type: array - x-kubernetes-list-type: atomic - options: - description: |- - A list of DNS resolver options. - This will be merged with the base options generated from DNSPolicy. - Duplicated entries will be removed. Resolution options given in Options - will override those that appear in the base DNSPolicy. - items: - description: PodDNSConfigOption defines DNS resolver options - of a pod. - properties: - name: - description: |- - Name is this DNS resolver option's name. - Required. - type: string - value: - description: Value is this DNS resolver option's value. - type: string - type: object - type: array - x-kubernetes-list-type: atomic - searches: - description: |- - A list of DNS search domains for host-name lookup. - This will be appended to the base search paths generated from DNSPolicy. - Duplicated search paths will be removed. - items: - type: string - type: array - x-kubernetes-list-type: atomic - type: object - dnsPolicy: - description: DNSPolicy sets DNS policy for the pod - type: string - extraArgs: - additionalProperties: - type: string - description: |- - ExtraArgs that will be passed to the application container - for example remoteWrite.tmpDataPath: /tmp - type: object - extraEnvs: - description: ExtraEnvs that will be passed to the application - container - items: - description: EnvVar represents an environment variable present - in a Container. - properties: - name: - description: Name of the environment variable. Must be a - C_IDENTIFIER. - type: string - value: - description: |- - Variable references $(VAR_NAME) are expanded - using the previously defined environment variables in the container and - any service environment variables. If a variable cannot be resolved, - the reference in the input string will be unchanged. Double $$ are reduced - to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. - "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". - Escaped references will never be expanded, regardless of whether the variable - exists or not. - Defaults to "". - type: string - required: - - name - type: object - x-kubernetes-preserve-unknown-fields: true - type: array - extraEnvsFrom: - description: |- - ExtraEnvsFrom defines source of env variables for the application container - could either be secret or configmap - items: - description: EnvFromSource represents the source of a set of - ConfigMaps - properties: - configMapRef: - description: The ConfigMap to select from - properties: - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the ConfigMap must be defined - type: boolean - type: object - x-kubernetes-map-type: atomic - prefix: - description: An optional identifier to prepend to each key - in the ConfigMap. Must be a C_IDENTIFIER. - type: string - secretRef: - description: The Secret to select from - properties: - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the Secret must be defined - type: boolean - type: object - x-kubernetes-map-type: atomic - type: object - type: array - futureRetention: - description: |- - FutureRetention for the stored traces - Log entries with timestamps bigger than now+futureRetention are rejected during data ingestion - see https://docs.victoriametrics.com/victoriatraces/#configure-and-run-victoriatraces - pattern: ^[0-9]+(h|d|w|y)?$ - type: string - host_aliases: - description: |- - HostAliasesUnderScore provides mapping for ip and hostname, - that would be propagated to pod, - cannot be used with HostNetwork. - Has Priority over hostAliases field - items: - description: |- - HostAlias holds the mapping between IP and hostnames that will be injected as an entry in the - pod's hosts file. - properties: - hostnames: - description: Hostnames for the above IP address. - items: - type: string - type: array - x-kubernetes-list-type: atomic - ip: - description: IP address of the host file entry. - type: string - required: - - ip - type: object - type: array - hostAliases: - description: |- - HostAliases provides mapping for ip and hostname, - that would be propagated to pod, - cannot be used with HostNetwork. - items: - description: |- - HostAlias holds the mapping between IP and hostnames that will be injected as an entry in the - pod's hosts file. - properties: - hostnames: - description: Hostnames for the above IP address. - items: - type: string - type: array - x-kubernetes-list-type: atomic - ip: - description: IP address of the host file entry. - type: string - required: - - ip - type: object - type: array - hostNetwork: - description: HostNetwork controls whether the pod may use the - node network namespace - type: boolean - image: - description: |- - Image - docker image settings - if no specified operator uses default version from operator config - properties: - pullPolicy: - description: PullPolicy describes how to pull docker image - type: string - repository: - description: Repository contains name of docker image + it's - repository if needed - type: string - tag: - description: Tag contains desired docker image version - type: string - type: object - imagePullSecrets: - description: |- - ImagePullSecrets An optional list of references to secrets in the same namespace - to use for pulling images from registries - see https://kubernetes.io/docs/concepts/containers/images/#referring-to-an-imagepullsecrets-on-a-pod - items: - description: |- - LocalObjectReference contains enough information to let you locate the - referenced object inside the same namespace. - properties: - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - type: object - x-kubernetes-map-type: atomic - type: array - initContainers: - description: |- - InitContainers allows adding initContainers to the pod definition. - Any errors during the execution of an initContainer will lead to a restart of the Pod. - More info: https://kubernetes.io/docs/concepts/workloads/pods/init-containers/ - items: - description: A single application container that you want to - run within a pod. - required: - - name - type: object - x-kubernetes-preserve-unknown-fields: true - type: array - livenessProbe: - description: LivenessProbe that will be added CRD pod - type: object - x-kubernetes-preserve-unknown-fields: true - logFormat: - description: |- - LogFormat for VTStorage to be configured with. - default or json - enum: - - default - - json - type: string - logIngestedRows: - description: |- - Whether to log all the ingested log entries; this can be useful for debugging of data ingestion - see https://docs.victoriametrics.com/victoriatraces/#configure-and-run-victoriatraces - type: boolean - logLevel: - description: LogLevel for VTStorage to be configured with. - enum: - - INFO - - WARN - - ERROR - - FATAL - - PANIC - type: string - logNewStreams: - description: |- - LogNewStreams Whether to log creation of new streams; this can be useful for debugging of high cardinality issues with log streams - see https://docs.victoriametrics.com/victoriatraces/#configure-and-run-victoriatraces - type: boolean - maintenanceInsertNodeIDs: - description: |- - MaintenanceInsertNodeIDs - excludes given node ids from insert requests routing, must contain pod suffixes - for pod-0, id will be 0 and etc. - lets say, you have pod-0, pod-1, pod-2, pod-3. to exclude pod-0 and pod-3 from insert routing, define nodeIDs: [0,3]. - Useful at storage expanding, when you want to rebalance some data at cluster. - items: - format: int32 - type: integer - type: array - maintenanceSelectNodeIDs: - description: MaintenanceInsertNodeIDs - excludes given node ids - from select requests routing, must contain pod suffixes - for - pod-0, id will be 0 and etc. - items: - format: int32 - type: integer - type: array - minReadySeconds: - description: |- - MinReadySeconds defines a minimum number of seconds to wait before starting update next pod - if previous in healthy state - Has no effect for VLogs and VMSingle - format: int32 - type: integer - nodeSelector: - additionalProperties: - type: string - description: NodeSelector Define which Nodes the Pods are scheduled - on. - type: object - paused: - description: |- - Paused If set to true all actions on the underlying managed objects are not - going to be performed, except for delete actions. - type: boolean - persistentVolumeClaimRetentionPolicy: - description: PersistentVolumeClaimRetentionPolicy allows configuration - of PVC retention policy - properties: - whenDeleted: - description: |- - WhenDeleted specifies what happens to PVCs created from StatefulSet - VolumeClaimTemplates when the StatefulSet is deleted. The default policy - of `Retain` causes PVCs to not be affected by StatefulSet deletion. The - `Delete` policy causes those PVCs to be deleted. - type: string - whenScaled: - description: |- - WhenScaled specifies what happens to PVCs created from StatefulSet - VolumeClaimTemplates when the StatefulSet is scaled down. The default - policy of `Retain` causes PVCs to not be affected by a scaledown. The - `Delete` policy causes the associated PVCs for any excess pods above - the replica count to be deleted. - type: string - type: object - podDisruptionBudget: - description: PodDisruptionBudget created by operator - properties: - maxUnavailable: - anyOf: - - type: integer - - type: string - description: |- - An eviction is allowed if at most "maxUnavailable" pods selected by - "selector" are unavailable after the eviction, i.e. even in absence of - the evicted pod. For example, one can prevent all voluntary evictions - by specifying 0. This is a mutually exclusive setting with "minAvailable". - x-kubernetes-int-or-string: true - minAvailable: - anyOf: - - type: integer - - type: string - description: |- - An eviction is allowed if at least "minAvailable" pods selected by - "selector" will still be available after the eviction, i.e. even in the - absence of the evicted pod. So for example you can prevent all voluntary - evictions by specifying "100%". - x-kubernetes-int-or-string: true - selectorLabels: - additionalProperties: - type: string - description: |- - replaces default labels selector generated by operator - it's useful when you need to create custom budget - type: object - type: object - podMetadata: - description: PodMetadata configures Labels and Annotations which - are propagated to the VTStorage pods. - properties: - annotations: - additionalProperties: - type: string - description: |- - Annotations is an unstructured key value map stored with a resource that may be - set by external tools to store and retrieve arbitrary metadata. They are not - queryable and should be preserved when modifying objects. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations - type: object - labels: - additionalProperties: - type: string - description: |- - Labels Map of string keys and values that can be used to organize and categorize - (scope and select) objects. May match selectors of replication controllers - and services. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels - type: object - name: - description: |- - Name must be unique within a namespace. Is required when creating resources, although - some resources may allow a client to request the generation of an appropriate name - automatically. Name is primarily intended for creation idempotence and configuration - definition. - Cannot be updated. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names#names - type: string - type: object - port: - description: Port listen address - type: string - priorityClassName: - description: PriorityClassName class assigned to the Pods - type: string - readinessGates: - description: ReadinessGates defines pod readiness gates - items: - description: PodReadinessGate contains the reference to a pod - condition - properties: - conditionType: - description: ConditionType refers to a condition in the - pod's condition list with matching type. - type: string - required: - - conditionType - type: object - type: array - readinessProbe: - description: ReadinessProbe that will be added CRD pod - type: object - x-kubernetes-preserve-unknown-fields: true - replicaCount: - description: ReplicaCount is the expected size of the Application. - format: int32 - type: integer - resources: - description: |- - Resources container resource request and limits, https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ - if not defined default resources from operator config will be used - properties: - claims: - description: |- - Claims lists the names of resources, defined in spec.resourceClaims, - that are used by this container. - - This is an alpha field and requires enabling the - DynamicResourceAllocation feature gate. - - This field is immutable. It can only be set for containers. - items: - description: ResourceClaim references one entry in PodSpec.ResourceClaims. - properties: - name: - description: |- - Name must match the name of one entry in pod.spec.resourceClaims of - the Pod where this field is used. It makes that resource available - inside a container. - type: string - request: - description: |- - Request is the name chosen for a request in the referenced claim. - If empty, everything from the claim is made available, otherwise - only the result of this request. - type: string - required: - - name - type: object - type: array - x-kubernetes-list-map-keys: - - name - x-kubernetes-list-type: map - limits: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - description: |- - Limits describes the maximum amount of compute resources allowed. - More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ - type: object - requests: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - description: |- - Requests describes the minimum amount of compute resources required. - If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, - otherwise to an implementation-defined value. Requests cannot exceed Limits. - More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ - type: object - type: object - retentionMaxDiskSpaceUsageBytes: - description: |- - RetentionMaxDiskSpaceUsageBytes for the stored traces - VictoriaTraces keeps at least two last days of data in order to guarantee that the traces for the last day can be returned in queries. - This means that the total disk space usage may exceed the -retention.maxDiskSpaceUsageBytes, - if the size of the last two days of data exceeds the -retention.maxDiskSpaceUsageBytes. - https://docs.victoriametrics.com/victoriatraces/#configure-and-run-victoriatraces - type: string - retentionPeriod: - description: |- - RetentionPeriod for the stored traces - https://docs.victoriametrics.com/victoriatraces/#configure-and-run-victoriatraces - pattern: ^[0-9]+(h|d|w|y)?$ - type: string - revisionHistoryLimitCount: - description: |- - The number of old ReplicaSets to retain to allow rollback in deployment or - maximum number of revisions that will be maintained in the Deployment revision history. - Has no effect at StatefulSets - Defaults to 10. - format: int32 - type: integer - rollingUpdateStrategy: - description: |- - RollingUpdateStrategy defines strategy for application updates - Default is OnDelete, in this case operator handles update process - Can be changed for RollingUpdate - type: string - rollingUpdateStrategyBehavior: - description: |- - RollingUpdateStrategyBehavior defines customized behavior for rolling updates. - It applies if the RollingUpdateStrategy is set to OnDelete, which is the default. - properties: - maxUnavailable: - anyOf: - - type: integer - - type: string - description: |- - MaxUnavailable defines the maximum number of pods that can be unavailable during the update. - It can be specified as an absolute number (e.g. 2) or a percentage of the total pods (e.g. "50%"). - For example, if set to 100%, all pods will be upgraded at once, minimizing downtime when needed. - x-kubernetes-int-or-string: true - type: object - runtimeClassName: - description: |- - RuntimeClassName - defines runtime class for kubernetes pod. - https://kubernetes.io/docs/concepts/containers/runtime-class/ - type: string - schedulerName: - description: SchedulerName - defines kubernetes scheduler name - type: string - secrets: - description: |- - Secrets is a list of Secrets in the same namespace as the Application - object, which shall be mounted into the Application container - at /etc/vm/secrets/SECRET_NAME folder - items: - type: string - type: array - securityContext: - description: |- - SecurityContext holds pod-level security attributes and common container settings. - This defaults to the default PodSecurityContext. - type: object - x-kubernetes-preserve-unknown-fields: true - serviceScrapeSpec: - description: ServiceScrapeSpec that will be added to vtselect - VMServiceScrape spec - required: - - endpoints - type: object - x-kubernetes-preserve-unknown-fields: true - serviceSpec: - description: ServiceSpec that will be added to vtselect service - spec - properties: - metadata: - description: EmbeddedObjectMetadata defines objectMeta for - additional service. - properties: - annotations: - additionalProperties: - type: string - description: |- - Annotations is an unstructured key value map stored with a resource that may be - set by external tools to store and retrieve arbitrary metadata. They are not - queryable and should be preserved when modifying objects. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations - type: object - labels: - additionalProperties: - type: string - description: |- - Labels Map of string keys and values that can be used to organize and categorize - (scope and select) objects. May match selectors of replication controllers - and services. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels - type: object - name: - description: |- - Name must be unique within a namespace. Is required when creating resources, although - some resources may allow a client to request the generation of an appropriate name - automatically. Name is primarily intended for creation idempotence and configuration - definition. - Cannot be updated. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names#names - type: string - type: object - spec: - description: |- - ServiceSpec describes the attributes that a user creates on a service. - More info: https://kubernetes.io/docs/concepts/services-networking/service/ - type: object - x-kubernetes-preserve-unknown-fields: true - useAsDefault: - description: |- - UseAsDefault applies changes from given service definition to the main object Service - Changing from headless service to clusterIP or loadbalancer may break cross-component communication - type: boolean - required: - - spec - type: object - startupProbe: - description: StartupProbe that will be added to CRD pod - type: object - x-kubernetes-preserve-unknown-fields: true - storage: - description: Storage configures persistent volume for VTStorage - properties: - disableMountSubPath: - description: |- - Deprecated: subPath usage will be disabled by default in a future release, this option will become unnecessary. - DisableMountSubPath allows to remove any subPath usage in volume mounts. - type: boolean - emptyDir: - description: |- - EmptyDirVolumeSource to be used by the Prometheus StatefulSets. If specified, used in place of any volumeClaimTemplate. More - info: https://kubernetes.io/docs/concepts/storage/volumes/#emptydir - properties: - medium: - description: |- - medium represents what type of storage medium should back this directory. - The default is "" which means to use the node's default medium. - Must be an empty string (default) or Memory. - More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir - type: string - sizeLimit: - anyOf: - - type: integer - - type: string - description: |- - sizeLimit is the total amount of local storage required for this EmptyDir volume. - The size limit is also applicable for memory medium. - The maximum usage on memory medium EmptyDir would be the minimum value between - the SizeLimit specified here and the sum of memory limits of all containers in a pod. - The default is nil which means that the limit is undefined. - More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - type: object - volumeClaimTemplate: - description: A PVC spec to be used by the StatefulSets/Deployments. - type: object - x-kubernetes-preserve-unknown-fields: true - type: object - storageDataPath: - description: StorageDataPath - path to storage data - type: string - terminationGracePeriodSeconds: - description: TerminationGracePeriodSeconds period for container - graceful termination - format: int64 - type: integer - tolerations: - description: Tolerations If specified, the pod's tolerations. - items: - description: |- - The pod this Toleration is attached to tolerates any taint that matches - the triple using the matching operator . - properties: - effect: - description: |- - Effect indicates the taint effect to match. Empty means match all taint effects. - When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute. - type: string - key: - description: |- - Key is the taint key that the toleration applies to. Empty means match all taint keys. - If the key is empty, operator must be Exists; this combination means to match all values and all keys. - type: string - operator: - description: |- - Operator represents a key's relationship to the value. - Valid operators are Exists and Equal. Defaults to Equal. - Exists is equivalent to wildcard for value, so that a pod can - tolerate all taints of a particular category. - type: string - tolerationSeconds: - description: |- - TolerationSeconds represents the period of time the toleration (which must be - of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, - it is not set, which means tolerate the taint forever (do not evict). Zero and - negative values will be treated as 0 (evict immediately) by the system. - format: int64 - type: integer - value: - description: |- - Value is the taint value the toleration matches to. - If the operator is Exists, the value should be empty, otherwise just a regular string. - type: string - type: object - type: array - topologySpreadConstraints: - description: |- - TopologySpreadConstraints embedded kubernetes pod configuration option, - controls how pods are spread across your cluster among failure-domains - such as regions, zones, nodes, and other user-defined topology domains - https://kubernetes.io/docs/concepts/workloads/pods/pod-topology-spread-constraints/ - items: - description: TopologySpreadConstraint specifies how to spread - matching pods among the given topology. - required: - - maxSkew - - topologyKey - - whenUnsatisfiable - type: object - x-kubernetes-preserve-unknown-fields: true - type: array - useDefaultResources: - description: |- - UseDefaultResources controls resource settings - By default, operator sets built-in resource requirements - type: boolean - useStrictSecurity: - description: |- - UseStrictSecurity enables strict security mode for component - it restricts disk writes access - uses non-root user out of the box - drops not needed security permissions - type: boolean - volumeMounts: - description: |- - VolumeMounts allows configuration of additional VolumeMounts on the output Deployment/StatefulSet definition. - VolumeMounts specified will be appended to other VolumeMounts in the Application container - items: - description: VolumeMount describes a mounting of a Volume within - a container. - properties: - mountPath: - description: |- - Path within the container at which the volume should be mounted. Must - not contain ':'. - type: string - mountPropagation: - description: |- - mountPropagation determines how mounts are propagated from the host - to container and the other way around. - When not set, MountPropagationNone is used. - This field is beta in 1.10. - When RecursiveReadOnly is set to IfPossible or to Enabled, MountPropagation must be None or unspecified - (which defaults to None). - type: string - name: - description: This must match the Name of a Volume. - type: string - readOnly: - description: |- - Mounted read-only if true, read-write otherwise (false or unspecified). - Defaults to false. - type: boolean - recursiveReadOnly: - description: |- - RecursiveReadOnly specifies whether read-only mounts should be handled - recursively. - - If ReadOnly is false, this field has no meaning and must be unspecified. - - If ReadOnly is true, and this field is set to Disabled, the mount is not made - recursively read-only. If this field is set to IfPossible, the mount is made - recursively read-only, if it is supported by the container runtime. If this - field is set to Enabled, the mount is made recursively read-only if it is - supported by the container runtime, otherwise the pod will not be started and - an error will be generated to indicate the reason. - - If this field is set to IfPossible or Enabled, MountPropagation must be set to - None (or be unspecified, which defaults to None). - - If this field is not specified, it is treated as an equivalent of Disabled. - type: string - subPath: - description: |- - Path within the volume from which the container's volume should be mounted. - Defaults to "" (volume's root). - type: string - subPathExpr: - description: |- - Expanded path within the volume from which the container's volume should be mounted. - Behaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment. - Defaults to "" (volume's root). - SubPathExpr and SubPath are mutually exclusive. - type: string - required: - - mountPath - - name - type: object - type: array - volumes: - description: |- - Volumes allows configuration of additional volumes on the output Deployment/StatefulSet definition. - Volumes specified will be appended to other volumes that are generated. - / +optional - items: - description: Volume represents a named volume in a pod that - may be accessed by any container in the pod. - required: - - name - type: object - x-kubernetes-preserve-unknown-fields: true - type: array - type: object - useStrictSecurity: - description: |- - UseStrictSecurity enables strict security mode for component - it restricts disk writes access - uses non-root user out of the box - drops not needed security permissions - type: boolean type: object + x-kubernetes-preserve-unknown-fields: true status: description: VTClusterStatus defines the observed state of VTCluster properties: @@ -42092,971 +3062,8 @@ spec: type: object spec: description: VTSingleSpec defines the desired state of VTSingle - properties: - affinity: - description: Affinity If specified, the pod's scheduling constraints. - type: object - x-kubernetes-preserve-unknown-fields: true - configMaps: - description: |- - ConfigMaps is a list of ConfigMaps in the same namespace as the Application - object, which shall be mounted into the Application container - at /etc/vm/configs/CONFIGMAP_NAME folder - items: - type: string - type: array - containers: - description: |- - Containers property allows to inject additions sidecars or to patch existing containers. - It can be useful for proxies, backup, etc. - items: - description: A single application container that you want to run - within a pod. - required: - - name - type: object - x-kubernetes-preserve-unknown-fields: true - type: array - disableAutomountServiceAccountToken: - description: |- - DisableAutomountServiceAccountToken whether to disable serviceAccount auto mount by Kubernetes (available from v0.54.0). - Operator will conditionally create volumes and volumeMounts for containers if it requires k8s API access. - For example, vmagent and vm-config-reloader requires k8s API access. - Operator creates volumes with name: "kube-api-access", which can be used as volumeMount for extraContainers if needed. - And also adds VolumeMounts at /var/run/secrets/kubernetes.io/serviceaccount. - type: boolean - disableSelfServiceScrape: - description: |- - DisableSelfServiceScrape controls creation of VMServiceScrape by operator - for the application. - Has priority over `VM_DISABLESELFSERVICESCRAPECREATION` operator env variable - type: boolean - dnsConfig: - description: |- - Specifies the DNS parameters of a pod. - Parameters specified here will be merged to the generated DNS - configuration based on DNSPolicy. - items: - x-kubernetes-preserve-unknown-fields: true - properties: - nameservers: - description: |- - A list of DNS name server IP addresses. - This will be appended to the base nameservers generated from DNSPolicy. - Duplicated nameservers will be removed. - items: - type: string - type: array - x-kubernetes-list-type: atomic - options: - description: |- - A list of DNS resolver options. - This will be merged with the base options generated from DNSPolicy. - Duplicated entries will be removed. Resolution options given in Options - will override those that appear in the base DNSPolicy. - items: - description: PodDNSConfigOption defines DNS resolver options - of a pod. - properties: - name: - description: |- - Name is this DNS resolver option's name. - Required. - type: string - value: - description: Value is this DNS resolver option's value. - type: string - type: object - type: array - x-kubernetes-list-type: atomic - searches: - description: |- - A list of DNS search domains for host-name lookup. - This will be appended to the base search paths generated from DNSPolicy. - Duplicated search paths will be removed. - items: - type: string - type: array - x-kubernetes-list-type: atomic - type: object - dnsPolicy: - description: DNSPolicy sets DNS policy for the pod - type: string - extraArgs: - additionalProperties: - type: string - description: |- - ExtraArgs that will be passed to the application container - for example remoteWrite.tmpDataPath: /tmp - type: object - extraEnvs: - description: ExtraEnvs that will be passed to the application container - items: - description: EnvVar represents an environment variable present in - a Container. - properties: - name: - description: Name of the environment variable. Must be a C_IDENTIFIER. - type: string - value: - description: |- - Variable references $(VAR_NAME) are expanded - using the previously defined environment variables in the container and - any service environment variables. If a variable cannot be resolved, - the reference in the input string will be unchanged. Double $$ are reduced - to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. - "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". - Escaped references will never be expanded, regardless of whether the variable - exists or not. - Defaults to "". - type: string - required: - - name - type: object - x-kubernetes-preserve-unknown-fields: true - type: array - extraEnvsFrom: - description: |- - ExtraEnvsFrom defines source of env variables for the application container - could either be secret or configmap - items: - description: EnvFromSource represents the source of a set of ConfigMaps - properties: - configMapRef: - description: The ConfigMap to select from - properties: - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the ConfigMap must be defined - type: boolean - type: object - x-kubernetes-map-type: atomic - prefix: - description: An optional identifier to prepend to each key in - the ConfigMap. Must be a C_IDENTIFIER. - type: string - secretRef: - description: The Secret to select from - properties: - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the Secret must be defined - type: boolean - type: object - x-kubernetes-map-type: atomic - type: object - type: array - futureRetention: - description: |- - FutureRetention for the stored traces - Log entries with timestamps bigger than now+futureRetention are rejected during data ingestion; - see https://docs.victoriametrics.com/victoriatraces/#configure-and-run-victoriatraces - pattern: ^[0-9]+(h|d|y)?$ - type: string - host_aliases: - description: |- - HostAliasesUnderScore provides mapping for ip and hostname, - that would be propagated to pod, - cannot be used with HostNetwork. - Has Priority over hostAliases field - items: - description: |- - HostAlias holds the mapping between IP and hostnames that will be injected as an entry in the - pod's hosts file. - properties: - hostnames: - description: Hostnames for the above IP address. - items: - type: string - type: array - x-kubernetes-list-type: atomic - ip: - description: IP address of the host file entry. - type: string - required: - - ip - type: object - type: array - hostAliases: - description: |- - HostAliases provides mapping for ip and hostname, - that would be propagated to pod, - cannot be used with HostNetwork. - items: - description: |- - HostAlias holds the mapping between IP and hostnames that will be injected as an entry in the - pod's hosts file. - properties: - hostnames: - description: Hostnames for the above IP address. - items: - type: string - type: array - x-kubernetes-list-type: atomic - ip: - description: IP address of the host file entry. - type: string - required: - - ip - type: object - type: array - hostNetwork: - description: HostNetwork controls whether the pod may use the node - network namespace - type: boolean - image: - description: |- - Image - docker image settings - if no specified operator uses default version from operator config - properties: - pullPolicy: - description: PullPolicy describes how to pull docker image - type: string - repository: - description: Repository contains name of docker image + it's repository - if needed - type: string - tag: - description: Tag contains desired docker image version - type: string - type: object - imagePullSecrets: - description: |- - ImagePullSecrets An optional list of references to secrets in the same namespace - to use for pulling images from registries - see https://kubernetes.io/docs/concepts/containers/images/#referring-to-an-imagepullsecrets-on-a-pod - items: - description: |- - LocalObjectReference contains enough information to let you locate the - referenced object inside the same namespace. - properties: - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - type: object - x-kubernetes-map-type: atomic - type: array - initContainers: - description: |- - InitContainers allows adding initContainers to the pod definition. - Any errors during the execution of an initContainer will lead to a restart of the Pod. - More info: https://kubernetes.io/docs/concepts/workloads/pods/init-containers/ - items: - description: A single application container that you want to run - within a pod. - required: - - name - type: object - x-kubernetes-preserve-unknown-fields: true - type: array - livenessProbe: - description: LivenessProbe that will be added CRD pod - type: object - x-kubernetes-preserve-unknown-fields: true - logFormat: - description: LogFormat for VTSingle to be configured with. - enum: - - default - - json - type: string - logIngestedRows: - description: |- - Whether to log all the ingested log entries; this can be useful for debugging of data ingestion; - see https://docs.victoriametrics.com/victoriatraces/#configure-and-run-victoriatraces - type: boolean - logLevel: - description: LogLevel for VictoriaTraces to be configured with. - enum: - - INFO - - WARN - - ERROR - - FATAL - - PANIC - type: string - logNewStreams: - description: |- - LogNewStreams Whether to log creation of new streams; this can be useful for debugging of high cardinality issues with log streams; - see https://docs.victoriametrics.com/victoriatraces/#configure-and-run-victoriatraces - type: boolean - managedMetadata: - description: |- - ManagedMetadata defines metadata that will be added to the all objects - created by operator for the given CustomResource - properties: - annotations: - additionalProperties: - type: string - description: |- - Annotations is an unstructured key value map stored with a resource that may be - set by external tools to store and retrieve arbitrary metadata. They are not - queryable and should be preserved when modifying objects. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations - type: object - labels: - additionalProperties: - type: string - description: |- - Labels Map of string keys and values that can be used to organize and categorize - (scope and select) objects. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels - type: object - type: object - minReadySeconds: - description: |- - MinReadySeconds defines a minimum number of seconds to wait before starting update next pod - if previous in healthy state - Has no effect for VLogs and VMSingle - format: int32 - type: integer - nodeSelector: - additionalProperties: - type: string - description: NodeSelector Define which Nodes the Pods are scheduled - on. - type: object - paused: - description: |- - Paused If set to true all actions on the underlying managed objects are not - going to be performed, except for delete actions. - type: boolean - podMetadata: - description: PodMetadata configures Labels and Annotations which are - propagated to the VTSingle pods. - properties: - annotations: - additionalProperties: - type: string - description: |- - Annotations is an unstructured key value map stored with a resource that may be - set by external tools to store and retrieve arbitrary metadata. They are not - queryable and should be preserved when modifying objects. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations - type: object - labels: - additionalProperties: - type: string - description: |- - Labels Map of string keys and values that can be used to organize and categorize - (scope and select) objects. May match selectors of replication controllers - and services. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels - type: object - name: - description: |- - Name must be unique within a namespace. Is required when creating resources, although - some resources may allow a client to request the generation of an appropriate name - automatically. Name is primarily intended for creation idempotence and configuration - definition. - Cannot be updated. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names#names - type: string - type: object - port: - description: Port listen address - type: string - priorityClassName: - description: PriorityClassName class assigned to the Pods - type: string - readinessGates: - description: ReadinessGates defines pod readiness gates - items: - description: PodReadinessGate contains the reference to a pod condition - properties: - conditionType: - description: ConditionType refers to a condition in the pod's - condition list with matching type. - type: string - required: - - conditionType - type: object - type: array - readinessProbe: - description: ReadinessProbe that will be added CRD pod - type: object - x-kubernetes-preserve-unknown-fields: true - replicaCount: - description: ReplicaCount is the expected size of the Application. - format: int32 - type: integer - resources: - description: |- - Resources container resource request and limits, https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ - if not defined default resources from operator config will be used - properties: - claims: - description: |- - Claims lists the names of resources, defined in spec.resourceClaims, - that are used by this container. - - This is an alpha field and requires enabling the - DynamicResourceAllocation feature gate. - - This field is immutable. It can only be set for containers. - items: - description: ResourceClaim references one entry in PodSpec.ResourceClaims. - properties: - name: - description: |- - Name must match the name of one entry in pod.spec.resourceClaims of - the Pod where this field is used. It makes that resource available - inside a container. - type: string - request: - description: |- - Request is the name chosen for a request in the referenced claim. - If empty, everything from the claim is made available, otherwise - only the result of this request. - type: string - required: - - name - type: object - type: array - x-kubernetes-list-map-keys: - - name - x-kubernetes-list-type: map - limits: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - description: |- - Limits describes the maximum amount of compute resources allowed. - More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ - type: object - requests: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - description: |- - Requests describes the minimum amount of compute resources required. - If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, - otherwise to an implementation-defined value. Requests cannot exceed Limits. - More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ - type: object - type: object - retentionMaxDiskSpaceUsageBytes: - description: |- - RetentionMaxDiskSpaceUsageBytes for the stored traces - VictoriaTraces keeps at least two last days of data in order to guarantee that the traces for the last day can be returned in queries. - This means that the total disk space usage may exceed the -retention.maxDiskSpaceUsageBytes, - if the size of the last two days of data exceeds the -retention.maxDiskSpaceUsageBytes. - https://docs.victoriametrics.com/victoriatraces/#configure-and-run-victoriatraces - type: string - retentionPeriod: - description: |- - RetentionPeriod for the stored traces - https://docs.victoriametrics.com/victoriatraces/#configure-and-run-victoriatraces - pattern: ^[0-9]+(h|d|w|y)?$ - type: string - revisionHistoryLimitCount: - description: |- - The number of old ReplicaSets to retain to allow rollback in deployment or - maximum number of revisions that will be maintained in the Deployment revision history. - Has no effect at StatefulSets - Defaults to 10. - format: int32 - type: integer - runtimeClassName: - description: |- - RuntimeClassName - defines runtime class for kubernetes pod. - https://kubernetes.io/docs/concepts/containers/runtime-class/ - type: string - schedulerName: - description: SchedulerName - defines kubernetes scheduler name - type: string - secrets: - description: |- - Secrets is a list of Secrets in the same namespace as the Application - object, which shall be mounted into the Application container - at /etc/vm/secrets/SECRET_NAME folder - items: - type: string - type: array - securityContext: - description: |- - SecurityContext holds pod-level security attributes and common container settings. - This defaults to the default PodSecurityContext. - type: object - x-kubernetes-preserve-unknown-fields: true - serviceAccountName: - description: ServiceAccountName is the name of the ServiceAccount - to use to run the pods - type: string - serviceScrapeSpec: - description: ServiceScrapeSpec that will be added to vtsingle VMServiceScrape - spec - required: - - endpoints - type: object - x-kubernetes-preserve-unknown-fields: true - serviceSpec: - description: ServiceSpec that will be added to vtsingle service spec - properties: - metadata: - description: EmbeddedObjectMetadata defines objectMeta for additional - service. - properties: - annotations: - additionalProperties: - type: string - description: |- - Annotations is an unstructured key value map stored with a resource that may be - set by external tools to store and retrieve arbitrary metadata. They are not - queryable and should be preserved when modifying objects. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations - type: object - labels: - additionalProperties: - type: string - description: |- - Labels Map of string keys and values that can be used to organize and categorize - (scope and select) objects. May match selectors of replication controllers - and services. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels - type: object - name: - description: |- - Name must be unique within a namespace. Is required when creating resources, although - some resources may allow a client to request the generation of an appropriate name - automatically. Name is primarily intended for creation idempotence and configuration - definition. - Cannot be updated. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names#names - type: string - type: object - spec: - description: |- - ServiceSpec describes the attributes that a user creates on a service. - More info: https://kubernetes.io/docs/concepts/services-networking/service/ - type: object - x-kubernetes-preserve-unknown-fields: true - useAsDefault: - description: |- - UseAsDefault applies changes from given service definition to the main object Service - Changing from headless service to clusterIP or loadbalancer may break cross-component communication - type: boolean - required: - - spec - type: object - startupProbe: - description: StartupProbe that will be added to CRD pod - type: object - x-kubernetes-preserve-unknown-fields: true - storage: - description: |- - Storage is the definition of how storage will be used by the VTSingle - by default it`s empty dir - properties: - accessModes: - description: |- - accessModes contains the desired access modes the volume should have. - More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1 - items: - type: string - type: array - x-kubernetes-list-type: atomic - dataSource: - description: |- - dataSource field can be used to specify either: - * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot) - * An existing PVC (PersistentVolumeClaim) - If the provisioner or an external controller can support the specified data source, - it will create a new volume based on the contents of the specified data source. - When the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef, - and dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified. - If the namespace is specified, then dataSourceRef will not be copied to dataSource. - properties: - apiGroup: - description: |- - APIGroup is the group for the resource being referenced. - If APIGroup is not specified, the specified Kind must be in the core API group. - For any other third-party types, APIGroup is required. - type: string - kind: - description: Kind is the type of resource being referenced - type: string - name: - description: Name is the name of resource being referenced - type: string - required: - - kind - - name - type: object - x-kubernetes-map-type: atomic - dataSourceRef: - description: |- - dataSourceRef specifies the object from which to populate the volume with data, if a non-empty - volume is desired. This may be any object from a non-empty API group (non - core object) or a PersistentVolumeClaim object. - When this field is specified, volume binding will only succeed if the type of - the specified object matches some installed volume populator or dynamic - provisioner. - This field will replace the functionality of the dataSource field and as such - if both fields are non-empty, they must have the same value. For backwards - compatibility, when namespace isn't specified in dataSourceRef, - both fields (dataSource and dataSourceRef) will be set to the same - value automatically if one of them is empty and the other is non-empty. - When namespace is specified in dataSourceRef, - dataSource isn't set to the same value and must be empty. - There are three important differences between dataSource and dataSourceRef: - * While dataSource only allows two specific types of objects, dataSourceRef - allows any non-core object, as well as PersistentVolumeClaim objects. - * While dataSource ignores disallowed values (dropping them), dataSourceRef - preserves all values, and generates an error if a disallowed value is - specified. - * While dataSource only allows local objects, dataSourceRef allows objects - in any namespaces. - (Beta) Using this field requires the AnyVolumeDataSource feature gate to be enabled. - (Alpha) Using the namespace field of dataSourceRef requires the CrossNamespaceVolumeDataSource feature gate to be enabled. - properties: - apiGroup: - description: |- - APIGroup is the group for the resource being referenced. - If APIGroup is not specified, the specified Kind must be in the core API group. - For any other third-party types, APIGroup is required. - type: string - kind: - description: Kind is the type of resource being referenced - type: string - name: - description: Name is the name of resource being referenced - type: string - namespace: - description: |- - Namespace is the namespace of resource being referenced - Note that when a namespace is specified, a gateway.networking.k8s.io/ReferenceGrant object is required in the referent namespace to allow that namespace's owner to accept the reference. See the ReferenceGrant documentation for details. - (Alpha) This field requires the CrossNamespaceVolumeDataSource feature gate to be enabled. - type: string - required: - - kind - - name - type: object - resources: - description: |- - resources represents the minimum resources the volume should have. - If RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements - that are lower than previous value but must still be higher than capacity recorded in the - status field of the claim. - More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources - properties: - limits: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - description: |- - Limits describes the maximum amount of compute resources allowed. - More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ - type: object - requests: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - description: |- - Requests describes the minimum amount of compute resources required. - If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, - otherwise to an implementation-defined value. Requests cannot exceed Limits. - More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ - type: object - type: object - selector: - description: selector is a label query over volumes to consider - for binding. - properties: - matchExpressions: - description: matchExpressions is a list of label selector - requirements. The requirements are ANDed. - items: - description: |- - A label selector requirement is a selector that contains values, a key, and an operator that - relates the key and values. - properties: - key: - description: key is the label key that the selector - applies to. - type: string - operator: - description: |- - operator represents a key's relationship to a set of values. - Valid operators are In, NotIn, Exists and DoesNotExist. - type: string - values: - description: |- - values is an array of string values. If the operator is In or NotIn, - the values array must be non-empty. If the operator is Exists or DoesNotExist, - the values array must be empty. This array is replaced during a strategic - merge patch. - items: - type: string - type: array - x-kubernetes-list-type: atomic - required: - - key - - operator - type: object - type: array - x-kubernetes-list-type: atomic - matchLabels: - additionalProperties: - type: string - description: |- - matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels - map is equivalent to an element of matchExpressions, whose key field is "key", the - operator is "In", and the values array contains only "value". The requirements are ANDed. - type: object - type: object - x-kubernetes-map-type: atomic - storageClassName: - description: |- - storageClassName is the name of the StorageClass required by the claim. - More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1 - type: string - volumeAttributesClassName: - description: |- - volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim. - If specified, the CSI driver will create or update the volume with the attributes defined - in the corresponding VolumeAttributesClass. This has a different purpose than storageClassName, - it can be changed after the claim is created. An empty string value means that no VolumeAttributesClass - will be applied to the claim but it's not allowed to reset this field to empty string once it is set. - If unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass - will be set by the persistentvolume controller if it exists. - If the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be - set to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource - exists. - More info: https://kubernetes.io/docs/concepts/storage/volume-attributes-classes/ - (Beta) Using this field requires the VolumeAttributesClass feature gate to be enabled (off by default). - type: string - volumeMode: - description: |- - volumeMode defines what type of volume is required by the claim. - Value of Filesystem is implied when not included in claim spec. - type: string - volumeName: - description: volumeName is the binding reference to the PersistentVolume - backing this claim. - type: string - type: object - storageDataPath: - description: |- - StorageDataPath disables spec.storage option and overrides arg for victoria-traces binary --storageDataPath, - its users responsibility to mount proper device into given path. - type: string - storageMetadata: - description: StorageMeta defines annotations and labels attached to - PVC for given vtsingle CR - properties: - annotations: - additionalProperties: - type: string - description: |- - Annotations is an unstructured key value map stored with a resource that may be - set by external tools to store and retrieve arbitrary metadata. They are not - queryable and should be preserved when modifying objects. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations - type: object - labels: - additionalProperties: - type: string - description: |- - Labels Map of string keys and values that can be used to organize and categorize - (scope and select) objects. May match selectors of replication controllers - and services. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels - type: object - name: - description: |- - Name must be unique within a namespace. Is required when creating resources, although - some resources may allow a client to request the generation of an appropriate name - automatically. Name is primarily intended for creation idempotence and configuration - definition. - Cannot be updated. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names#names - type: string - type: object - terminationGracePeriodSeconds: - description: TerminationGracePeriodSeconds period for container graceful - termination - format: int64 - type: integer - tolerations: - description: Tolerations If specified, the pod's tolerations. - items: - description: |- - The pod this Toleration is attached to tolerates any taint that matches - the triple using the matching operator . - properties: - effect: - description: |- - Effect indicates the taint effect to match. Empty means match all taint effects. - When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute. - type: string - key: - description: |- - Key is the taint key that the toleration applies to. Empty means match all taint keys. - If the key is empty, operator must be Exists; this combination means to match all values and all keys. - type: string - operator: - description: |- - Operator represents a key's relationship to the value. - Valid operators are Exists and Equal. Defaults to Equal. - Exists is equivalent to wildcard for value, so that a pod can - tolerate all taints of a particular category. - type: string - tolerationSeconds: - description: |- - TolerationSeconds represents the period of time the toleration (which must be - of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, - it is not set, which means tolerate the taint forever (do not evict). Zero and - negative values will be treated as 0 (evict immediately) by the system. - format: int64 - type: integer - value: - description: |- - Value is the taint value the toleration matches to. - If the operator is Exists, the value should be empty, otherwise just a regular string. - type: string - type: object - type: array - topologySpreadConstraints: - description: |- - TopologySpreadConstraints embedded kubernetes pod configuration option, - controls how pods are spread across your cluster among failure-domains - such as regions, zones, nodes, and other user-defined topology domains - https://kubernetes.io/docs/concepts/workloads/pods/pod-topology-spread-constraints/ - items: - description: TopologySpreadConstraint specifies how to spread matching - pods among the given topology. - required: - - maxSkew - - topologyKey - - whenUnsatisfiable - type: object - x-kubernetes-preserve-unknown-fields: true - type: array - useDefaultResources: - description: |- - UseDefaultResources controls resource settings - By default, operator sets built-in resource requirements - type: boolean - useStrictSecurity: - description: |- - UseStrictSecurity enables strict security mode for component - it restricts disk writes access - uses non-root user out of the box - drops not needed security permissions - type: boolean - volumeMounts: - description: |- - VolumeMounts allows configuration of additional VolumeMounts on the output Deployment/StatefulSet definition. - VolumeMounts specified will be appended to other VolumeMounts in the Application container - items: - description: VolumeMount describes a mounting of a Volume within - a container. - properties: - mountPath: - description: |- - Path within the container at which the volume should be mounted. Must - not contain ':'. - type: string - mountPropagation: - description: |- - mountPropagation determines how mounts are propagated from the host - to container and the other way around. - When not set, MountPropagationNone is used. - This field is beta in 1.10. - When RecursiveReadOnly is set to IfPossible or to Enabled, MountPropagation must be None or unspecified - (which defaults to None). - type: string - name: - description: This must match the Name of a Volume. - type: string - readOnly: - description: |- - Mounted read-only if true, read-write otherwise (false or unspecified). - Defaults to false. - type: boolean - recursiveReadOnly: - description: |- - RecursiveReadOnly specifies whether read-only mounts should be handled - recursively. - - If ReadOnly is false, this field has no meaning and must be unspecified. - - If ReadOnly is true, and this field is set to Disabled, the mount is not made - recursively read-only. If this field is set to IfPossible, the mount is made - recursively read-only, if it is supported by the container runtime. If this - field is set to Enabled, the mount is made recursively read-only if it is - supported by the container runtime, otherwise the pod will not be started and - an error will be generated to indicate the reason. - - If this field is set to IfPossible or Enabled, MountPropagation must be set to - None (or be unspecified, which defaults to None). - - If this field is not specified, it is treated as an equivalent of Disabled. - type: string - subPath: - description: |- - Path within the volume from which the container's volume should be mounted. - Defaults to "" (volume's root). - type: string - subPathExpr: - description: |- - Expanded path within the volume from which the container's volume should be mounted. - Behaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment. - Defaults to "" (volume's root). - SubPathExpr and SubPath are mutually exclusive. - type: string - required: - - mountPath - - name - type: object - type: array - volumes: - description: |- - Volumes allows configuration of additional volumes on the output Deployment/StatefulSet definition. - Volumes specified will be appended to other volumes that are generated. - / +optional - items: - description: Volume represents a named volume in a pod that may - be accessed by any container in the pod. - required: - - name - type: object - x-kubernetes-preserve-unknown-fields: true - type: array type: object + x-kubernetes-preserve-unknown-fields: true status: description: VTSingleStatus defines the observed state of VTSingle properties: diff --git a/charts/victoria-metrics-operator/templates/cleanup.yaml b/charts/victoria-metrics-operator/templates/cleanup.yaml index 02f911afe..a1696190f 100644 --- a/charts/victoria-metrics-operator/templates/cleanup.yaml +++ b/charts/victoria-metrics-operator/templates/cleanup.yaml @@ -1,4 +1,4 @@ -{{- if and .Values.crds.enabled .Values.crds.cleanup.enabled }} +{{- if .Values.crds.cleanup.enabled }} {{- $app := .Values.crds.cleanup }} {{- if empty ($app.image).tag }} {{- $tag := regexSplit "[+-]" .Capabilities.KubeVersion.Version -1 | first -}} @@ -36,9 +36,15 @@ spec: {{- if .Values.securityContext.enabled }} securityContext: {{ include "vm.securityContext" (dict "securityContext" .Values.securityContext "helm" .) | nindent 12 }} {{- end }} + {{- $names := default list }} + {{- $crds := .Files.Get "crd.yaml" | splitList "---" }} + {{- range $crds }} + {{- $crd := . | fromYaml }} + {{- $names = append $names $crd.spec.names.singular }} + {{- end }} args: - delete - - {{ (keys .Values.admissionWebhooks.enabledCRDValidation) | sortAlpha | join "," }} + - {{ $names | sortAlpha | join "," }} - --all - --ignore-not-found=true restartPolicy: OnFailure diff --git a/charts/victoria-metrics-operator/templates/crb.yaml b/charts/victoria-metrics-operator/templates/crb.yaml index 783270740..9bf378aba 100644 --- a/charts/victoria-metrics-operator/templates/crb.yaml +++ b/charts/victoria-metrics-operator/templates/crb.yaml @@ -21,7 +21,7 @@ roleRef: name: {{ $fullname }} apiGroup: rbac.authorization.k8s.io {{- end -}} -{{- if and .Values.crds.enabled .Values.crds.cleanup.enabled }} +{{- if .Values.crds.cleanup.enabled }} --- apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRoleBinding diff --git a/charts/victoria-metrics-operator/templates/crd.yaml b/charts/victoria-metrics-operator/templates/crd.yaml index d5bf4b77d..d5cb31b62 100644 --- a/charts/victoria-metrics-operator/templates/crd.yaml +++ b/charts/victoria-metrics-operator/templates/crd.yaml @@ -8,9 +8,8 @@ {{- if and (not .Values.crds.plain) .Values.crds.enabled }} {{- $files := .Files }} {{- $crds := $files.Get "crd.yaml" | splitList "---" }} - {{- $labels := (include "vm.labels" $ctx) | fromYaml -}} {{- $annotations := mergeOverwrite ((include "vm-operator.crds.annotations" .) | fromYaml) .Values.crds.annotations -}} - {{- $extra := dict "metadata" (dict "annotations" $annotations "labels" $labels) -}} + {{- $extra := dict "metadata" (dict "annotations" $annotations) -}} {{- range $crds }} {{- $crd := merge (fromYaml .) $extra }} {{- range $attrKey, $attrValue := $crd }} diff --git a/charts/victoria-metrics-operator/templates/role.yaml b/charts/victoria-metrics-operator/templates/role.yaml index 97e0bf3d2..ab4497434 100644 --- a/charts/victoria-metrics-operator/templates/role.yaml +++ b/charts/victoria-metrics-operator/templates/role.yaml @@ -1,10 +1,10 @@ {{- $rules := default dict }} -{{- $fileContentsList := .Files.Get "crd.yaml" | splitList "---" }} +{{- $crds := .Files.Get "crd.yaml" | splitList "---" }} {{- $groups := dict }} -{{- range $fileContentsList }} - {{- $fileContents := . | fromYaml }} - {{- $group := $fileContents.spec.group }} - {{- $plural:= $fileContents.spec.names.plural }} +{{- range $crds }} + {{- $crd := . | fromYaml }} + {{- $group := $crd.spec.group }} + {{- $plural:= $crd.spec.names.plural }} {{- $resources := get $groups $group | default (list) }} {{- $resources = concat $resources (list $plural (printf "%s/finalizers" $plural) (printf "%s/status" $plural)) }} {{- $groups = set $groups $group $resources }} @@ -180,7 +180,7 @@ rules: {{ toYaml . }} {{- end }} {{- end }} -{{- if and .Values.crds.enabled .Values.crds.cleanup.enabled }} +{{- if .Values.crds.cleanup.enabled }} --- apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole diff --git a/charts/victoria-metrics-operator/templates/serviceaccount.yaml b/charts/victoria-metrics-operator/templates/serviceaccount.yaml index 59d26fba1..a73626f9d 100644 --- a/charts/victoria-metrics-operator/templates/serviceaccount.yaml +++ b/charts/victoria-metrics-operator/templates/serviceaccount.yaml @@ -15,7 +15,7 @@ metadata: {{- end }} automountServiceAccountToken: {{ .Values.serviceAccount.automountServiceAccountToken }} {{- end }} -{{- if and .Values.crds.enabled .Values.crds.cleanup.enabled }} +{{- if .Values.crds.cleanup.enabled }} --- apiVersion: v1 kind: ServiceAccount diff --git a/charts/victoria-metrics-operator/templates/webhook.yaml b/charts/victoria-metrics-operator/templates/webhook.yaml index 0718d376f..fe9eb79bb 100644 --- a/charts/victoria-metrics-operator/templates/webhook.yaml +++ b/charts/victoria-metrics-operator/templates/webhook.yaml @@ -7,7 +7,7 @@ {{- $certManager := .Values.admissionWebhooks.certManager }} {{- $files := .Files }} {{- $crds := $files.Get "crd.yaml" | splitList "---" }} -{{- $enabledHooks := .Values.admissionWebhooks.enabledCRDValidation }} +{{- $disabledFor := .Values.admissionWebhooks.disabledFor | default list }} --- apiVersion: admissionregistration.k8s.io/v1 kind: ValidatingWebhookConfiguration @@ -23,7 +23,7 @@ webhooks: {{- range $crds }} {{- $crd := fromYaml . }} {{- $name := $crd.spec.names.singular }} -{{- if index $enabledHooks $name }} +{{- if not (has $name $disabledFor) }} {{- range $version := $crd.spec.versions }} - clientConfig: service: @@ -46,7 +46,7 @@ webhooks: values: [{{ include "vm.name" $ }}] rules: - apiGroups: - - operator.victoriametrics.com + - {{ $crd.spec.group }} apiVersions: - {{ $version.name }} operations: diff --git a/charts/victoria-metrics-operator/values.yaml b/charts/victoria-metrics-operator/values.yaml index e7fe5f6dd..d3d16df1f 100644 --- a/charts/victoria-metrics-operator/values.yaml +++ b/charts/victoria-metrics-operator/values.yaml @@ -55,6 +55,109 @@ crds: requests: cpu: "100m" memory: "56Mi" + upgrade: + # -- Enables CRD upgrade job + enabled: false + # -- Adds `--force-conflics` argument to kubectl + forceConflicts: false + busybox: + image: + repository: busybox + tag: latest + pullPolicy: IfNotPresent + kubectl: + image: + repository: rancher/kubectl + # use image tag that matches k8s API version by default + tag: "" + pullPolicy: IfNotPresent + + # -- Extra settings for CRD upgrade job + env: [] + + # -- Upgrade job resources. + resources: {} + # limits: + # cpu: 120m + # memory: 320Mi + # requests: + # cpu: 80m + # memory: 120Mi + + # -- Additional upgrade job volumes + extraVolumes: [] + + # -- Additional upgrade job volume mounts + extraVolumeMounts: [] + + # -- Pod's node selector. Details are [here](https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#nodeselector) + nodeSelector: {} + + # -- Upgrade job pod affinity + affinity: {} + # nodeAffinity: + # requiredDuringSchedulingIgnoredDuringExecution: + # nodeSelectorTerms: + # - matchExpressions: + # - key: kubernetes.io/e2e-az-name + # operator: In + # values: + # - e2e-az1 + # - e2e-az2 + + # -- Array of upgrade job tolerations object. Spec is [here](https://kubernetes.io/docs/concepts/configuration/assign-pod-node/) + tolerations: [] + # - key: "key" + # operator: "Equal" + # value: "value" + # effect: "NoSchedule" + + # -- Upgrade job Pod Topology Spread Constraints. Spec is [here](https://kubernetes.io/docs/concepts/scheduling-eviction/topology-spread-constraints/) + topologySpreadConstraints: [] + # - maxSkew: 1 + # topologyKey: topology.kubernetes.io/zone + # whenUnsatisfiable: DoNotSchedule + # labelSelector: + # matchLabels: + # app: alertmanager + + # -- Labels to add to the upgrade job + labels: {} + + # -- Annotations to add to the upgrade job + annotations: {} + + # -- Labels to add to the upgrade job pod + podLabels: {} + + # -- Annotations to add to the upgrade job pod + podAnnotations: {} + + # -- Service account for upgrade CRD job to use. + serviceAccount: + create: true + name: "" + annotations: {} + labels: {} + automountServiceAccountToken: true + + # -- Container-specific security context configuration. Details are [here](https://kubernetes.io/docs/tasks/configure-pod-container/security-context/) + securityContext: + allowPrivilegeEscalation: false + readOnlyRootFilesystem: true + capabilities: + drop: + - ALL + + # -- Pod's security context. Details are [here](https://kubernetes.io/docs/tasks/configure-pod-container/security-context/) + podSecurityContext: + enabled: true + fsGroup: 65534 + runAsGroup: 65534 + runAsNonRoot: true + runAsUser: 65534 + seccompProfile: + type: RuntimeDefault # -- Number of operator replicas replicaCount: 1 @@ -253,26 +356,11 @@ hostNetwork: false admissionWebhooks: # -- Enables validation webhook. enabled: true - enabledCRDValidation: - vmagent: true - vmalert: true - vmanomaly: true - vmsingle: true - vmauth: true - vmrule: true - vmalertmanagerconfig: true - vmalertmanager: true - vmcluster: true - vmuser: true - vlagent: true - vlogs: true - vlsingle: true - vlcluster: true - vmservicescrape: true - vmpodscrape: true - vmnodescrape: true - vmprobe: true - vmstaticscrape: true + # -- List of CRD names to disable validation for + disabledFor: [] + # - vmagent + # - vmsingle + # -- What to do in case, when operator not available to validate request. policy: Fail # -- Enables custom ca bundle, if you are not using cert-manager. In case of custom ca, you have to create secret - {chart-name}-validation with keys: tls.key, tls.crt, ca.crt