From 64ce7b718f4a4196164f7b238be7ff7831388629 Mon Sep 17 00:00:00 2001 From: Mario Fernandez Date: Tue, 16 Sep 2025 10:52:30 +0200 Subject: [PATCH 1/5] add prometheusK8sConfig API Signed-off-by: Mario Fernandez --- .../ClusterMonitoringConfig.yaml | 421 +++++++ config/v1alpha1/types_cluster_monitoring.go | 292 +++++ ...clustermonitoring-CustomNoUpgrade.crd.yaml | 1079 +++++++++++++++++ ...termonitoring-DevPreviewNoUpgrade.crd.yaml | 1079 +++++++++++++++++ ...ermonitoring-TechPreviewNoUpgrade.crd.yaml | 1079 +++++++++++++++++ config/v1alpha1/zz_generated.deepcopy.go | 284 +++++ .../ClusterMonitoringConfig.yaml | 1079 +++++++++++++++++ .../zz_generated.swagger_doc_generated.go | 86 ++ .../generated_openapi/zz_generated.openapi.go | 480 +++++++- openapi/openapi.json | 254 ++++ ...clustermonitoring-CustomNoUpgrade.crd.yaml | 1079 +++++++++++++++++ ...termonitoring-DevPreviewNoUpgrade.crd.yaml | 1079 +++++++++++++++++ ...ermonitoring-TechPreviewNoUpgrade.crd.yaml | 1079 +++++++++++++++++ 13 files changed, 9369 insertions(+), 1 deletion(-) diff --git a/config/v1alpha1/tests/clustermonitoring.config.openshift.io/ClusterMonitoringConfig.yaml b/config/v1alpha1/tests/clustermonitoring.config.openshift.io/ClusterMonitoringConfig.yaml index f6cd7f3f59d..b4d2d57469c 100644 --- a/config/v1alpha1/tests/clustermonitoring.config.openshift.io/ClusterMonitoringConfig.yaml +++ b/config/v1alpha1/tests/clustermonitoring.config.openshift.io/ClusterMonitoringConfig.yaml @@ -351,3 +351,424 @@ tests: - name: "example.com/quux" request: "1" expectedError: 'spec.metricsServerConfig.resources: Too many: 11: must have at most 10 items' + - name: Should be able to create a minimal PrometheusK8sConfig + initial: | + apiVersion: config.openshift.io/v1alpha1 + kind: ClusterMonitoring + spec: + userDefined: + mode: "Disabled" + prometheusK8sConfig: + logLevel: "info" + expected: | + apiVersion: config.openshift.io/v1alpha1 + kind: ClusterMonitoring + spec: + userDefined: + mode: "Disabled" + prometheusK8sConfig: + logLevel: "info" + - name: Should accept PrometheusK8sConfig with valid nodeSelector + initial: | + apiVersion: config.openshift.io/v1alpha1 + kind: ClusterMonitoring + spec: + userDefined: + mode: "Disabled" + prometheusK8sConfig: + nodeSelector: + kubernetes.io/os: linux + node-role.kubernetes.io/worker: "" + expected: | + apiVersion: config.openshift.io/v1alpha1 + kind: ClusterMonitoring + spec: + userDefined: + mode: "Disabled" + prometheusK8sConfig: + nodeSelector: + kubernetes.io/os: linux + node-role.kubernetes.io/worker: "" + - name: Should accept PrometheusK8sConfig with valid resources + initial: | + apiVersion: config.openshift.io/v1alpha1 + kind: ClusterMonitoring + spec: + userDefined: + mode: "Disabled" + prometheusK8sConfig: + resources: + - name: cpu + request: 100m + limit: 500m + - name: memory + request: 128Mi + limit: 512Mi + expected: | + apiVersion: config.openshift.io/v1alpha1 + kind: ClusterMonitoring + spec: + userDefined: + mode: "Disabled" + prometheusK8sConfig: + resources: + - name: cpu + request: 100m + limit: 500m + - name: memory + request: 128Mi + limit: 512Mi + - name: Should accept PrometheusK8sConfig with valid tolerations + initial: | + apiVersion: config.openshift.io/v1alpha1 + kind: ClusterMonitoring + spec: + userDefined: + mode: "Disabled" + prometheusK8sConfig: + tolerations: + - key: node-role.kubernetes.io/master + operator: Exists + effect: NoSchedule + - key: node-role.kubernetes.io/control-plane + operator: Exists + effect: NoSchedule + expected: | + apiVersion: config.openshift.io/v1alpha1 + kind: ClusterMonitoring + spec: + userDefined: + mode: "Disabled" + prometheusK8sConfig: + tolerations: + - key: node-role.kubernetes.io/master + operator: Exists + effect: NoSchedule + - key: node-role.kubernetes.io/control-plane + operator: Exists + effect: NoSchedule + - name: Should accept PrometheusK8sConfig with valid topologySpreadConstraints + initial: | + apiVersion: config.openshift.io/v1alpha1 + kind: ClusterMonitoring + spec: + userDefined: + mode: "Disabled" + prometheusK8sConfig: + topologySpreadConstraints: + - maxSkew: 1 + topologyKey: topology.kubernetes.io/zone + whenUnsatisfiable: DoNotSchedule + labelSelector: + matchLabels: + app: prometheus + - maxSkew: 2 + topologyKey: kubernetes.io/hostname + whenUnsatisfiable: ScheduleAnyway + labelSelector: + matchLabels: + app: prometheus + expected: | + apiVersion: config.openshift.io/v1alpha1 + kind: ClusterMonitoring + spec: + userDefined: + mode: "Disabled" + prometheusK8sConfig: + topologySpreadConstraints: + - maxSkew: 1 + topologyKey: topology.kubernetes.io/zone + whenUnsatisfiable: DoNotSchedule + labelSelector: + matchLabels: + app: prometheus + - maxSkew: 2 + topologyKey: kubernetes.io/hostname + whenUnsatisfiable: ScheduleAnyway + labelSelector: + matchLabels: + app: prometheus + - name: Should accept PrometheusK8sConfig with valid additionalAlertmanagerConfigs + initial: | + apiVersion: config.openshift.io/v1alpha1 + kind: ClusterMonitoring + spec: + userDefined: + mode: "Disabled" + prometheusK8sConfig: + additionalAlertmanagerConfigs: + - apiVersion: "v2" + scheme: "https" + staticConfigs: + - "alertmanager.example.com:9093" + pathPrefix: "/alertmanager" + expected: | + apiVersion: config.openshift.io/v1alpha1 + kind: ClusterMonitoring + spec: + userDefined: + mode: "Disabled" + prometheusK8sConfig: + additionalAlertmanagerConfigs: + - apiVersion: "v2" + scheme: "https" + staticConfigs: + - "alertmanager.example.com:9093" + pathPrefix: "/alertmanager" + - name: Should accept PrometheusK8sConfig with valid remoteWrite + initial: | + apiVersion: config.openshift.io/v1alpha1 + kind: ClusterMonitoring + spec: + userDefined: + mode: "Disabled" + prometheusK8sConfig: + remoteWrite: + - url: "https://remote-write.example.com/api/v1/write" + name: "remote-storage" + remoteTimeout: "30s" + expected: | + apiVersion: config.openshift.io/v1alpha1 + kind: ClusterMonitoring + spec: + userDefined: + mode: "Disabled" + prometheusK8sConfig: + remoteWrite: + - url: "https://remote-write.example.com/api/v1/write" + name: "remote-storage" + remoteTimeout: "30s" + - name: Should accept PrometheusK8sConfig with valid externalLabels + initial: | + apiVersion: config.openshift.io/v1alpha1 + kind: ClusterMonitoring + spec: + userDefined: + mode: "Disabled" + prometheusK8sConfig: + externalLabels: + labels: + cluster: "production" + environment: "prod" + expected: | + apiVersion: config.openshift.io/v1alpha1 + kind: ClusterMonitoring + spec: + userDefined: + mode: "Disabled" + prometheusK8sConfig: + externalLabels: + labels: + cluster: "production" + environment: "prod" + - name: Should reject PrometheusK8sConfig with empty object + initial: | + apiVersion: config.openshift.io/v1alpha1 + kind: ClusterMonitoring + spec: + userDefined: + mode: "Disabled" + prometheusK8sConfig: {} + expectedError: 'spec.prometheusK8sConfig: Invalid value: 0: spec.prometheusK8sConfig in body should have at least 1 properties' + - name: Should reject PrometheusK8sConfig with too many additionalAlertmanagerConfigs + initial: | + apiVersion: config.openshift.io/v1alpha1 + kind: ClusterMonitoring + spec: + userDefined: + mode: "Disabled" + prometheusK8sConfig: + additionalAlertmanagerConfigs: + - apiVersion: "v2" + scheme: "https" + staticConfigs: ["alertmanager1.example.com:9093"] + - apiVersion: "v2" + scheme: "https" + staticConfigs: ["alertmanager2.example.com:9093"] + - apiVersion: "v2" + scheme: "https" + staticConfigs: ["alertmanager3.example.com:9093"] + - apiVersion: "v2" + scheme: "https" + staticConfigs: ["alertmanager4.example.com:9093"] + - apiVersion: "v2" + scheme: "https" + staticConfigs: ["alertmanager5.example.com:9093"] + - apiVersion: "v2" + scheme: "https" + staticConfigs: ["alertmanager6.example.com:9093"] + - apiVersion: "v2" + scheme: "https" + staticConfigs: ["alertmanager7.example.com:9093"] + - apiVersion: "v2" + scheme: "https" + staticConfigs: ["alertmanager8.example.com:9093"] + - apiVersion: "v2" + scheme: "https" + staticConfigs: ["alertmanager9.example.com:9093"] + - apiVersion: "v2" + scheme: "https" + staticConfigs: ["alertmanager10.example.com:9093"] + - apiVersion: "v2" + scheme: "https" + staticConfigs: ["alertmanager11.example.com:9093"] + expectedError: 'spec.prometheusK8sConfig.additionalAlertmanagerConfigs: Too many: 11: must have at most 10 items' + - name: Should reject PrometheusK8sConfig with too many remoteWrite configs + initial: | + apiVersion: config.openshift.io/v1alpha1 + kind: ClusterMonitoring + spec: + userDefined: + mode: "Disabled" + prometheusK8sConfig: + remoteWrite: + - url: "https://remote1.example.com/api/v1/write" + - url: "https://remote2.example.com/api/v1/write" + - url: "https://remote3.example.com/api/v1/write" + - url: "https://remote4.example.com/api/v1/write" + - url: "https://remote5.example.com/api/v1/write" + - url: "https://remote6.example.com/api/v1/write" + - url: "https://remote7.example.com/api/v1/write" + - url: "https://remote8.example.com/api/v1/write" + - url: "https://remote9.example.com/api/v1/write" + - url: "https://remote10.example.com/api/v1/write" + - url: "https://remote11.example.com/api/v1/write" + expectedError: 'spec.prometheusK8sConfig.remoteWrite: Too many: 11: must have at most 10 items' + - name: Should reject PrometheusK8sConfig with too many resources + initial: | + apiVersion: config.openshift.io/v1alpha1 + kind: ClusterMonitoring + spec: + userDefined: + mode: "Disabled" + prometheusK8sConfig: + resources: + - name: "cpu" + request: "100m" + - name: "memory" + request: "64Mi" + - name: "hugepages-2Mi" + request: "32Mi" + - name: "hugepages-1Gi" + request: "1Gi" + - name: "ephemeral-storage" + request: "1Gi" + - name: "nvidia.com/gpu" + request: "1" + - name: "example.com/foo" + request: "1" + - name: "example.com/bar" + request: "1" + - name: "example.com/baz" + request: "1" + - name: "example.com/qux" + request: "1" + - name: "example.com/quux" + request: "1" + expectedError: 'spec.prometheusK8sConfig.resources: Too many: 11: must have at most 10 items' + - name: Should reject PrometheusK8sConfig with too many tolerations + initial: | + apiVersion: config.openshift.io/v1alpha1 + kind: ClusterMonitoring + spec: + userDefined: + mode: "Disabled" + prometheusK8sConfig: + tolerations: + - key: key1 + operator: Exists + effect: NoSchedule + - key: key2 + operator: Exists + effect: NoSchedule + - key: key3 + operator: Exists + effect: NoSchedule + - key: key4 + operator: Exists + effect: NoSchedule + - key: key5 + operator: Exists + effect: NoSchedule + - key: key6 + operator: Exists + effect: NoSchedule + - key: key7 + operator: Exists + effect: NoSchedule + - key: key8 + operator: Exists + effect: NoSchedule + - key: key9 + operator: Exists + effect: NoSchedule + - key: key10 + operator: Exists + effect: NoSchedule + - key: key11 + operator: Exists + effect: NoSchedule + expectedError: 'spec.prometheusK8sConfig.tolerations: Too many: 11: must have at most 10 items' + - name: Should reject PrometheusK8sConfig with empty tolerations array + initial: | + apiVersion: config.openshift.io/v1alpha1 + kind: ClusterMonitoring + spec: + userDefined: + mode: "Disabled" + prometheusK8sConfig: + tolerations: [] + expectedError: 'spec.prometheusK8sConfig.tolerations: Invalid value: 0: spec.prometheusK8sConfig.tolerations in body should have at least 1 items' + - name: Should reject PrometheusK8sConfig with empty topologySpreadConstraints array + initial: | + apiVersion: config.openshift.io/v1alpha1 + kind: ClusterMonitoring + spec: + userDefined: + mode: "Disabled" + prometheusK8sConfig: + topologySpreadConstraints: [] + expectedError: 'spec.prometheusK8sConfig.topologySpreadConstraints: Invalid value: 0: spec.prometheusK8sConfig.topologySpreadConstraints in body should have at least 1 items' + - name: Should reject PrometheusK8sConfig with too many topologySpreadConstraints + initial: | + apiVersion: config.openshift.io/v1alpha1 + kind: ClusterMonitoring + spec: + userDefined: + mode: "Disabled" + prometheusK8sConfig: + topologySpreadConstraints: + - maxSkew: 1 + topologyKey: "zone1" + whenUnsatisfiable: DoNotSchedule + - maxSkew: 1 + topologyKey: "zone2" + whenUnsatisfiable: DoNotSchedule + - maxSkew: 1 + topologyKey: "zone3" + whenUnsatisfiable: DoNotSchedule + - maxSkew: 1 + topologyKey: "zone4" + whenUnsatisfiable: DoNotSchedule + - maxSkew: 1 + topologyKey: "zone5" + whenUnsatisfiable: DoNotSchedule + - maxSkew: 1 + topologyKey: "zone6" + whenUnsatisfiable: DoNotSchedule + - maxSkew: 1 + topologyKey: "zone7" + whenUnsatisfiable: DoNotSchedule + - maxSkew: 1 + topologyKey: "zone8" + whenUnsatisfiable: DoNotSchedule + - maxSkew: 1 + topologyKey: "zone9" + whenUnsatisfiable: DoNotSchedule + - maxSkew: 1 + topologyKey: "zone10" + whenUnsatisfiable: DoNotSchedule + - maxSkew: 1 + topologyKey: "zone11" + whenUnsatisfiable: DoNotSchedule + expectedError: 'spec.prometheusK8sConfig.topologySpreadConstraints: Too many: 11: must have at most 10 items' diff --git a/config/v1alpha1/types_cluster_monitoring.go b/config/v1alpha1/types_cluster_monitoring.go index f6d4cd3420b..cfe2b1b0527 100644 --- a/config/v1alpha1/types_cluster_monitoring.go +++ b/config/v1alpha1/types_cluster_monitoring.go @@ -89,6 +89,12 @@ type ClusterMonitoringSpec struct { // The current default value is `DefaultConfig`. // +optional AlertmanagerConfig AlertmanagerConfig `json:"alertmanagerConfig,omitempty,omitzero"` + // prometheusK8sConfig provides configuration options for the Prometheus instance + // Prometheus deployment, pod scheduling, resource allocation, retention policies, and external integrations. + // prometheusK8sConfig is optional. + // When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time. + // +optional + PrometheusK8sConfig PrometheusK8sConfig `json:"prometheusK8sConfig,omitempty,omitzero"` // metricsServerConfig is an optional field that can be used to configure the Kubernetes Metrics Server that runs in the openshift-monitoring namespace. // Specifically, it can configure how the Metrics Server instance is deployed, pod scheduling, its audit policy and log verbosity. // When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time. @@ -416,6 +422,292 @@ type MetricsServerConfig struct { TopologySpreadConstraints []v1.TopologySpreadConstraint `json:"topologySpreadConstraints,omitempty"` } +// PrometheusK8sConfig provides configuration options for the Prometheus instance +// Use this configuration to control +// Prometheus deployment, pod scheduling, resource allocation, retention policies, and external integrations. +// +kubebuilder:validation:MinProperties=1 +type PrometheusK8sConfig struct { + // additionalAlertmanagerConfigs configures additional Alertmanager instances that receive alerts from + // the Prometheus component. By default, no additional Alertmanager instances are configured. + // +optional + // +kubebuilder:validation:MaxItems=10 + // +listType=atomic + AdditionalAlertmanagerConfigs []AdditionalAlertmanagerConfig `json:"additionalAlertmanagerConfigs,omitempty"` + // enforcedBodySizeLimit enforces a body size limit for Prometheus scraped metrics. If a scraped + // target's body response is larger than the limit, the scrape will fail. + // The following values are valid: + // an empty value to specify no limit, + // a numeric value in Prometheus size format (such as `64MB`), or + // the string `automatic`, which indicates that the limit will be + // automatically calculated based on cluster capacity. + // The default value is empty, which indicates no limit. + // +optional + // +kubebuilder:validation:MaxLength=50 + EnforcedBodySizeLimit *string `json:"enforcedBodySizeLimit,omitempty"` + // externalLabels defines labels to be added to any time series or alerts when + // communicating with external systems such as federation, remote storage, + // and Alertmanager. By default, no labels are added. + // +optional + ExternalLabels ExternalLabels `json:"externalLabels,omitempty,omitzero"` + // logLevel defines the verbosity of logs emitted by Prometheus. + // This field allows users to control the amount and severity of logs generated, which can be useful + // for debugging issues or reducing noise in production environments. + // Allowed values are Error, Warn, Info, and Debug. + // When set to Error, only errors will be logged. + // When set to Warn, both warnings and errors will be logged. + // When set to Info, general information, warnings, and errors will all be logged. + // When set to Debug, detailed debugging information will be logged. + // When omitted, this means no opinion and the platform is left to choose a reasonable default, that is subject to change over time. + // The current default value is `Info`. + // +optional + // +kubebuilder:validation:MaxLength=10 + LogLevel *string `json:"logLevel,omitempty"` + // nodeSelector defines the nodes on which the Pods are scheduled + // nodeSelector is optional. + // + // When omitted, this means the user has no opinion and the platform is left + // to choose reasonable defaults. These defaults are subject to change over time. + // The current default value is `kubernetes.io/os: linux`. + // +optional + // +kubebuilder:validation:MinProperties=1 + // +kubebuilder:validation:MaxProperties=10 + NodeSelector map[string]string `json:"nodeSelector,omitempty"` + // queryLogFile specifies the file to which PromQL queries are logged. + // This setting can be either a filename, in which + // case the queries are saved to an `emptyDir` volume + // at `/var/log/prometheus`, or a full path to a location where + // an `emptyDir` volume will be mounted and the queries saved. + // Writing to `/dev/stderr`, `/dev/stdout` or `/dev/null` is supported, but + // writing to any other `/dev/` path is not supported. Relative paths are + // also not supported. + // By default, PromQL queries are not logged. + // +optional + // +kubebuilder:validation:MaxLength=255 + QueryLogFile *string `json:"queryLogFile,omitempty"` + // remoteWrite defines the remote write configuration, including URL, authentication, + // and relabeling settings. + // +optional + // +kubebuilder:validation:MaxItems=10 + // +listType=atomic + RemoteWrite []RemoteWriteSpec `json:"remoteWrite,omitempty"` + // resources defines the compute resource requests and limits for the Prometheus container. + // This includes CPU, memory and HugePages constraints to help control scheduling and resource usage. + // When not specified, defaults are used by the platform. Requests cannot exceed limits. + // This field is optional. + // More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + // This is a simplified API that maps to Kubernetes ResourceRequirements. + // The current default values are: + // resources: + // - name: cpu + // request: 4m + // limit: null + // - name: memory + // request: 40Mi + // limit: null + // Maximum length for this list is 10. + // Minimum length for this list is 1. + // +optional + // +listType=map + // +listMapKey=name + // +kubebuilder:validation:MaxItems=10 + // +kubebuilder:validation:MinItems=1 + Resources []ContainerResource `json:"resources,omitempty"` + // retention defines the duration for which Prometheus retains data. + // This definition must be specified using the following regular + // expression pattern: `[0-9]+(ms|s|m|h|d|w|y)` (ms = milliseconds, + // s= seconds,m = minutes, h = hours, d = days, w = weeks, y = years). + // The default value is `15d`. + // +optional + // +kubebuilder:validation:MaxLength=20 + Retention *string `json:"retention,omitempty"` + // retentionSize defines the maximum amount of disk space used by data blocks plus the + // write-ahead log (WAL). + // Supported values are `B`, `KB`, `KiB`, `MB`, `MiB`, `GB`, `GiB`, `TB`, + // `TiB`, `PB`, `PiB`, `EB`, and `EiB`. + // By default, no limit is defined. + // +optional + // +kubebuilder:validation:MaxLength=20 + RetentionSize *string `json:"retentionSize,omitempty"` + // tolerations defines tolerations for the pods. + // tolerations is optional. + // + // When omitted, this means the user has no opinion and the platform is left + // to choose reasonable defaults. These defaults are subject to change over time. + // Defaults are empty/unset. + // Maximum length for this list is 10 + // Minimum length for this list is 1 + // +kubebuilder:validation:MaxItems=10 + // +kubebuilder:validation:MinItems=1 + // +listType=atomic + // +optional + Tolerations []v1.Toleration `json:"tolerations,omitempty"` + // topologySpreadConstraints defines rules for how Prometheus Pods should be distributed + // across topology domains such as zones, nodes, or other user-defined labels. + // topologySpreadConstraints is optional. + // This helps improve high availability and resource efficiency by avoiding placing + // too many replicas in the same failure domain. + // + // When omitted, this means no opinion and the platform is left to choose a default, which is subject to change over time. + // This field maps directly to the `topologySpreadConstraints` field in the Pod spec. + // Default is empty list. + // Maximum length for this list is 10. + // Minimum length for this list is 1 + // Entries must have unique topologyKey and whenUnsatisfiable pairs. + // +kubebuilder:validation:MaxItems=10 + // +kubebuilder:validation:MinItems=1 + // +listType=map + // +listMapKey=topologyKey + // +listMapKey=whenUnsatisfiable + // +optional + TopologySpreadConstraints []v1.TopologySpreadConstraint `json:"topologySpreadConstraints,omitempty"` + // collectionProfile defines the metrics collection profile that Prometheus uses to collect + // metrics from the platform components. Supported values are `full` or + // `minimal`. In the `full` profile (default), Prometheus collects all + // metrics that are exposed by the platform components. In the `minimal` + // profile, Prometheus only collects metrics necessary for the default + // platform alerts, recording rules, telemetry and console dashboards. + // +optional + CollectionProfile CollectionProfile `json:"collectionProfile,omitempty"` + // volumeClaimTemplate Defines persistent storage for Prometheus. Use this setting to + // configure the persistent volume claim, including storage class, volume + // size, and name. + // If omitted, the Pod uses ephemeral storage and Prometheus data will not persist + // across restarts. + // This field is optional. + // +optional + VolumeClaimTemplate *v1.PersistentVolumeClaim `json:"volumeClaimTemplate,omitempty"` +} + +// AdditionalAlertmanagerConfig represents configuration for additional Alertmanager instances. +// The `AdditionalAlertmanagerConfig` resource defines settings for how a +// component communicates with additional Alertmanager instances. +type AdditionalAlertmanagerConfig struct { + // apiVersion defines the API version of Alertmanager. + // `v1` is no longer supported, `v2` is set as the default value. + // +required + // +kubebuilder:validation:MaxLength=10 + APIVersion *string `json:"apiVersion,omitempty"` + // bearerToken defines the secret key reference containing the bearer token + // to use when authenticating to Alertmanager. + // +optional + BearerToken *v1.SecretKeySelector `json:"bearerToken,omitempty"` + // pathPrefix defines the path prefix to add in front of the push endpoint path. + // +optional + // +kubebuilder:validation:MaxLength=255 + PathPrefix *string `json:"pathPrefix,omitempty"` + // scheme defines the URL scheme to use when communicating with Alertmanager + // instances. + // Possible values are `http` or `https`. The default value is `http`. + // +optional + // +kubebuilder:validation:MaxLength=10 + Scheme *string `json:"scheme,omitempty"` + // staticConfigs is a list of statically configured Alertmanager endpoints in the form + // of `:`. + // +optional + // +kubebuilder:validation:MaxItems=10 + // +kubebuilder:validation:items:MaxLength=255 + // +listType=set + StaticConfigs []string `json:"staticConfigs,omitempty"` + // timeout defines the timeout value used when sending alerts. + // +optional + // +kubebuilder:validation:MaxLength=20 + Timeout *string `json:"timeout,omitempty"` + // tlsConfig defines the TLS settings to use for Alertmanager connections. + // +optional + TLSConfig *TLSConfig `json:"tlsConfig,omitempty"` +} + +// ExternalLabels represents labels to be added to time series and alerts. +type ExternalLabels struct { + // labels is a map of label names to label values. + // +required + Labels map[string]string `json:"labels,omitempty"` +} + +// RemoteWriteSpec represents configuration for remote write endpoints. +type RemoteWriteSpec struct { + // url is the URL of the remote write endpoint. + // +required + // +kubebuilder:validation:MaxLength=2048 + URL *string `json:"url,omitempty"` + // name is the name of the remote write configuration. + // +optional + // +kubebuilder:validation:MaxLength=63 + Name *string `json:"name,omitempty"` + // remoteTimeout is the timeout for requests to the remote write endpoint. + // +optional + // +kubebuilder:validation:MaxLength=20 + RemoteTimeout *string `json:"remoteTimeout,omitempty"` + // writeRelabelConfigs is a list of relabeling rules to apply before sending data to the remote endpoint. + // +optional + // +kubebuilder:validation:MaxItems=10 + // +listType=atomic + WriteRelabelConfigs []RelabelConfig `json:"writeRelabelConfigs,omitempty"` +} + +// RelabelConfig represents a relabeling rule. +type RelabelConfig struct { + // sourceLabels is a list of source label names. + // +optional + // +kubebuilder:validation:MaxItems=10 + // +kubebuilder:validation:items:MaxLength=63 + // +listType=set + SourceLabels []string `json:"sourceLabels,omitempty"` + // separator is the separator used to join source label values. + // +optional + // +kubebuilder:validation:MaxLength=10 + Separator *string `json:"separator,omitempty"` + // regex is the regular expression to match against the concatenated source label values. + // +optional + // +kubebuilder:validation:MaxLength=1000 + Regex *string `json:"regex,omitempty"` + // targetLabel is the target label name. + // +optional + // +kubebuilder:validation:MaxLength=63 + TargetLabel *string `json:"targetLabel,omitempty"` + // replacement is the replacement value for the target label. + // +optional + // +kubebuilder:validation:MaxLength=255 + Replacement *string `json:"replacement,omitempty"` + // action is the action to perform. + // +optional + // +kubebuilder:validation:MaxLength=20 + Action *string `json:"action,omitempty"` +} + +// TLSConfig represents TLS configuration for Alertmanager connections. +type TLSConfig struct { + // ca is the CA certificate to use for TLS connections. + // +optional + CA *v1.SecretKeySelector `json:"ca,omitempty"` + // cert is the client certificate to use for TLS connections. + // +optional + Cert *v1.SecretKeySelector `json:"cert,omitempty"` + // key is the client key to use for TLS connections. + // +optional + Key *v1.SecretKeySelector `json:"key,omitempty"` + // serverName is the server name to use for TLS connections. + // +optional + // +kubebuilder:validation:MaxLength=253 + ServerName *string `json:"serverName,omitempty"` + // insecureSkipVerify determines whether to skip TLS certificate verification. + // +optional + // +kubebuilder:validation:Enum=true;false + InsecureSkipVerify string `json:"insecureSkipVerify,omitempty"` +} + +// CollectionProfile defines the metrics collection profile for Prometheus. +// +kubebuilder:validation:Enum=full;minimal +type CollectionProfile string + +const ( + // CollectionProfileFull means Prometheus collects all metrics that are exposed by the platform components. + CollectionProfileFull CollectionProfile = "full" + // CollectionProfileMinimal means Prometheus only collects metrics necessary for the default + // platform alerts, recording rules, telemetry and console dashboards. + CollectionProfileMinimal CollectionProfile = "minimal" +) + // AuditProfile defines the audit log level for the Metrics Server. // +kubebuilder:validation:Enum=None;Metadata;Request;RequestResponse type AuditProfile string diff --git a/config/v1alpha1/zz_generated.crd-manifests/0000_10_config-operator_01_clustermonitoring-CustomNoUpgrade.crd.yaml b/config/v1alpha1/zz_generated.crd-manifests/0000_10_config-operator_01_clustermonitoring-CustomNoUpgrade.crd.yaml index cdc019885b4..84bf6fa9f0f 100644 --- a/config/v1alpha1/zz_generated.crd-manifests/0000_10_config-operator_01_clustermonitoring-CustomNoUpgrade.crd.yaml +++ b/config/v1alpha1/zz_generated.crd-manifests/0000_10_config-operator_01_clustermonitoring-CustomNoUpgrade.crd.yaml @@ -1288,6 +1288,1085 @@ spec: - TraceAll type: string type: object + prometheusK8sConfig: + description: |- + prometheusK8sConfig provides configuration options for the Prometheus instance + Prometheus deployment, pod scheduling, resource allocation, retention policies, and external integrations. + prometheusK8sConfig is optional. + When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time. + minProperties: 1 + properties: + additionalAlertmanagerConfigs: + description: |- + additionalAlertmanagerConfigs configures additional Alertmanager instances that receive alerts from + the Prometheus component. By default, no additional Alertmanager instances are configured. + items: + description: |- + AdditionalAlertmanagerConfig represents configuration for additional Alertmanager instances. + The `AdditionalAlertmanagerConfig` resource defines settings for how a + component communicates with additional Alertmanager instances. + properties: + apiVersion: + description: |- + apiVersion defines the API version of Alertmanager. + `v1` is no longer supported, `v2` is set as the default value. + maxLength: 10 + type: string + bearerToken: + description: |- + bearerToken defines the secret key reference containing the bearer token + to use when authenticating to Alertmanager. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + pathPrefix: + description: pathPrefix defines the path prefix to add in + front of the push endpoint path. + maxLength: 255 + type: string + scheme: + description: |- + scheme defines the URL scheme to use when communicating with Alertmanager + instances. + Possible values are `http` or `https`. The default value is `http`. + maxLength: 10 + type: string + staticConfigs: + description: |- + staticConfigs is a list of statically configured Alertmanager endpoints in the form + of `:`. + items: + maxLength: 255 + type: string + maxItems: 10 + type: array + x-kubernetes-list-type: set + timeout: + description: timeout defines the timeout value used when + sending alerts. + maxLength: 20 + type: string + tlsConfig: + description: tlsConfig defines the TLS settings to use for + Alertmanager connections. + properties: + ca: + description: ca is the CA certificate to use for TLS + connections. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key + must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + cert: + description: cert is the client certificate to use for + TLS connections. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key + must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + insecureSkipVerify: + description: insecureSkipVerify determines whether to + skip TLS certificate verification. + enum: + - true + - false + type: string + key: + description: key is the client key to use for TLS connections. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key + must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + serverName: + description: serverName is the server name to use for + TLS connections. + maxLength: 253 + type: string + type: object + required: + - apiVersion + type: object + maxItems: 10 + type: array + x-kubernetes-list-type: atomic + collectionProfile: + description: |- + collectionProfile defines the metrics collection profile that Prometheus uses to collect + metrics from the platform components. Supported values are `full` or + `minimal`. In the `full` profile (default), Prometheus collects all + metrics that are exposed by the platform components. In the `minimal` + profile, Prometheus only collects metrics necessary for the default + platform alerts, recording rules, telemetry and console dashboards. + enum: + - full + - minimal + type: string + enforcedBodySizeLimit: + description: |- + enforcedBodySizeLimit enforces a body size limit for Prometheus scraped metrics. If a scraped + target's body response is larger than the limit, the scrape will fail. + The following values are valid: + an empty value to specify no limit, + a numeric value in Prometheus size format (such as `64MB`), or + the string `automatic`, which indicates that the limit will be + automatically calculated based on cluster capacity. + The default value is empty, which indicates no limit. + maxLength: 50 + type: string + externalLabels: + description: |- + externalLabels defines labels to be added to any time series or alerts when + communicating with external systems such as federation, remote storage, + and Alertmanager. By default, no labels are added. + properties: + labels: + additionalProperties: + type: string + description: labels is a map of label names to label values. + type: object + required: + - labels + type: object + logLevel: + description: |- + logLevel defines the verbosity of logs emitted by Prometheus. + This field allows users to control the amount and severity of logs generated, which can be useful + for debugging issues or reducing noise in production environments. + Allowed values are Error, Warn, Info, and Debug. + When set to Error, only errors will be logged. + When set to Warn, both warnings and errors will be logged. + When set to Info, general information, warnings, and errors will all be logged. + When set to Debug, detailed debugging information will be logged. + When omitted, this means no opinion and the platform is left to choose a reasonable default, that is subject to change over time. + The current default value is `Info`. + maxLength: 10 + type: string + nodeSelector: + additionalProperties: + type: string + description: |- + nodeSelector defines the nodes on which the Pods are scheduled + nodeSelector is optional. + + When omitted, this means the user has no opinion and the platform is left + to choose reasonable defaults. These defaults are subject to change over time. + The current default value is `kubernetes.io/os: linux`. + maxProperties: 10 + minProperties: 1 + type: object + queryLogFile: + description: |- + queryLogFile specifies the file to which PromQL queries are logged. + This setting can be either a filename, in which + case the queries are saved to an `emptyDir` volume + at `/var/log/prometheus`, or a full path to a location where + an `emptyDir` volume will be mounted and the queries saved. + Writing to `/dev/stderr`, `/dev/stdout` or `/dev/null` is supported, but + writing to any other `/dev/` path is not supported. Relative paths are + also not supported. + By default, PromQL queries are not logged. + maxLength: 255 + type: string + remoteWrite: + description: |- + remoteWrite defines the remote write configuration, including URL, authentication, + and relabeling settings. + items: + description: RemoteWriteSpec represents configuration for remote + write endpoints. + properties: + name: + description: name is the name of the remote write configuration. + maxLength: 63 + type: string + remoteTimeout: + description: remoteTimeout is the timeout for requests to + the remote write endpoint. + maxLength: 20 + type: string + url: + description: url is the URL of the remote write endpoint. + maxLength: 2048 + type: string + writeRelabelConfigs: + description: writeRelabelConfigs is a list of relabeling + rules to apply before sending data to the remote endpoint. + items: + description: RelabelConfig represents a relabeling rule. + properties: + action: + description: action is the action to perform. + maxLength: 20 + type: string + regex: + description: regex is the regular expression to match + against the concatenated source label values. + maxLength: 1000 + type: string + replacement: + description: replacement is the replacement value + for the target label. + maxLength: 255 + type: string + separator: + description: separator is the separator used to join + source label values. + maxLength: 10 + type: string + sourceLabels: + description: sourceLabels is a list of source label + names. + items: + maxLength: 63 + type: string + maxItems: 10 + type: array + x-kubernetes-list-type: set + targetLabel: + description: targetLabel is the target label name. + maxLength: 63 + type: string + type: object + maxItems: 10 + type: array + x-kubernetes-list-type: atomic + required: + - url + type: object + maxItems: 10 + type: array + x-kubernetes-list-type: atomic + resources: + description: |- + resources defines the compute resource requests and limits for the Prometheus container. + This includes CPU, memory and HugePages constraints to help control scheduling and resource usage. + When not specified, defaults are used by the platform. Requests cannot exceed limits. + This field is optional. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + This is a simplified API that maps to Kubernetes ResourceRequirements. + The current default values are: + resources: + - name: cpu + request: 4m + limit: null + - name: memory + request: 40Mi + limit: null + Maximum length for this list is 10. + Minimum length for this list is 1. + items: + description: ContainerResource defines a single resource requirement + for a container. + properties: + limit: + anyOf: + - type: integer + - type: string + description: |- + limit is the maximum amount of the resource allowed (e.g. "2Mi", "1Gi"). + This field is optional. + When request is specified, limit cannot be less than request. + The value must be greater than 0 when specified. + maxLength: 20 + minLength: 1 + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + x-kubernetes-validations: + - message: limit must be a positive, non-zero quantity + rule: isQuantity(self) && quantity(self).isGreaterThan(quantity('0')) + name: + description: |- + name of the resource (e.g. "cpu", "memory", "hugepages-2Mi"). + This field is required. + name must consist only of alphanumeric characters, `-`, `_` and `.` and must start and end with an alphanumeric character. + maxLength: 253 + minLength: 1 + type: string + x-kubernetes-validations: + - message: name must consist only of alphanumeric characters, + `-`, `_` and `.` and must start and end with an alphanumeric + character + rule: '!format.qualifiedName().validate(self).hasValue()' + request: + anyOf: + - type: integer + - type: string + description: |- + request is the minimum amount of the resource required (e.g. "2Mi", "1Gi"). + This field is optional. + When limit is specified, request cannot be greater than limit. + maxLength: 20 + minLength: 1 + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + x-kubernetes-validations: + - message: request must be a positive, non-zero quantity + rule: isQuantity(self) && quantity(self).isGreaterThan(quantity('0')) + required: + - name + type: object + x-kubernetes-validations: + - message: at least one of request or limit must be set + rule: has(self.request) || has(self.limit) + - message: limit must be greater than or equal to request + rule: '!(has(self.request) && has(self.limit)) || quantity(self.limit).compareTo(quantity(self.request)) + >= 0' + maxItems: 10 + minItems: 1 + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + retention: + description: |- + retention defines the duration for which Prometheus retains data. + This definition must be specified using the following regular + expression pattern: `[0-9]+(ms|s|m|h|d|w|y)` (ms = milliseconds, + s= seconds,m = minutes, h = hours, d = days, w = weeks, y = years). + The default value is `15d`. + maxLength: 20 + type: string + retentionSize: + description: |- + retentionSize defines the maximum amount of disk space used by data blocks plus the + write-ahead log (WAL). + Supported values are `B`, `KB`, `KiB`, `MB`, `MiB`, `GB`, `GiB`, `TB`, + `TiB`, `PB`, `PiB`, `EB`, and `EiB`. + By default, no limit is defined. + maxLength: 20 + type: string + tolerations: + description: |- + tolerations defines tolerations for the pods. + tolerations is optional. + + When omitted, this means the user has no opinion and the platform is left + to choose reasonable defaults. These defaults are subject to change over time. + Defaults are empty/unset. + Maximum length for this list is 10 + Minimum length for this list is 1 + items: + description: |- + The pod this Toleration is attached to tolerates any taint that matches + the triple using the matching operator . + properties: + effect: + description: |- + Effect indicates the taint effect to match. Empty means match all taint effects. + When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute. + type: string + key: + description: |- + Key is the taint key that the toleration applies to. Empty means match all taint keys. + If the key is empty, operator must be Exists; this combination means to match all values and all keys. + type: string + operator: + description: |- + Operator represents a key's relationship to the value. + Valid operators are Exists and Equal. Defaults to Equal. + Exists is equivalent to wildcard for value, so that a pod can + tolerate all taints of a particular category. + type: string + tolerationSeconds: + description: |- + TolerationSeconds represents the period of time the toleration (which must be + of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, + it is not set, which means tolerate the taint forever (do not evict). Zero and + negative values will be treated as 0 (evict immediately) by the system. + format: int64 + type: integer + value: + description: |- + Value is the taint value the toleration matches to. + If the operator is Exists, the value should be empty, otherwise just a regular string. + type: string + type: object + maxItems: 10 + minItems: 1 + type: array + x-kubernetes-list-type: atomic + topologySpreadConstraints: + description: |- + topologySpreadConstraints defines rules for how Prometheus Pods should be distributed + across topology domains such as zones, nodes, or other user-defined labels. + topologySpreadConstraints is optional. + This helps improve high availability and resource efficiency by avoiding placing + too many replicas in the same failure domain. + + When omitted, this means no opinion and the platform is left to choose a default, which is subject to change over time. + This field maps directly to the `topologySpreadConstraints` field in the Pod spec. + Default is empty list. + Maximum length for this list is 10. + Minimum length for this list is 1 + Entries must have unique topologyKey and whenUnsatisfiable pairs. + items: + description: TopologySpreadConstraint specifies how to spread + matching pods among the given topology. + properties: + labelSelector: + description: |- + LabelSelector is used to find matching pods. + Pods that match this label selector are counted to determine the number of pods + in their corresponding topology domain. + properties: + matchExpressions: + description: matchExpressions is a list of label selector + requirements. The requirements are ANDed. + items: + description: |- + A label selector requirement is a selector that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: key is the label key that the selector + applies to. + type: string + operator: + description: |- + operator represents a key's relationship to a set of values. + Valid operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: |- + values is an array of string values. If the operator is In or NotIn, + the values array must be non-empty. If the operator is Exists or DoesNotExist, + the values array must be empty. This array is replaced during a strategic + merge patch. + items: + type: string + type: array + x-kubernetes-list-type: atomic + required: + - key + - operator + type: object + type: array + x-kubernetes-list-type: atomic + matchLabels: + additionalProperties: + type: string + description: |- + matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, whose key field is "key", the + operator is "In", and the values array contains only "value". The requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + matchLabelKeys: + description: |- + MatchLabelKeys is a set of pod label keys to select the pods over which + spreading will be calculated. The keys are used to lookup values from the + incoming pod labels, those key-value labels are ANDed with labelSelector + to select the group of existing pods over which spreading will be calculated + for the incoming pod. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. + MatchLabelKeys cannot be set when LabelSelector isn't set. + Keys that don't exist in the incoming pod labels will + be ignored. A null or empty list means only match against labelSelector. + + This is a beta field and requires the MatchLabelKeysInPodTopologySpread feature gate to be enabled (enabled by default). + items: + type: string + type: array + x-kubernetes-list-type: atomic + maxSkew: + description: |- + MaxSkew describes the degree to which pods may be unevenly distributed. + When `whenUnsatisfiable=DoNotSchedule`, it is the maximum permitted difference + between the number of matching pods in the target topology and the global minimum. + The global minimum is the minimum number of matching pods in an eligible domain + or zero if the number of eligible domains is less than MinDomains. + For example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same + labelSelector spread as 2/2/1: + In this case, the global minimum is 1. + | zone1 | zone2 | zone3 | + | P P | P P | P | + - if MaxSkew is 1, incoming pod can only be scheduled to zone3 to become 2/2/2; + scheduling it onto zone1(zone2) would make the ActualSkew(3-1) on zone1(zone2) + violate MaxSkew(1). + - if MaxSkew is 2, incoming pod can be scheduled onto any zone. + When `whenUnsatisfiable=ScheduleAnyway`, it is used to give higher precedence + to topologies that satisfy it. + It's a required field. Default value is 1 and 0 is not allowed. + format: int32 + type: integer + minDomains: + description: |- + MinDomains indicates a minimum number of eligible domains. + When the number of eligible domains with matching topology keys is less than minDomains, + Pod Topology Spread treats "global minimum" as 0, and then the calculation of Skew is performed. + And when the number of eligible domains with matching topology keys equals or greater than minDomains, + this value has no effect on scheduling. + As a result, when the number of eligible domains is less than minDomains, + scheduler won't schedule more than maxSkew Pods to those domains. + If value is nil, the constraint behaves as if MinDomains is equal to 1. + Valid values are integers greater than 0. + When value is not nil, WhenUnsatisfiable must be DoNotSchedule. + + For example, in a 3-zone cluster, MaxSkew is set to 2, MinDomains is set to 5 and pods with the same + labelSelector spread as 2/2/2: + | zone1 | zone2 | zone3 | + | P P | P P | P P | + The number of domains is less than 5(MinDomains), so "global minimum" is treated as 0. + In this situation, new pod with the same labelSelector cannot be scheduled, + because computed skew will be 3(3 - 0) if new Pod is scheduled to any of the three zones, + it will violate MaxSkew. + format: int32 + type: integer + nodeAffinityPolicy: + description: |- + NodeAffinityPolicy indicates how we will treat Pod's nodeAffinity/nodeSelector + when calculating pod topology spread skew. Options are: + - Honor: only nodes matching nodeAffinity/nodeSelector are included in the calculations. + - Ignore: nodeAffinity/nodeSelector are ignored. All nodes are included in the calculations. + + If this value is nil, the behavior is equivalent to the Honor policy. + type: string + nodeTaintsPolicy: + description: |- + NodeTaintsPolicy indicates how we will treat node taints when calculating + pod topology spread skew. Options are: + - Honor: nodes without taints, along with tainted nodes for which the incoming pod + has a toleration, are included. + - Ignore: node taints are ignored. All nodes are included. + + If this value is nil, the behavior is equivalent to the Ignore policy. + type: string + topologyKey: + description: |- + TopologyKey is the key of node labels. Nodes that have a label with this key + and identical values are considered to be in the same topology. + We consider each as a "bucket", and try to put balanced number + of pods into each bucket. + We define a domain as a particular instance of a topology. + Also, we define an eligible domain as a domain whose nodes meet the requirements of + nodeAffinityPolicy and nodeTaintsPolicy. + e.g. If TopologyKey is "kubernetes.io/hostname", each Node is a domain of that topology. + And, if TopologyKey is "topology.kubernetes.io/zone", each zone is a domain of that topology. + It's a required field. + type: string + whenUnsatisfiable: + description: |- + WhenUnsatisfiable indicates how to deal with a pod if it doesn't satisfy + the spread constraint. + - DoNotSchedule (default) tells the scheduler not to schedule it. + - ScheduleAnyway tells the scheduler to schedule the pod in any location, + but giving higher precedence to topologies that would help reduce the + skew. + A constraint is considered "Unsatisfiable" for an incoming pod + if and only if every possible node assignment for that pod would violate + "MaxSkew" on some topology. + For example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same + labelSelector spread as 3/1/1: + | zone1 | zone2 | zone3 | + | P P P | P | P | + If WhenUnsatisfiable is set to DoNotSchedule, incoming pod can only be scheduled + to zone2(zone3) to become 3/2/1(3/1/2) as ActualSkew(2-1) on zone2(zone3) satisfies + MaxSkew(1). In other words, the cluster can still be imbalanced, but scheduler + won't make it *more* imbalanced. + It's a required field. + type: string + required: + - maxSkew + - topologyKey + - whenUnsatisfiable + type: object + maxItems: 10 + minItems: 1 + type: array + x-kubernetes-list-map-keys: + - topologyKey + - whenUnsatisfiable + x-kubernetes-list-type: map + volumeClaimTemplate: + description: |- + volumeClaimTemplate Defines persistent storage for Prometheus. Use this setting to + configure the persistent volume claim, including storage class, volume + size, and name. + If omitted, the Pod uses ephemeral storage and Prometheus data will not persist + across restarts. + This field is optional. + properties: + apiVersion: + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + type: string + kind: + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + type: string + metadata: + description: |- + Standard object's metadata. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata + type: object + spec: + description: |- + spec defines the desired characteristics of a volume requested by a pod author. + More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims + properties: + accessModes: + description: |- + accessModes contains the desired access modes the volume should have. + More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1 + items: + type: string + type: array + x-kubernetes-list-type: atomic + dataSource: + description: |- + dataSource field can be used to specify either: + * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot) + * An existing PVC (PersistentVolumeClaim) + If the provisioner or an external controller can support the specified data source, + it will create a new volume based on the contents of the specified data source. + When the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef, + and dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified. + If the namespace is specified, then dataSourceRef will not be copied to dataSource. + properties: + apiGroup: + description: |- + APIGroup is the group for the resource being referenced. + If APIGroup is not specified, the specified Kind must be in the core API group. + For any other third-party types, APIGroup is required. + type: string + kind: + description: Kind is the type of resource being referenced + type: string + name: + description: Name is the name of resource being referenced + type: string + required: + - kind + - name + type: object + x-kubernetes-map-type: atomic + dataSourceRef: + description: |- + dataSourceRef specifies the object from which to populate the volume with data, if a non-empty + volume is desired. This may be any object from a non-empty API group (non + core object) or a PersistentVolumeClaim object. + When this field is specified, volume binding will only succeed if the type of + the specified object matches some installed volume populator or dynamic + provisioner. + This field will replace the functionality of the dataSource field and as such + if both fields are non-empty, they must have the same value. For backwards + compatibility, when namespace isn't specified in dataSourceRef, + both fields (dataSource and dataSourceRef) will be set to the same + value automatically if one of them is empty and the other is non-empty. + When namespace is specified in dataSourceRef, + dataSource isn't set to the same value and must be empty. + There are three important differences between dataSource and dataSourceRef: + * While dataSource only allows two specific types of objects, dataSourceRef + allows any non-core object, as well as PersistentVolumeClaim objects. + * While dataSource ignores disallowed values (dropping them), dataSourceRef + preserves all values, and generates an error if a disallowed value is + specified. + * While dataSource only allows local objects, dataSourceRef allows objects + in any namespaces. + (Beta) Using this field requires the AnyVolumeDataSource feature gate to be enabled. + (Alpha) Using the namespace field of dataSourceRef requires the CrossNamespaceVolumeDataSource feature gate to be enabled. + properties: + apiGroup: + description: |- + APIGroup is the group for the resource being referenced. + If APIGroup is not specified, the specified Kind must be in the core API group. + For any other third-party types, APIGroup is required. + type: string + kind: + description: Kind is the type of resource being referenced + type: string + name: + description: Name is the name of resource being referenced + type: string + namespace: + description: |- + Namespace is the namespace of resource being referenced + Note that when a namespace is specified, a gateway.networking.k8s.io/ReferenceGrant object is required in the referent namespace to allow that namespace's owner to accept the reference. See the ReferenceGrant documentation for details. + (Alpha) This field requires the CrossNamespaceVolumeDataSource feature gate to be enabled. + type: string + required: + - kind + - name + type: object + resources: + description: |- + resources represents the minimum resources the volume should have. + If RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements + that are lower than previous value but must still be higher than capacity recorded in the + status field of the claim. + More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources + properties: + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: |- + Limits describes the maximum amount of compute resources allowed. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: |- + Requests describes the minimum amount of compute resources required. + If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, + otherwise to an implementation-defined value. Requests cannot exceed Limits. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + type: object + type: object + selector: + description: selector is a label query over volumes to + consider for binding. + properties: + matchExpressions: + description: matchExpressions is a list of label selector + requirements. The requirements are ANDed. + items: + description: |- + A label selector requirement is a selector that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: key is the label key that the selector + applies to. + type: string + operator: + description: |- + operator represents a key's relationship to a set of values. + Valid operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: |- + values is an array of string values. If the operator is In or NotIn, + the values array must be non-empty. If the operator is Exists or DoesNotExist, + the values array must be empty. This array is replaced during a strategic + merge patch. + items: + type: string + type: array + x-kubernetes-list-type: atomic + required: + - key + - operator + type: object + type: array + x-kubernetes-list-type: atomic + matchLabels: + additionalProperties: + type: string + description: |- + matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, whose key field is "key", the + operator is "In", and the values array contains only "value". The requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + storageClassName: + description: |- + storageClassName is the name of the StorageClass required by the claim. + More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1 + type: string + volumeAttributesClassName: + description: |- + volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim. + If specified, the CSI driver will create or update the volume with the attributes defined + in the corresponding VolumeAttributesClass. This has a different purpose than storageClassName, + it can be changed after the claim is created. An empty string value means that no VolumeAttributesClass + will be applied to the claim but it's not allowed to reset this field to empty string once it is set. + If unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass + will be set by the persistentvolume controller if it exists. + If the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be + set to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource + exists. + More info: https://kubernetes.io/docs/concepts/storage/volume-attributes-classes/ + (Beta) Using this field requires the VolumeAttributesClass feature gate to be enabled (off by default). + type: string + volumeMode: + description: |- + volumeMode defines what type of volume is required by the claim. + Value of Filesystem is implied when not included in claim spec. + type: string + volumeName: + description: volumeName is the binding reference to the + PersistentVolume backing this claim. + type: string + type: object + status: + description: |- + status represents the current information/status of a persistent volume claim. + Read-only. + More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims + properties: + accessModes: + description: |- + accessModes contains the actual access modes the volume backing the PVC has. + More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1 + items: + type: string + type: array + x-kubernetes-list-type: atomic + allocatedResourceStatuses: + additionalProperties: + description: |- + When a controller receives persistentvolume claim update with ClaimResourceStatus for a resource + that it does not recognizes, then it should ignore that update and let other controllers + handle it. + type: string + description: "allocatedResourceStatuses stores status + of resource being resized for the given PVC.\nKey names + follow standard Kubernetes label syntax. Valid values + are either:\n\t* Un-prefixed keys:\n\t\t- storage - + the capacity of the volume.\n\t* Custom resources must + use implementation-defined prefixed names such as \"example.com/my-custom-resource\"\nApart + from above values - keys that are unprefixed or have + kubernetes.io prefix are considered\nreserved and hence + may not be used.\n\nClaimResourceStatus can be in any + of following states:\n\t- ControllerResizeInProgress:\n\t\tState + set when resize controller starts resizing the volume + in control-plane.\n\t- ControllerResizeFailed:\n\t\tState + set when resize has failed in resize controller with + a terminal error.\n\t- NodeResizePending:\n\t\tState + set when resize controller has finished resizing the + volume but further resizing of\n\t\tvolume is needed + on the node.\n\t- NodeResizeInProgress:\n\t\tState set + when kubelet starts resizing the volume.\n\t- NodeResizeFailed:\n\t\tState + set when resizing has failed in kubelet with a terminal + error. Transient errors don't set\n\t\tNodeResizeFailed.\nFor + example: if expanding a PVC for more capacity - this + field can be one of the following states:\n\t- pvc.status.allocatedResourceStatus['storage'] + = \"ControllerResizeInProgress\"\n - pvc.status.allocatedResourceStatus['storage'] + = \"ControllerResizeFailed\"\n - pvc.status.allocatedResourceStatus['storage'] + = \"NodeResizePending\"\n - pvc.status.allocatedResourceStatus['storage'] + = \"NodeResizeInProgress\"\n - pvc.status.allocatedResourceStatus['storage'] + = \"NodeResizeFailed\"\nWhen this field is not set, + it means that no resize operation is in progress for + the given PVC.\n\nA controller that receives PVC update + with previously unknown resourceName or ClaimResourceStatus\nshould + ignore the update for the purpose it was designed. For + example - a controller that\nonly is responsible for + resizing capacity of the volume, should ignore PVC updates + that change other valid\nresources associated with PVC.\n\nThis + is an alpha field and requires enabling RecoverVolumeExpansionFailure + feature." + type: object + x-kubernetes-map-type: granular + allocatedResources: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: "allocatedResources tracks the resources + allocated to a PVC including its capacity.\nKey names + follow standard Kubernetes label syntax. Valid values + are either:\n\t* Un-prefixed keys:\n\t\t- storage - + the capacity of the volume.\n\t* Custom resources must + use implementation-defined prefixed names such as \"example.com/my-custom-resource\"\nApart + from above values - keys that are unprefixed or have + kubernetes.io prefix are considered\nreserved and hence + may not be used.\n\nCapacity reported here may be larger + than the actual capacity when a volume expansion operation\nis + requested.\nFor storage quota, the larger value from + allocatedResources and PVC.spec.resources is used.\nIf + allocatedResources is not set, PVC.spec.resources alone + is used for quota calculation.\nIf a volume expansion + capacity request is lowered, allocatedResources is only\nlowered + if there are no expansion operations in progress and + if the actual volume capacity\nis equal or lower than + the requested capacity.\n\nA controller that receives + PVC update with previously unknown resourceName\nshould + ignore the update for the purpose it was designed. For + example - a controller that\nonly is responsible for + resizing capacity of the volume, should ignore PVC updates + that change other valid\nresources associated with PVC.\n\nThis + is an alpha field and requires enabling RecoverVolumeExpansionFailure + feature." + type: object + capacity: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: capacity represents the actual resources + of the underlying volume. + type: object + conditions: + description: |- + conditions is the current Condition of persistent volume claim. If underlying persistent volume is being + resized then the Condition will be set to 'Resizing'. + items: + description: PersistentVolumeClaimCondition contains + details about state of pvc + properties: + lastProbeTime: + description: lastProbeTime is the time we probed + the condition. + format: date-time + type: string + lastTransitionTime: + description: lastTransitionTime is the time the + condition transitioned from one status to another. + format: date-time + type: string + message: + description: message is the human-readable message + indicating details about last transition. + type: string + reason: + description: |- + reason is a unique, this should be a short, machine understandable string that gives the reason + for condition's last transition. If it reports "Resizing" that means the underlying + persistent volume is being resized. + type: string + status: + description: |- + Status is the status of the condition. + Can be True, False, Unknown. + More info: https://kubernetes.io/docs/reference/kubernetes-api/config-and-storage-resources/persistent-volume-claim-v1/#:~:text=state%20of%20pvc-,conditions.status,-(string)%2C%20required + type: string + type: + description: |- + Type is the type of the condition. + More info: https://kubernetes.io/docs/reference/kubernetes-api/config-and-storage-resources/persistent-volume-claim-v1/#:~:text=set%20to%20%27ResizeStarted%27.-,PersistentVolumeClaimCondition,-contains%20details%20about + type: string + required: + - status + - type + type: object + type: array + x-kubernetes-list-map-keys: + - type + x-kubernetes-list-type: map + currentVolumeAttributesClassName: + description: |- + currentVolumeAttributesClassName is the current name of the VolumeAttributesClass the PVC is using. + When unset, there is no VolumeAttributeClass applied to this PersistentVolumeClaim + This is a beta field and requires enabling VolumeAttributesClass feature (off by default). + type: string + modifyVolumeStatus: + description: |- + ModifyVolumeStatus represents the status object of ControllerModifyVolume operation. + When this is unset, there is no ModifyVolume operation being attempted. + This is a beta field and requires enabling VolumeAttributesClass feature (off by default). + properties: + status: + description: "status is the status of the ControllerModifyVolume + operation. It can be in any of following states:\n + - Pending\n Pending indicates that the PersistentVolumeClaim + cannot be modified due to unmet requirements, such + as\n the specified VolumeAttributesClass not existing.\n + - InProgress\n InProgress indicates that the volume + is being modified.\n - Infeasible\n Infeasible + indicates that the request has been rejected as + invalid by the CSI driver. To\n\t resolve the error, + a valid VolumeAttributesClass needs to be specified.\nNote: + New statuses can be added in the future. Consumers + should check for unknown statuses and fail appropriately." + type: string + targetVolumeAttributesClassName: + description: targetVolumeAttributesClassName is the + name of the VolumeAttributesClass the PVC currently + being reconciled + type: string + required: + - status + type: object + phase: + description: phase represents the current phase of PersistentVolumeClaim. + type: string + type: object + type: object + type: object userDefined: description: |- userDefined set the deployment mode for user-defined monitoring in addition to the default platform monitoring. diff --git a/config/v1alpha1/zz_generated.crd-manifests/0000_10_config-operator_01_clustermonitoring-DevPreviewNoUpgrade.crd.yaml b/config/v1alpha1/zz_generated.crd-manifests/0000_10_config-operator_01_clustermonitoring-DevPreviewNoUpgrade.crd.yaml index f79bea45d55..8b3f6f17bb1 100644 --- a/config/v1alpha1/zz_generated.crd-manifests/0000_10_config-operator_01_clustermonitoring-DevPreviewNoUpgrade.crd.yaml +++ b/config/v1alpha1/zz_generated.crd-manifests/0000_10_config-operator_01_clustermonitoring-DevPreviewNoUpgrade.crd.yaml @@ -1288,6 +1288,1085 @@ spec: - TraceAll type: string type: object + prometheusK8sConfig: + description: |- + prometheusK8sConfig provides configuration options for the Prometheus instance + Prometheus deployment, pod scheduling, resource allocation, retention policies, and external integrations. + prometheusK8sConfig is optional. + When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time. + minProperties: 1 + properties: + additionalAlertmanagerConfigs: + description: |- + additionalAlertmanagerConfigs configures additional Alertmanager instances that receive alerts from + the Prometheus component. By default, no additional Alertmanager instances are configured. + items: + description: |- + AdditionalAlertmanagerConfig represents configuration for additional Alertmanager instances. + The `AdditionalAlertmanagerConfig` resource defines settings for how a + component communicates with additional Alertmanager instances. + properties: + apiVersion: + description: |- + apiVersion defines the API version of Alertmanager. + `v1` is no longer supported, `v2` is set as the default value. + maxLength: 10 + type: string + bearerToken: + description: |- + bearerToken defines the secret key reference containing the bearer token + to use when authenticating to Alertmanager. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + pathPrefix: + description: pathPrefix defines the path prefix to add in + front of the push endpoint path. + maxLength: 255 + type: string + scheme: + description: |- + scheme defines the URL scheme to use when communicating with Alertmanager + instances. + Possible values are `http` or `https`. The default value is `http`. + maxLength: 10 + type: string + staticConfigs: + description: |- + staticConfigs is a list of statically configured Alertmanager endpoints in the form + of `:`. + items: + maxLength: 255 + type: string + maxItems: 10 + type: array + x-kubernetes-list-type: set + timeout: + description: timeout defines the timeout value used when + sending alerts. + maxLength: 20 + type: string + tlsConfig: + description: tlsConfig defines the TLS settings to use for + Alertmanager connections. + properties: + ca: + description: ca is the CA certificate to use for TLS + connections. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key + must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + cert: + description: cert is the client certificate to use for + TLS connections. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key + must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + insecureSkipVerify: + description: insecureSkipVerify determines whether to + skip TLS certificate verification. + enum: + - true + - false + type: string + key: + description: key is the client key to use for TLS connections. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key + must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + serverName: + description: serverName is the server name to use for + TLS connections. + maxLength: 253 + type: string + type: object + required: + - apiVersion + type: object + maxItems: 10 + type: array + x-kubernetes-list-type: atomic + collectionProfile: + description: |- + collectionProfile defines the metrics collection profile that Prometheus uses to collect + metrics from the platform components. Supported values are `full` or + `minimal`. In the `full` profile (default), Prometheus collects all + metrics that are exposed by the platform components. In the `minimal` + profile, Prometheus only collects metrics necessary for the default + platform alerts, recording rules, telemetry and console dashboards. + enum: + - full + - minimal + type: string + enforcedBodySizeLimit: + description: |- + enforcedBodySizeLimit enforces a body size limit for Prometheus scraped metrics. If a scraped + target's body response is larger than the limit, the scrape will fail. + The following values are valid: + an empty value to specify no limit, + a numeric value in Prometheus size format (such as `64MB`), or + the string `automatic`, which indicates that the limit will be + automatically calculated based on cluster capacity. + The default value is empty, which indicates no limit. + maxLength: 50 + type: string + externalLabels: + description: |- + externalLabels defines labels to be added to any time series or alerts when + communicating with external systems such as federation, remote storage, + and Alertmanager. By default, no labels are added. + properties: + labels: + additionalProperties: + type: string + description: labels is a map of label names to label values. + type: object + required: + - labels + type: object + logLevel: + description: |- + logLevel defines the verbosity of logs emitted by Prometheus. + This field allows users to control the amount and severity of logs generated, which can be useful + for debugging issues or reducing noise in production environments. + Allowed values are Error, Warn, Info, and Debug. + When set to Error, only errors will be logged. + When set to Warn, both warnings and errors will be logged. + When set to Info, general information, warnings, and errors will all be logged. + When set to Debug, detailed debugging information will be logged. + When omitted, this means no opinion and the platform is left to choose a reasonable default, that is subject to change over time. + The current default value is `Info`. + maxLength: 10 + type: string + nodeSelector: + additionalProperties: + type: string + description: |- + nodeSelector defines the nodes on which the Pods are scheduled + nodeSelector is optional. + + When omitted, this means the user has no opinion and the platform is left + to choose reasonable defaults. These defaults are subject to change over time. + The current default value is `kubernetes.io/os: linux`. + maxProperties: 10 + minProperties: 1 + type: object + queryLogFile: + description: |- + queryLogFile specifies the file to which PromQL queries are logged. + This setting can be either a filename, in which + case the queries are saved to an `emptyDir` volume + at `/var/log/prometheus`, or a full path to a location where + an `emptyDir` volume will be mounted and the queries saved. + Writing to `/dev/stderr`, `/dev/stdout` or `/dev/null` is supported, but + writing to any other `/dev/` path is not supported. Relative paths are + also not supported. + By default, PromQL queries are not logged. + maxLength: 255 + type: string + remoteWrite: + description: |- + remoteWrite defines the remote write configuration, including URL, authentication, + and relabeling settings. + items: + description: RemoteWriteSpec represents configuration for remote + write endpoints. + properties: + name: + description: name is the name of the remote write configuration. + maxLength: 63 + type: string + remoteTimeout: + description: remoteTimeout is the timeout for requests to + the remote write endpoint. + maxLength: 20 + type: string + url: + description: url is the URL of the remote write endpoint. + maxLength: 2048 + type: string + writeRelabelConfigs: + description: writeRelabelConfigs is a list of relabeling + rules to apply before sending data to the remote endpoint. + items: + description: RelabelConfig represents a relabeling rule. + properties: + action: + description: action is the action to perform. + maxLength: 20 + type: string + regex: + description: regex is the regular expression to match + against the concatenated source label values. + maxLength: 1000 + type: string + replacement: + description: replacement is the replacement value + for the target label. + maxLength: 255 + type: string + separator: + description: separator is the separator used to join + source label values. + maxLength: 10 + type: string + sourceLabels: + description: sourceLabels is a list of source label + names. + items: + maxLength: 63 + type: string + maxItems: 10 + type: array + x-kubernetes-list-type: set + targetLabel: + description: targetLabel is the target label name. + maxLength: 63 + type: string + type: object + maxItems: 10 + type: array + x-kubernetes-list-type: atomic + required: + - url + type: object + maxItems: 10 + type: array + x-kubernetes-list-type: atomic + resources: + description: |- + resources defines the compute resource requests and limits for the Prometheus container. + This includes CPU, memory and HugePages constraints to help control scheduling and resource usage. + When not specified, defaults are used by the platform. Requests cannot exceed limits. + This field is optional. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + This is a simplified API that maps to Kubernetes ResourceRequirements. + The current default values are: + resources: + - name: cpu + request: 4m + limit: null + - name: memory + request: 40Mi + limit: null + Maximum length for this list is 10. + Minimum length for this list is 1. + items: + description: ContainerResource defines a single resource requirement + for a container. + properties: + limit: + anyOf: + - type: integer + - type: string + description: |- + limit is the maximum amount of the resource allowed (e.g. "2Mi", "1Gi"). + This field is optional. + When request is specified, limit cannot be less than request. + The value must be greater than 0 when specified. + maxLength: 20 + minLength: 1 + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + x-kubernetes-validations: + - message: limit must be a positive, non-zero quantity + rule: isQuantity(self) && quantity(self).isGreaterThan(quantity('0')) + name: + description: |- + name of the resource (e.g. "cpu", "memory", "hugepages-2Mi"). + This field is required. + name must consist only of alphanumeric characters, `-`, `_` and `.` and must start and end with an alphanumeric character. + maxLength: 253 + minLength: 1 + type: string + x-kubernetes-validations: + - message: name must consist only of alphanumeric characters, + `-`, `_` and `.` and must start and end with an alphanumeric + character + rule: '!format.qualifiedName().validate(self).hasValue()' + request: + anyOf: + - type: integer + - type: string + description: |- + request is the minimum amount of the resource required (e.g. "2Mi", "1Gi"). + This field is optional. + When limit is specified, request cannot be greater than limit. + maxLength: 20 + minLength: 1 + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + x-kubernetes-validations: + - message: request must be a positive, non-zero quantity + rule: isQuantity(self) && quantity(self).isGreaterThan(quantity('0')) + required: + - name + type: object + x-kubernetes-validations: + - message: at least one of request or limit must be set + rule: has(self.request) || has(self.limit) + - message: limit must be greater than or equal to request + rule: '!(has(self.request) && has(self.limit)) || quantity(self.limit).compareTo(quantity(self.request)) + >= 0' + maxItems: 10 + minItems: 1 + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + retention: + description: |- + retention defines the duration for which Prometheus retains data. + This definition must be specified using the following regular + expression pattern: `[0-9]+(ms|s|m|h|d|w|y)` (ms = milliseconds, + s= seconds,m = minutes, h = hours, d = days, w = weeks, y = years). + The default value is `15d`. + maxLength: 20 + type: string + retentionSize: + description: |- + retentionSize defines the maximum amount of disk space used by data blocks plus the + write-ahead log (WAL). + Supported values are `B`, `KB`, `KiB`, `MB`, `MiB`, `GB`, `GiB`, `TB`, + `TiB`, `PB`, `PiB`, `EB`, and `EiB`. + By default, no limit is defined. + maxLength: 20 + type: string + tolerations: + description: |- + tolerations defines tolerations for the pods. + tolerations is optional. + + When omitted, this means the user has no opinion and the platform is left + to choose reasonable defaults. These defaults are subject to change over time. + Defaults are empty/unset. + Maximum length for this list is 10 + Minimum length for this list is 1 + items: + description: |- + The pod this Toleration is attached to tolerates any taint that matches + the triple using the matching operator . + properties: + effect: + description: |- + Effect indicates the taint effect to match. Empty means match all taint effects. + When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute. + type: string + key: + description: |- + Key is the taint key that the toleration applies to. Empty means match all taint keys. + If the key is empty, operator must be Exists; this combination means to match all values and all keys. + type: string + operator: + description: |- + Operator represents a key's relationship to the value. + Valid operators are Exists and Equal. Defaults to Equal. + Exists is equivalent to wildcard for value, so that a pod can + tolerate all taints of a particular category. + type: string + tolerationSeconds: + description: |- + TolerationSeconds represents the period of time the toleration (which must be + of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, + it is not set, which means tolerate the taint forever (do not evict). Zero and + negative values will be treated as 0 (evict immediately) by the system. + format: int64 + type: integer + value: + description: |- + Value is the taint value the toleration matches to. + If the operator is Exists, the value should be empty, otherwise just a regular string. + type: string + type: object + maxItems: 10 + minItems: 1 + type: array + x-kubernetes-list-type: atomic + topologySpreadConstraints: + description: |- + topologySpreadConstraints defines rules for how Prometheus Pods should be distributed + across topology domains such as zones, nodes, or other user-defined labels. + topologySpreadConstraints is optional. + This helps improve high availability and resource efficiency by avoiding placing + too many replicas in the same failure domain. + + When omitted, this means no opinion and the platform is left to choose a default, which is subject to change over time. + This field maps directly to the `topologySpreadConstraints` field in the Pod spec. + Default is empty list. + Maximum length for this list is 10. + Minimum length for this list is 1 + Entries must have unique topologyKey and whenUnsatisfiable pairs. + items: + description: TopologySpreadConstraint specifies how to spread + matching pods among the given topology. + properties: + labelSelector: + description: |- + LabelSelector is used to find matching pods. + Pods that match this label selector are counted to determine the number of pods + in their corresponding topology domain. + properties: + matchExpressions: + description: matchExpressions is a list of label selector + requirements. The requirements are ANDed. + items: + description: |- + A label selector requirement is a selector that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: key is the label key that the selector + applies to. + type: string + operator: + description: |- + operator represents a key's relationship to a set of values. + Valid operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: |- + values is an array of string values. If the operator is In or NotIn, + the values array must be non-empty. If the operator is Exists or DoesNotExist, + the values array must be empty. This array is replaced during a strategic + merge patch. + items: + type: string + type: array + x-kubernetes-list-type: atomic + required: + - key + - operator + type: object + type: array + x-kubernetes-list-type: atomic + matchLabels: + additionalProperties: + type: string + description: |- + matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, whose key field is "key", the + operator is "In", and the values array contains only "value". The requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + matchLabelKeys: + description: |- + MatchLabelKeys is a set of pod label keys to select the pods over which + spreading will be calculated. The keys are used to lookup values from the + incoming pod labels, those key-value labels are ANDed with labelSelector + to select the group of existing pods over which spreading will be calculated + for the incoming pod. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. + MatchLabelKeys cannot be set when LabelSelector isn't set. + Keys that don't exist in the incoming pod labels will + be ignored. A null or empty list means only match against labelSelector. + + This is a beta field and requires the MatchLabelKeysInPodTopologySpread feature gate to be enabled (enabled by default). + items: + type: string + type: array + x-kubernetes-list-type: atomic + maxSkew: + description: |- + MaxSkew describes the degree to which pods may be unevenly distributed. + When `whenUnsatisfiable=DoNotSchedule`, it is the maximum permitted difference + between the number of matching pods in the target topology and the global minimum. + The global minimum is the minimum number of matching pods in an eligible domain + or zero if the number of eligible domains is less than MinDomains. + For example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same + labelSelector spread as 2/2/1: + In this case, the global minimum is 1. + | zone1 | zone2 | zone3 | + | P P | P P | P | + - if MaxSkew is 1, incoming pod can only be scheduled to zone3 to become 2/2/2; + scheduling it onto zone1(zone2) would make the ActualSkew(3-1) on zone1(zone2) + violate MaxSkew(1). + - if MaxSkew is 2, incoming pod can be scheduled onto any zone. + When `whenUnsatisfiable=ScheduleAnyway`, it is used to give higher precedence + to topologies that satisfy it. + It's a required field. Default value is 1 and 0 is not allowed. + format: int32 + type: integer + minDomains: + description: |- + MinDomains indicates a minimum number of eligible domains. + When the number of eligible domains with matching topology keys is less than minDomains, + Pod Topology Spread treats "global minimum" as 0, and then the calculation of Skew is performed. + And when the number of eligible domains with matching topology keys equals or greater than minDomains, + this value has no effect on scheduling. + As a result, when the number of eligible domains is less than minDomains, + scheduler won't schedule more than maxSkew Pods to those domains. + If value is nil, the constraint behaves as if MinDomains is equal to 1. + Valid values are integers greater than 0. + When value is not nil, WhenUnsatisfiable must be DoNotSchedule. + + For example, in a 3-zone cluster, MaxSkew is set to 2, MinDomains is set to 5 and pods with the same + labelSelector spread as 2/2/2: + | zone1 | zone2 | zone3 | + | P P | P P | P P | + The number of domains is less than 5(MinDomains), so "global minimum" is treated as 0. + In this situation, new pod with the same labelSelector cannot be scheduled, + because computed skew will be 3(3 - 0) if new Pod is scheduled to any of the three zones, + it will violate MaxSkew. + format: int32 + type: integer + nodeAffinityPolicy: + description: |- + NodeAffinityPolicy indicates how we will treat Pod's nodeAffinity/nodeSelector + when calculating pod topology spread skew. Options are: + - Honor: only nodes matching nodeAffinity/nodeSelector are included in the calculations. + - Ignore: nodeAffinity/nodeSelector are ignored. All nodes are included in the calculations. + + If this value is nil, the behavior is equivalent to the Honor policy. + type: string + nodeTaintsPolicy: + description: |- + NodeTaintsPolicy indicates how we will treat node taints when calculating + pod topology spread skew. Options are: + - Honor: nodes without taints, along with tainted nodes for which the incoming pod + has a toleration, are included. + - Ignore: node taints are ignored. All nodes are included. + + If this value is nil, the behavior is equivalent to the Ignore policy. + type: string + topologyKey: + description: |- + TopologyKey is the key of node labels. Nodes that have a label with this key + and identical values are considered to be in the same topology. + We consider each as a "bucket", and try to put balanced number + of pods into each bucket. + We define a domain as a particular instance of a topology. + Also, we define an eligible domain as a domain whose nodes meet the requirements of + nodeAffinityPolicy and nodeTaintsPolicy. + e.g. If TopologyKey is "kubernetes.io/hostname", each Node is a domain of that topology. + And, if TopologyKey is "topology.kubernetes.io/zone", each zone is a domain of that topology. + It's a required field. + type: string + whenUnsatisfiable: + description: |- + WhenUnsatisfiable indicates how to deal with a pod if it doesn't satisfy + the spread constraint. + - DoNotSchedule (default) tells the scheduler not to schedule it. + - ScheduleAnyway tells the scheduler to schedule the pod in any location, + but giving higher precedence to topologies that would help reduce the + skew. + A constraint is considered "Unsatisfiable" for an incoming pod + if and only if every possible node assignment for that pod would violate + "MaxSkew" on some topology. + For example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same + labelSelector spread as 3/1/1: + | zone1 | zone2 | zone3 | + | P P P | P | P | + If WhenUnsatisfiable is set to DoNotSchedule, incoming pod can only be scheduled + to zone2(zone3) to become 3/2/1(3/1/2) as ActualSkew(2-1) on zone2(zone3) satisfies + MaxSkew(1). In other words, the cluster can still be imbalanced, but scheduler + won't make it *more* imbalanced. + It's a required field. + type: string + required: + - maxSkew + - topologyKey + - whenUnsatisfiable + type: object + maxItems: 10 + minItems: 1 + type: array + x-kubernetes-list-map-keys: + - topologyKey + - whenUnsatisfiable + x-kubernetes-list-type: map + volumeClaimTemplate: + description: |- + volumeClaimTemplate Defines persistent storage for Prometheus. Use this setting to + configure the persistent volume claim, including storage class, volume + size, and name. + If omitted, the Pod uses ephemeral storage and Prometheus data will not persist + across restarts. + This field is optional. + properties: + apiVersion: + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + type: string + kind: + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + type: string + metadata: + description: |- + Standard object's metadata. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata + type: object + spec: + description: |- + spec defines the desired characteristics of a volume requested by a pod author. + More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims + properties: + accessModes: + description: |- + accessModes contains the desired access modes the volume should have. + More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1 + items: + type: string + type: array + x-kubernetes-list-type: atomic + dataSource: + description: |- + dataSource field can be used to specify either: + * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot) + * An existing PVC (PersistentVolumeClaim) + If the provisioner or an external controller can support the specified data source, + it will create a new volume based on the contents of the specified data source. + When the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef, + and dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified. + If the namespace is specified, then dataSourceRef will not be copied to dataSource. + properties: + apiGroup: + description: |- + APIGroup is the group for the resource being referenced. + If APIGroup is not specified, the specified Kind must be in the core API group. + For any other third-party types, APIGroup is required. + type: string + kind: + description: Kind is the type of resource being referenced + type: string + name: + description: Name is the name of resource being referenced + type: string + required: + - kind + - name + type: object + x-kubernetes-map-type: atomic + dataSourceRef: + description: |- + dataSourceRef specifies the object from which to populate the volume with data, if a non-empty + volume is desired. This may be any object from a non-empty API group (non + core object) or a PersistentVolumeClaim object. + When this field is specified, volume binding will only succeed if the type of + the specified object matches some installed volume populator or dynamic + provisioner. + This field will replace the functionality of the dataSource field and as such + if both fields are non-empty, they must have the same value. For backwards + compatibility, when namespace isn't specified in dataSourceRef, + both fields (dataSource and dataSourceRef) will be set to the same + value automatically if one of them is empty and the other is non-empty. + When namespace is specified in dataSourceRef, + dataSource isn't set to the same value and must be empty. + There are three important differences between dataSource and dataSourceRef: + * While dataSource only allows two specific types of objects, dataSourceRef + allows any non-core object, as well as PersistentVolumeClaim objects. + * While dataSource ignores disallowed values (dropping them), dataSourceRef + preserves all values, and generates an error if a disallowed value is + specified. + * While dataSource only allows local objects, dataSourceRef allows objects + in any namespaces. + (Beta) Using this field requires the AnyVolumeDataSource feature gate to be enabled. + (Alpha) Using the namespace field of dataSourceRef requires the CrossNamespaceVolumeDataSource feature gate to be enabled. + properties: + apiGroup: + description: |- + APIGroup is the group for the resource being referenced. + If APIGroup is not specified, the specified Kind must be in the core API group. + For any other third-party types, APIGroup is required. + type: string + kind: + description: Kind is the type of resource being referenced + type: string + name: + description: Name is the name of resource being referenced + type: string + namespace: + description: |- + Namespace is the namespace of resource being referenced + Note that when a namespace is specified, a gateway.networking.k8s.io/ReferenceGrant object is required in the referent namespace to allow that namespace's owner to accept the reference. See the ReferenceGrant documentation for details. + (Alpha) This field requires the CrossNamespaceVolumeDataSource feature gate to be enabled. + type: string + required: + - kind + - name + type: object + resources: + description: |- + resources represents the minimum resources the volume should have. + If RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements + that are lower than previous value but must still be higher than capacity recorded in the + status field of the claim. + More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources + properties: + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: |- + Limits describes the maximum amount of compute resources allowed. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: |- + Requests describes the minimum amount of compute resources required. + If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, + otherwise to an implementation-defined value. Requests cannot exceed Limits. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + type: object + type: object + selector: + description: selector is a label query over volumes to + consider for binding. + properties: + matchExpressions: + description: matchExpressions is a list of label selector + requirements. The requirements are ANDed. + items: + description: |- + A label selector requirement is a selector that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: key is the label key that the selector + applies to. + type: string + operator: + description: |- + operator represents a key's relationship to a set of values. + Valid operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: |- + values is an array of string values. If the operator is In or NotIn, + the values array must be non-empty. If the operator is Exists or DoesNotExist, + the values array must be empty. This array is replaced during a strategic + merge patch. + items: + type: string + type: array + x-kubernetes-list-type: atomic + required: + - key + - operator + type: object + type: array + x-kubernetes-list-type: atomic + matchLabels: + additionalProperties: + type: string + description: |- + matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, whose key field is "key", the + operator is "In", and the values array contains only "value". The requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + storageClassName: + description: |- + storageClassName is the name of the StorageClass required by the claim. + More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1 + type: string + volumeAttributesClassName: + description: |- + volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim. + If specified, the CSI driver will create or update the volume with the attributes defined + in the corresponding VolumeAttributesClass. This has a different purpose than storageClassName, + it can be changed after the claim is created. An empty string value means that no VolumeAttributesClass + will be applied to the claim but it's not allowed to reset this field to empty string once it is set. + If unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass + will be set by the persistentvolume controller if it exists. + If the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be + set to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource + exists. + More info: https://kubernetes.io/docs/concepts/storage/volume-attributes-classes/ + (Beta) Using this field requires the VolumeAttributesClass feature gate to be enabled (off by default). + type: string + volumeMode: + description: |- + volumeMode defines what type of volume is required by the claim. + Value of Filesystem is implied when not included in claim spec. + type: string + volumeName: + description: volumeName is the binding reference to the + PersistentVolume backing this claim. + type: string + type: object + status: + description: |- + status represents the current information/status of a persistent volume claim. + Read-only. + More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims + properties: + accessModes: + description: |- + accessModes contains the actual access modes the volume backing the PVC has. + More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1 + items: + type: string + type: array + x-kubernetes-list-type: atomic + allocatedResourceStatuses: + additionalProperties: + description: |- + When a controller receives persistentvolume claim update with ClaimResourceStatus for a resource + that it does not recognizes, then it should ignore that update and let other controllers + handle it. + type: string + description: "allocatedResourceStatuses stores status + of resource being resized for the given PVC.\nKey names + follow standard Kubernetes label syntax. Valid values + are either:\n\t* Un-prefixed keys:\n\t\t- storage - + the capacity of the volume.\n\t* Custom resources must + use implementation-defined prefixed names such as \"example.com/my-custom-resource\"\nApart + from above values - keys that are unprefixed or have + kubernetes.io prefix are considered\nreserved and hence + may not be used.\n\nClaimResourceStatus can be in any + of following states:\n\t- ControllerResizeInProgress:\n\t\tState + set when resize controller starts resizing the volume + in control-plane.\n\t- ControllerResizeFailed:\n\t\tState + set when resize has failed in resize controller with + a terminal error.\n\t- NodeResizePending:\n\t\tState + set when resize controller has finished resizing the + volume but further resizing of\n\t\tvolume is needed + on the node.\n\t- NodeResizeInProgress:\n\t\tState set + when kubelet starts resizing the volume.\n\t- NodeResizeFailed:\n\t\tState + set when resizing has failed in kubelet with a terminal + error. Transient errors don't set\n\t\tNodeResizeFailed.\nFor + example: if expanding a PVC for more capacity - this + field can be one of the following states:\n\t- pvc.status.allocatedResourceStatus['storage'] + = \"ControllerResizeInProgress\"\n - pvc.status.allocatedResourceStatus['storage'] + = \"ControllerResizeFailed\"\n - pvc.status.allocatedResourceStatus['storage'] + = \"NodeResizePending\"\n - pvc.status.allocatedResourceStatus['storage'] + = \"NodeResizeInProgress\"\n - pvc.status.allocatedResourceStatus['storage'] + = \"NodeResizeFailed\"\nWhen this field is not set, + it means that no resize operation is in progress for + the given PVC.\n\nA controller that receives PVC update + with previously unknown resourceName or ClaimResourceStatus\nshould + ignore the update for the purpose it was designed. For + example - a controller that\nonly is responsible for + resizing capacity of the volume, should ignore PVC updates + that change other valid\nresources associated with PVC.\n\nThis + is an alpha field and requires enabling RecoverVolumeExpansionFailure + feature." + type: object + x-kubernetes-map-type: granular + allocatedResources: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: "allocatedResources tracks the resources + allocated to a PVC including its capacity.\nKey names + follow standard Kubernetes label syntax. Valid values + are either:\n\t* Un-prefixed keys:\n\t\t- storage - + the capacity of the volume.\n\t* Custom resources must + use implementation-defined prefixed names such as \"example.com/my-custom-resource\"\nApart + from above values - keys that are unprefixed or have + kubernetes.io prefix are considered\nreserved and hence + may not be used.\n\nCapacity reported here may be larger + than the actual capacity when a volume expansion operation\nis + requested.\nFor storage quota, the larger value from + allocatedResources and PVC.spec.resources is used.\nIf + allocatedResources is not set, PVC.spec.resources alone + is used for quota calculation.\nIf a volume expansion + capacity request is lowered, allocatedResources is only\nlowered + if there are no expansion operations in progress and + if the actual volume capacity\nis equal or lower than + the requested capacity.\n\nA controller that receives + PVC update with previously unknown resourceName\nshould + ignore the update for the purpose it was designed. For + example - a controller that\nonly is responsible for + resizing capacity of the volume, should ignore PVC updates + that change other valid\nresources associated with PVC.\n\nThis + is an alpha field and requires enabling RecoverVolumeExpansionFailure + feature." + type: object + capacity: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: capacity represents the actual resources + of the underlying volume. + type: object + conditions: + description: |- + conditions is the current Condition of persistent volume claim. If underlying persistent volume is being + resized then the Condition will be set to 'Resizing'. + items: + description: PersistentVolumeClaimCondition contains + details about state of pvc + properties: + lastProbeTime: + description: lastProbeTime is the time we probed + the condition. + format: date-time + type: string + lastTransitionTime: + description: lastTransitionTime is the time the + condition transitioned from one status to another. + format: date-time + type: string + message: + description: message is the human-readable message + indicating details about last transition. + type: string + reason: + description: |- + reason is a unique, this should be a short, machine understandable string that gives the reason + for condition's last transition. If it reports "Resizing" that means the underlying + persistent volume is being resized. + type: string + status: + description: |- + Status is the status of the condition. + Can be True, False, Unknown. + More info: https://kubernetes.io/docs/reference/kubernetes-api/config-and-storage-resources/persistent-volume-claim-v1/#:~:text=state%20of%20pvc-,conditions.status,-(string)%2C%20required + type: string + type: + description: |- + Type is the type of the condition. + More info: https://kubernetes.io/docs/reference/kubernetes-api/config-and-storage-resources/persistent-volume-claim-v1/#:~:text=set%20to%20%27ResizeStarted%27.-,PersistentVolumeClaimCondition,-contains%20details%20about + type: string + required: + - status + - type + type: object + type: array + x-kubernetes-list-map-keys: + - type + x-kubernetes-list-type: map + currentVolumeAttributesClassName: + description: |- + currentVolumeAttributesClassName is the current name of the VolumeAttributesClass the PVC is using. + When unset, there is no VolumeAttributeClass applied to this PersistentVolumeClaim + This is a beta field and requires enabling VolumeAttributesClass feature (off by default). + type: string + modifyVolumeStatus: + description: |- + ModifyVolumeStatus represents the status object of ControllerModifyVolume operation. + When this is unset, there is no ModifyVolume operation being attempted. + This is a beta field and requires enabling VolumeAttributesClass feature (off by default). + properties: + status: + description: "status is the status of the ControllerModifyVolume + operation. It can be in any of following states:\n + - Pending\n Pending indicates that the PersistentVolumeClaim + cannot be modified due to unmet requirements, such + as\n the specified VolumeAttributesClass not existing.\n + - InProgress\n InProgress indicates that the volume + is being modified.\n - Infeasible\n Infeasible + indicates that the request has been rejected as + invalid by the CSI driver. To\n\t resolve the error, + a valid VolumeAttributesClass needs to be specified.\nNote: + New statuses can be added in the future. Consumers + should check for unknown statuses and fail appropriately." + type: string + targetVolumeAttributesClassName: + description: targetVolumeAttributesClassName is the + name of the VolumeAttributesClass the PVC currently + being reconciled + type: string + required: + - status + type: object + phase: + description: phase represents the current phase of PersistentVolumeClaim. + type: string + type: object + type: object + type: object userDefined: description: |- userDefined set the deployment mode for user-defined monitoring in addition to the default platform monitoring. diff --git a/config/v1alpha1/zz_generated.crd-manifests/0000_10_config-operator_01_clustermonitoring-TechPreviewNoUpgrade.crd.yaml b/config/v1alpha1/zz_generated.crd-manifests/0000_10_config-operator_01_clustermonitoring-TechPreviewNoUpgrade.crd.yaml index 44c1184e1a3..32bddd337aa 100644 --- a/config/v1alpha1/zz_generated.crd-manifests/0000_10_config-operator_01_clustermonitoring-TechPreviewNoUpgrade.crd.yaml +++ b/config/v1alpha1/zz_generated.crd-manifests/0000_10_config-operator_01_clustermonitoring-TechPreviewNoUpgrade.crd.yaml @@ -1288,6 +1288,1085 @@ spec: - TraceAll type: string type: object + prometheusK8sConfig: + description: |- + prometheusK8sConfig provides configuration options for the Prometheus instance + Prometheus deployment, pod scheduling, resource allocation, retention policies, and external integrations. + prometheusK8sConfig is optional. + When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time. + minProperties: 1 + properties: + additionalAlertmanagerConfigs: + description: |- + additionalAlertmanagerConfigs configures additional Alertmanager instances that receive alerts from + the Prometheus component. By default, no additional Alertmanager instances are configured. + items: + description: |- + AdditionalAlertmanagerConfig represents configuration for additional Alertmanager instances. + The `AdditionalAlertmanagerConfig` resource defines settings for how a + component communicates with additional Alertmanager instances. + properties: + apiVersion: + description: |- + apiVersion defines the API version of Alertmanager. + `v1` is no longer supported, `v2` is set as the default value. + maxLength: 10 + type: string + bearerToken: + description: |- + bearerToken defines the secret key reference containing the bearer token + to use when authenticating to Alertmanager. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + pathPrefix: + description: pathPrefix defines the path prefix to add in + front of the push endpoint path. + maxLength: 255 + type: string + scheme: + description: |- + scheme defines the URL scheme to use when communicating with Alertmanager + instances. + Possible values are `http` or `https`. The default value is `http`. + maxLength: 10 + type: string + staticConfigs: + description: |- + staticConfigs is a list of statically configured Alertmanager endpoints in the form + of `:`. + items: + maxLength: 255 + type: string + maxItems: 10 + type: array + x-kubernetes-list-type: set + timeout: + description: timeout defines the timeout value used when + sending alerts. + maxLength: 20 + type: string + tlsConfig: + description: tlsConfig defines the TLS settings to use for + Alertmanager connections. + properties: + ca: + description: ca is the CA certificate to use for TLS + connections. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key + must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + cert: + description: cert is the client certificate to use for + TLS connections. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key + must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + insecureSkipVerify: + description: insecureSkipVerify determines whether to + skip TLS certificate verification. + enum: + - true + - false + type: string + key: + description: key is the client key to use for TLS connections. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key + must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + serverName: + description: serverName is the server name to use for + TLS connections. + maxLength: 253 + type: string + type: object + required: + - apiVersion + type: object + maxItems: 10 + type: array + x-kubernetes-list-type: atomic + collectionProfile: + description: |- + collectionProfile defines the metrics collection profile that Prometheus uses to collect + metrics from the platform components. Supported values are `full` or + `minimal`. In the `full` profile (default), Prometheus collects all + metrics that are exposed by the platform components. In the `minimal` + profile, Prometheus only collects metrics necessary for the default + platform alerts, recording rules, telemetry and console dashboards. + enum: + - full + - minimal + type: string + enforcedBodySizeLimit: + description: |- + enforcedBodySizeLimit enforces a body size limit for Prometheus scraped metrics. If a scraped + target's body response is larger than the limit, the scrape will fail. + The following values are valid: + an empty value to specify no limit, + a numeric value in Prometheus size format (such as `64MB`), or + the string `automatic`, which indicates that the limit will be + automatically calculated based on cluster capacity. + The default value is empty, which indicates no limit. + maxLength: 50 + type: string + externalLabels: + description: |- + externalLabels defines labels to be added to any time series or alerts when + communicating with external systems such as federation, remote storage, + and Alertmanager. By default, no labels are added. + properties: + labels: + additionalProperties: + type: string + description: labels is a map of label names to label values. + type: object + required: + - labels + type: object + logLevel: + description: |- + logLevel defines the verbosity of logs emitted by Prometheus. + This field allows users to control the amount and severity of logs generated, which can be useful + for debugging issues or reducing noise in production environments. + Allowed values are Error, Warn, Info, and Debug. + When set to Error, only errors will be logged. + When set to Warn, both warnings and errors will be logged. + When set to Info, general information, warnings, and errors will all be logged. + When set to Debug, detailed debugging information will be logged. + When omitted, this means no opinion and the platform is left to choose a reasonable default, that is subject to change over time. + The current default value is `Info`. + maxLength: 10 + type: string + nodeSelector: + additionalProperties: + type: string + description: |- + nodeSelector defines the nodes on which the Pods are scheduled + nodeSelector is optional. + + When omitted, this means the user has no opinion and the platform is left + to choose reasonable defaults. These defaults are subject to change over time. + The current default value is `kubernetes.io/os: linux`. + maxProperties: 10 + minProperties: 1 + type: object + queryLogFile: + description: |- + queryLogFile specifies the file to which PromQL queries are logged. + This setting can be either a filename, in which + case the queries are saved to an `emptyDir` volume + at `/var/log/prometheus`, or a full path to a location where + an `emptyDir` volume will be mounted and the queries saved. + Writing to `/dev/stderr`, `/dev/stdout` or `/dev/null` is supported, but + writing to any other `/dev/` path is not supported. Relative paths are + also not supported. + By default, PromQL queries are not logged. + maxLength: 255 + type: string + remoteWrite: + description: |- + remoteWrite defines the remote write configuration, including URL, authentication, + and relabeling settings. + items: + description: RemoteWriteSpec represents configuration for remote + write endpoints. + properties: + name: + description: name is the name of the remote write configuration. + maxLength: 63 + type: string + remoteTimeout: + description: remoteTimeout is the timeout for requests to + the remote write endpoint. + maxLength: 20 + type: string + url: + description: url is the URL of the remote write endpoint. + maxLength: 2048 + type: string + writeRelabelConfigs: + description: writeRelabelConfigs is a list of relabeling + rules to apply before sending data to the remote endpoint. + items: + description: RelabelConfig represents a relabeling rule. + properties: + action: + description: action is the action to perform. + maxLength: 20 + type: string + regex: + description: regex is the regular expression to match + against the concatenated source label values. + maxLength: 1000 + type: string + replacement: + description: replacement is the replacement value + for the target label. + maxLength: 255 + type: string + separator: + description: separator is the separator used to join + source label values. + maxLength: 10 + type: string + sourceLabels: + description: sourceLabels is a list of source label + names. + items: + maxLength: 63 + type: string + maxItems: 10 + type: array + x-kubernetes-list-type: set + targetLabel: + description: targetLabel is the target label name. + maxLength: 63 + type: string + type: object + maxItems: 10 + type: array + x-kubernetes-list-type: atomic + required: + - url + type: object + maxItems: 10 + type: array + x-kubernetes-list-type: atomic + resources: + description: |- + resources defines the compute resource requests and limits for the Prometheus container. + This includes CPU, memory and HugePages constraints to help control scheduling and resource usage. + When not specified, defaults are used by the platform. Requests cannot exceed limits. + This field is optional. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + This is a simplified API that maps to Kubernetes ResourceRequirements. + The current default values are: + resources: + - name: cpu + request: 4m + limit: null + - name: memory + request: 40Mi + limit: null + Maximum length for this list is 10. + Minimum length for this list is 1. + items: + description: ContainerResource defines a single resource requirement + for a container. + properties: + limit: + anyOf: + - type: integer + - type: string + description: |- + limit is the maximum amount of the resource allowed (e.g. "2Mi", "1Gi"). + This field is optional. + When request is specified, limit cannot be less than request. + The value must be greater than 0 when specified. + maxLength: 20 + minLength: 1 + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + x-kubernetes-validations: + - message: limit must be a positive, non-zero quantity + rule: isQuantity(self) && quantity(self).isGreaterThan(quantity('0')) + name: + description: |- + name of the resource (e.g. "cpu", "memory", "hugepages-2Mi"). + This field is required. + name must consist only of alphanumeric characters, `-`, `_` and `.` and must start and end with an alphanumeric character. + maxLength: 253 + minLength: 1 + type: string + x-kubernetes-validations: + - message: name must consist only of alphanumeric characters, + `-`, `_` and `.` and must start and end with an alphanumeric + character + rule: '!format.qualifiedName().validate(self).hasValue()' + request: + anyOf: + - type: integer + - type: string + description: |- + request is the minimum amount of the resource required (e.g. "2Mi", "1Gi"). + This field is optional. + When limit is specified, request cannot be greater than limit. + maxLength: 20 + minLength: 1 + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + x-kubernetes-validations: + - message: request must be a positive, non-zero quantity + rule: isQuantity(self) && quantity(self).isGreaterThan(quantity('0')) + required: + - name + type: object + x-kubernetes-validations: + - message: at least one of request or limit must be set + rule: has(self.request) || has(self.limit) + - message: limit must be greater than or equal to request + rule: '!(has(self.request) && has(self.limit)) || quantity(self.limit).compareTo(quantity(self.request)) + >= 0' + maxItems: 10 + minItems: 1 + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + retention: + description: |- + retention defines the duration for which Prometheus retains data. + This definition must be specified using the following regular + expression pattern: `[0-9]+(ms|s|m|h|d|w|y)` (ms = milliseconds, + s= seconds,m = minutes, h = hours, d = days, w = weeks, y = years). + The default value is `15d`. + maxLength: 20 + type: string + retentionSize: + description: |- + retentionSize defines the maximum amount of disk space used by data blocks plus the + write-ahead log (WAL). + Supported values are `B`, `KB`, `KiB`, `MB`, `MiB`, `GB`, `GiB`, `TB`, + `TiB`, `PB`, `PiB`, `EB`, and `EiB`. + By default, no limit is defined. + maxLength: 20 + type: string + tolerations: + description: |- + tolerations defines tolerations for the pods. + tolerations is optional. + + When omitted, this means the user has no opinion and the platform is left + to choose reasonable defaults. These defaults are subject to change over time. + Defaults are empty/unset. + Maximum length for this list is 10 + Minimum length for this list is 1 + items: + description: |- + The pod this Toleration is attached to tolerates any taint that matches + the triple using the matching operator . + properties: + effect: + description: |- + Effect indicates the taint effect to match. Empty means match all taint effects. + When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute. + type: string + key: + description: |- + Key is the taint key that the toleration applies to. Empty means match all taint keys. + If the key is empty, operator must be Exists; this combination means to match all values and all keys. + type: string + operator: + description: |- + Operator represents a key's relationship to the value. + Valid operators are Exists and Equal. Defaults to Equal. + Exists is equivalent to wildcard for value, so that a pod can + tolerate all taints of a particular category. + type: string + tolerationSeconds: + description: |- + TolerationSeconds represents the period of time the toleration (which must be + of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, + it is not set, which means tolerate the taint forever (do not evict). Zero and + negative values will be treated as 0 (evict immediately) by the system. + format: int64 + type: integer + value: + description: |- + Value is the taint value the toleration matches to. + If the operator is Exists, the value should be empty, otherwise just a regular string. + type: string + type: object + maxItems: 10 + minItems: 1 + type: array + x-kubernetes-list-type: atomic + topologySpreadConstraints: + description: |- + topologySpreadConstraints defines rules for how Prometheus Pods should be distributed + across topology domains such as zones, nodes, or other user-defined labels. + topologySpreadConstraints is optional. + This helps improve high availability and resource efficiency by avoiding placing + too many replicas in the same failure domain. + + When omitted, this means no opinion and the platform is left to choose a default, which is subject to change over time. + This field maps directly to the `topologySpreadConstraints` field in the Pod spec. + Default is empty list. + Maximum length for this list is 10. + Minimum length for this list is 1 + Entries must have unique topologyKey and whenUnsatisfiable pairs. + items: + description: TopologySpreadConstraint specifies how to spread + matching pods among the given topology. + properties: + labelSelector: + description: |- + LabelSelector is used to find matching pods. + Pods that match this label selector are counted to determine the number of pods + in their corresponding topology domain. + properties: + matchExpressions: + description: matchExpressions is a list of label selector + requirements. The requirements are ANDed. + items: + description: |- + A label selector requirement is a selector that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: key is the label key that the selector + applies to. + type: string + operator: + description: |- + operator represents a key's relationship to a set of values. + Valid operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: |- + values is an array of string values. If the operator is In or NotIn, + the values array must be non-empty. If the operator is Exists or DoesNotExist, + the values array must be empty. This array is replaced during a strategic + merge patch. + items: + type: string + type: array + x-kubernetes-list-type: atomic + required: + - key + - operator + type: object + type: array + x-kubernetes-list-type: atomic + matchLabels: + additionalProperties: + type: string + description: |- + matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, whose key field is "key", the + operator is "In", and the values array contains only "value". The requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + matchLabelKeys: + description: |- + MatchLabelKeys is a set of pod label keys to select the pods over which + spreading will be calculated. The keys are used to lookup values from the + incoming pod labels, those key-value labels are ANDed with labelSelector + to select the group of existing pods over which spreading will be calculated + for the incoming pod. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. + MatchLabelKeys cannot be set when LabelSelector isn't set. + Keys that don't exist in the incoming pod labels will + be ignored. A null or empty list means only match against labelSelector. + + This is a beta field and requires the MatchLabelKeysInPodTopologySpread feature gate to be enabled (enabled by default). + items: + type: string + type: array + x-kubernetes-list-type: atomic + maxSkew: + description: |- + MaxSkew describes the degree to which pods may be unevenly distributed. + When `whenUnsatisfiable=DoNotSchedule`, it is the maximum permitted difference + between the number of matching pods in the target topology and the global minimum. + The global minimum is the minimum number of matching pods in an eligible domain + or zero if the number of eligible domains is less than MinDomains. + For example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same + labelSelector spread as 2/2/1: + In this case, the global minimum is 1. + | zone1 | zone2 | zone3 | + | P P | P P | P | + - if MaxSkew is 1, incoming pod can only be scheduled to zone3 to become 2/2/2; + scheduling it onto zone1(zone2) would make the ActualSkew(3-1) on zone1(zone2) + violate MaxSkew(1). + - if MaxSkew is 2, incoming pod can be scheduled onto any zone. + When `whenUnsatisfiable=ScheduleAnyway`, it is used to give higher precedence + to topologies that satisfy it. + It's a required field. Default value is 1 and 0 is not allowed. + format: int32 + type: integer + minDomains: + description: |- + MinDomains indicates a minimum number of eligible domains. + When the number of eligible domains with matching topology keys is less than minDomains, + Pod Topology Spread treats "global minimum" as 0, and then the calculation of Skew is performed. + And when the number of eligible domains with matching topology keys equals or greater than minDomains, + this value has no effect on scheduling. + As a result, when the number of eligible domains is less than minDomains, + scheduler won't schedule more than maxSkew Pods to those domains. + If value is nil, the constraint behaves as if MinDomains is equal to 1. + Valid values are integers greater than 0. + When value is not nil, WhenUnsatisfiable must be DoNotSchedule. + + For example, in a 3-zone cluster, MaxSkew is set to 2, MinDomains is set to 5 and pods with the same + labelSelector spread as 2/2/2: + | zone1 | zone2 | zone3 | + | P P | P P | P P | + The number of domains is less than 5(MinDomains), so "global minimum" is treated as 0. + In this situation, new pod with the same labelSelector cannot be scheduled, + because computed skew will be 3(3 - 0) if new Pod is scheduled to any of the three zones, + it will violate MaxSkew. + format: int32 + type: integer + nodeAffinityPolicy: + description: |- + NodeAffinityPolicy indicates how we will treat Pod's nodeAffinity/nodeSelector + when calculating pod topology spread skew. Options are: + - Honor: only nodes matching nodeAffinity/nodeSelector are included in the calculations. + - Ignore: nodeAffinity/nodeSelector are ignored. All nodes are included in the calculations. + + If this value is nil, the behavior is equivalent to the Honor policy. + type: string + nodeTaintsPolicy: + description: |- + NodeTaintsPolicy indicates how we will treat node taints when calculating + pod topology spread skew. Options are: + - Honor: nodes without taints, along with tainted nodes for which the incoming pod + has a toleration, are included. + - Ignore: node taints are ignored. All nodes are included. + + If this value is nil, the behavior is equivalent to the Ignore policy. + type: string + topologyKey: + description: |- + TopologyKey is the key of node labels. Nodes that have a label with this key + and identical values are considered to be in the same topology. + We consider each as a "bucket", and try to put balanced number + of pods into each bucket. + We define a domain as a particular instance of a topology. + Also, we define an eligible domain as a domain whose nodes meet the requirements of + nodeAffinityPolicy and nodeTaintsPolicy. + e.g. If TopologyKey is "kubernetes.io/hostname", each Node is a domain of that topology. + And, if TopologyKey is "topology.kubernetes.io/zone", each zone is a domain of that topology. + It's a required field. + type: string + whenUnsatisfiable: + description: |- + WhenUnsatisfiable indicates how to deal with a pod if it doesn't satisfy + the spread constraint. + - DoNotSchedule (default) tells the scheduler not to schedule it. + - ScheduleAnyway tells the scheduler to schedule the pod in any location, + but giving higher precedence to topologies that would help reduce the + skew. + A constraint is considered "Unsatisfiable" for an incoming pod + if and only if every possible node assignment for that pod would violate + "MaxSkew" on some topology. + For example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same + labelSelector spread as 3/1/1: + | zone1 | zone2 | zone3 | + | P P P | P | P | + If WhenUnsatisfiable is set to DoNotSchedule, incoming pod can only be scheduled + to zone2(zone3) to become 3/2/1(3/1/2) as ActualSkew(2-1) on zone2(zone3) satisfies + MaxSkew(1). In other words, the cluster can still be imbalanced, but scheduler + won't make it *more* imbalanced. + It's a required field. + type: string + required: + - maxSkew + - topologyKey + - whenUnsatisfiable + type: object + maxItems: 10 + minItems: 1 + type: array + x-kubernetes-list-map-keys: + - topologyKey + - whenUnsatisfiable + x-kubernetes-list-type: map + volumeClaimTemplate: + description: |- + volumeClaimTemplate Defines persistent storage for Prometheus. Use this setting to + configure the persistent volume claim, including storage class, volume + size, and name. + If omitted, the Pod uses ephemeral storage and Prometheus data will not persist + across restarts. + This field is optional. + properties: + apiVersion: + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + type: string + kind: + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + type: string + metadata: + description: |- + Standard object's metadata. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata + type: object + spec: + description: |- + spec defines the desired characteristics of a volume requested by a pod author. + More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims + properties: + accessModes: + description: |- + accessModes contains the desired access modes the volume should have. + More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1 + items: + type: string + type: array + x-kubernetes-list-type: atomic + dataSource: + description: |- + dataSource field can be used to specify either: + * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot) + * An existing PVC (PersistentVolumeClaim) + If the provisioner or an external controller can support the specified data source, + it will create a new volume based on the contents of the specified data source. + When the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef, + and dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified. + If the namespace is specified, then dataSourceRef will not be copied to dataSource. + properties: + apiGroup: + description: |- + APIGroup is the group for the resource being referenced. + If APIGroup is not specified, the specified Kind must be in the core API group. + For any other third-party types, APIGroup is required. + type: string + kind: + description: Kind is the type of resource being referenced + type: string + name: + description: Name is the name of resource being referenced + type: string + required: + - kind + - name + type: object + x-kubernetes-map-type: atomic + dataSourceRef: + description: |- + dataSourceRef specifies the object from which to populate the volume with data, if a non-empty + volume is desired. This may be any object from a non-empty API group (non + core object) or a PersistentVolumeClaim object. + When this field is specified, volume binding will only succeed if the type of + the specified object matches some installed volume populator or dynamic + provisioner. + This field will replace the functionality of the dataSource field and as such + if both fields are non-empty, they must have the same value. For backwards + compatibility, when namespace isn't specified in dataSourceRef, + both fields (dataSource and dataSourceRef) will be set to the same + value automatically if one of them is empty and the other is non-empty. + When namespace is specified in dataSourceRef, + dataSource isn't set to the same value and must be empty. + There are three important differences between dataSource and dataSourceRef: + * While dataSource only allows two specific types of objects, dataSourceRef + allows any non-core object, as well as PersistentVolumeClaim objects. + * While dataSource ignores disallowed values (dropping them), dataSourceRef + preserves all values, and generates an error if a disallowed value is + specified. + * While dataSource only allows local objects, dataSourceRef allows objects + in any namespaces. + (Beta) Using this field requires the AnyVolumeDataSource feature gate to be enabled. + (Alpha) Using the namespace field of dataSourceRef requires the CrossNamespaceVolumeDataSource feature gate to be enabled. + properties: + apiGroup: + description: |- + APIGroup is the group for the resource being referenced. + If APIGroup is not specified, the specified Kind must be in the core API group. + For any other third-party types, APIGroup is required. + type: string + kind: + description: Kind is the type of resource being referenced + type: string + name: + description: Name is the name of resource being referenced + type: string + namespace: + description: |- + Namespace is the namespace of resource being referenced + Note that when a namespace is specified, a gateway.networking.k8s.io/ReferenceGrant object is required in the referent namespace to allow that namespace's owner to accept the reference. See the ReferenceGrant documentation for details. + (Alpha) This field requires the CrossNamespaceVolumeDataSource feature gate to be enabled. + type: string + required: + - kind + - name + type: object + resources: + description: |- + resources represents the minimum resources the volume should have. + If RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements + that are lower than previous value but must still be higher than capacity recorded in the + status field of the claim. + More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources + properties: + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: |- + Limits describes the maximum amount of compute resources allowed. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: |- + Requests describes the minimum amount of compute resources required. + If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, + otherwise to an implementation-defined value. Requests cannot exceed Limits. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + type: object + type: object + selector: + description: selector is a label query over volumes to + consider for binding. + properties: + matchExpressions: + description: matchExpressions is a list of label selector + requirements. The requirements are ANDed. + items: + description: |- + A label selector requirement is a selector that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: key is the label key that the selector + applies to. + type: string + operator: + description: |- + operator represents a key's relationship to a set of values. + Valid operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: |- + values is an array of string values. If the operator is In or NotIn, + the values array must be non-empty. If the operator is Exists or DoesNotExist, + the values array must be empty. This array is replaced during a strategic + merge patch. + items: + type: string + type: array + x-kubernetes-list-type: atomic + required: + - key + - operator + type: object + type: array + x-kubernetes-list-type: atomic + matchLabels: + additionalProperties: + type: string + description: |- + matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, whose key field is "key", the + operator is "In", and the values array contains only "value". The requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + storageClassName: + description: |- + storageClassName is the name of the StorageClass required by the claim. + More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1 + type: string + volumeAttributesClassName: + description: |- + volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim. + If specified, the CSI driver will create or update the volume with the attributes defined + in the corresponding VolumeAttributesClass. This has a different purpose than storageClassName, + it can be changed after the claim is created. An empty string value means that no VolumeAttributesClass + will be applied to the claim but it's not allowed to reset this field to empty string once it is set. + If unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass + will be set by the persistentvolume controller if it exists. + If the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be + set to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource + exists. + More info: https://kubernetes.io/docs/concepts/storage/volume-attributes-classes/ + (Beta) Using this field requires the VolumeAttributesClass feature gate to be enabled (off by default). + type: string + volumeMode: + description: |- + volumeMode defines what type of volume is required by the claim. + Value of Filesystem is implied when not included in claim spec. + type: string + volumeName: + description: volumeName is the binding reference to the + PersistentVolume backing this claim. + type: string + type: object + status: + description: |- + status represents the current information/status of a persistent volume claim. + Read-only. + More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims + properties: + accessModes: + description: |- + accessModes contains the actual access modes the volume backing the PVC has. + More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1 + items: + type: string + type: array + x-kubernetes-list-type: atomic + allocatedResourceStatuses: + additionalProperties: + description: |- + When a controller receives persistentvolume claim update with ClaimResourceStatus for a resource + that it does not recognizes, then it should ignore that update and let other controllers + handle it. + type: string + description: "allocatedResourceStatuses stores status + of resource being resized for the given PVC.\nKey names + follow standard Kubernetes label syntax. Valid values + are either:\n\t* Un-prefixed keys:\n\t\t- storage - + the capacity of the volume.\n\t* Custom resources must + use implementation-defined prefixed names such as \"example.com/my-custom-resource\"\nApart + from above values - keys that are unprefixed or have + kubernetes.io prefix are considered\nreserved and hence + may not be used.\n\nClaimResourceStatus can be in any + of following states:\n\t- ControllerResizeInProgress:\n\t\tState + set when resize controller starts resizing the volume + in control-plane.\n\t- ControllerResizeFailed:\n\t\tState + set when resize has failed in resize controller with + a terminal error.\n\t- NodeResizePending:\n\t\tState + set when resize controller has finished resizing the + volume but further resizing of\n\t\tvolume is needed + on the node.\n\t- NodeResizeInProgress:\n\t\tState set + when kubelet starts resizing the volume.\n\t- NodeResizeFailed:\n\t\tState + set when resizing has failed in kubelet with a terminal + error. Transient errors don't set\n\t\tNodeResizeFailed.\nFor + example: if expanding a PVC for more capacity - this + field can be one of the following states:\n\t- pvc.status.allocatedResourceStatus['storage'] + = \"ControllerResizeInProgress\"\n - pvc.status.allocatedResourceStatus['storage'] + = \"ControllerResizeFailed\"\n - pvc.status.allocatedResourceStatus['storage'] + = \"NodeResizePending\"\n - pvc.status.allocatedResourceStatus['storage'] + = \"NodeResizeInProgress\"\n - pvc.status.allocatedResourceStatus['storage'] + = \"NodeResizeFailed\"\nWhen this field is not set, + it means that no resize operation is in progress for + the given PVC.\n\nA controller that receives PVC update + with previously unknown resourceName or ClaimResourceStatus\nshould + ignore the update for the purpose it was designed. For + example - a controller that\nonly is responsible for + resizing capacity of the volume, should ignore PVC updates + that change other valid\nresources associated with PVC.\n\nThis + is an alpha field and requires enabling RecoverVolumeExpansionFailure + feature." + type: object + x-kubernetes-map-type: granular + allocatedResources: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: "allocatedResources tracks the resources + allocated to a PVC including its capacity.\nKey names + follow standard Kubernetes label syntax. Valid values + are either:\n\t* Un-prefixed keys:\n\t\t- storage - + the capacity of the volume.\n\t* Custom resources must + use implementation-defined prefixed names such as \"example.com/my-custom-resource\"\nApart + from above values - keys that are unprefixed or have + kubernetes.io prefix are considered\nreserved and hence + may not be used.\n\nCapacity reported here may be larger + than the actual capacity when a volume expansion operation\nis + requested.\nFor storage quota, the larger value from + allocatedResources and PVC.spec.resources is used.\nIf + allocatedResources is not set, PVC.spec.resources alone + is used for quota calculation.\nIf a volume expansion + capacity request is lowered, allocatedResources is only\nlowered + if there are no expansion operations in progress and + if the actual volume capacity\nis equal or lower than + the requested capacity.\n\nA controller that receives + PVC update with previously unknown resourceName\nshould + ignore the update for the purpose it was designed. For + example - a controller that\nonly is responsible for + resizing capacity of the volume, should ignore PVC updates + that change other valid\nresources associated with PVC.\n\nThis + is an alpha field and requires enabling RecoverVolumeExpansionFailure + feature." + type: object + capacity: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: capacity represents the actual resources + of the underlying volume. + type: object + conditions: + description: |- + conditions is the current Condition of persistent volume claim. If underlying persistent volume is being + resized then the Condition will be set to 'Resizing'. + items: + description: PersistentVolumeClaimCondition contains + details about state of pvc + properties: + lastProbeTime: + description: lastProbeTime is the time we probed + the condition. + format: date-time + type: string + lastTransitionTime: + description: lastTransitionTime is the time the + condition transitioned from one status to another. + format: date-time + type: string + message: + description: message is the human-readable message + indicating details about last transition. + type: string + reason: + description: |- + reason is a unique, this should be a short, machine understandable string that gives the reason + for condition's last transition. If it reports "Resizing" that means the underlying + persistent volume is being resized. + type: string + status: + description: |- + Status is the status of the condition. + Can be True, False, Unknown. + More info: https://kubernetes.io/docs/reference/kubernetes-api/config-and-storage-resources/persistent-volume-claim-v1/#:~:text=state%20of%20pvc-,conditions.status,-(string)%2C%20required + type: string + type: + description: |- + Type is the type of the condition. + More info: https://kubernetes.io/docs/reference/kubernetes-api/config-and-storage-resources/persistent-volume-claim-v1/#:~:text=set%20to%20%27ResizeStarted%27.-,PersistentVolumeClaimCondition,-contains%20details%20about + type: string + required: + - status + - type + type: object + type: array + x-kubernetes-list-map-keys: + - type + x-kubernetes-list-type: map + currentVolumeAttributesClassName: + description: |- + currentVolumeAttributesClassName is the current name of the VolumeAttributesClass the PVC is using. + When unset, there is no VolumeAttributeClass applied to this PersistentVolumeClaim + This is a beta field and requires enabling VolumeAttributesClass feature (off by default). + type: string + modifyVolumeStatus: + description: |- + ModifyVolumeStatus represents the status object of ControllerModifyVolume operation. + When this is unset, there is no ModifyVolume operation being attempted. + This is a beta field and requires enabling VolumeAttributesClass feature (off by default). + properties: + status: + description: "status is the status of the ControllerModifyVolume + operation. It can be in any of following states:\n + - Pending\n Pending indicates that the PersistentVolumeClaim + cannot be modified due to unmet requirements, such + as\n the specified VolumeAttributesClass not existing.\n + - InProgress\n InProgress indicates that the volume + is being modified.\n - Infeasible\n Infeasible + indicates that the request has been rejected as + invalid by the CSI driver. To\n\t resolve the error, + a valid VolumeAttributesClass needs to be specified.\nNote: + New statuses can be added in the future. Consumers + should check for unknown statuses and fail appropriately." + type: string + targetVolumeAttributesClassName: + description: targetVolumeAttributesClassName is the + name of the VolumeAttributesClass the PVC currently + being reconciled + type: string + required: + - status + type: object + phase: + description: phase represents the current phase of PersistentVolumeClaim. + type: string + type: object + type: object + type: object userDefined: description: |- userDefined set the deployment mode for user-defined monitoring in addition to the default platform monitoring. diff --git a/config/v1alpha1/zz_generated.deepcopy.go b/config/v1alpha1/zz_generated.deepcopy.go index 6549f6cbe43..fc78c2a9c4b 100644 --- a/config/v1alpha1/zz_generated.deepcopy.go +++ b/config/v1alpha1/zz_generated.deepcopy.go @@ -11,6 +11,57 @@ import ( runtime "k8s.io/apimachinery/pkg/runtime" ) +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *AdditionalAlertmanagerConfig) DeepCopyInto(out *AdditionalAlertmanagerConfig) { + *out = *in + if in.APIVersion != nil { + in, out := &in.APIVersion, &out.APIVersion + *out = new(string) + **out = **in + } + if in.BearerToken != nil { + in, out := &in.BearerToken, &out.BearerToken + *out = new(v1.SecretKeySelector) + (*in).DeepCopyInto(*out) + } + if in.PathPrefix != nil { + in, out := &in.PathPrefix, &out.PathPrefix + *out = new(string) + **out = **in + } + if in.Scheme != nil { + in, out := &in.Scheme, &out.Scheme + *out = new(string) + **out = **in + } + if in.StaticConfigs != nil { + in, out := &in.StaticConfigs, &out.StaticConfigs + *out = make([]string, len(*in)) + copy(*out, *in) + } + if in.Timeout != nil { + in, out := &in.Timeout, &out.Timeout + *out = new(string) + **out = **in + } + if in.TLSConfig != nil { + in, out := &in.TLSConfig, &out.TLSConfig + *out = new(TLSConfig) + (*in).DeepCopyInto(*out) + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AdditionalAlertmanagerConfig. +func (in *AdditionalAlertmanagerConfig) DeepCopy() *AdditionalAlertmanagerConfig { + if in == nil { + return nil + } + out := new(AdditionalAlertmanagerConfig) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *AlertmanagerConfig) DeepCopyInto(out *AlertmanagerConfig) { *out = *in @@ -364,6 +415,7 @@ func (in *ClusterMonitoringSpec) DeepCopyInto(out *ClusterMonitoringSpec) { *out = *in out.UserDefined = in.UserDefined in.AlertmanagerConfig.DeepCopyInto(&out.AlertmanagerConfig) + in.PrometheusK8sConfig.DeepCopyInto(&out.PrometheusK8sConfig) in.MetricsServerConfig.DeepCopyInto(&out.MetricsServerConfig) return } @@ -429,6 +481,29 @@ func (in *EtcdBackupSpec) DeepCopy() *EtcdBackupSpec { return out } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *ExternalLabels) DeepCopyInto(out *ExternalLabels) { + *out = *in + if in.Labels != nil { + in, out := &in.Labels, &out.Labels + *out = make(map[string]string, len(*in)) + for key, val := range *in { + (*out)[key] = val + } + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ExternalLabels. +func (in *ExternalLabels) DeepCopy() *ExternalLabels { + if in == nil { + return nil + } + out := new(ExternalLabels) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *FulcioCAWithRekor) DeepCopyInto(out *FulcioCAWithRekor) { *out = *in @@ -926,6 +1001,95 @@ func (in *PolicyRootOfTrust) DeepCopy() *PolicyRootOfTrust { return out } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *PrometheusK8sConfig) DeepCopyInto(out *PrometheusK8sConfig) { + *out = *in + if in.AdditionalAlertmanagerConfigs != nil { + in, out := &in.AdditionalAlertmanagerConfigs, &out.AdditionalAlertmanagerConfigs + *out = make([]AdditionalAlertmanagerConfig, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.EnforcedBodySizeLimit != nil { + in, out := &in.EnforcedBodySizeLimit, &out.EnforcedBodySizeLimit + *out = new(string) + **out = **in + } + in.ExternalLabels.DeepCopyInto(&out.ExternalLabels) + if in.LogLevel != nil { + in, out := &in.LogLevel, &out.LogLevel + *out = new(string) + **out = **in + } + if in.NodeSelector != nil { + in, out := &in.NodeSelector, &out.NodeSelector + *out = make(map[string]string, len(*in)) + for key, val := range *in { + (*out)[key] = val + } + } + if in.QueryLogFile != nil { + in, out := &in.QueryLogFile, &out.QueryLogFile + *out = new(string) + **out = **in + } + if in.RemoteWrite != nil { + in, out := &in.RemoteWrite, &out.RemoteWrite + *out = make([]RemoteWriteSpec, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.Resources != nil { + in, out := &in.Resources, &out.Resources + *out = make([]ContainerResource, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.Retention != nil { + in, out := &in.Retention, &out.Retention + *out = new(string) + **out = **in + } + if in.RetentionSize != nil { + in, out := &in.RetentionSize, &out.RetentionSize + *out = new(string) + **out = **in + } + if in.Tolerations != nil { + in, out := &in.Tolerations, &out.Tolerations + *out = make([]v1.Toleration, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.TopologySpreadConstraints != nil { + in, out := &in.TopologySpreadConstraints, &out.TopologySpreadConstraints + *out = make([]v1.TopologySpreadConstraint, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.VolumeClaimTemplate != nil { + in, out := &in.VolumeClaimTemplate, &out.VolumeClaimTemplate + *out = new(v1.PersistentVolumeClaim) + (*in).DeepCopyInto(*out) + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PrometheusK8sConfig. +func (in *PrometheusK8sConfig) DeepCopy() *PrometheusK8sConfig { + if in == nil { + return nil + } + out := new(PrometheusK8sConfig) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *PublicKey) DeepCopyInto(out *PublicKey) { *out = *in @@ -952,6 +1116,90 @@ func (in *PublicKey) DeepCopy() *PublicKey { return out } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *RelabelConfig) DeepCopyInto(out *RelabelConfig) { + *out = *in + if in.SourceLabels != nil { + in, out := &in.SourceLabels, &out.SourceLabels + *out = make([]string, len(*in)) + copy(*out, *in) + } + if in.Separator != nil { + in, out := &in.Separator, &out.Separator + *out = new(string) + **out = **in + } + if in.Regex != nil { + in, out := &in.Regex, &out.Regex + *out = new(string) + **out = **in + } + if in.TargetLabel != nil { + in, out := &in.TargetLabel, &out.TargetLabel + *out = new(string) + **out = **in + } + if in.Replacement != nil { + in, out := &in.Replacement, &out.Replacement + *out = new(string) + **out = **in + } + if in.Action != nil { + in, out := &in.Action, &out.Action + *out = new(string) + **out = **in + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new RelabelConfig. +func (in *RelabelConfig) DeepCopy() *RelabelConfig { + if in == nil { + return nil + } + out := new(RelabelConfig) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *RemoteWriteSpec) DeepCopyInto(out *RemoteWriteSpec) { + *out = *in + if in.URL != nil { + in, out := &in.URL, &out.URL + *out = new(string) + **out = **in + } + if in.Name != nil { + in, out := &in.Name, &out.Name + *out = new(string) + **out = **in + } + if in.RemoteTimeout != nil { + in, out := &in.RemoteTimeout, &out.RemoteTimeout + *out = new(string) + **out = **in + } + if in.WriteRelabelConfigs != nil { + in, out := &in.WriteRelabelConfigs, &out.WriteRelabelConfigs + *out = make([]RelabelConfig, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new RemoteWriteSpec. +func (in *RemoteWriteSpec) DeepCopy() *RemoteWriteSpec { + if in == nil { + return nil + } + out := new(RemoteWriteSpec) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *RetentionNumberConfig) DeepCopyInto(out *RetentionNumberConfig) { *out = *in @@ -1031,6 +1279,42 @@ func (in *Storage) DeepCopy() *Storage { return out } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *TLSConfig) DeepCopyInto(out *TLSConfig) { + *out = *in + if in.CA != nil { + in, out := &in.CA, &out.CA + *out = new(v1.SecretKeySelector) + (*in).DeepCopyInto(*out) + } + if in.Cert != nil { + in, out := &in.Cert, &out.Cert + *out = new(v1.SecretKeySelector) + (*in).DeepCopyInto(*out) + } + if in.Key != nil { + in, out := &in.Key, &out.Key + *out = new(v1.SecretKeySelector) + (*in).DeepCopyInto(*out) + } + if in.ServerName != nil { + in, out := &in.ServerName, &out.ServerName + *out = new(string) + **out = **in + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new TLSConfig. +func (in *TLSConfig) DeepCopy() *TLSConfig { + if in == nil { + return nil + } + out := new(TLSConfig) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *UserDefinedMonitoring) DeepCopyInto(out *UserDefinedMonitoring) { *out = *in diff --git a/config/v1alpha1/zz_generated.featuregated-crd-manifests/clustermonitoring.config.openshift.io/ClusterMonitoringConfig.yaml b/config/v1alpha1/zz_generated.featuregated-crd-manifests/clustermonitoring.config.openshift.io/ClusterMonitoringConfig.yaml index 044d64ae4b6..abe34236459 100644 --- a/config/v1alpha1/zz_generated.featuregated-crd-manifests/clustermonitoring.config.openshift.io/ClusterMonitoringConfig.yaml +++ b/config/v1alpha1/zz_generated.featuregated-crd-manifests/clustermonitoring.config.openshift.io/ClusterMonitoringConfig.yaml @@ -1288,6 +1288,1085 @@ spec: - TraceAll type: string type: object + prometheusK8sConfig: + description: |- + prometheusK8sConfig provides configuration options for the Prometheus instance + Prometheus deployment, pod scheduling, resource allocation, retention policies, and external integrations. + prometheusK8sConfig is optional. + When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time. + minProperties: 1 + properties: + additionalAlertmanagerConfigs: + description: |- + additionalAlertmanagerConfigs configures additional Alertmanager instances that receive alerts from + the Prometheus component. By default, no additional Alertmanager instances are configured. + items: + description: |- + AdditionalAlertmanagerConfig represents configuration for additional Alertmanager instances. + The `AdditionalAlertmanagerConfig` resource defines settings for how a + component communicates with additional Alertmanager instances. + properties: + apiVersion: + description: |- + apiVersion defines the API version of Alertmanager. + `v1` is no longer supported, `v2` is set as the default value. + maxLength: 10 + type: string + bearerToken: + description: |- + bearerToken defines the secret key reference containing the bearer token + to use when authenticating to Alertmanager. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + pathPrefix: + description: pathPrefix defines the path prefix to add in + front of the push endpoint path. + maxLength: 255 + type: string + scheme: + description: |- + scheme defines the URL scheme to use when communicating with Alertmanager + instances. + Possible values are `http` or `https`. The default value is `http`. + maxLength: 10 + type: string + staticConfigs: + description: |- + staticConfigs is a list of statically configured Alertmanager endpoints in the form + of `:`. + items: + maxLength: 255 + type: string + maxItems: 10 + type: array + x-kubernetes-list-type: set + timeout: + description: timeout defines the timeout value used when + sending alerts. + maxLength: 20 + type: string + tlsConfig: + description: tlsConfig defines the TLS settings to use for + Alertmanager connections. + properties: + ca: + description: ca is the CA certificate to use for TLS + connections. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key + must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + cert: + description: cert is the client certificate to use for + TLS connections. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key + must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + insecureSkipVerify: + description: insecureSkipVerify determines whether to + skip TLS certificate verification. + enum: + - true + - false + type: string + key: + description: key is the client key to use for TLS connections. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key + must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + serverName: + description: serverName is the server name to use for + TLS connections. + maxLength: 253 + type: string + type: object + required: + - apiVersion + type: object + maxItems: 10 + type: array + x-kubernetes-list-type: atomic + collectionProfile: + description: |- + collectionProfile defines the metrics collection profile that Prometheus uses to collect + metrics from the platform components. Supported values are `full` or + `minimal`. In the `full` profile (default), Prometheus collects all + metrics that are exposed by the platform components. In the `minimal` + profile, Prometheus only collects metrics necessary for the default + platform alerts, recording rules, telemetry and console dashboards. + enum: + - full + - minimal + type: string + enforcedBodySizeLimit: + description: |- + enforcedBodySizeLimit enforces a body size limit for Prometheus scraped metrics. If a scraped + target's body response is larger than the limit, the scrape will fail. + The following values are valid: + an empty value to specify no limit, + a numeric value in Prometheus size format (such as `64MB`), or + the string `automatic`, which indicates that the limit will be + automatically calculated based on cluster capacity. + The default value is empty, which indicates no limit. + maxLength: 50 + type: string + externalLabels: + description: |- + externalLabels defines labels to be added to any time series or alerts when + communicating with external systems such as federation, remote storage, + and Alertmanager. By default, no labels are added. + properties: + labels: + additionalProperties: + type: string + description: labels is a map of label names to label values. + type: object + required: + - labels + type: object + logLevel: + description: |- + logLevel defines the verbosity of logs emitted by Prometheus. + This field allows users to control the amount and severity of logs generated, which can be useful + for debugging issues or reducing noise in production environments. + Allowed values are Error, Warn, Info, and Debug. + When set to Error, only errors will be logged. + When set to Warn, both warnings and errors will be logged. + When set to Info, general information, warnings, and errors will all be logged. + When set to Debug, detailed debugging information will be logged. + When omitted, this means no opinion and the platform is left to choose a reasonable default, that is subject to change over time. + The current default value is `Info`. + maxLength: 10 + type: string + nodeSelector: + additionalProperties: + type: string + description: |- + nodeSelector defines the nodes on which the Pods are scheduled + nodeSelector is optional. + + When omitted, this means the user has no opinion and the platform is left + to choose reasonable defaults. These defaults are subject to change over time. + The current default value is `kubernetes.io/os: linux`. + maxProperties: 10 + minProperties: 1 + type: object + queryLogFile: + description: |- + queryLogFile specifies the file to which PromQL queries are logged. + This setting can be either a filename, in which + case the queries are saved to an `emptyDir` volume + at `/var/log/prometheus`, or a full path to a location where + an `emptyDir` volume will be mounted and the queries saved. + Writing to `/dev/stderr`, `/dev/stdout` or `/dev/null` is supported, but + writing to any other `/dev/` path is not supported. Relative paths are + also not supported. + By default, PromQL queries are not logged. + maxLength: 255 + type: string + remoteWrite: + description: |- + remoteWrite defines the remote write configuration, including URL, authentication, + and relabeling settings. + items: + description: RemoteWriteSpec represents configuration for remote + write endpoints. + properties: + name: + description: name is the name of the remote write configuration. + maxLength: 63 + type: string + remoteTimeout: + description: remoteTimeout is the timeout for requests to + the remote write endpoint. + maxLength: 20 + type: string + url: + description: url is the URL of the remote write endpoint. + maxLength: 2048 + type: string + writeRelabelConfigs: + description: writeRelabelConfigs is a list of relabeling + rules to apply before sending data to the remote endpoint. + items: + description: RelabelConfig represents a relabeling rule. + properties: + action: + description: action is the action to perform. + maxLength: 20 + type: string + regex: + description: regex is the regular expression to match + against the concatenated source label values. + maxLength: 1000 + type: string + replacement: + description: replacement is the replacement value + for the target label. + maxLength: 255 + type: string + separator: + description: separator is the separator used to join + source label values. + maxLength: 10 + type: string + sourceLabels: + description: sourceLabels is a list of source label + names. + items: + maxLength: 63 + type: string + maxItems: 10 + type: array + x-kubernetes-list-type: set + targetLabel: + description: targetLabel is the target label name. + maxLength: 63 + type: string + type: object + maxItems: 10 + type: array + x-kubernetes-list-type: atomic + required: + - url + type: object + maxItems: 10 + type: array + x-kubernetes-list-type: atomic + resources: + description: |- + resources defines the compute resource requests and limits for the Prometheus container. + This includes CPU, memory and HugePages constraints to help control scheduling and resource usage. + When not specified, defaults are used by the platform. Requests cannot exceed limits. + This field is optional. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + This is a simplified API that maps to Kubernetes ResourceRequirements. + The current default values are: + resources: + - name: cpu + request: 4m + limit: null + - name: memory + request: 40Mi + limit: null + Maximum length for this list is 10. + Minimum length for this list is 1. + items: + description: ContainerResource defines a single resource requirement + for a container. + properties: + limit: + anyOf: + - type: integer + - type: string + description: |- + limit is the maximum amount of the resource allowed (e.g. "2Mi", "1Gi"). + This field is optional. + When request is specified, limit cannot be less than request. + The value must be greater than 0 when specified. + maxLength: 20 + minLength: 1 + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + x-kubernetes-validations: + - message: limit must be a positive, non-zero quantity + rule: isQuantity(self) && quantity(self).isGreaterThan(quantity('0')) + name: + description: |- + name of the resource (e.g. "cpu", "memory", "hugepages-2Mi"). + This field is required. + name must consist only of alphanumeric characters, `-`, `_` and `.` and must start and end with an alphanumeric character. + maxLength: 253 + minLength: 1 + type: string + x-kubernetes-validations: + - message: name must consist only of alphanumeric characters, + `-`, `_` and `.` and must start and end with an alphanumeric + character + rule: '!format.qualifiedName().validate(self).hasValue()' + request: + anyOf: + - type: integer + - type: string + description: |- + request is the minimum amount of the resource required (e.g. "2Mi", "1Gi"). + This field is optional. + When limit is specified, request cannot be greater than limit. + maxLength: 20 + minLength: 1 + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + x-kubernetes-validations: + - message: request must be a positive, non-zero quantity + rule: isQuantity(self) && quantity(self).isGreaterThan(quantity('0')) + required: + - name + type: object + x-kubernetes-validations: + - message: at least one of request or limit must be set + rule: has(self.request) || has(self.limit) + - message: limit must be greater than or equal to request + rule: '!(has(self.request) && has(self.limit)) || quantity(self.limit).compareTo(quantity(self.request)) + >= 0' + maxItems: 10 + minItems: 1 + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + retention: + description: |- + retention defines the duration for which Prometheus retains data. + This definition must be specified using the following regular + expression pattern: `[0-9]+(ms|s|m|h|d|w|y)` (ms = milliseconds, + s= seconds,m = minutes, h = hours, d = days, w = weeks, y = years). + The default value is `15d`. + maxLength: 20 + type: string + retentionSize: + description: |- + retentionSize defines the maximum amount of disk space used by data blocks plus the + write-ahead log (WAL). + Supported values are `B`, `KB`, `KiB`, `MB`, `MiB`, `GB`, `GiB`, `TB`, + `TiB`, `PB`, `PiB`, `EB`, and `EiB`. + By default, no limit is defined. + maxLength: 20 + type: string + tolerations: + description: |- + tolerations defines tolerations for the pods. + tolerations is optional. + + When omitted, this means the user has no opinion and the platform is left + to choose reasonable defaults. These defaults are subject to change over time. + Defaults are empty/unset. + Maximum length for this list is 10 + Minimum length for this list is 1 + items: + description: |- + The pod this Toleration is attached to tolerates any taint that matches + the triple using the matching operator . + properties: + effect: + description: |- + Effect indicates the taint effect to match. Empty means match all taint effects. + When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute. + type: string + key: + description: |- + Key is the taint key that the toleration applies to. Empty means match all taint keys. + If the key is empty, operator must be Exists; this combination means to match all values and all keys. + type: string + operator: + description: |- + Operator represents a key's relationship to the value. + Valid operators are Exists and Equal. Defaults to Equal. + Exists is equivalent to wildcard for value, so that a pod can + tolerate all taints of a particular category. + type: string + tolerationSeconds: + description: |- + TolerationSeconds represents the period of time the toleration (which must be + of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, + it is not set, which means tolerate the taint forever (do not evict). Zero and + negative values will be treated as 0 (evict immediately) by the system. + format: int64 + type: integer + value: + description: |- + Value is the taint value the toleration matches to. + If the operator is Exists, the value should be empty, otherwise just a regular string. + type: string + type: object + maxItems: 10 + minItems: 1 + type: array + x-kubernetes-list-type: atomic + topologySpreadConstraints: + description: |- + topologySpreadConstraints defines rules for how Prometheus Pods should be distributed + across topology domains such as zones, nodes, or other user-defined labels. + topologySpreadConstraints is optional. + This helps improve high availability and resource efficiency by avoiding placing + too many replicas in the same failure domain. + + When omitted, this means no opinion and the platform is left to choose a default, which is subject to change over time. + This field maps directly to the `topologySpreadConstraints` field in the Pod spec. + Default is empty list. + Maximum length for this list is 10. + Minimum length for this list is 1 + Entries must have unique topologyKey and whenUnsatisfiable pairs. + items: + description: TopologySpreadConstraint specifies how to spread + matching pods among the given topology. + properties: + labelSelector: + description: |- + LabelSelector is used to find matching pods. + Pods that match this label selector are counted to determine the number of pods + in their corresponding topology domain. + properties: + matchExpressions: + description: matchExpressions is a list of label selector + requirements. The requirements are ANDed. + items: + description: |- + A label selector requirement is a selector that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: key is the label key that the selector + applies to. + type: string + operator: + description: |- + operator represents a key's relationship to a set of values. + Valid operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: |- + values is an array of string values. If the operator is In or NotIn, + the values array must be non-empty. If the operator is Exists or DoesNotExist, + the values array must be empty. This array is replaced during a strategic + merge patch. + items: + type: string + type: array + x-kubernetes-list-type: atomic + required: + - key + - operator + type: object + type: array + x-kubernetes-list-type: atomic + matchLabels: + additionalProperties: + type: string + description: |- + matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, whose key field is "key", the + operator is "In", and the values array contains only "value". The requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + matchLabelKeys: + description: |- + MatchLabelKeys is a set of pod label keys to select the pods over which + spreading will be calculated. The keys are used to lookup values from the + incoming pod labels, those key-value labels are ANDed with labelSelector + to select the group of existing pods over which spreading will be calculated + for the incoming pod. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. + MatchLabelKeys cannot be set when LabelSelector isn't set. + Keys that don't exist in the incoming pod labels will + be ignored. A null or empty list means only match against labelSelector. + + This is a beta field and requires the MatchLabelKeysInPodTopologySpread feature gate to be enabled (enabled by default). + items: + type: string + type: array + x-kubernetes-list-type: atomic + maxSkew: + description: |- + MaxSkew describes the degree to which pods may be unevenly distributed. + When `whenUnsatisfiable=DoNotSchedule`, it is the maximum permitted difference + between the number of matching pods in the target topology and the global minimum. + The global minimum is the minimum number of matching pods in an eligible domain + or zero if the number of eligible domains is less than MinDomains. + For example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same + labelSelector spread as 2/2/1: + In this case, the global minimum is 1. + | zone1 | zone2 | zone3 | + | P P | P P | P | + - if MaxSkew is 1, incoming pod can only be scheduled to zone3 to become 2/2/2; + scheduling it onto zone1(zone2) would make the ActualSkew(3-1) on zone1(zone2) + violate MaxSkew(1). + - if MaxSkew is 2, incoming pod can be scheduled onto any zone. + When `whenUnsatisfiable=ScheduleAnyway`, it is used to give higher precedence + to topologies that satisfy it. + It's a required field. Default value is 1 and 0 is not allowed. + format: int32 + type: integer + minDomains: + description: |- + MinDomains indicates a minimum number of eligible domains. + When the number of eligible domains with matching topology keys is less than minDomains, + Pod Topology Spread treats "global minimum" as 0, and then the calculation of Skew is performed. + And when the number of eligible domains with matching topology keys equals or greater than minDomains, + this value has no effect on scheduling. + As a result, when the number of eligible domains is less than minDomains, + scheduler won't schedule more than maxSkew Pods to those domains. + If value is nil, the constraint behaves as if MinDomains is equal to 1. + Valid values are integers greater than 0. + When value is not nil, WhenUnsatisfiable must be DoNotSchedule. + + For example, in a 3-zone cluster, MaxSkew is set to 2, MinDomains is set to 5 and pods with the same + labelSelector spread as 2/2/2: + | zone1 | zone2 | zone3 | + | P P | P P | P P | + The number of domains is less than 5(MinDomains), so "global minimum" is treated as 0. + In this situation, new pod with the same labelSelector cannot be scheduled, + because computed skew will be 3(3 - 0) if new Pod is scheduled to any of the three zones, + it will violate MaxSkew. + format: int32 + type: integer + nodeAffinityPolicy: + description: |- + NodeAffinityPolicy indicates how we will treat Pod's nodeAffinity/nodeSelector + when calculating pod topology spread skew. Options are: + - Honor: only nodes matching nodeAffinity/nodeSelector are included in the calculations. + - Ignore: nodeAffinity/nodeSelector are ignored. All nodes are included in the calculations. + + If this value is nil, the behavior is equivalent to the Honor policy. + type: string + nodeTaintsPolicy: + description: |- + NodeTaintsPolicy indicates how we will treat node taints when calculating + pod topology spread skew. Options are: + - Honor: nodes without taints, along with tainted nodes for which the incoming pod + has a toleration, are included. + - Ignore: node taints are ignored. All nodes are included. + + If this value is nil, the behavior is equivalent to the Ignore policy. + type: string + topologyKey: + description: |- + TopologyKey is the key of node labels. Nodes that have a label with this key + and identical values are considered to be in the same topology. + We consider each as a "bucket", and try to put balanced number + of pods into each bucket. + We define a domain as a particular instance of a topology. + Also, we define an eligible domain as a domain whose nodes meet the requirements of + nodeAffinityPolicy and nodeTaintsPolicy. + e.g. If TopologyKey is "kubernetes.io/hostname", each Node is a domain of that topology. + And, if TopologyKey is "topology.kubernetes.io/zone", each zone is a domain of that topology. + It's a required field. + type: string + whenUnsatisfiable: + description: |- + WhenUnsatisfiable indicates how to deal with a pod if it doesn't satisfy + the spread constraint. + - DoNotSchedule (default) tells the scheduler not to schedule it. + - ScheduleAnyway tells the scheduler to schedule the pod in any location, + but giving higher precedence to topologies that would help reduce the + skew. + A constraint is considered "Unsatisfiable" for an incoming pod + if and only if every possible node assignment for that pod would violate + "MaxSkew" on some topology. + For example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same + labelSelector spread as 3/1/1: + | zone1 | zone2 | zone3 | + | P P P | P | P | + If WhenUnsatisfiable is set to DoNotSchedule, incoming pod can only be scheduled + to zone2(zone3) to become 3/2/1(3/1/2) as ActualSkew(2-1) on zone2(zone3) satisfies + MaxSkew(1). In other words, the cluster can still be imbalanced, but scheduler + won't make it *more* imbalanced. + It's a required field. + type: string + required: + - maxSkew + - topologyKey + - whenUnsatisfiable + type: object + maxItems: 10 + minItems: 1 + type: array + x-kubernetes-list-map-keys: + - topologyKey + - whenUnsatisfiable + x-kubernetes-list-type: map + volumeClaimTemplate: + description: |- + volumeClaimTemplate Defines persistent storage for Prometheus. Use this setting to + configure the persistent volume claim, including storage class, volume + size, and name. + If omitted, the Pod uses ephemeral storage and Prometheus data will not persist + across restarts. + This field is optional. + properties: + apiVersion: + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + type: string + kind: + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + type: string + metadata: + description: |- + Standard object's metadata. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata + type: object + spec: + description: |- + spec defines the desired characteristics of a volume requested by a pod author. + More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims + properties: + accessModes: + description: |- + accessModes contains the desired access modes the volume should have. + More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1 + items: + type: string + type: array + x-kubernetes-list-type: atomic + dataSource: + description: |- + dataSource field can be used to specify either: + * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot) + * An existing PVC (PersistentVolumeClaim) + If the provisioner or an external controller can support the specified data source, + it will create a new volume based on the contents of the specified data source. + When the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef, + and dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified. + If the namespace is specified, then dataSourceRef will not be copied to dataSource. + properties: + apiGroup: + description: |- + APIGroup is the group for the resource being referenced. + If APIGroup is not specified, the specified Kind must be in the core API group. + For any other third-party types, APIGroup is required. + type: string + kind: + description: Kind is the type of resource being referenced + type: string + name: + description: Name is the name of resource being referenced + type: string + required: + - kind + - name + type: object + x-kubernetes-map-type: atomic + dataSourceRef: + description: |- + dataSourceRef specifies the object from which to populate the volume with data, if a non-empty + volume is desired. This may be any object from a non-empty API group (non + core object) or a PersistentVolumeClaim object. + When this field is specified, volume binding will only succeed if the type of + the specified object matches some installed volume populator or dynamic + provisioner. + This field will replace the functionality of the dataSource field and as such + if both fields are non-empty, they must have the same value. For backwards + compatibility, when namespace isn't specified in dataSourceRef, + both fields (dataSource and dataSourceRef) will be set to the same + value automatically if one of them is empty and the other is non-empty. + When namespace is specified in dataSourceRef, + dataSource isn't set to the same value and must be empty. + There are three important differences between dataSource and dataSourceRef: + * While dataSource only allows two specific types of objects, dataSourceRef + allows any non-core object, as well as PersistentVolumeClaim objects. + * While dataSource ignores disallowed values (dropping them), dataSourceRef + preserves all values, and generates an error if a disallowed value is + specified. + * While dataSource only allows local objects, dataSourceRef allows objects + in any namespaces. + (Beta) Using this field requires the AnyVolumeDataSource feature gate to be enabled. + (Alpha) Using the namespace field of dataSourceRef requires the CrossNamespaceVolumeDataSource feature gate to be enabled. + properties: + apiGroup: + description: |- + APIGroup is the group for the resource being referenced. + If APIGroup is not specified, the specified Kind must be in the core API group. + For any other third-party types, APIGroup is required. + type: string + kind: + description: Kind is the type of resource being referenced + type: string + name: + description: Name is the name of resource being referenced + type: string + namespace: + description: |- + Namespace is the namespace of resource being referenced + Note that when a namespace is specified, a gateway.networking.k8s.io/ReferenceGrant object is required in the referent namespace to allow that namespace's owner to accept the reference. See the ReferenceGrant documentation for details. + (Alpha) This field requires the CrossNamespaceVolumeDataSource feature gate to be enabled. + type: string + required: + - kind + - name + type: object + resources: + description: |- + resources represents the minimum resources the volume should have. + If RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements + that are lower than previous value but must still be higher than capacity recorded in the + status field of the claim. + More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources + properties: + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: |- + Limits describes the maximum amount of compute resources allowed. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: |- + Requests describes the minimum amount of compute resources required. + If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, + otherwise to an implementation-defined value. Requests cannot exceed Limits. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + type: object + type: object + selector: + description: selector is a label query over volumes to + consider for binding. + properties: + matchExpressions: + description: matchExpressions is a list of label selector + requirements. The requirements are ANDed. + items: + description: |- + A label selector requirement is a selector that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: key is the label key that the selector + applies to. + type: string + operator: + description: |- + operator represents a key's relationship to a set of values. + Valid operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: |- + values is an array of string values. If the operator is In or NotIn, + the values array must be non-empty. If the operator is Exists or DoesNotExist, + the values array must be empty. This array is replaced during a strategic + merge patch. + items: + type: string + type: array + x-kubernetes-list-type: atomic + required: + - key + - operator + type: object + type: array + x-kubernetes-list-type: atomic + matchLabels: + additionalProperties: + type: string + description: |- + matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, whose key field is "key", the + operator is "In", and the values array contains only "value". The requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + storageClassName: + description: |- + storageClassName is the name of the StorageClass required by the claim. + More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1 + type: string + volumeAttributesClassName: + description: |- + volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim. + If specified, the CSI driver will create or update the volume with the attributes defined + in the corresponding VolumeAttributesClass. This has a different purpose than storageClassName, + it can be changed after the claim is created. An empty string value means that no VolumeAttributesClass + will be applied to the claim but it's not allowed to reset this field to empty string once it is set. + If unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass + will be set by the persistentvolume controller if it exists. + If the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be + set to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource + exists. + More info: https://kubernetes.io/docs/concepts/storage/volume-attributes-classes/ + (Beta) Using this field requires the VolumeAttributesClass feature gate to be enabled (off by default). + type: string + volumeMode: + description: |- + volumeMode defines what type of volume is required by the claim. + Value of Filesystem is implied when not included in claim spec. + type: string + volumeName: + description: volumeName is the binding reference to the + PersistentVolume backing this claim. + type: string + type: object + status: + description: |- + status represents the current information/status of a persistent volume claim. + Read-only. + More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims + properties: + accessModes: + description: |- + accessModes contains the actual access modes the volume backing the PVC has. + More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1 + items: + type: string + type: array + x-kubernetes-list-type: atomic + allocatedResourceStatuses: + additionalProperties: + description: |- + When a controller receives persistentvolume claim update with ClaimResourceStatus for a resource + that it does not recognizes, then it should ignore that update and let other controllers + handle it. + type: string + description: "allocatedResourceStatuses stores status + of resource being resized for the given PVC.\nKey names + follow standard Kubernetes label syntax. Valid values + are either:\n\t* Un-prefixed keys:\n\t\t- storage - + the capacity of the volume.\n\t* Custom resources must + use implementation-defined prefixed names such as \"example.com/my-custom-resource\"\nApart + from above values - keys that are unprefixed or have + kubernetes.io prefix are considered\nreserved and hence + may not be used.\n\nClaimResourceStatus can be in any + of following states:\n\t- ControllerResizeInProgress:\n\t\tState + set when resize controller starts resizing the volume + in control-plane.\n\t- ControllerResizeFailed:\n\t\tState + set when resize has failed in resize controller with + a terminal error.\n\t- NodeResizePending:\n\t\tState + set when resize controller has finished resizing the + volume but further resizing of\n\t\tvolume is needed + on the node.\n\t- NodeResizeInProgress:\n\t\tState set + when kubelet starts resizing the volume.\n\t- NodeResizeFailed:\n\t\tState + set when resizing has failed in kubelet with a terminal + error. Transient errors don't set\n\t\tNodeResizeFailed.\nFor + example: if expanding a PVC for more capacity - this + field can be one of the following states:\n\t- pvc.status.allocatedResourceStatus['storage'] + = \"ControllerResizeInProgress\"\n - pvc.status.allocatedResourceStatus['storage'] + = \"ControllerResizeFailed\"\n - pvc.status.allocatedResourceStatus['storage'] + = \"NodeResizePending\"\n - pvc.status.allocatedResourceStatus['storage'] + = \"NodeResizeInProgress\"\n - pvc.status.allocatedResourceStatus['storage'] + = \"NodeResizeFailed\"\nWhen this field is not set, + it means that no resize operation is in progress for + the given PVC.\n\nA controller that receives PVC update + with previously unknown resourceName or ClaimResourceStatus\nshould + ignore the update for the purpose it was designed. For + example - a controller that\nonly is responsible for + resizing capacity of the volume, should ignore PVC updates + that change other valid\nresources associated with PVC.\n\nThis + is an alpha field and requires enabling RecoverVolumeExpansionFailure + feature." + type: object + x-kubernetes-map-type: granular + allocatedResources: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: "allocatedResources tracks the resources + allocated to a PVC including its capacity.\nKey names + follow standard Kubernetes label syntax. Valid values + are either:\n\t* Un-prefixed keys:\n\t\t- storage - + the capacity of the volume.\n\t* Custom resources must + use implementation-defined prefixed names such as \"example.com/my-custom-resource\"\nApart + from above values - keys that are unprefixed or have + kubernetes.io prefix are considered\nreserved and hence + may not be used.\n\nCapacity reported here may be larger + than the actual capacity when a volume expansion operation\nis + requested.\nFor storage quota, the larger value from + allocatedResources and PVC.spec.resources is used.\nIf + allocatedResources is not set, PVC.spec.resources alone + is used for quota calculation.\nIf a volume expansion + capacity request is lowered, allocatedResources is only\nlowered + if there are no expansion operations in progress and + if the actual volume capacity\nis equal or lower than + the requested capacity.\n\nA controller that receives + PVC update with previously unknown resourceName\nshould + ignore the update for the purpose it was designed. For + example - a controller that\nonly is responsible for + resizing capacity of the volume, should ignore PVC updates + that change other valid\nresources associated with PVC.\n\nThis + is an alpha field and requires enabling RecoverVolumeExpansionFailure + feature." + type: object + capacity: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: capacity represents the actual resources + of the underlying volume. + type: object + conditions: + description: |- + conditions is the current Condition of persistent volume claim. If underlying persistent volume is being + resized then the Condition will be set to 'Resizing'. + items: + description: PersistentVolumeClaimCondition contains + details about state of pvc + properties: + lastProbeTime: + description: lastProbeTime is the time we probed + the condition. + format: date-time + type: string + lastTransitionTime: + description: lastTransitionTime is the time the + condition transitioned from one status to another. + format: date-time + type: string + message: + description: message is the human-readable message + indicating details about last transition. + type: string + reason: + description: |- + reason is a unique, this should be a short, machine understandable string that gives the reason + for condition's last transition. If it reports "Resizing" that means the underlying + persistent volume is being resized. + type: string + status: + description: |- + Status is the status of the condition. + Can be True, False, Unknown. + More info: https://kubernetes.io/docs/reference/kubernetes-api/config-and-storage-resources/persistent-volume-claim-v1/#:~:text=state%20of%20pvc-,conditions.status,-(string)%2C%20required + type: string + type: + description: |- + Type is the type of the condition. + More info: https://kubernetes.io/docs/reference/kubernetes-api/config-and-storage-resources/persistent-volume-claim-v1/#:~:text=set%20to%20%27ResizeStarted%27.-,PersistentVolumeClaimCondition,-contains%20details%20about + type: string + required: + - status + - type + type: object + type: array + x-kubernetes-list-map-keys: + - type + x-kubernetes-list-type: map + currentVolumeAttributesClassName: + description: |- + currentVolumeAttributesClassName is the current name of the VolumeAttributesClass the PVC is using. + When unset, there is no VolumeAttributeClass applied to this PersistentVolumeClaim + This is a beta field and requires enabling VolumeAttributesClass feature (off by default). + type: string + modifyVolumeStatus: + description: |- + ModifyVolumeStatus represents the status object of ControllerModifyVolume operation. + When this is unset, there is no ModifyVolume operation being attempted. + This is a beta field and requires enabling VolumeAttributesClass feature (off by default). + properties: + status: + description: "status is the status of the ControllerModifyVolume + operation. It can be in any of following states:\n + - Pending\n Pending indicates that the PersistentVolumeClaim + cannot be modified due to unmet requirements, such + as\n the specified VolumeAttributesClass not existing.\n + - InProgress\n InProgress indicates that the volume + is being modified.\n - Infeasible\n Infeasible + indicates that the request has been rejected as + invalid by the CSI driver. To\n\t resolve the error, + a valid VolumeAttributesClass needs to be specified.\nNote: + New statuses can be added in the future. Consumers + should check for unknown statuses and fail appropriately." + type: string + targetVolumeAttributesClassName: + description: targetVolumeAttributesClassName is the + name of the VolumeAttributesClass the PVC currently + being reconciled + type: string + required: + - status + type: object + phase: + description: phase represents the current phase of PersistentVolumeClaim. + type: string + type: object + type: object + type: object userDefined: description: |- userDefined set the deployment mode for user-defined monitoring in addition to the default platform monitoring. diff --git a/config/v1alpha1/zz_generated.swagger_doc_generated.go b/config/v1alpha1/zz_generated.swagger_doc_generated.go index 6ba6ad11f44..c5be8698404 100644 --- a/config/v1alpha1/zz_generated.swagger_doc_generated.go +++ b/config/v1alpha1/zz_generated.swagger_doc_generated.go @@ -118,6 +118,21 @@ func (ClusterImagePolicyStatus) SwaggerDoc() map[string]string { return map_ClusterImagePolicyStatus } +var map_AdditionalAlertmanagerConfig = map[string]string{ + "": "AdditionalAlertmanagerConfig represents configuration for additional Alertmanager instances. The `AdditionalAlertmanagerConfig` resource defines settings for how a component communicates with additional Alertmanager instances.", + "apiVersion": "apiVersion defines the API version of Alertmanager. `v1` is no longer supported, `v2` is set as the default value.", + "bearerToken": "bearerToken defines the secret key reference containing the bearer token to use when authenticating to Alertmanager.", + "pathPrefix": "pathPrefix defines the path prefix to add in front of the push endpoint path.", + "scheme": "scheme defines the URL scheme to use when communicating with Alertmanager instances. Possible values are `http` or `https`. The default value is `http`.", + "staticConfigs": "staticConfigs is a list of statically configured Alertmanager endpoints in the form of `:`.", + "timeout": "timeout defines the timeout value used when sending alerts.", + "tlsConfig": "tlsConfig defines the TLS settings to use for Alertmanager connections.", +} + +func (AdditionalAlertmanagerConfig) SwaggerDoc() map[string]string { + return map_AdditionalAlertmanagerConfig +} + var map_AlertmanagerConfig = map[string]string{ "": "alertmanagerConfig provides configuration options for the default Alertmanager instance that runs in the `openshift-monitoring` namespace. Use this configuration to control whether the default Alertmanager is deployed, how it logs, and how its pods are scheduled.", "deploymentMode": "deploymentMode determines whether the default Alertmanager instance should be deployed as part of the monitoring stack. Allowed values are Disabled, DefaultConfig, and CustomConfig. When set to Disabled, the Alertmanager instance will not be deployed. When set to DefaultConfig, the platform will deploy Alertmanager with default settings. When set to CustomConfig, the Alertmanager will be deployed with custom configuration.", @@ -177,6 +192,7 @@ var map_ClusterMonitoringSpec = map[string]string{ "": "ClusterMonitoringSpec defines the desired state of Cluster Monitoring Operator", "userDefined": "userDefined set the deployment mode for user-defined monitoring in addition to the default platform monitoring. userDefined is optional. When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time. The current default value is `Disabled`.", "alertmanagerConfig": "alertmanagerConfig allows users to configure how the default Alertmanager instance should be deployed in the `openshift-monitoring` namespace. alertmanagerConfig is optional. When omitted, this means no opinion and the platform is left to choose a reasonable default, that is subject to change over time. The current default value is `DefaultConfig`.", + "prometheusK8sConfig": "prometheusK8sConfig provides configuration options for the Prometheus instance Prometheus deployment, pod scheduling, resource allocation, retention policies, and external integrations. prometheusK8sConfig is optional. When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time.", "metricsServerConfig": "metricsServerConfig is an optional field that can be used to configure the Kubernetes Metrics Server that runs in the openshift-monitoring namespace. Specifically, it can configure how the Metrics Server instance is deployed, pod scheduling, its audit policy and log verbosity. When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time.", } @@ -203,6 +219,15 @@ func (ContainerResource) SwaggerDoc() map[string]string { return map_ContainerResource } +var map_ExternalLabels = map[string]string{ + "": "ExternalLabels represents labels to be added to time series and alerts.", + "labels": "labels is a map of label names to label values.", +} + +func (ExternalLabels) SwaggerDoc() map[string]string { + return map_ExternalLabels +} + var map_MetricsServerConfig = map[string]string{ "": "MetricsServerConfig provides configuration options for the Metrics Server instance that runs in the `openshift-monitoring` namespace. Use this configuration to control how the Metrics Server instance is deployed, how it logs, and how its pods are scheduled.", "audit": "audit defines the audit configuration used by the Metrics Server instance. audit is optional. When omitted, this means no opinion and the platform is left to choose a reasonable default, that is subject to change over time. The current default sets audit.profile to Metadata", @@ -217,6 +242,67 @@ func (MetricsServerConfig) SwaggerDoc() map[string]string { return map_MetricsServerConfig } +var map_PrometheusK8sConfig = map[string]string{ + "": "PrometheusK8sConfig provides configuration options for the Prometheus instance Use this configuration to control Prometheus deployment, pod scheduling, resource allocation, retention policies, and external integrations.", + "additionalAlertmanagerConfigs": "additionalAlertmanagerConfigs configures additional Alertmanager instances that receive alerts from the Prometheus component. By default, no additional Alertmanager instances are configured.", + "enforcedBodySizeLimit": "enforcedBodySizeLimit enforces a body size limit for Prometheus scraped metrics. If a scraped target's body response is larger than the limit, the scrape will fail. The following values are valid: an empty value to specify no limit, a numeric value in Prometheus size format (such as `64MB`), or the string `automatic`, which indicates that the limit will be automatically calculated based on cluster capacity. The default value is empty, which indicates no limit.", + "externalLabels": "externalLabels defines labels to be added to any time series or alerts when communicating with external systems such as federation, remote storage, and Alertmanager. By default, no labels are added.", + "logLevel": "logLevel defines the verbosity of logs emitted by Prometheus. This field allows users to control the amount and severity of logs generated, which can be useful for debugging issues or reducing noise in production environments. Allowed values are Error, Warn, Info, and Debug. When set to Error, only errors will be logged. When set to Warn, both warnings and errors will be logged. When set to Info, general information, warnings, and errors will all be logged. When set to Debug, detailed debugging information will be logged. When omitted, this means no opinion and the platform is left to choose a reasonable default, that is subject to change over time. The current default value is `Info`.", + "nodeSelector": "nodeSelector defines the nodes on which the Pods are scheduled nodeSelector is optional.\n\nWhen omitted, this means the user has no opinion and the platform is left to choose reasonable defaults. These defaults are subject to change over time. The current default value is `kubernetes.io/os: linux`.", + "queryLogFile": "queryLogFile specifies the file to which PromQL queries are logged. This setting can be either a filename, in which case the queries are saved to an `emptyDir` volume at `/var/log/prometheus`, or a full path to a location where an `emptyDir` volume will be mounted and the queries saved. Writing to `/dev/stderr`, `/dev/stdout` or `/dev/null` is supported, but writing to any other `/dev/` path is not supported. Relative paths are also not supported. By default, PromQL queries are not logged.", + "remoteWrite": "remoteWrite defines the remote write configuration, including URL, authentication, and relabeling settings.", + "resources": "resources defines the compute resource requests and limits for the Prometheus container. This includes CPU, memory and HugePages constraints to help control scheduling and resource usage. When not specified, defaults are used by the platform. Requests cannot exceed limits. This field is optional. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ This is a simplified API that maps to Kubernetes ResourceRequirements. The current default values are:\n resources:\n - name: cpu\n request: 4m\n limit: null\n - name: memory\n request: 40Mi\n limit: null\nMaximum length for this list is 10. Minimum length for this list is 1.", + "retention": "retention defines the duration for which Prometheus retains data. This definition must be specified using the following regular expression pattern: `[0-9]+(ms|s|m|h|d|w|y)` (ms = milliseconds, s= seconds,m = minutes, h = hours, d = days, w = weeks, y = years). The default value is `15d`.", + "retentionSize": "retentionSize defines the maximum amount of disk space used by data blocks plus the write-ahead log (WAL). Supported values are `B`, `KB`, `KiB`, `MB`, `MiB`, `GB`, `GiB`, `TB`, `TiB`, `PB`, `PiB`, `EB`, and `EiB`. By default, no limit is defined.", + "tolerations": "tolerations defines tolerations for the pods. tolerations is optional.\n\nWhen omitted, this means the user has no opinion and the platform is left to choose reasonable defaults. These defaults are subject to change over time. Defaults are empty/unset. Maximum length for this list is 10 Minimum length for this list is 1", + "topologySpreadConstraints": "topologySpreadConstraints defines rules for how Prometheus Pods should be distributed across topology domains such as zones, nodes, or other user-defined labels. topologySpreadConstraints is optional. This helps improve high availability and resource efficiency by avoiding placing too many replicas in the same failure domain.\n\nWhen omitted, this means no opinion and the platform is left to choose a default, which is subject to change over time. This field maps directly to the `topologySpreadConstraints` field in the Pod spec. Default is empty list. Maximum length for this list is 10. Minimum length for this list is 1 Entries must have unique topologyKey and whenUnsatisfiable pairs.", + "collectionProfile": "collectionProfile defines the metrics collection profile that Prometheus uses to collect metrics from the platform components. Supported values are `full` or `minimal`. In the `full` profile (default), Prometheus collects all metrics that are exposed by the platform components. In the `minimal` profile, Prometheus only collects metrics necessary for the default platform alerts, recording rules, telemetry and console dashboards.", + "volumeClaimTemplate": "volumeClaimTemplate Defines persistent storage for Prometheus. Use this setting to configure the persistent volume claim, including storage class, volume size, and name. If omitted, the Pod uses ephemeral storage and Prometheus data will not persist across restarts. This field is optional.", +} + +func (PrometheusK8sConfig) SwaggerDoc() map[string]string { + return map_PrometheusK8sConfig +} + +var map_RelabelConfig = map[string]string{ + "": "RelabelConfig represents a relabeling rule.", + "sourceLabels": "sourceLabels is a list of source label names.", + "separator": "separator is the separator used to join source label values.", + "regex": "regex is the regular expression to match against the concatenated source label values.", + "targetLabel": "targetLabel is the target label name.", + "replacement": "replacement is the replacement value for the target label.", + "action": "action is the action to perform.", +} + +func (RelabelConfig) SwaggerDoc() map[string]string { + return map_RelabelConfig +} + +var map_RemoteWriteSpec = map[string]string{ + "": "RemoteWriteSpec represents configuration for remote write endpoints.", + "url": "url is the URL of the remote write endpoint.", + "name": "name is the name of the remote write configuration.", + "remoteTimeout": "remoteTimeout is the timeout for requests to the remote write endpoint.", + "writeRelabelConfigs": "writeRelabelConfigs is a list of relabeling rules to apply before sending data to the remote endpoint.", +} + +func (RemoteWriteSpec) SwaggerDoc() map[string]string { + return map_RemoteWriteSpec +} + +var map_TLSConfig = map[string]string{ + "": "TLSConfig represents TLS configuration for Alertmanager connections.", + "ca": "ca is the CA certificate to use for TLS connections.", + "cert": "cert is the client certificate to use for TLS connections.", + "key": "key is the client key to use for TLS connections.", + "serverName": "serverName is the server name to use for TLS connections.", + "insecureSkipVerify": "insecureSkipVerify determines whether to skip TLS certificate verification.", +} + +func (TLSConfig) SwaggerDoc() map[string]string { + return map_TLSConfig +} + var map_UserDefinedMonitoring = map[string]string{ "": "UserDefinedMonitoring config for user-defined projects.", "mode": "mode defines the different configurations of UserDefinedMonitoring Valid values are Disabled and NamespaceIsolated Disabled disables monitoring for user-defined projects. This restricts the default monitoring stack, installed in the openshift-monitoring project, to monitor only platform namespaces, which prevents any custom monitoring configurations or resources from being applied to user-defined namespaces. NamespaceIsolated enables monitoring for user-defined projects with namespace-scoped tenancy. This ensures that metrics, alerts, and monitoring data are isolated at the namespace level. The current default value is `Disabled`.", diff --git a/openapi/generated_openapi/zz_generated.openapi.go b/openapi/generated_openapi/zz_generated.openapi.go index 77124efe23c..5210ecb57a6 100644 --- a/openapi/generated_openapi/zz_generated.openapi.go +++ b/openapi/generated_openapi/zz_generated.openapi.go @@ -422,6 +422,7 @@ func GetOpenAPIDefinitions(ref common.ReferenceCallback) map[string]common.OpenA "github.com/openshift/api/config/v1.VSpherePlatformTopology": schema_openshift_api_config_v1_VSpherePlatformTopology(ref), "github.com/openshift/api/config/v1.VSpherePlatformVCenterSpec": schema_openshift_api_config_v1_VSpherePlatformVCenterSpec(ref), "github.com/openshift/api/config/v1.WebhookTokenAuthenticator": schema_openshift_api_config_v1_WebhookTokenAuthenticator(ref), + "github.com/openshift/api/config/v1alpha1.AdditionalAlertmanagerConfig": schema_openshift_api_config_v1alpha1_AdditionalAlertmanagerConfig(ref), "github.com/openshift/api/config/v1alpha1.AlertmanagerConfig": schema_openshift_api_config_v1alpha1_AlertmanagerConfig(ref), "github.com/openshift/api/config/v1alpha1.AlertmanagerCustomConfig": schema_openshift_api_config_v1alpha1_AlertmanagerCustomConfig(ref), "github.com/openshift/api/config/v1alpha1.Audit": schema_openshift_api_config_v1alpha1_Audit(ref), @@ -439,6 +440,7 @@ func GetOpenAPIDefinitions(ref common.ReferenceCallback) map[string]common.OpenA "github.com/openshift/api/config/v1alpha1.ClusterMonitoringStatus": schema_openshift_api_config_v1alpha1_ClusterMonitoringStatus(ref), "github.com/openshift/api/config/v1alpha1.ContainerResource": schema_openshift_api_config_v1alpha1_ContainerResource(ref), "github.com/openshift/api/config/v1alpha1.EtcdBackupSpec": schema_openshift_api_config_v1alpha1_EtcdBackupSpec(ref), + "github.com/openshift/api/config/v1alpha1.ExternalLabels": schema_openshift_api_config_v1alpha1_ExternalLabels(ref), "github.com/openshift/api/config/v1alpha1.FulcioCAWithRekor": schema_openshift_api_config_v1alpha1_FulcioCAWithRekor(ref), "github.com/openshift/api/config/v1alpha1.GatherConfig": schema_openshift_api_config_v1alpha1_GatherConfig(ref), "github.com/openshift/api/config/v1alpha1.ImagePolicy": schema_openshift_api_config_v1alpha1_ImagePolicy(ref), @@ -460,11 +462,15 @@ func GetOpenAPIDefinitions(ref common.ReferenceCallback) map[string]common.OpenA "github.com/openshift/api/config/v1alpha1.PolicyMatchExactRepository": schema_openshift_api_config_v1alpha1_PolicyMatchExactRepository(ref), "github.com/openshift/api/config/v1alpha1.PolicyMatchRemapIdentity": schema_openshift_api_config_v1alpha1_PolicyMatchRemapIdentity(ref), "github.com/openshift/api/config/v1alpha1.PolicyRootOfTrust": schema_openshift_api_config_v1alpha1_PolicyRootOfTrust(ref), + "github.com/openshift/api/config/v1alpha1.PrometheusK8sConfig": schema_openshift_api_config_v1alpha1_PrometheusK8sConfig(ref), "github.com/openshift/api/config/v1alpha1.PublicKey": schema_openshift_api_config_v1alpha1_PublicKey(ref), + "github.com/openshift/api/config/v1alpha1.RelabelConfig": schema_openshift_api_config_v1alpha1_RelabelConfig(ref), + "github.com/openshift/api/config/v1alpha1.RemoteWriteSpec": schema_openshift_api_config_v1alpha1_RemoteWriteSpec(ref), "github.com/openshift/api/config/v1alpha1.RetentionNumberConfig": schema_openshift_api_config_v1alpha1_RetentionNumberConfig(ref), "github.com/openshift/api/config/v1alpha1.RetentionPolicy": schema_openshift_api_config_v1alpha1_RetentionPolicy(ref), "github.com/openshift/api/config/v1alpha1.RetentionSizeConfig": schema_openshift_api_config_v1alpha1_RetentionSizeConfig(ref), "github.com/openshift/api/config/v1alpha1.Storage": schema_openshift_api_config_v1alpha1_Storage(ref), + "github.com/openshift/api/config/v1alpha1.TLSConfig": schema_openshift_api_config_v1alpha1_TLSConfig(ref), "github.com/openshift/api/config/v1alpha1.UserDefinedMonitoring": schema_openshift_api_config_v1alpha1_UserDefinedMonitoring(ref), "github.com/openshift/api/config/v1alpha2.Custom": schema_openshift_api_config_v1alpha2_Custom(ref), "github.com/openshift/api/config/v1alpha2.GatherConfig": schema_openshift_api_config_v1alpha2_GatherConfig(ref), @@ -21188,6 +21194,82 @@ func schema_openshift_api_config_v1_WebhookTokenAuthenticator(ref common.Referen } } +func schema_openshift_api_config_v1alpha1_AdditionalAlertmanagerConfig(ref common.ReferenceCallback) common.OpenAPIDefinition { + return common.OpenAPIDefinition{ + Schema: spec.Schema{ + SchemaProps: spec.SchemaProps{ + Description: "AdditionalAlertmanagerConfig represents configuration for additional Alertmanager instances. The `AdditionalAlertmanagerConfig` resource defines settings for how a component communicates with additional Alertmanager instances.", + Type: []string{"object"}, + Properties: map[string]spec.Schema{ + "apiVersion": { + SchemaProps: spec.SchemaProps{ + Description: "apiVersion defines the API version of Alertmanager. `v1` is no longer supported, `v2` is set as the default value.", + Type: []string{"string"}, + Format: "", + }, + }, + "bearerToken": { + SchemaProps: spec.SchemaProps{ + Description: "bearerToken defines the secret key reference containing the bearer token to use when authenticating to Alertmanager.", + Ref: ref("k8s.io/api/core/v1.SecretKeySelector"), + }, + }, + "pathPrefix": { + SchemaProps: spec.SchemaProps{ + Description: "pathPrefix defines the path prefix to add in front of the push endpoint path.", + Type: []string{"string"}, + Format: "", + }, + }, + "scheme": { + SchemaProps: spec.SchemaProps{ + Description: "scheme defines the URL scheme to use when communicating with Alertmanager instances. Possible values are `http` or `https`. The default value is `http`.", + Type: []string{"string"}, + Format: "", + }, + }, + "staticConfigs": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "set", + }, + }, + SchemaProps: spec.SchemaProps{ + Description: "staticConfigs is a list of statically configured Alertmanager endpoints in the form of `:`.", + Type: []string{"array"}, + Items: &spec.SchemaOrArray{ + Schema: &spec.Schema{ + SchemaProps: spec.SchemaProps{ + Default: "", + Type: []string{"string"}, + Format: "", + }, + }, + }, + }, + }, + "timeout": { + SchemaProps: spec.SchemaProps{ + Description: "timeout defines the timeout value used when sending alerts.", + Type: []string{"string"}, + Format: "", + }, + }, + "tlsConfig": { + SchemaProps: spec.SchemaProps{ + Description: "tlsConfig defines the TLS settings to use for Alertmanager connections.", + Ref: ref("github.com/openshift/api/config/v1alpha1.TLSConfig"), + }, + }, + }, + Required: []string{"apiVersion"}, + }, + }, + Dependencies: []string{ + "github.com/openshift/api/config/v1alpha1.TLSConfig", "k8s.io/api/core/v1.SecretKeySelector"}, + } +} + func schema_openshift_api_config_v1alpha1_AlertmanagerConfig(ref common.ReferenceCallback) common.OpenAPIDefinition { return common.OpenAPIDefinition{ Schema: spec.Schema{ @@ -21802,6 +21884,13 @@ func schema_openshift_api_config_v1alpha1_ClusterMonitoringSpec(ref common.Refer Ref: ref("github.com/openshift/api/config/v1alpha1.AlertmanagerConfig"), }, }, + "prometheusK8sConfig": { + SchemaProps: spec.SchemaProps{ + Description: "prometheusK8sConfig provides configuration options for the Prometheus instance Prometheus deployment, pod scheduling, resource allocation, retention policies, and external integrations. prometheusK8sConfig is optional. When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time.", + Default: map[string]interface{}{}, + Ref: ref("github.com/openshift/api/config/v1alpha1.PrometheusK8sConfig"), + }, + }, "metricsServerConfig": { SchemaProps: spec.SchemaProps{ Description: "metricsServerConfig is an optional field that can be used to configure the Kubernetes Metrics Server that runs in the openshift-monitoring namespace. Specifically, it can configure how the Metrics Server instance is deployed, pod scheduling, its audit policy and log verbosity. When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time.", @@ -21813,7 +21902,7 @@ func schema_openshift_api_config_v1alpha1_ClusterMonitoringSpec(ref common.Refer }, }, Dependencies: []string{ - "github.com/openshift/api/config/v1alpha1.AlertmanagerConfig", "github.com/openshift/api/config/v1alpha1.MetricsServerConfig", "github.com/openshift/api/config/v1alpha1.UserDefinedMonitoring"}, + "github.com/openshift/api/config/v1alpha1.AlertmanagerConfig", "github.com/openshift/api/config/v1alpha1.MetricsServerConfig", "github.com/openshift/api/config/v1alpha1.PrometheusK8sConfig", "github.com/openshift/api/config/v1alpha1.UserDefinedMonitoring"}, } } @@ -21909,6 +21998,36 @@ func schema_openshift_api_config_v1alpha1_EtcdBackupSpec(ref common.ReferenceCal } } +func schema_openshift_api_config_v1alpha1_ExternalLabels(ref common.ReferenceCallback) common.OpenAPIDefinition { + return common.OpenAPIDefinition{ + Schema: spec.Schema{ + SchemaProps: spec.SchemaProps{ + Description: "ExternalLabels represents labels to be added to time series and alerts.", + Type: []string{"object"}, + Properties: map[string]spec.Schema{ + "labels": { + SchemaProps: spec.SchemaProps{ + Description: "labels is a map of label names to label values.", + Type: []string{"object"}, + AdditionalProperties: &spec.SchemaOrBool{ + Allows: true, + Schema: &spec.Schema{ + SchemaProps: spec.SchemaProps{ + Default: "", + Type: []string{"string"}, + Format: "", + }, + }, + }, + }, + }, + }, + Required: []string{"labels"}, + }, + }, + } +} + func schema_openshift_api_config_v1alpha1_FulcioCAWithRekor(ref common.ReferenceCallback) common.OpenAPIDefinition { return common.OpenAPIDefinition{ Schema: spec.Schema{ @@ -22741,6 +22860,194 @@ func schema_openshift_api_config_v1alpha1_PolicyRootOfTrust(ref common.Reference } } +func schema_openshift_api_config_v1alpha1_PrometheusK8sConfig(ref common.ReferenceCallback) common.OpenAPIDefinition { + return common.OpenAPIDefinition{ + Schema: spec.Schema{ + SchemaProps: spec.SchemaProps{ + Description: "PrometheusK8sConfig provides configuration options for the Prometheus instance Use this configuration to control Prometheus deployment, pod scheduling, resource allocation, retention policies, and external integrations.", + Type: []string{"object"}, + Properties: map[string]spec.Schema{ + "additionalAlertmanagerConfigs": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, + SchemaProps: spec.SchemaProps{ + Description: "additionalAlertmanagerConfigs configures additional Alertmanager instances that receive alerts from the Prometheus component. By default, no additional Alertmanager instances are configured.", + Type: []string{"array"}, + Items: &spec.SchemaOrArray{ + Schema: &spec.Schema{ + SchemaProps: spec.SchemaProps{ + Default: map[string]interface{}{}, + Ref: ref("github.com/openshift/api/config/v1alpha1.AdditionalAlertmanagerConfig"), + }, + }, + }, + }, + }, + "enforcedBodySizeLimit": { + SchemaProps: spec.SchemaProps{ + Description: "enforcedBodySizeLimit enforces a body size limit for Prometheus scraped metrics. If a scraped target's body response is larger than the limit, the scrape will fail. The following values are valid: an empty value to specify no limit, a numeric value in Prometheus size format (such as `64MB`), or the string `automatic`, which indicates that the limit will be automatically calculated based on cluster capacity. The default value is empty, which indicates no limit.", + Type: []string{"string"}, + Format: "", + }, + }, + "externalLabels": { + SchemaProps: spec.SchemaProps{ + Description: "externalLabels defines labels to be added to any time series or alerts when communicating with external systems such as federation, remote storage, and Alertmanager. By default, no labels are added.", + Default: map[string]interface{}{}, + Ref: ref("github.com/openshift/api/config/v1alpha1.ExternalLabels"), + }, + }, + "logLevel": { + SchemaProps: spec.SchemaProps{ + Description: "logLevel defines the verbosity of logs emitted by Prometheus. This field allows users to control the amount and severity of logs generated, which can be useful for debugging issues or reducing noise in production environments. Allowed values are Error, Warn, Info, and Debug. When set to Error, only errors will be logged. When set to Warn, both warnings and errors will be logged. When set to Info, general information, warnings, and errors will all be logged. When set to Debug, detailed debugging information will be logged. When omitted, this means no opinion and the platform is left to choose a reasonable default, that is subject to change over time. The current default value is `Info`.", + Type: []string{"string"}, + Format: "", + }, + }, + "nodeSelector": { + SchemaProps: spec.SchemaProps{ + Description: "nodeSelector defines the nodes on which the Pods are scheduled nodeSelector is optional.\n\nWhen omitted, this means the user has no opinion and the platform is left to choose reasonable defaults. These defaults are subject to change over time. The current default value is `kubernetes.io/os: linux`.", + Type: []string{"object"}, + AdditionalProperties: &spec.SchemaOrBool{ + Allows: true, + Schema: &spec.Schema{ + SchemaProps: spec.SchemaProps{ + Default: "", + Type: []string{"string"}, + Format: "", + }, + }, + }, + }, + }, + "queryLogFile": { + SchemaProps: spec.SchemaProps{ + Description: "queryLogFile specifies the file to which PromQL queries are logged. This setting can be either a filename, in which case the queries are saved to an `emptyDir` volume at `/var/log/prometheus`, or a full path to a location where an `emptyDir` volume will be mounted and the queries saved. Writing to `/dev/stderr`, `/dev/stdout` or `/dev/null` is supported, but writing to any other `/dev/` path is not supported. Relative paths are also not supported. By default, PromQL queries are not logged.", + Type: []string{"string"}, + Format: "", + }, + }, + "remoteWrite": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, + SchemaProps: spec.SchemaProps{ + Description: "remoteWrite defines the remote write configuration, including URL, authentication, and relabeling settings.", + Type: []string{"array"}, + Items: &spec.SchemaOrArray{ + Schema: &spec.Schema{ + SchemaProps: spec.SchemaProps{ + Default: map[string]interface{}{}, + Ref: ref("github.com/openshift/api/config/v1alpha1.RemoteWriteSpec"), + }, + }, + }, + }, + }, + "resources": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-map-keys": []interface{}{ + "name", + }, + "x-kubernetes-list-type": "map", + }, + }, + SchemaProps: spec.SchemaProps{ + Description: "resources defines the compute resource requests and limits for the Prometheus container. This includes CPU, memory and HugePages constraints to help control scheduling and resource usage. When not specified, defaults are used by the platform. Requests cannot exceed limits. This field is optional. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ This is a simplified API that maps to Kubernetes ResourceRequirements. The current default values are:\n resources:\n - name: cpu\n request: 4m\n limit: null\n - name: memory\n request: 40Mi\n limit: null\nMaximum length for this list is 10. Minimum length for this list is 1.", + Type: []string{"array"}, + Items: &spec.SchemaOrArray{ + Schema: &spec.Schema{ + SchemaProps: spec.SchemaProps{ + Default: map[string]interface{}{}, + Ref: ref("github.com/openshift/api/config/v1alpha1.ContainerResource"), + }, + }, + }, + }, + }, + "retention": { + SchemaProps: spec.SchemaProps{ + Description: "retention defines the duration for which Prometheus retains data. This definition must be specified using the following regular expression pattern: `[0-9]+(ms|s|m|h|d|w|y)` (ms = milliseconds, s= seconds,m = minutes, h = hours, d = days, w = weeks, y = years). The default value is `15d`.", + Type: []string{"string"}, + Format: "", + }, + }, + "retentionSize": { + SchemaProps: spec.SchemaProps{ + Description: "retentionSize defines the maximum amount of disk space used by data blocks plus the write-ahead log (WAL). Supported values are `B`, `KB`, `KiB`, `MB`, `MiB`, `GB`, `GiB`, `TB`, `TiB`, `PB`, `PiB`, `EB`, and `EiB`. By default, no limit is defined.", + Type: []string{"string"}, + Format: "", + }, + }, + "tolerations": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, + SchemaProps: spec.SchemaProps{ + Description: "tolerations defines tolerations for the pods. tolerations is optional.\n\nWhen omitted, this means the user has no opinion and the platform is left to choose reasonable defaults. These defaults are subject to change over time. Defaults are empty/unset. Maximum length for this list is 10 Minimum length for this list is 1", + Type: []string{"array"}, + Items: &spec.SchemaOrArray{ + Schema: &spec.Schema{ + SchemaProps: spec.SchemaProps{ + Default: map[string]interface{}{}, + Ref: ref("k8s.io/api/core/v1.Toleration"), + }, + }, + }, + }, + }, + "topologySpreadConstraints": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-map-keys": []interface{}{ + "topologyKey", + "whenUnsatisfiable", + }, + "x-kubernetes-list-type": "map", + }, + }, + SchemaProps: spec.SchemaProps{ + Description: "topologySpreadConstraints defines rules for how Prometheus Pods should be distributed across topology domains such as zones, nodes, or other user-defined labels. topologySpreadConstraints is optional. This helps improve high availability and resource efficiency by avoiding placing too many replicas in the same failure domain.\n\nWhen omitted, this means no opinion and the platform is left to choose a default, which is subject to change over time. This field maps directly to the `topologySpreadConstraints` field in the Pod spec. Default is empty list. Maximum length for this list is 10. Minimum length for this list is 1 Entries must have unique topologyKey and whenUnsatisfiable pairs.", + Type: []string{"array"}, + Items: &spec.SchemaOrArray{ + Schema: &spec.Schema{ + SchemaProps: spec.SchemaProps{ + Default: map[string]interface{}{}, + Ref: ref("k8s.io/api/core/v1.TopologySpreadConstraint"), + }, + }, + }, + }, + }, + "collectionProfile": { + SchemaProps: spec.SchemaProps{ + Description: "collectionProfile defines the metrics collection profile that Prometheus uses to collect metrics from the platform components. Supported values are `full` or `minimal`. In the `full` profile (default), Prometheus collects all metrics that are exposed by the platform components. In the `minimal` profile, Prometheus only collects metrics necessary for the default platform alerts, recording rules, telemetry and console dashboards.", + Type: []string{"string"}, + Format: "", + }, + }, + "volumeClaimTemplate": { + SchemaProps: spec.SchemaProps{ + Description: "volumeClaimTemplate Defines persistent storage for Prometheus. Use this setting to configure the persistent volume claim, including storage class, volume size, and name. If omitted, the Pod uses ephemeral storage and Prometheus data will not persist across restarts. This field is optional.", + Ref: ref("k8s.io/api/core/v1.PersistentVolumeClaim"), + }, + }, + }, + }, + }, + Dependencies: []string{ + "github.com/openshift/api/config/v1alpha1.AdditionalAlertmanagerConfig", "github.com/openshift/api/config/v1alpha1.ContainerResource", "github.com/openshift/api/config/v1alpha1.ExternalLabels", "github.com/openshift/api/config/v1alpha1.RemoteWriteSpec", "k8s.io/api/core/v1.PersistentVolumeClaim", "k8s.io/api/core/v1.Toleration", "k8s.io/api/core/v1.TopologySpreadConstraint"}, + } +} + func schema_openshift_api_config_v1alpha1_PublicKey(ref common.ReferenceCallback) common.OpenAPIDefinition { return common.OpenAPIDefinition{ Schema: spec.Schema{ @@ -22769,6 +23076,130 @@ func schema_openshift_api_config_v1alpha1_PublicKey(ref common.ReferenceCallback } } +func schema_openshift_api_config_v1alpha1_RelabelConfig(ref common.ReferenceCallback) common.OpenAPIDefinition { + return common.OpenAPIDefinition{ + Schema: spec.Schema{ + SchemaProps: spec.SchemaProps{ + Description: "RelabelConfig represents a relabeling rule.", + Type: []string{"object"}, + Properties: map[string]spec.Schema{ + "sourceLabels": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "set", + }, + }, + SchemaProps: spec.SchemaProps{ + Description: "sourceLabels is a list of source label names.", + Type: []string{"array"}, + Items: &spec.SchemaOrArray{ + Schema: &spec.Schema{ + SchemaProps: spec.SchemaProps{ + Default: "", + Type: []string{"string"}, + Format: "", + }, + }, + }, + }, + }, + "separator": { + SchemaProps: spec.SchemaProps{ + Description: "separator is the separator used to join source label values.", + Type: []string{"string"}, + Format: "", + }, + }, + "regex": { + SchemaProps: spec.SchemaProps{ + Description: "regex is the regular expression to match against the concatenated source label values.", + Type: []string{"string"}, + Format: "", + }, + }, + "targetLabel": { + SchemaProps: spec.SchemaProps{ + Description: "targetLabel is the target label name.", + Type: []string{"string"}, + Format: "", + }, + }, + "replacement": { + SchemaProps: spec.SchemaProps{ + Description: "replacement is the replacement value for the target label.", + Type: []string{"string"}, + Format: "", + }, + }, + "action": { + SchemaProps: spec.SchemaProps{ + Description: "action is the action to perform.", + Type: []string{"string"}, + Format: "", + }, + }, + }, + }, + }, + } +} + +func schema_openshift_api_config_v1alpha1_RemoteWriteSpec(ref common.ReferenceCallback) common.OpenAPIDefinition { + return common.OpenAPIDefinition{ + Schema: spec.Schema{ + SchemaProps: spec.SchemaProps{ + Description: "RemoteWriteSpec represents configuration for remote write endpoints.", + Type: []string{"object"}, + Properties: map[string]spec.Schema{ + "url": { + SchemaProps: spec.SchemaProps{ + Description: "url is the URL of the remote write endpoint.", + Type: []string{"string"}, + Format: "", + }, + }, + "name": { + SchemaProps: spec.SchemaProps{ + Description: "name is the name of the remote write configuration.", + Type: []string{"string"}, + Format: "", + }, + }, + "remoteTimeout": { + SchemaProps: spec.SchemaProps{ + Description: "remoteTimeout is the timeout for requests to the remote write endpoint.", + Type: []string{"string"}, + Format: "", + }, + }, + "writeRelabelConfigs": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, + SchemaProps: spec.SchemaProps{ + Description: "writeRelabelConfigs is a list of relabeling rules to apply before sending data to the remote endpoint.", + Type: []string{"array"}, + Items: &spec.SchemaOrArray{ + Schema: &spec.Schema{ + SchemaProps: spec.SchemaProps{ + Default: map[string]interface{}{}, + Ref: ref("github.com/openshift/api/config/v1alpha1.RelabelConfig"), + }, + }, + }, + }, + }, + }, + Required: []string{"url"}, + }, + }, + Dependencies: []string{ + "github.com/openshift/api/config/v1alpha1.RelabelConfig"}, + } +} + func schema_openshift_api_config_v1alpha1_RetentionNumberConfig(ref common.ReferenceCallback) common.OpenAPIDefinition { return common.OpenAPIDefinition{ Schema: spec.Schema{ @@ -22893,6 +23324,53 @@ func schema_openshift_api_config_v1alpha1_Storage(ref common.ReferenceCallback) } } +func schema_openshift_api_config_v1alpha1_TLSConfig(ref common.ReferenceCallback) common.OpenAPIDefinition { + return common.OpenAPIDefinition{ + Schema: spec.Schema{ + SchemaProps: spec.SchemaProps{ + Description: "TLSConfig represents TLS configuration for Alertmanager connections.", + Type: []string{"object"}, + Properties: map[string]spec.Schema{ + "ca": { + SchemaProps: spec.SchemaProps{ + Description: "ca is the CA certificate to use for TLS connections.", + Ref: ref("k8s.io/api/core/v1.SecretKeySelector"), + }, + }, + "cert": { + SchemaProps: spec.SchemaProps{ + Description: "cert is the client certificate to use for TLS connections.", + Ref: ref("k8s.io/api/core/v1.SecretKeySelector"), + }, + }, + "key": { + SchemaProps: spec.SchemaProps{ + Description: "key is the client key to use for TLS connections.", + Ref: ref("k8s.io/api/core/v1.SecretKeySelector"), + }, + }, + "serverName": { + SchemaProps: spec.SchemaProps{ + Description: "serverName is the server name to use for TLS connections.", + Type: []string{"string"}, + Format: "", + }, + }, + "insecureSkipVerify": { + SchemaProps: spec.SchemaProps{ + Description: "insecureSkipVerify determines whether to skip TLS certificate verification.", + Type: []string{"string"}, + Format: "", + }, + }, + }, + }, + }, + Dependencies: []string{ + "k8s.io/api/core/v1.SecretKeySelector"}, + } +} + func schema_openshift_api_config_v1alpha1_UserDefinedMonitoring(ref common.ReferenceCallback) common.OpenAPIDefinition { return common.OpenAPIDefinition{ Schema: spec.Schema{ diff --git a/openapi/openapi.json b/openapi/openapi.json index 169d0ceac1c..fe2b8f0a7d3 100644 --- a/openapi/openapi.json +++ b/openapi/openapi.json @@ -11529,6 +11529,48 @@ } } }, + "com.github.openshift.api.config.v1alpha1.AdditionalAlertmanagerConfig": { + "description": "AdditionalAlertmanagerConfig represents configuration for additional Alertmanager instances. The `AdditionalAlertmanagerConfig` resource defines settings for how a component communicates with additional Alertmanager instances.", + "type": "object", + "required": [ + "apiVersion" + ], + "properties": { + "apiVersion": { + "description": "apiVersion defines the API version of Alertmanager. `v1` is no longer supported, `v2` is set as the default value.", + "type": "string" + }, + "bearerToken": { + "description": "bearerToken defines the secret key reference containing the bearer token to use when authenticating to Alertmanager.", + "$ref": "#/definitions/io.k8s.api.core.v1.SecretKeySelector" + }, + "pathPrefix": { + "description": "pathPrefix defines the path prefix to add in front of the push endpoint path.", + "type": "string" + }, + "scheme": { + "description": "scheme defines the URL scheme to use when communicating with Alertmanager instances. Possible values are `http` or `https`. The default value is `http`.", + "type": "string" + }, + "staticConfigs": { + "description": "staticConfigs is a list of statically configured Alertmanager endpoints in the form of `:`.", + "type": "array", + "items": { + "type": "string", + "default": "" + }, + "x-kubernetes-list-type": "set" + }, + "timeout": { + "description": "timeout defines the timeout value used when sending alerts.", + "type": "string" + }, + "tlsConfig": { + "description": "tlsConfig defines the TLS settings to use for Alertmanager connections.", + "$ref": "#/definitions/com.github.openshift.api.config.v1alpha1.TLSConfig" + } + } + }, "com.github.openshift.api.config.v1alpha1.AlertmanagerConfig": { "description": "alertmanagerConfig provides configuration options for the default Alertmanager instance that runs in the `openshift-monitoring` namespace. Use this configuration to control whether the default Alertmanager is deployed, how it logs, and how its pods are scheduled.", "type": "object", @@ -11879,6 +11921,11 @@ "default": {}, "$ref": "#/definitions/com.github.openshift.api.config.v1alpha1.MetricsServerConfig" }, + "prometheusK8sConfig": { + "description": "prometheusK8sConfig provides configuration options for the Prometheus instance Prometheus deployment, pod scheduling, resource allocation, retention policies, and external integrations. prometheusK8sConfig is optional. When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time.", + "default": {}, + "$ref": "#/definitions/com.github.openshift.api.config.v1alpha1.PrometheusK8sConfig" + }, "userDefined": { "description": "userDefined set the deployment mode for user-defined monitoring in addition to the default platform monitoring. userDefined is optional. When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time. The current default value is `Disabled`.", "default": {}, @@ -11937,6 +11984,23 @@ } } }, + "com.github.openshift.api.config.v1alpha1.ExternalLabels": { + "description": "ExternalLabels represents labels to be added to time series and alerts.", + "type": "object", + "required": [ + "labels" + ], + "properties": { + "labels": { + "description": "labels is a map of label names to label values.", + "type": "object", + "additionalProperties": { + "type": "string", + "default": "" + } + } + } + }, "com.github.openshift.api.config.v1alpha1.FulcioCAWithRekor": { "description": "FulcioCAWithRekor defines the root of trust based on the Fulcio certificate and the Rekor public key.", "type": "object", @@ -12429,6 +12493,105 @@ } ] }, + "com.github.openshift.api.config.v1alpha1.PrometheusK8sConfig": { + "description": "PrometheusK8sConfig provides configuration options for the Prometheus instance Use this configuration to control Prometheus deployment, pod scheduling, resource allocation, retention policies, and external integrations.", + "type": "object", + "properties": { + "additionalAlertmanagerConfigs": { + "description": "additionalAlertmanagerConfigs configures additional Alertmanager instances that receive alerts from the Prometheus component. By default, no additional Alertmanager instances are configured.", + "type": "array", + "items": { + "default": {}, + "$ref": "#/definitions/com.github.openshift.api.config.v1alpha1.AdditionalAlertmanagerConfig" + }, + "x-kubernetes-list-type": "atomic" + }, + "collectionProfile": { + "description": "collectionProfile defines the metrics collection profile that Prometheus uses to collect metrics from the platform components. Supported values are `full` or `minimal`. In the `full` profile (default), Prometheus collects all metrics that are exposed by the platform components. In the `minimal` profile, Prometheus only collects metrics necessary for the default platform alerts, recording rules, telemetry and console dashboards.", + "type": "string" + }, + "enforcedBodySizeLimit": { + "description": "enforcedBodySizeLimit enforces a body size limit for Prometheus scraped metrics. If a scraped target's body response is larger than the limit, the scrape will fail. The following values are valid: an empty value to specify no limit, a numeric value in Prometheus size format (such as `64MB`), or the string `automatic`, which indicates that the limit will be automatically calculated based on cluster capacity. The default value is empty, which indicates no limit.", + "type": "string" + }, + "externalLabels": { + "description": "externalLabels defines labels to be added to any time series or alerts when communicating with external systems such as federation, remote storage, and Alertmanager. By default, no labels are added.", + "default": {}, + "$ref": "#/definitions/com.github.openshift.api.config.v1alpha1.ExternalLabels" + }, + "logLevel": { + "description": "logLevel defines the verbosity of logs emitted by Prometheus. This field allows users to control the amount and severity of logs generated, which can be useful for debugging issues or reducing noise in production environments. Allowed values are Error, Warn, Info, and Debug. When set to Error, only errors will be logged. When set to Warn, both warnings and errors will be logged. When set to Info, general information, warnings, and errors will all be logged. When set to Debug, detailed debugging information will be logged. When omitted, this means no opinion and the platform is left to choose a reasonable default, that is subject to change over time. The current default value is `Info`.", + "type": "string" + }, + "nodeSelector": { + "description": "nodeSelector defines the nodes on which the Pods are scheduled nodeSelector is optional.\n\nWhen omitted, this means the user has no opinion and the platform is left to choose reasonable defaults. These defaults are subject to change over time. The current default value is `kubernetes.io/os: linux`.", + "type": "object", + "additionalProperties": { + "type": "string", + "default": "" + } + }, + "queryLogFile": { + "description": "queryLogFile specifies the file to which PromQL queries are logged. This setting can be either a filename, in which case the queries are saved to an `emptyDir` volume at `/var/log/prometheus`, or a full path to a location where an `emptyDir` volume will be mounted and the queries saved. Writing to `/dev/stderr`, `/dev/stdout` or `/dev/null` is supported, but writing to any other `/dev/` path is not supported. Relative paths are also not supported. By default, PromQL queries are not logged.", + "type": "string" + }, + "remoteWrite": { + "description": "remoteWrite defines the remote write configuration, including URL, authentication, and relabeling settings.", + "type": "array", + "items": { + "default": {}, + "$ref": "#/definitions/com.github.openshift.api.config.v1alpha1.RemoteWriteSpec" + }, + "x-kubernetes-list-type": "atomic" + }, + "resources": { + "description": "resources defines the compute resource requests and limits for the Prometheus container. This includes CPU, memory and HugePages constraints to help control scheduling and resource usage. When not specified, defaults are used by the platform. Requests cannot exceed limits. This field is optional. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ This is a simplified API that maps to Kubernetes ResourceRequirements. The current default values are:\n resources:\n - name: cpu\n request: 4m\n limit: null\n - name: memory\n request: 40Mi\n limit: null\nMaximum length for this list is 10. Minimum length for this list is 1.", + "type": "array", + "items": { + "default": {}, + "$ref": "#/definitions/com.github.openshift.api.config.v1alpha1.ContainerResource" + }, + "x-kubernetes-list-map-keys": [ + "name" + ], + "x-kubernetes-list-type": "map" + }, + "retention": { + "description": "retention defines the duration for which Prometheus retains data. This definition must be specified using the following regular expression pattern: `[0-9]+(ms|s|m|h|d|w|y)` (ms = milliseconds, s= seconds,m = minutes, h = hours, d = days, w = weeks, y = years). The default value is `15d`.", + "type": "string" + }, + "retentionSize": { + "description": "retentionSize defines the maximum amount of disk space used by data blocks plus the write-ahead log (WAL). Supported values are `B`, `KB`, `KiB`, `MB`, `MiB`, `GB`, `GiB`, `TB`, `TiB`, `PB`, `PiB`, `EB`, and `EiB`. By default, no limit is defined.", + "type": "string" + }, + "tolerations": { + "description": "tolerations defines tolerations for the pods. tolerations is optional.\n\nWhen omitted, this means the user has no opinion and the platform is left to choose reasonable defaults. These defaults are subject to change over time. Defaults are empty/unset. Maximum length for this list is 10 Minimum length for this list is 1", + "type": "array", + "items": { + "default": {}, + "$ref": "#/definitions/io.k8s.api.core.v1.Toleration" + }, + "x-kubernetes-list-type": "atomic" + }, + "topologySpreadConstraints": { + "description": "topologySpreadConstraints defines rules for how Prometheus Pods should be distributed across topology domains such as zones, nodes, or other user-defined labels. topologySpreadConstraints is optional. This helps improve high availability and resource efficiency by avoiding placing too many replicas in the same failure domain.\n\nWhen omitted, this means no opinion and the platform is left to choose a default, which is subject to change over time. This field maps directly to the `topologySpreadConstraints` field in the Pod spec. Default is empty list. Maximum length for this list is 10. Minimum length for this list is 1 Entries must have unique topologyKey and whenUnsatisfiable pairs.", + "type": "array", + "items": { + "default": {}, + "$ref": "#/definitions/io.k8s.api.core.v1.TopologySpreadConstraint" + }, + "x-kubernetes-list-map-keys": [ + "topologyKey", + "whenUnsatisfiable" + ], + "x-kubernetes-list-type": "map" + }, + "volumeClaimTemplate": { + "description": "volumeClaimTemplate Defines persistent storage for Prometheus. Use this setting to configure the persistent volume claim, including storage class, volume size, and name. If omitted, the Pod uses ephemeral storage and Prometheus data will not persist across restarts. This field is optional.", + "$ref": "#/definitions/io.k8s.api.core.v1.PersistentVolumeClaim" + } + } + }, "com.github.openshift.api.config.v1alpha1.PublicKey": { "description": "PublicKey defines the root of trust based on a sigstore public key.", "type": "object", @@ -12448,6 +12611,71 @@ } } }, + "com.github.openshift.api.config.v1alpha1.RelabelConfig": { + "description": "RelabelConfig represents a relabeling rule.", + "type": "object", + "properties": { + "action": { + "description": "action is the action to perform.", + "type": "string" + }, + "regex": { + "description": "regex is the regular expression to match against the concatenated source label values.", + "type": "string" + }, + "replacement": { + "description": "replacement is the replacement value for the target label.", + "type": "string" + }, + "separator": { + "description": "separator is the separator used to join source label values.", + "type": "string" + }, + "sourceLabels": { + "description": "sourceLabels is a list of source label names.", + "type": "array", + "items": { + "type": "string", + "default": "" + }, + "x-kubernetes-list-type": "set" + }, + "targetLabel": { + "description": "targetLabel is the target label name.", + "type": "string" + } + } + }, + "com.github.openshift.api.config.v1alpha1.RemoteWriteSpec": { + "description": "RemoteWriteSpec represents configuration for remote write endpoints.", + "type": "object", + "required": [ + "url" + ], + "properties": { + "name": { + "description": "name is the name of the remote write configuration.", + "type": "string" + }, + "remoteTimeout": { + "description": "remoteTimeout is the timeout for requests to the remote write endpoint.", + "type": "string" + }, + "url": { + "description": "url is the URL of the remote write endpoint.", + "type": "string" + }, + "writeRelabelConfigs": { + "description": "writeRelabelConfigs is a list of relabeling rules to apply before sending data to the remote endpoint.", + "type": "array", + "items": { + "default": {}, + "$ref": "#/definitions/com.github.openshift.api.config.v1alpha1.RelabelConfig" + }, + "x-kubernetes-list-type": "atomic" + } + } + }, "com.github.openshift.api.config.v1alpha1.RetentionNumberConfig": { "description": "RetentionNumberConfig specifies the configuration of the retention policy on the number of backups", "type": "object", @@ -12531,6 +12759,32 @@ } } }, + "com.github.openshift.api.config.v1alpha1.TLSConfig": { + "description": "TLSConfig represents TLS configuration for Alertmanager connections.", + "type": "object", + "properties": { + "ca": { + "description": "ca is the CA certificate to use for TLS connections.", + "$ref": "#/definitions/io.k8s.api.core.v1.SecretKeySelector" + }, + "cert": { + "description": "cert is the client certificate to use for TLS connections.", + "$ref": "#/definitions/io.k8s.api.core.v1.SecretKeySelector" + }, + "insecureSkipVerify": { + "description": "insecureSkipVerify determines whether to skip TLS certificate verification.", + "type": "string" + }, + "key": { + "description": "key is the client key to use for TLS connections.", + "$ref": "#/definitions/io.k8s.api.core.v1.SecretKeySelector" + }, + "serverName": { + "description": "serverName is the server name to use for TLS connections.", + "type": "string" + } + } + }, "com.github.openshift.api.config.v1alpha1.UserDefinedMonitoring": { "description": "UserDefinedMonitoring config for user-defined projects.", "type": "object", diff --git a/payload-manifests/crds/0000_10_config-operator_01_clustermonitoring-CustomNoUpgrade.crd.yaml b/payload-manifests/crds/0000_10_config-operator_01_clustermonitoring-CustomNoUpgrade.crd.yaml index cdc019885b4..84bf6fa9f0f 100644 --- a/payload-manifests/crds/0000_10_config-operator_01_clustermonitoring-CustomNoUpgrade.crd.yaml +++ b/payload-manifests/crds/0000_10_config-operator_01_clustermonitoring-CustomNoUpgrade.crd.yaml @@ -1288,6 +1288,1085 @@ spec: - TraceAll type: string type: object + prometheusK8sConfig: + description: |- + prometheusK8sConfig provides configuration options for the Prometheus instance + Prometheus deployment, pod scheduling, resource allocation, retention policies, and external integrations. + prometheusK8sConfig is optional. + When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time. + minProperties: 1 + properties: + additionalAlertmanagerConfigs: + description: |- + additionalAlertmanagerConfigs configures additional Alertmanager instances that receive alerts from + the Prometheus component. By default, no additional Alertmanager instances are configured. + items: + description: |- + AdditionalAlertmanagerConfig represents configuration for additional Alertmanager instances. + The `AdditionalAlertmanagerConfig` resource defines settings for how a + component communicates with additional Alertmanager instances. + properties: + apiVersion: + description: |- + apiVersion defines the API version of Alertmanager. + `v1` is no longer supported, `v2` is set as the default value. + maxLength: 10 + type: string + bearerToken: + description: |- + bearerToken defines the secret key reference containing the bearer token + to use when authenticating to Alertmanager. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + pathPrefix: + description: pathPrefix defines the path prefix to add in + front of the push endpoint path. + maxLength: 255 + type: string + scheme: + description: |- + scheme defines the URL scheme to use when communicating with Alertmanager + instances. + Possible values are `http` or `https`. The default value is `http`. + maxLength: 10 + type: string + staticConfigs: + description: |- + staticConfigs is a list of statically configured Alertmanager endpoints in the form + of `:`. + items: + maxLength: 255 + type: string + maxItems: 10 + type: array + x-kubernetes-list-type: set + timeout: + description: timeout defines the timeout value used when + sending alerts. + maxLength: 20 + type: string + tlsConfig: + description: tlsConfig defines the TLS settings to use for + Alertmanager connections. + properties: + ca: + description: ca is the CA certificate to use for TLS + connections. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key + must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + cert: + description: cert is the client certificate to use for + TLS connections. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key + must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + insecureSkipVerify: + description: insecureSkipVerify determines whether to + skip TLS certificate verification. + enum: + - true + - false + type: string + key: + description: key is the client key to use for TLS connections. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key + must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + serverName: + description: serverName is the server name to use for + TLS connections. + maxLength: 253 + type: string + type: object + required: + - apiVersion + type: object + maxItems: 10 + type: array + x-kubernetes-list-type: atomic + collectionProfile: + description: |- + collectionProfile defines the metrics collection profile that Prometheus uses to collect + metrics from the platform components. Supported values are `full` or + `minimal`. In the `full` profile (default), Prometheus collects all + metrics that are exposed by the platform components. In the `minimal` + profile, Prometheus only collects metrics necessary for the default + platform alerts, recording rules, telemetry and console dashboards. + enum: + - full + - minimal + type: string + enforcedBodySizeLimit: + description: |- + enforcedBodySizeLimit enforces a body size limit for Prometheus scraped metrics. If a scraped + target's body response is larger than the limit, the scrape will fail. + The following values are valid: + an empty value to specify no limit, + a numeric value in Prometheus size format (such as `64MB`), or + the string `automatic`, which indicates that the limit will be + automatically calculated based on cluster capacity. + The default value is empty, which indicates no limit. + maxLength: 50 + type: string + externalLabels: + description: |- + externalLabels defines labels to be added to any time series or alerts when + communicating with external systems such as federation, remote storage, + and Alertmanager. By default, no labels are added. + properties: + labels: + additionalProperties: + type: string + description: labels is a map of label names to label values. + type: object + required: + - labels + type: object + logLevel: + description: |- + logLevel defines the verbosity of logs emitted by Prometheus. + This field allows users to control the amount and severity of logs generated, which can be useful + for debugging issues or reducing noise in production environments. + Allowed values are Error, Warn, Info, and Debug. + When set to Error, only errors will be logged. + When set to Warn, both warnings and errors will be logged. + When set to Info, general information, warnings, and errors will all be logged. + When set to Debug, detailed debugging information will be logged. + When omitted, this means no opinion and the platform is left to choose a reasonable default, that is subject to change over time. + The current default value is `Info`. + maxLength: 10 + type: string + nodeSelector: + additionalProperties: + type: string + description: |- + nodeSelector defines the nodes on which the Pods are scheduled + nodeSelector is optional. + + When omitted, this means the user has no opinion and the platform is left + to choose reasonable defaults. These defaults are subject to change over time. + The current default value is `kubernetes.io/os: linux`. + maxProperties: 10 + minProperties: 1 + type: object + queryLogFile: + description: |- + queryLogFile specifies the file to which PromQL queries are logged. + This setting can be either a filename, in which + case the queries are saved to an `emptyDir` volume + at `/var/log/prometheus`, or a full path to a location where + an `emptyDir` volume will be mounted and the queries saved. + Writing to `/dev/stderr`, `/dev/stdout` or `/dev/null` is supported, but + writing to any other `/dev/` path is not supported. Relative paths are + also not supported. + By default, PromQL queries are not logged. + maxLength: 255 + type: string + remoteWrite: + description: |- + remoteWrite defines the remote write configuration, including URL, authentication, + and relabeling settings. + items: + description: RemoteWriteSpec represents configuration for remote + write endpoints. + properties: + name: + description: name is the name of the remote write configuration. + maxLength: 63 + type: string + remoteTimeout: + description: remoteTimeout is the timeout for requests to + the remote write endpoint. + maxLength: 20 + type: string + url: + description: url is the URL of the remote write endpoint. + maxLength: 2048 + type: string + writeRelabelConfigs: + description: writeRelabelConfigs is a list of relabeling + rules to apply before sending data to the remote endpoint. + items: + description: RelabelConfig represents a relabeling rule. + properties: + action: + description: action is the action to perform. + maxLength: 20 + type: string + regex: + description: regex is the regular expression to match + against the concatenated source label values. + maxLength: 1000 + type: string + replacement: + description: replacement is the replacement value + for the target label. + maxLength: 255 + type: string + separator: + description: separator is the separator used to join + source label values. + maxLength: 10 + type: string + sourceLabels: + description: sourceLabels is a list of source label + names. + items: + maxLength: 63 + type: string + maxItems: 10 + type: array + x-kubernetes-list-type: set + targetLabel: + description: targetLabel is the target label name. + maxLength: 63 + type: string + type: object + maxItems: 10 + type: array + x-kubernetes-list-type: atomic + required: + - url + type: object + maxItems: 10 + type: array + x-kubernetes-list-type: atomic + resources: + description: |- + resources defines the compute resource requests and limits for the Prometheus container. + This includes CPU, memory and HugePages constraints to help control scheduling and resource usage. + When not specified, defaults are used by the platform. Requests cannot exceed limits. + This field is optional. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + This is a simplified API that maps to Kubernetes ResourceRequirements. + The current default values are: + resources: + - name: cpu + request: 4m + limit: null + - name: memory + request: 40Mi + limit: null + Maximum length for this list is 10. + Minimum length for this list is 1. + items: + description: ContainerResource defines a single resource requirement + for a container. + properties: + limit: + anyOf: + - type: integer + - type: string + description: |- + limit is the maximum amount of the resource allowed (e.g. "2Mi", "1Gi"). + This field is optional. + When request is specified, limit cannot be less than request. + The value must be greater than 0 when specified. + maxLength: 20 + minLength: 1 + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + x-kubernetes-validations: + - message: limit must be a positive, non-zero quantity + rule: isQuantity(self) && quantity(self).isGreaterThan(quantity('0')) + name: + description: |- + name of the resource (e.g. "cpu", "memory", "hugepages-2Mi"). + This field is required. + name must consist only of alphanumeric characters, `-`, `_` and `.` and must start and end with an alphanumeric character. + maxLength: 253 + minLength: 1 + type: string + x-kubernetes-validations: + - message: name must consist only of alphanumeric characters, + `-`, `_` and `.` and must start and end with an alphanumeric + character + rule: '!format.qualifiedName().validate(self).hasValue()' + request: + anyOf: + - type: integer + - type: string + description: |- + request is the minimum amount of the resource required (e.g. "2Mi", "1Gi"). + This field is optional. + When limit is specified, request cannot be greater than limit. + maxLength: 20 + minLength: 1 + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + x-kubernetes-validations: + - message: request must be a positive, non-zero quantity + rule: isQuantity(self) && quantity(self).isGreaterThan(quantity('0')) + required: + - name + type: object + x-kubernetes-validations: + - message: at least one of request or limit must be set + rule: has(self.request) || has(self.limit) + - message: limit must be greater than or equal to request + rule: '!(has(self.request) && has(self.limit)) || quantity(self.limit).compareTo(quantity(self.request)) + >= 0' + maxItems: 10 + minItems: 1 + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + retention: + description: |- + retention defines the duration for which Prometheus retains data. + This definition must be specified using the following regular + expression pattern: `[0-9]+(ms|s|m|h|d|w|y)` (ms = milliseconds, + s= seconds,m = minutes, h = hours, d = days, w = weeks, y = years). + The default value is `15d`. + maxLength: 20 + type: string + retentionSize: + description: |- + retentionSize defines the maximum amount of disk space used by data blocks plus the + write-ahead log (WAL). + Supported values are `B`, `KB`, `KiB`, `MB`, `MiB`, `GB`, `GiB`, `TB`, + `TiB`, `PB`, `PiB`, `EB`, and `EiB`. + By default, no limit is defined. + maxLength: 20 + type: string + tolerations: + description: |- + tolerations defines tolerations for the pods. + tolerations is optional. + + When omitted, this means the user has no opinion and the platform is left + to choose reasonable defaults. These defaults are subject to change over time. + Defaults are empty/unset. + Maximum length for this list is 10 + Minimum length for this list is 1 + items: + description: |- + The pod this Toleration is attached to tolerates any taint that matches + the triple using the matching operator . + properties: + effect: + description: |- + Effect indicates the taint effect to match. Empty means match all taint effects. + When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute. + type: string + key: + description: |- + Key is the taint key that the toleration applies to. Empty means match all taint keys. + If the key is empty, operator must be Exists; this combination means to match all values and all keys. + type: string + operator: + description: |- + Operator represents a key's relationship to the value. + Valid operators are Exists and Equal. Defaults to Equal. + Exists is equivalent to wildcard for value, so that a pod can + tolerate all taints of a particular category. + type: string + tolerationSeconds: + description: |- + TolerationSeconds represents the period of time the toleration (which must be + of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, + it is not set, which means tolerate the taint forever (do not evict). Zero and + negative values will be treated as 0 (evict immediately) by the system. + format: int64 + type: integer + value: + description: |- + Value is the taint value the toleration matches to. + If the operator is Exists, the value should be empty, otherwise just a regular string. + type: string + type: object + maxItems: 10 + minItems: 1 + type: array + x-kubernetes-list-type: atomic + topologySpreadConstraints: + description: |- + topologySpreadConstraints defines rules for how Prometheus Pods should be distributed + across topology domains such as zones, nodes, or other user-defined labels. + topologySpreadConstraints is optional. + This helps improve high availability and resource efficiency by avoiding placing + too many replicas in the same failure domain. + + When omitted, this means no opinion and the platform is left to choose a default, which is subject to change over time. + This field maps directly to the `topologySpreadConstraints` field in the Pod spec. + Default is empty list. + Maximum length for this list is 10. + Minimum length for this list is 1 + Entries must have unique topologyKey and whenUnsatisfiable pairs. + items: + description: TopologySpreadConstraint specifies how to spread + matching pods among the given topology. + properties: + labelSelector: + description: |- + LabelSelector is used to find matching pods. + Pods that match this label selector are counted to determine the number of pods + in their corresponding topology domain. + properties: + matchExpressions: + description: matchExpressions is a list of label selector + requirements. The requirements are ANDed. + items: + description: |- + A label selector requirement is a selector that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: key is the label key that the selector + applies to. + type: string + operator: + description: |- + operator represents a key's relationship to a set of values. + Valid operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: |- + values is an array of string values. If the operator is In or NotIn, + the values array must be non-empty. If the operator is Exists or DoesNotExist, + the values array must be empty. This array is replaced during a strategic + merge patch. + items: + type: string + type: array + x-kubernetes-list-type: atomic + required: + - key + - operator + type: object + type: array + x-kubernetes-list-type: atomic + matchLabels: + additionalProperties: + type: string + description: |- + matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, whose key field is "key", the + operator is "In", and the values array contains only "value". The requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + matchLabelKeys: + description: |- + MatchLabelKeys is a set of pod label keys to select the pods over which + spreading will be calculated. The keys are used to lookup values from the + incoming pod labels, those key-value labels are ANDed with labelSelector + to select the group of existing pods over which spreading will be calculated + for the incoming pod. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. + MatchLabelKeys cannot be set when LabelSelector isn't set. + Keys that don't exist in the incoming pod labels will + be ignored. A null or empty list means only match against labelSelector. + + This is a beta field and requires the MatchLabelKeysInPodTopologySpread feature gate to be enabled (enabled by default). + items: + type: string + type: array + x-kubernetes-list-type: atomic + maxSkew: + description: |- + MaxSkew describes the degree to which pods may be unevenly distributed. + When `whenUnsatisfiable=DoNotSchedule`, it is the maximum permitted difference + between the number of matching pods in the target topology and the global minimum. + The global minimum is the minimum number of matching pods in an eligible domain + or zero if the number of eligible domains is less than MinDomains. + For example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same + labelSelector spread as 2/2/1: + In this case, the global minimum is 1. + | zone1 | zone2 | zone3 | + | P P | P P | P | + - if MaxSkew is 1, incoming pod can only be scheduled to zone3 to become 2/2/2; + scheduling it onto zone1(zone2) would make the ActualSkew(3-1) on zone1(zone2) + violate MaxSkew(1). + - if MaxSkew is 2, incoming pod can be scheduled onto any zone. + When `whenUnsatisfiable=ScheduleAnyway`, it is used to give higher precedence + to topologies that satisfy it. + It's a required field. Default value is 1 and 0 is not allowed. + format: int32 + type: integer + minDomains: + description: |- + MinDomains indicates a minimum number of eligible domains. + When the number of eligible domains with matching topology keys is less than minDomains, + Pod Topology Spread treats "global minimum" as 0, and then the calculation of Skew is performed. + And when the number of eligible domains with matching topology keys equals or greater than minDomains, + this value has no effect on scheduling. + As a result, when the number of eligible domains is less than minDomains, + scheduler won't schedule more than maxSkew Pods to those domains. + If value is nil, the constraint behaves as if MinDomains is equal to 1. + Valid values are integers greater than 0. + When value is not nil, WhenUnsatisfiable must be DoNotSchedule. + + For example, in a 3-zone cluster, MaxSkew is set to 2, MinDomains is set to 5 and pods with the same + labelSelector spread as 2/2/2: + | zone1 | zone2 | zone3 | + | P P | P P | P P | + The number of domains is less than 5(MinDomains), so "global minimum" is treated as 0. + In this situation, new pod with the same labelSelector cannot be scheduled, + because computed skew will be 3(3 - 0) if new Pod is scheduled to any of the three zones, + it will violate MaxSkew. + format: int32 + type: integer + nodeAffinityPolicy: + description: |- + NodeAffinityPolicy indicates how we will treat Pod's nodeAffinity/nodeSelector + when calculating pod topology spread skew. Options are: + - Honor: only nodes matching nodeAffinity/nodeSelector are included in the calculations. + - Ignore: nodeAffinity/nodeSelector are ignored. All nodes are included in the calculations. + + If this value is nil, the behavior is equivalent to the Honor policy. + type: string + nodeTaintsPolicy: + description: |- + NodeTaintsPolicy indicates how we will treat node taints when calculating + pod topology spread skew. Options are: + - Honor: nodes without taints, along with tainted nodes for which the incoming pod + has a toleration, are included. + - Ignore: node taints are ignored. All nodes are included. + + If this value is nil, the behavior is equivalent to the Ignore policy. + type: string + topologyKey: + description: |- + TopologyKey is the key of node labels. Nodes that have a label with this key + and identical values are considered to be in the same topology. + We consider each as a "bucket", and try to put balanced number + of pods into each bucket. + We define a domain as a particular instance of a topology. + Also, we define an eligible domain as a domain whose nodes meet the requirements of + nodeAffinityPolicy and nodeTaintsPolicy. + e.g. If TopologyKey is "kubernetes.io/hostname", each Node is a domain of that topology. + And, if TopologyKey is "topology.kubernetes.io/zone", each zone is a domain of that topology. + It's a required field. + type: string + whenUnsatisfiable: + description: |- + WhenUnsatisfiable indicates how to deal with a pod if it doesn't satisfy + the spread constraint. + - DoNotSchedule (default) tells the scheduler not to schedule it. + - ScheduleAnyway tells the scheduler to schedule the pod in any location, + but giving higher precedence to topologies that would help reduce the + skew. + A constraint is considered "Unsatisfiable" for an incoming pod + if and only if every possible node assignment for that pod would violate + "MaxSkew" on some topology. + For example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same + labelSelector spread as 3/1/1: + | zone1 | zone2 | zone3 | + | P P P | P | P | + If WhenUnsatisfiable is set to DoNotSchedule, incoming pod can only be scheduled + to zone2(zone3) to become 3/2/1(3/1/2) as ActualSkew(2-1) on zone2(zone3) satisfies + MaxSkew(1). In other words, the cluster can still be imbalanced, but scheduler + won't make it *more* imbalanced. + It's a required field. + type: string + required: + - maxSkew + - topologyKey + - whenUnsatisfiable + type: object + maxItems: 10 + minItems: 1 + type: array + x-kubernetes-list-map-keys: + - topologyKey + - whenUnsatisfiable + x-kubernetes-list-type: map + volumeClaimTemplate: + description: |- + volumeClaimTemplate Defines persistent storage for Prometheus. Use this setting to + configure the persistent volume claim, including storage class, volume + size, and name. + If omitted, the Pod uses ephemeral storage and Prometheus data will not persist + across restarts. + This field is optional. + properties: + apiVersion: + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + type: string + kind: + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + type: string + metadata: + description: |- + Standard object's metadata. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata + type: object + spec: + description: |- + spec defines the desired characteristics of a volume requested by a pod author. + More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims + properties: + accessModes: + description: |- + accessModes contains the desired access modes the volume should have. + More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1 + items: + type: string + type: array + x-kubernetes-list-type: atomic + dataSource: + description: |- + dataSource field can be used to specify either: + * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot) + * An existing PVC (PersistentVolumeClaim) + If the provisioner or an external controller can support the specified data source, + it will create a new volume based on the contents of the specified data source. + When the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef, + and dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified. + If the namespace is specified, then dataSourceRef will not be copied to dataSource. + properties: + apiGroup: + description: |- + APIGroup is the group for the resource being referenced. + If APIGroup is not specified, the specified Kind must be in the core API group. + For any other third-party types, APIGroup is required. + type: string + kind: + description: Kind is the type of resource being referenced + type: string + name: + description: Name is the name of resource being referenced + type: string + required: + - kind + - name + type: object + x-kubernetes-map-type: atomic + dataSourceRef: + description: |- + dataSourceRef specifies the object from which to populate the volume with data, if a non-empty + volume is desired. This may be any object from a non-empty API group (non + core object) or a PersistentVolumeClaim object. + When this field is specified, volume binding will only succeed if the type of + the specified object matches some installed volume populator or dynamic + provisioner. + This field will replace the functionality of the dataSource field and as such + if both fields are non-empty, they must have the same value. For backwards + compatibility, when namespace isn't specified in dataSourceRef, + both fields (dataSource and dataSourceRef) will be set to the same + value automatically if one of them is empty and the other is non-empty. + When namespace is specified in dataSourceRef, + dataSource isn't set to the same value and must be empty. + There are three important differences between dataSource and dataSourceRef: + * While dataSource only allows two specific types of objects, dataSourceRef + allows any non-core object, as well as PersistentVolumeClaim objects. + * While dataSource ignores disallowed values (dropping them), dataSourceRef + preserves all values, and generates an error if a disallowed value is + specified. + * While dataSource only allows local objects, dataSourceRef allows objects + in any namespaces. + (Beta) Using this field requires the AnyVolumeDataSource feature gate to be enabled. + (Alpha) Using the namespace field of dataSourceRef requires the CrossNamespaceVolumeDataSource feature gate to be enabled. + properties: + apiGroup: + description: |- + APIGroup is the group for the resource being referenced. + If APIGroup is not specified, the specified Kind must be in the core API group. + For any other third-party types, APIGroup is required. + type: string + kind: + description: Kind is the type of resource being referenced + type: string + name: + description: Name is the name of resource being referenced + type: string + namespace: + description: |- + Namespace is the namespace of resource being referenced + Note that when a namespace is specified, a gateway.networking.k8s.io/ReferenceGrant object is required in the referent namespace to allow that namespace's owner to accept the reference. See the ReferenceGrant documentation for details. + (Alpha) This field requires the CrossNamespaceVolumeDataSource feature gate to be enabled. + type: string + required: + - kind + - name + type: object + resources: + description: |- + resources represents the minimum resources the volume should have. + If RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements + that are lower than previous value but must still be higher than capacity recorded in the + status field of the claim. + More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources + properties: + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: |- + Limits describes the maximum amount of compute resources allowed. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: |- + Requests describes the minimum amount of compute resources required. + If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, + otherwise to an implementation-defined value. Requests cannot exceed Limits. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + type: object + type: object + selector: + description: selector is a label query over volumes to + consider for binding. + properties: + matchExpressions: + description: matchExpressions is a list of label selector + requirements. The requirements are ANDed. + items: + description: |- + A label selector requirement is a selector that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: key is the label key that the selector + applies to. + type: string + operator: + description: |- + operator represents a key's relationship to a set of values. + Valid operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: |- + values is an array of string values. If the operator is In or NotIn, + the values array must be non-empty. If the operator is Exists or DoesNotExist, + the values array must be empty. This array is replaced during a strategic + merge patch. + items: + type: string + type: array + x-kubernetes-list-type: atomic + required: + - key + - operator + type: object + type: array + x-kubernetes-list-type: atomic + matchLabels: + additionalProperties: + type: string + description: |- + matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, whose key field is "key", the + operator is "In", and the values array contains only "value". The requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + storageClassName: + description: |- + storageClassName is the name of the StorageClass required by the claim. + More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1 + type: string + volumeAttributesClassName: + description: |- + volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim. + If specified, the CSI driver will create or update the volume with the attributes defined + in the corresponding VolumeAttributesClass. This has a different purpose than storageClassName, + it can be changed after the claim is created. An empty string value means that no VolumeAttributesClass + will be applied to the claim but it's not allowed to reset this field to empty string once it is set. + If unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass + will be set by the persistentvolume controller if it exists. + If the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be + set to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource + exists. + More info: https://kubernetes.io/docs/concepts/storage/volume-attributes-classes/ + (Beta) Using this field requires the VolumeAttributesClass feature gate to be enabled (off by default). + type: string + volumeMode: + description: |- + volumeMode defines what type of volume is required by the claim. + Value of Filesystem is implied when not included in claim spec. + type: string + volumeName: + description: volumeName is the binding reference to the + PersistentVolume backing this claim. + type: string + type: object + status: + description: |- + status represents the current information/status of a persistent volume claim. + Read-only. + More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims + properties: + accessModes: + description: |- + accessModes contains the actual access modes the volume backing the PVC has. + More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1 + items: + type: string + type: array + x-kubernetes-list-type: atomic + allocatedResourceStatuses: + additionalProperties: + description: |- + When a controller receives persistentvolume claim update with ClaimResourceStatus for a resource + that it does not recognizes, then it should ignore that update and let other controllers + handle it. + type: string + description: "allocatedResourceStatuses stores status + of resource being resized for the given PVC.\nKey names + follow standard Kubernetes label syntax. Valid values + are either:\n\t* Un-prefixed keys:\n\t\t- storage - + the capacity of the volume.\n\t* Custom resources must + use implementation-defined prefixed names such as \"example.com/my-custom-resource\"\nApart + from above values - keys that are unprefixed or have + kubernetes.io prefix are considered\nreserved and hence + may not be used.\n\nClaimResourceStatus can be in any + of following states:\n\t- ControllerResizeInProgress:\n\t\tState + set when resize controller starts resizing the volume + in control-plane.\n\t- ControllerResizeFailed:\n\t\tState + set when resize has failed in resize controller with + a terminal error.\n\t- NodeResizePending:\n\t\tState + set when resize controller has finished resizing the + volume but further resizing of\n\t\tvolume is needed + on the node.\n\t- NodeResizeInProgress:\n\t\tState set + when kubelet starts resizing the volume.\n\t- NodeResizeFailed:\n\t\tState + set when resizing has failed in kubelet with a terminal + error. Transient errors don't set\n\t\tNodeResizeFailed.\nFor + example: if expanding a PVC for more capacity - this + field can be one of the following states:\n\t- pvc.status.allocatedResourceStatus['storage'] + = \"ControllerResizeInProgress\"\n - pvc.status.allocatedResourceStatus['storage'] + = \"ControllerResizeFailed\"\n - pvc.status.allocatedResourceStatus['storage'] + = \"NodeResizePending\"\n - pvc.status.allocatedResourceStatus['storage'] + = \"NodeResizeInProgress\"\n - pvc.status.allocatedResourceStatus['storage'] + = \"NodeResizeFailed\"\nWhen this field is not set, + it means that no resize operation is in progress for + the given PVC.\n\nA controller that receives PVC update + with previously unknown resourceName or ClaimResourceStatus\nshould + ignore the update for the purpose it was designed. For + example - a controller that\nonly is responsible for + resizing capacity of the volume, should ignore PVC updates + that change other valid\nresources associated with PVC.\n\nThis + is an alpha field and requires enabling RecoverVolumeExpansionFailure + feature." + type: object + x-kubernetes-map-type: granular + allocatedResources: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: "allocatedResources tracks the resources + allocated to a PVC including its capacity.\nKey names + follow standard Kubernetes label syntax. Valid values + are either:\n\t* Un-prefixed keys:\n\t\t- storage - + the capacity of the volume.\n\t* Custom resources must + use implementation-defined prefixed names such as \"example.com/my-custom-resource\"\nApart + from above values - keys that are unprefixed or have + kubernetes.io prefix are considered\nreserved and hence + may not be used.\n\nCapacity reported here may be larger + than the actual capacity when a volume expansion operation\nis + requested.\nFor storage quota, the larger value from + allocatedResources and PVC.spec.resources is used.\nIf + allocatedResources is not set, PVC.spec.resources alone + is used for quota calculation.\nIf a volume expansion + capacity request is lowered, allocatedResources is only\nlowered + if there are no expansion operations in progress and + if the actual volume capacity\nis equal or lower than + the requested capacity.\n\nA controller that receives + PVC update with previously unknown resourceName\nshould + ignore the update for the purpose it was designed. For + example - a controller that\nonly is responsible for + resizing capacity of the volume, should ignore PVC updates + that change other valid\nresources associated with PVC.\n\nThis + is an alpha field and requires enabling RecoverVolumeExpansionFailure + feature." + type: object + capacity: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: capacity represents the actual resources + of the underlying volume. + type: object + conditions: + description: |- + conditions is the current Condition of persistent volume claim. If underlying persistent volume is being + resized then the Condition will be set to 'Resizing'. + items: + description: PersistentVolumeClaimCondition contains + details about state of pvc + properties: + lastProbeTime: + description: lastProbeTime is the time we probed + the condition. + format: date-time + type: string + lastTransitionTime: + description: lastTransitionTime is the time the + condition transitioned from one status to another. + format: date-time + type: string + message: + description: message is the human-readable message + indicating details about last transition. + type: string + reason: + description: |- + reason is a unique, this should be a short, machine understandable string that gives the reason + for condition's last transition. If it reports "Resizing" that means the underlying + persistent volume is being resized. + type: string + status: + description: |- + Status is the status of the condition. + Can be True, False, Unknown. + More info: https://kubernetes.io/docs/reference/kubernetes-api/config-and-storage-resources/persistent-volume-claim-v1/#:~:text=state%20of%20pvc-,conditions.status,-(string)%2C%20required + type: string + type: + description: |- + Type is the type of the condition. + More info: https://kubernetes.io/docs/reference/kubernetes-api/config-and-storage-resources/persistent-volume-claim-v1/#:~:text=set%20to%20%27ResizeStarted%27.-,PersistentVolumeClaimCondition,-contains%20details%20about + type: string + required: + - status + - type + type: object + type: array + x-kubernetes-list-map-keys: + - type + x-kubernetes-list-type: map + currentVolumeAttributesClassName: + description: |- + currentVolumeAttributesClassName is the current name of the VolumeAttributesClass the PVC is using. + When unset, there is no VolumeAttributeClass applied to this PersistentVolumeClaim + This is a beta field and requires enabling VolumeAttributesClass feature (off by default). + type: string + modifyVolumeStatus: + description: |- + ModifyVolumeStatus represents the status object of ControllerModifyVolume operation. + When this is unset, there is no ModifyVolume operation being attempted. + This is a beta field and requires enabling VolumeAttributesClass feature (off by default). + properties: + status: + description: "status is the status of the ControllerModifyVolume + operation. It can be in any of following states:\n + - Pending\n Pending indicates that the PersistentVolumeClaim + cannot be modified due to unmet requirements, such + as\n the specified VolumeAttributesClass not existing.\n + - InProgress\n InProgress indicates that the volume + is being modified.\n - Infeasible\n Infeasible + indicates that the request has been rejected as + invalid by the CSI driver. To\n\t resolve the error, + a valid VolumeAttributesClass needs to be specified.\nNote: + New statuses can be added in the future. Consumers + should check for unknown statuses and fail appropriately." + type: string + targetVolumeAttributesClassName: + description: targetVolumeAttributesClassName is the + name of the VolumeAttributesClass the PVC currently + being reconciled + type: string + required: + - status + type: object + phase: + description: phase represents the current phase of PersistentVolumeClaim. + type: string + type: object + type: object + type: object userDefined: description: |- userDefined set the deployment mode for user-defined monitoring in addition to the default platform monitoring. diff --git a/payload-manifests/crds/0000_10_config-operator_01_clustermonitoring-DevPreviewNoUpgrade.crd.yaml b/payload-manifests/crds/0000_10_config-operator_01_clustermonitoring-DevPreviewNoUpgrade.crd.yaml index f79bea45d55..8b3f6f17bb1 100644 --- a/payload-manifests/crds/0000_10_config-operator_01_clustermonitoring-DevPreviewNoUpgrade.crd.yaml +++ b/payload-manifests/crds/0000_10_config-operator_01_clustermonitoring-DevPreviewNoUpgrade.crd.yaml @@ -1288,6 +1288,1085 @@ spec: - TraceAll type: string type: object + prometheusK8sConfig: + description: |- + prometheusK8sConfig provides configuration options for the Prometheus instance + Prometheus deployment, pod scheduling, resource allocation, retention policies, and external integrations. + prometheusK8sConfig is optional. + When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time. + minProperties: 1 + properties: + additionalAlertmanagerConfigs: + description: |- + additionalAlertmanagerConfigs configures additional Alertmanager instances that receive alerts from + the Prometheus component. By default, no additional Alertmanager instances are configured. + items: + description: |- + AdditionalAlertmanagerConfig represents configuration for additional Alertmanager instances. + The `AdditionalAlertmanagerConfig` resource defines settings for how a + component communicates with additional Alertmanager instances. + properties: + apiVersion: + description: |- + apiVersion defines the API version of Alertmanager. + `v1` is no longer supported, `v2` is set as the default value. + maxLength: 10 + type: string + bearerToken: + description: |- + bearerToken defines the secret key reference containing the bearer token + to use when authenticating to Alertmanager. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + pathPrefix: + description: pathPrefix defines the path prefix to add in + front of the push endpoint path. + maxLength: 255 + type: string + scheme: + description: |- + scheme defines the URL scheme to use when communicating with Alertmanager + instances. + Possible values are `http` or `https`. The default value is `http`. + maxLength: 10 + type: string + staticConfigs: + description: |- + staticConfigs is a list of statically configured Alertmanager endpoints in the form + of `:`. + items: + maxLength: 255 + type: string + maxItems: 10 + type: array + x-kubernetes-list-type: set + timeout: + description: timeout defines the timeout value used when + sending alerts. + maxLength: 20 + type: string + tlsConfig: + description: tlsConfig defines the TLS settings to use for + Alertmanager connections. + properties: + ca: + description: ca is the CA certificate to use for TLS + connections. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key + must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + cert: + description: cert is the client certificate to use for + TLS connections. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key + must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + insecureSkipVerify: + description: insecureSkipVerify determines whether to + skip TLS certificate verification. + enum: + - true + - false + type: string + key: + description: key is the client key to use for TLS connections. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key + must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + serverName: + description: serverName is the server name to use for + TLS connections. + maxLength: 253 + type: string + type: object + required: + - apiVersion + type: object + maxItems: 10 + type: array + x-kubernetes-list-type: atomic + collectionProfile: + description: |- + collectionProfile defines the metrics collection profile that Prometheus uses to collect + metrics from the platform components. Supported values are `full` or + `minimal`. In the `full` profile (default), Prometheus collects all + metrics that are exposed by the platform components. In the `minimal` + profile, Prometheus only collects metrics necessary for the default + platform alerts, recording rules, telemetry and console dashboards. + enum: + - full + - minimal + type: string + enforcedBodySizeLimit: + description: |- + enforcedBodySizeLimit enforces a body size limit for Prometheus scraped metrics. If a scraped + target's body response is larger than the limit, the scrape will fail. + The following values are valid: + an empty value to specify no limit, + a numeric value in Prometheus size format (such as `64MB`), or + the string `automatic`, which indicates that the limit will be + automatically calculated based on cluster capacity. + The default value is empty, which indicates no limit. + maxLength: 50 + type: string + externalLabels: + description: |- + externalLabels defines labels to be added to any time series or alerts when + communicating with external systems such as federation, remote storage, + and Alertmanager. By default, no labels are added. + properties: + labels: + additionalProperties: + type: string + description: labels is a map of label names to label values. + type: object + required: + - labels + type: object + logLevel: + description: |- + logLevel defines the verbosity of logs emitted by Prometheus. + This field allows users to control the amount and severity of logs generated, which can be useful + for debugging issues or reducing noise in production environments. + Allowed values are Error, Warn, Info, and Debug. + When set to Error, only errors will be logged. + When set to Warn, both warnings and errors will be logged. + When set to Info, general information, warnings, and errors will all be logged. + When set to Debug, detailed debugging information will be logged. + When omitted, this means no opinion and the platform is left to choose a reasonable default, that is subject to change over time. + The current default value is `Info`. + maxLength: 10 + type: string + nodeSelector: + additionalProperties: + type: string + description: |- + nodeSelector defines the nodes on which the Pods are scheduled + nodeSelector is optional. + + When omitted, this means the user has no opinion and the platform is left + to choose reasonable defaults. These defaults are subject to change over time. + The current default value is `kubernetes.io/os: linux`. + maxProperties: 10 + minProperties: 1 + type: object + queryLogFile: + description: |- + queryLogFile specifies the file to which PromQL queries are logged. + This setting can be either a filename, in which + case the queries are saved to an `emptyDir` volume + at `/var/log/prometheus`, or a full path to a location where + an `emptyDir` volume will be mounted and the queries saved. + Writing to `/dev/stderr`, `/dev/stdout` or `/dev/null` is supported, but + writing to any other `/dev/` path is not supported. Relative paths are + also not supported. + By default, PromQL queries are not logged. + maxLength: 255 + type: string + remoteWrite: + description: |- + remoteWrite defines the remote write configuration, including URL, authentication, + and relabeling settings. + items: + description: RemoteWriteSpec represents configuration for remote + write endpoints. + properties: + name: + description: name is the name of the remote write configuration. + maxLength: 63 + type: string + remoteTimeout: + description: remoteTimeout is the timeout for requests to + the remote write endpoint. + maxLength: 20 + type: string + url: + description: url is the URL of the remote write endpoint. + maxLength: 2048 + type: string + writeRelabelConfigs: + description: writeRelabelConfigs is a list of relabeling + rules to apply before sending data to the remote endpoint. + items: + description: RelabelConfig represents a relabeling rule. + properties: + action: + description: action is the action to perform. + maxLength: 20 + type: string + regex: + description: regex is the regular expression to match + against the concatenated source label values. + maxLength: 1000 + type: string + replacement: + description: replacement is the replacement value + for the target label. + maxLength: 255 + type: string + separator: + description: separator is the separator used to join + source label values. + maxLength: 10 + type: string + sourceLabels: + description: sourceLabels is a list of source label + names. + items: + maxLength: 63 + type: string + maxItems: 10 + type: array + x-kubernetes-list-type: set + targetLabel: + description: targetLabel is the target label name. + maxLength: 63 + type: string + type: object + maxItems: 10 + type: array + x-kubernetes-list-type: atomic + required: + - url + type: object + maxItems: 10 + type: array + x-kubernetes-list-type: atomic + resources: + description: |- + resources defines the compute resource requests and limits for the Prometheus container. + This includes CPU, memory and HugePages constraints to help control scheduling and resource usage. + When not specified, defaults are used by the platform. Requests cannot exceed limits. + This field is optional. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + This is a simplified API that maps to Kubernetes ResourceRequirements. + The current default values are: + resources: + - name: cpu + request: 4m + limit: null + - name: memory + request: 40Mi + limit: null + Maximum length for this list is 10. + Minimum length for this list is 1. + items: + description: ContainerResource defines a single resource requirement + for a container. + properties: + limit: + anyOf: + - type: integer + - type: string + description: |- + limit is the maximum amount of the resource allowed (e.g. "2Mi", "1Gi"). + This field is optional. + When request is specified, limit cannot be less than request. + The value must be greater than 0 when specified. + maxLength: 20 + minLength: 1 + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + x-kubernetes-validations: + - message: limit must be a positive, non-zero quantity + rule: isQuantity(self) && quantity(self).isGreaterThan(quantity('0')) + name: + description: |- + name of the resource (e.g. "cpu", "memory", "hugepages-2Mi"). + This field is required. + name must consist only of alphanumeric characters, `-`, `_` and `.` and must start and end with an alphanumeric character. + maxLength: 253 + minLength: 1 + type: string + x-kubernetes-validations: + - message: name must consist only of alphanumeric characters, + `-`, `_` and `.` and must start and end with an alphanumeric + character + rule: '!format.qualifiedName().validate(self).hasValue()' + request: + anyOf: + - type: integer + - type: string + description: |- + request is the minimum amount of the resource required (e.g. "2Mi", "1Gi"). + This field is optional. + When limit is specified, request cannot be greater than limit. + maxLength: 20 + minLength: 1 + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + x-kubernetes-validations: + - message: request must be a positive, non-zero quantity + rule: isQuantity(self) && quantity(self).isGreaterThan(quantity('0')) + required: + - name + type: object + x-kubernetes-validations: + - message: at least one of request or limit must be set + rule: has(self.request) || has(self.limit) + - message: limit must be greater than or equal to request + rule: '!(has(self.request) && has(self.limit)) || quantity(self.limit).compareTo(quantity(self.request)) + >= 0' + maxItems: 10 + minItems: 1 + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + retention: + description: |- + retention defines the duration for which Prometheus retains data. + This definition must be specified using the following regular + expression pattern: `[0-9]+(ms|s|m|h|d|w|y)` (ms = milliseconds, + s= seconds,m = minutes, h = hours, d = days, w = weeks, y = years). + The default value is `15d`. + maxLength: 20 + type: string + retentionSize: + description: |- + retentionSize defines the maximum amount of disk space used by data blocks plus the + write-ahead log (WAL). + Supported values are `B`, `KB`, `KiB`, `MB`, `MiB`, `GB`, `GiB`, `TB`, + `TiB`, `PB`, `PiB`, `EB`, and `EiB`. + By default, no limit is defined. + maxLength: 20 + type: string + tolerations: + description: |- + tolerations defines tolerations for the pods. + tolerations is optional. + + When omitted, this means the user has no opinion and the platform is left + to choose reasonable defaults. These defaults are subject to change over time. + Defaults are empty/unset. + Maximum length for this list is 10 + Minimum length for this list is 1 + items: + description: |- + The pod this Toleration is attached to tolerates any taint that matches + the triple using the matching operator . + properties: + effect: + description: |- + Effect indicates the taint effect to match. Empty means match all taint effects. + When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute. + type: string + key: + description: |- + Key is the taint key that the toleration applies to. Empty means match all taint keys. + If the key is empty, operator must be Exists; this combination means to match all values and all keys. + type: string + operator: + description: |- + Operator represents a key's relationship to the value. + Valid operators are Exists and Equal. Defaults to Equal. + Exists is equivalent to wildcard for value, so that a pod can + tolerate all taints of a particular category. + type: string + tolerationSeconds: + description: |- + TolerationSeconds represents the period of time the toleration (which must be + of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, + it is not set, which means tolerate the taint forever (do not evict). Zero and + negative values will be treated as 0 (evict immediately) by the system. + format: int64 + type: integer + value: + description: |- + Value is the taint value the toleration matches to. + If the operator is Exists, the value should be empty, otherwise just a regular string. + type: string + type: object + maxItems: 10 + minItems: 1 + type: array + x-kubernetes-list-type: atomic + topologySpreadConstraints: + description: |- + topologySpreadConstraints defines rules for how Prometheus Pods should be distributed + across topology domains such as zones, nodes, or other user-defined labels. + topologySpreadConstraints is optional. + This helps improve high availability and resource efficiency by avoiding placing + too many replicas in the same failure domain. + + When omitted, this means no opinion and the platform is left to choose a default, which is subject to change over time. + This field maps directly to the `topologySpreadConstraints` field in the Pod spec. + Default is empty list. + Maximum length for this list is 10. + Minimum length for this list is 1 + Entries must have unique topologyKey and whenUnsatisfiable pairs. + items: + description: TopologySpreadConstraint specifies how to spread + matching pods among the given topology. + properties: + labelSelector: + description: |- + LabelSelector is used to find matching pods. + Pods that match this label selector are counted to determine the number of pods + in their corresponding topology domain. + properties: + matchExpressions: + description: matchExpressions is a list of label selector + requirements. The requirements are ANDed. + items: + description: |- + A label selector requirement is a selector that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: key is the label key that the selector + applies to. + type: string + operator: + description: |- + operator represents a key's relationship to a set of values. + Valid operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: |- + values is an array of string values. If the operator is In or NotIn, + the values array must be non-empty. If the operator is Exists or DoesNotExist, + the values array must be empty. This array is replaced during a strategic + merge patch. + items: + type: string + type: array + x-kubernetes-list-type: atomic + required: + - key + - operator + type: object + type: array + x-kubernetes-list-type: atomic + matchLabels: + additionalProperties: + type: string + description: |- + matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, whose key field is "key", the + operator is "In", and the values array contains only "value". The requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + matchLabelKeys: + description: |- + MatchLabelKeys is a set of pod label keys to select the pods over which + spreading will be calculated. The keys are used to lookup values from the + incoming pod labels, those key-value labels are ANDed with labelSelector + to select the group of existing pods over which spreading will be calculated + for the incoming pod. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. + MatchLabelKeys cannot be set when LabelSelector isn't set. + Keys that don't exist in the incoming pod labels will + be ignored. A null or empty list means only match against labelSelector. + + This is a beta field and requires the MatchLabelKeysInPodTopologySpread feature gate to be enabled (enabled by default). + items: + type: string + type: array + x-kubernetes-list-type: atomic + maxSkew: + description: |- + MaxSkew describes the degree to which pods may be unevenly distributed. + When `whenUnsatisfiable=DoNotSchedule`, it is the maximum permitted difference + between the number of matching pods in the target topology and the global minimum. + The global minimum is the minimum number of matching pods in an eligible domain + or zero if the number of eligible domains is less than MinDomains. + For example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same + labelSelector spread as 2/2/1: + In this case, the global minimum is 1. + | zone1 | zone2 | zone3 | + | P P | P P | P | + - if MaxSkew is 1, incoming pod can only be scheduled to zone3 to become 2/2/2; + scheduling it onto zone1(zone2) would make the ActualSkew(3-1) on zone1(zone2) + violate MaxSkew(1). + - if MaxSkew is 2, incoming pod can be scheduled onto any zone. + When `whenUnsatisfiable=ScheduleAnyway`, it is used to give higher precedence + to topologies that satisfy it. + It's a required field. Default value is 1 and 0 is not allowed. + format: int32 + type: integer + minDomains: + description: |- + MinDomains indicates a minimum number of eligible domains. + When the number of eligible domains with matching topology keys is less than minDomains, + Pod Topology Spread treats "global minimum" as 0, and then the calculation of Skew is performed. + And when the number of eligible domains with matching topology keys equals or greater than minDomains, + this value has no effect on scheduling. + As a result, when the number of eligible domains is less than minDomains, + scheduler won't schedule more than maxSkew Pods to those domains. + If value is nil, the constraint behaves as if MinDomains is equal to 1. + Valid values are integers greater than 0. + When value is not nil, WhenUnsatisfiable must be DoNotSchedule. + + For example, in a 3-zone cluster, MaxSkew is set to 2, MinDomains is set to 5 and pods with the same + labelSelector spread as 2/2/2: + | zone1 | zone2 | zone3 | + | P P | P P | P P | + The number of domains is less than 5(MinDomains), so "global minimum" is treated as 0. + In this situation, new pod with the same labelSelector cannot be scheduled, + because computed skew will be 3(3 - 0) if new Pod is scheduled to any of the three zones, + it will violate MaxSkew. + format: int32 + type: integer + nodeAffinityPolicy: + description: |- + NodeAffinityPolicy indicates how we will treat Pod's nodeAffinity/nodeSelector + when calculating pod topology spread skew. Options are: + - Honor: only nodes matching nodeAffinity/nodeSelector are included in the calculations. + - Ignore: nodeAffinity/nodeSelector are ignored. All nodes are included in the calculations. + + If this value is nil, the behavior is equivalent to the Honor policy. + type: string + nodeTaintsPolicy: + description: |- + NodeTaintsPolicy indicates how we will treat node taints when calculating + pod topology spread skew. Options are: + - Honor: nodes without taints, along with tainted nodes for which the incoming pod + has a toleration, are included. + - Ignore: node taints are ignored. All nodes are included. + + If this value is nil, the behavior is equivalent to the Ignore policy. + type: string + topologyKey: + description: |- + TopologyKey is the key of node labels. Nodes that have a label with this key + and identical values are considered to be in the same topology. + We consider each as a "bucket", and try to put balanced number + of pods into each bucket. + We define a domain as a particular instance of a topology. + Also, we define an eligible domain as a domain whose nodes meet the requirements of + nodeAffinityPolicy and nodeTaintsPolicy. + e.g. If TopologyKey is "kubernetes.io/hostname", each Node is a domain of that topology. + And, if TopologyKey is "topology.kubernetes.io/zone", each zone is a domain of that topology. + It's a required field. + type: string + whenUnsatisfiable: + description: |- + WhenUnsatisfiable indicates how to deal with a pod if it doesn't satisfy + the spread constraint. + - DoNotSchedule (default) tells the scheduler not to schedule it. + - ScheduleAnyway tells the scheduler to schedule the pod in any location, + but giving higher precedence to topologies that would help reduce the + skew. + A constraint is considered "Unsatisfiable" for an incoming pod + if and only if every possible node assignment for that pod would violate + "MaxSkew" on some topology. + For example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same + labelSelector spread as 3/1/1: + | zone1 | zone2 | zone3 | + | P P P | P | P | + If WhenUnsatisfiable is set to DoNotSchedule, incoming pod can only be scheduled + to zone2(zone3) to become 3/2/1(3/1/2) as ActualSkew(2-1) on zone2(zone3) satisfies + MaxSkew(1). In other words, the cluster can still be imbalanced, but scheduler + won't make it *more* imbalanced. + It's a required field. + type: string + required: + - maxSkew + - topologyKey + - whenUnsatisfiable + type: object + maxItems: 10 + minItems: 1 + type: array + x-kubernetes-list-map-keys: + - topologyKey + - whenUnsatisfiable + x-kubernetes-list-type: map + volumeClaimTemplate: + description: |- + volumeClaimTemplate Defines persistent storage for Prometheus. Use this setting to + configure the persistent volume claim, including storage class, volume + size, and name. + If omitted, the Pod uses ephemeral storage and Prometheus data will not persist + across restarts. + This field is optional. + properties: + apiVersion: + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + type: string + kind: + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + type: string + metadata: + description: |- + Standard object's metadata. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata + type: object + spec: + description: |- + spec defines the desired characteristics of a volume requested by a pod author. + More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims + properties: + accessModes: + description: |- + accessModes contains the desired access modes the volume should have. + More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1 + items: + type: string + type: array + x-kubernetes-list-type: atomic + dataSource: + description: |- + dataSource field can be used to specify either: + * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot) + * An existing PVC (PersistentVolumeClaim) + If the provisioner or an external controller can support the specified data source, + it will create a new volume based on the contents of the specified data source. + When the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef, + and dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified. + If the namespace is specified, then dataSourceRef will not be copied to dataSource. + properties: + apiGroup: + description: |- + APIGroup is the group for the resource being referenced. + If APIGroup is not specified, the specified Kind must be in the core API group. + For any other third-party types, APIGroup is required. + type: string + kind: + description: Kind is the type of resource being referenced + type: string + name: + description: Name is the name of resource being referenced + type: string + required: + - kind + - name + type: object + x-kubernetes-map-type: atomic + dataSourceRef: + description: |- + dataSourceRef specifies the object from which to populate the volume with data, if a non-empty + volume is desired. This may be any object from a non-empty API group (non + core object) or a PersistentVolumeClaim object. + When this field is specified, volume binding will only succeed if the type of + the specified object matches some installed volume populator or dynamic + provisioner. + This field will replace the functionality of the dataSource field and as such + if both fields are non-empty, they must have the same value. For backwards + compatibility, when namespace isn't specified in dataSourceRef, + both fields (dataSource and dataSourceRef) will be set to the same + value automatically if one of them is empty and the other is non-empty. + When namespace is specified in dataSourceRef, + dataSource isn't set to the same value and must be empty. + There are three important differences between dataSource and dataSourceRef: + * While dataSource only allows two specific types of objects, dataSourceRef + allows any non-core object, as well as PersistentVolumeClaim objects. + * While dataSource ignores disallowed values (dropping them), dataSourceRef + preserves all values, and generates an error if a disallowed value is + specified. + * While dataSource only allows local objects, dataSourceRef allows objects + in any namespaces. + (Beta) Using this field requires the AnyVolumeDataSource feature gate to be enabled. + (Alpha) Using the namespace field of dataSourceRef requires the CrossNamespaceVolumeDataSource feature gate to be enabled. + properties: + apiGroup: + description: |- + APIGroup is the group for the resource being referenced. + If APIGroup is not specified, the specified Kind must be in the core API group. + For any other third-party types, APIGroup is required. + type: string + kind: + description: Kind is the type of resource being referenced + type: string + name: + description: Name is the name of resource being referenced + type: string + namespace: + description: |- + Namespace is the namespace of resource being referenced + Note that when a namespace is specified, a gateway.networking.k8s.io/ReferenceGrant object is required in the referent namespace to allow that namespace's owner to accept the reference. See the ReferenceGrant documentation for details. + (Alpha) This field requires the CrossNamespaceVolumeDataSource feature gate to be enabled. + type: string + required: + - kind + - name + type: object + resources: + description: |- + resources represents the minimum resources the volume should have. + If RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements + that are lower than previous value but must still be higher than capacity recorded in the + status field of the claim. + More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources + properties: + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: |- + Limits describes the maximum amount of compute resources allowed. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: |- + Requests describes the minimum amount of compute resources required. + If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, + otherwise to an implementation-defined value. Requests cannot exceed Limits. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + type: object + type: object + selector: + description: selector is a label query over volumes to + consider for binding. + properties: + matchExpressions: + description: matchExpressions is a list of label selector + requirements. The requirements are ANDed. + items: + description: |- + A label selector requirement is a selector that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: key is the label key that the selector + applies to. + type: string + operator: + description: |- + operator represents a key's relationship to a set of values. + Valid operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: |- + values is an array of string values. If the operator is In or NotIn, + the values array must be non-empty. If the operator is Exists or DoesNotExist, + the values array must be empty. This array is replaced during a strategic + merge patch. + items: + type: string + type: array + x-kubernetes-list-type: atomic + required: + - key + - operator + type: object + type: array + x-kubernetes-list-type: atomic + matchLabels: + additionalProperties: + type: string + description: |- + matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, whose key field is "key", the + operator is "In", and the values array contains only "value". The requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + storageClassName: + description: |- + storageClassName is the name of the StorageClass required by the claim. + More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1 + type: string + volumeAttributesClassName: + description: |- + volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim. + If specified, the CSI driver will create or update the volume with the attributes defined + in the corresponding VolumeAttributesClass. This has a different purpose than storageClassName, + it can be changed after the claim is created. An empty string value means that no VolumeAttributesClass + will be applied to the claim but it's not allowed to reset this field to empty string once it is set. + If unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass + will be set by the persistentvolume controller if it exists. + If the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be + set to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource + exists. + More info: https://kubernetes.io/docs/concepts/storage/volume-attributes-classes/ + (Beta) Using this field requires the VolumeAttributesClass feature gate to be enabled (off by default). + type: string + volumeMode: + description: |- + volumeMode defines what type of volume is required by the claim. + Value of Filesystem is implied when not included in claim spec. + type: string + volumeName: + description: volumeName is the binding reference to the + PersistentVolume backing this claim. + type: string + type: object + status: + description: |- + status represents the current information/status of a persistent volume claim. + Read-only. + More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims + properties: + accessModes: + description: |- + accessModes contains the actual access modes the volume backing the PVC has. + More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1 + items: + type: string + type: array + x-kubernetes-list-type: atomic + allocatedResourceStatuses: + additionalProperties: + description: |- + When a controller receives persistentvolume claim update with ClaimResourceStatus for a resource + that it does not recognizes, then it should ignore that update and let other controllers + handle it. + type: string + description: "allocatedResourceStatuses stores status + of resource being resized for the given PVC.\nKey names + follow standard Kubernetes label syntax. Valid values + are either:\n\t* Un-prefixed keys:\n\t\t- storage - + the capacity of the volume.\n\t* Custom resources must + use implementation-defined prefixed names such as \"example.com/my-custom-resource\"\nApart + from above values - keys that are unprefixed or have + kubernetes.io prefix are considered\nreserved and hence + may not be used.\n\nClaimResourceStatus can be in any + of following states:\n\t- ControllerResizeInProgress:\n\t\tState + set when resize controller starts resizing the volume + in control-plane.\n\t- ControllerResizeFailed:\n\t\tState + set when resize has failed in resize controller with + a terminal error.\n\t- NodeResizePending:\n\t\tState + set when resize controller has finished resizing the + volume but further resizing of\n\t\tvolume is needed + on the node.\n\t- NodeResizeInProgress:\n\t\tState set + when kubelet starts resizing the volume.\n\t- NodeResizeFailed:\n\t\tState + set when resizing has failed in kubelet with a terminal + error. Transient errors don't set\n\t\tNodeResizeFailed.\nFor + example: if expanding a PVC for more capacity - this + field can be one of the following states:\n\t- pvc.status.allocatedResourceStatus['storage'] + = \"ControllerResizeInProgress\"\n - pvc.status.allocatedResourceStatus['storage'] + = \"ControllerResizeFailed\"\n - pvc.status.allocatedResourceStatus['storage'] + = \"NodeResizePending\"\n - pvc.status.allocatedResourceStatus['storage'] + = \"NodeResizeInProgress\"\n - pvc.status.allocatedResourceStatus['storage'] + = \"NodeResizeFailed\"\nWhen this field is not set, + it means that no resize operation is in progress for + the given PVC.\n\nA controller that receives PVC update + with previously unknown resourceName or ClaimResourceStatus\nshould + ignore the update for the purpose it was designed. For + example - a controller that\nonly is responsible for + resizing capacity of the volume, should ignore PVC updates + that change other valid\nresources associated with PVC.\n\nThis + is an alpha field and requires enabling RecoverVolumeExpansionFailure + feature." + type: object + x-kubernetes-map-type: granular + allocatedResources: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: "allocatedResources tracks the resources + allocated to a PVC including its capacity.\nKey names + follow standard Kubernetes label syntax. Valid values + are either:\n\t* Un-prefixed keys:\n\t\t- storage - + the capacity of the volume.\n\t* Custom resources must + use implementation-defined prefixed names such as \"example.com/my-custom-resource\"\nApart + from above values - keys that are unprefixed or have + kubernetes.io prefix are considered\nreserved and hence + may not be used.\n\nCapacity reported here may be larger + than the actual capacity when a volume expansion operation\nis + requested.\nFor storage quota, the larger value from + allocatedResources and PVC.spec.resources is used.\nIf + allocatedResources is not set, PVC.spec.resources alone + is used for quota calculation.\nIf a volume expansion + capacity request is lowered, allocatedResources is only\nlowered + if there are no expansion operations in progress and + if the actual volume capacity\nis equal or lower than + the requested capacity.\n\nA controller that receives + PVC update with previously unknown resourceName\nshould + ignore the update for the purpose it was designed. For + example - a controller that\nonly is responsible for + resizing capacity of the volume, should ignore PVC updates + that change other valid\nresources associated with PVC.\n\nThis + is an alpha field and requires enabling RecoverVolumeExpansionFailure + feature." + type: object + capacity: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: capacity represents the actual resources + of the underlying volume. + type: object + conditions: + description: |- + conditions is the current Condition of persistent volume claim. If underlying persistent volume is being + resized then the Condition will be set to 'Resizing'. + items: + description: PersistentVolumeClaimCondition contains + details about state of pvc + properties: + lastProbeTime: + description: lastProbeTime is the time we probed + the condition. + format: date-time + type: string + lastTransitionTime: + description: lastTransitionTime is the time the + condition transitioned from one status to another. + format: date-time + type: string + message: + description: message is the human-readable message + indicating details about last transition. + type: string + reason: + description: |- + reason is a unique, this should be a short, machine understandable string that gives the reason + for condition's last transition. If it reports "Resizing" that means the underlying + persistent volume is being resized. + type: string + status: + description: |- + Status is the status of the condition. + Can be True, False, Unknown. + More info: https://kubernetes.io/docs/reference/kubernetes-api/config-and-storage-resources/persistent-volume-claim-v1/#:~:text=state%20of%20pvc-,conditions.status,-(string)%2C%20required + type: string + type: + description: |- + Type is the type of the condition. + More info: https://kubernetes.io/docs/reference/kubernetes-api/config-and-storage-resources/persistent-volume-claim-v1/#:~:text=set%20to%20%27ResizeStarted%27.-,PersistentVolumeClaimCondition,-contains%20details%20about + type: string + required: + - status + - type + type: object + type: array + x-kubernetes-list-map-keys: + - type + x-kubernetes-list-type: map + currentVolumeAttributesClassName: + description: |- + currentVolumeAttributesClassName is the current name of the VolumeAttributesClass the PVC is using. + When unset, there is no VolumeAttributeClass applied to this PersistentVolumeClaim + This is a beta field and requires enabling VolumeAttributesClass feature (off by default). + type: string + modifyVolumeStatus: + description: |- + ModifyVolumeStatus represents the status object of ControllerModifyVolume operation. + When this is unset, there is no ModifyVolume operation being attempted. + This is a beta field and requires enabling VolumeAttributesClass feature (off by default). + properties: + status: + description: "status is the status of the ControllerModifyVolume + operation. It can be in any of following states:\n + - Pending\n Pending indicates that the PersistentVolumeClaim + cannot be modified due to unmet requirements, such + as\n the specified VolumeAttributesClass not existing.\n + - InProgress\n InProgress indicates that the volume + is being modified.\n - Infeasible\n Infeasible + indicates that the request has been rejected as + invalid by the CSI driver. To\n\t resolve the error, + a valid VolumeAttributesClass needs to be specified.\nNote: + New statuses can be added in the future. Consumers + should check for unknown statuses and fail appropriately." + type: string + targetVolumeAttributesClassName: + description: targetVolumeAttributesClassName is the + name of the VolumeAttributesClass the PVC currently + being reconciled + type: string + required: + - status + type: object + phase: + description: phase represents the current phase of PersistentVolumeClaim. + type: string + type: object + type: object + type: object userDefined: description: |- userDefined set the deployment mode for user-defined monitoring in addition to the default platform monitoring. diff --git a/payload-manifests/crds/0000_10_config-operator_01_clustermonitoring-TechPreviewNoUpgrade.crd.yaml b/payload-manifests/crds/0000_10_config-operator_01_clustermonitoring-TechPreviewNoUpgrade.crd.yaml index 44c1184e1a3..32bddd337aa 100644 --- a/payload-manifests/crds/0000_10_config-operator_01_clustermonitoring-TechPreviewNoUpgrade.crd.yaml +++ b/payload-manifests/crds/0000_10_config-operator_01_clustermonitoring-TechPreviewNoUpgrade.crd.yaml @@ -1288,6 +1288,1085 @@ spec: - TraceAll type: string type: object + prometheusK8sConfig: + description: |- + prometheusK8sConfig provides configuration options for the Prometheus instance + Prometheus deployment, pod scheduling, resource allocation, retention policies, and external integrations. + prometheusK8sConfig is optional. + When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time. + minProperties: 1 + properties: + additionalAlertmanagerConfigs: + description: |- + additionalAlertmanagerConfigs configures additional Alertmanager instances that receive alerts from + the Prometheus component. By default, no additional Alertmanager instances are configured. + items: + description: |- + AdditionalAlertmanagerConfig represents configuration for additional Alertmanager instances. + The `AdditionalAlertmanagerConfig` resource defines settings for how a + component communicates with additional Alertmanager instances. + properties: + apiVersion: + description: |- + apiVersion defines the API version of Alertmanager. + `v1` is no longer supported, `v2` is set as the default value. + maxLength: 10 + type: string + bearerToken: + description: |- + bearerToken defines the secret key reference containing the bearer token + to use when authenticating to Alertmanager. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + pathPrefix: + description: pathPrefix defines the path prefix to add in + front of the push endpoint path. + maxLength: 255 + type: string + scheme: + description: |- + scheme defines the URL scheme to use when communicating with Alertmanager + instances. + Possible values are `http` or `https`. The default value is `http`. + maxLength: 10 + type: string + staticConfigs: + description: |- + staticConfigs is a list of statically configured Alertmanager endpoints in the form + of `:`. + items: + maxLength: 255 + type: string + maxItems: 10 + type: array + x-kubernetes-list-type: set + timeout: + description: timeout defines the timeout value used when + sending alerts. + maxLength: 20 + type: string + tlsConfig: + description: tlsConfig defines the TLS settings to use for + Alertmanager connections. + properties: + ca: + description: ca is the CA certificate to use for TLS + connections. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key + must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + cert: + description: cert is the client certificate to use for + TLS connections. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key + must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + insecureSkipVerify: + description: insecureSkipVerify determines whether to + skip TLS certificate verification. + enum: + - true + - false + type: string + key: + description: key is the client key to use for TLS connections. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key + must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + serverName: + description: serverName is the server name to use for + TLS connections. + maxLength: 253 + type: string + type: object + required: + - apiVersion + type: object + maxItems: 10 + type: array + x-kubernetes-list-type: atomic + collectionProfile: + description: |- + collectionProfile defines the metrics collection profile that Prometheus uses to collect + metrics from the platform components. Supported values are `full` or + `minimal`. In the `full` profile (default), Prometheus collects all + metrics that are exposed by the platform components. In the `minimal` + profile, Prometheus only collects metrics necessary for the default + platform alerts, recording rules, telemetry and console dashboards. + enum: + - full + - minimal + type: string + enforcedBodySizeLimit: + description: |- + enforcedBodySizeLimit enforces a body size limit for Prometheus scraped metrics. If a scraped + target's body response is larger than the limit, the scrape will fail. + The following values are valid: + an empty value to specify no limit, + a numeric value in Prometheus size format (such as `64MB`), or + the string `automatic`, which indicates that the limit will be + automatically calculated based on cluster capacity. + The default value is empty, which indicates no limit. + maxLength: 50 + type: string + externalLabels: + description: |- + externalLabels defines labels to be added to any time series or alerts when + communicating with external systems such as federation, remote storage, + and Alertmanager. By default, no labels are added. + properties: + labels: + additionalProperties: + type: string + description: labels is a map of label names to label values. + type: object + required: + - labels + type: object + logLevel: + description: |- + logLevel defines the verbosity of logs emitted by Prometheus. + This field allows users to control the amount and severity of logs generated, which can be useful + for debugging issues or reducing noise in production environments. + Allowed values are Error, Warn, Info, and Debug. + When set to Error, only errors will be logged. + When set to Warn, both warnings and errors will be logged. + When set to Info, general information, warnings, and errors will all be logged. + When set to Debug, detailed debugging information will be logged. + When omitted, this means no opinion and the platform is left to choose a reasonable default, that is subject to change over time. + The current default value is `Info`. + maxLength: 10 + type: string + nodeSelector: + additionalProperties: + type: string + description: |- + nodeSelector defines the nodes on which the Pods are scheduled + nodeSelector is optional. + + When omitted, this means the user has no opinion and the platform is left + to choose reasonable defaults. These defaults are subject to change over time. + The current default value is `kubernetes.io/os: linux`. + maxProperties: 10 + minProperties: 1 + type: object + queryLogFile: + description: |- + queryLogFile specifies the file to which PromQL queries are logged. + This setting can be either a filename, in which + case the queries are saved to an `emptyDir` volume + at `/var/log/prometheus`, or a full path to a location where + an `emptyDir` volume will be mounted and the queries saved. + Writing to `/dev/stderr`, `/dev/stdout` or `/dev/null` is supported, but + writing to any other `/dev/` path is not supported. Relative paths are + also not supported. + By default, PromQL queries are not logged. + maxLength: 255 + type: string + remoteWrite: + description: |- + remoteWrite defines the remote write configuration, including URL, authentication, + and relabeling settings. + items: + description: RemoteWriteSpec represents configuration for remote + write endpoints. + properties: + name: + description: name is the name of the remote write configuration. + maxLength: 63 + type: string + remoteTimeout: + description: remoteTimeout is the timeout for requests to + the remote write endpoint. + maxLength: 20 + type: string + url: + description: url is the URL of the remote write endpoint. + maxLength: 2048 + type: string + writeRelabelConfigs: + description: writeRelabelConfigs is a list of relabeling + rules to apply before sending data to the remote endpoint. + items: + description: RelabelConfig represents a relabeling rule. + properties: + action: + description: action is the action to perform. + maxLength: 20 + type: string + regex: + description: regex is the regular expression to match + against the concatenated source label values. + maxLength: 1000 + type: string + replacement: + description: replacement is the replacement value + for the target label. + maxLength: 255 + type: string + separator: + description: separator is the separator used to join + source label values. + maxLength: 10 + type: string + sourceLabels: + description: sourceLabels is a list of source label + names. + items: + maxLength: 63 + type: string + maxItems: 10 + type: array + x-kubernetes-list-type: set + targetLabel: + description: targetLabel is the target label name. + maxLength: 63 + type: string + type: object + maxItems: 10 + type: array + x-kubernetes-list-type: atomic + required: + - url + type: object + maxItems: 10 + type: array + x-kubernetes-list-type: atomic + resources: + description: |- + resources defines the compute resource requests and limits for the Prometheus container. + This includes CPU, memory and HugePages constraints to help control scheduling and resource usage. + When not specified, defaults are used by the platform. Requests cannot exceed limits. + This field is optional. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + This is a simplified API that maps to Kubernetes ResourceRequirements. + The current default values are: + resources: + - name: cpu + request: 4m + limit: null + - name: memory + request: 40Mi + limit: null + Maximum length for this list is 10. + Minimum length for this list is 1. + items: + description: ContainerResource defines a single resource requirement + for a container. + properties: + limit: + anyOf: + - type: integer + - type: string + description: |- + limit is the maximum amount of the resource allowed (e.g. "2Mi", "1Gi"). + This field is optional. + When request is specified, limit cannot be less than request. + The value must be greater than 0 when specified. + maxLength: 20 + minLength: 1 + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + x-kubernetes-validations: + - message: limit must be a positive, non-zero quantity + rule: isQuantity(self) && quantity(self).isGreaterThan(quantity('0')) + name: + description: |- + name of the resource (e.g. "cpu", "memory", "hugepages-2Mi"). + This field is required. + name must consist only of alphanumeric characters, `-`, `_` and `.` and must start and end with an alphanumeric character. + maxLength: 253 + minLength: 1 + type: string + x-kubernetes-validations: + - message: name must consist only of alphanumeric characters, + `-`, `_` and `.` and must start and end with an alphanumeric + character + rule: '!format.qualifiedName().validate(self).hasValue()' + request: + anyOf: + - type: integer + - type: string + description: |- + request is the minimum amount of the resource required (e.g. "2Mi", "1Gi"). + This field is optional. + When limit is specified, request cannot be greater than limit. + maxLength: 20 + minLength: 1 + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + x-kubernetes-validations: + - message: request must be a positive, non-zero quantity + rule: isQuantity(self) && quantity(self).isGreaterThan(quantity('0')) + required: + - name + type: object + x-kubernetes-validations: + - message: at least one of request or limit must be set + rule: has(self.request) || has(self.limit) + - message: limit must be greater than or equal to request + rule: '!(has(self.request) && has(self.limit)) || quantity(self.limit).compareTo(quantity(self.request)) + >= 0' + maxItems: 10 + minItems: 1 + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + retention: + description: |- + retention defines the duration for which Prometheus retains data. + This definition must be specified using the following regular + expression pattern: `[0-9]+(ms|s|m|h|d|w|y)` (ms = milliseconds, + s= seconds,m = minutes, h = hours, d = days, w = weeks, y = years). + The default value is `15d`. + maxLength: 20 + type: string + retentionSize: + description: |- + retentionSize defines the maximum amount of disk space used by data blocks plus the + write-ahead log (WAL). + Supported values are `B`, `KB`, `KiB`, `MB`, `MiB`, `GB`, `GiB`, `TB`, + `TiB`, `PB`, `PiB`, `EB`, and `EiB`. + By default, no limit is defined. + maxLength: 20 + type: string + tolerations: + description: |- + tolerations defines tolerations for the pods. + tolerations is optional. + + When omitted, this means the user has no opinion and the platform is left + to choose reasonable defaults. These defaults are subject to change over time. + Defaults are empty/unset. + Maximum length for this list is 10 + Minimum length for this list is 1 + items: + description: |- + The pod this Toleration is attached to tolerates any taint that matches + the triple using the matching operator . + properties: + effect: + description: |- + Effect indicates the taint effect to match. Empty means match all taint effects. + When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute. + type: string + key: + description: |- + Key is the taint key that the toleration applies to. Empty means match all taint keys. + If the key is empty, operator must be Exists; this combination means to match all values and all keys. + type: string + operator: + description: |- + Operator represents a key's relationship to the value. + Valid operators are Exists and Equal. Defaults to Equal. + Exists is equivalent to wildcard for value, so that a pod can + tolerate all taints of a particular category. + type: string + tolerationSeconds: + description: |- + TolerationSeconds represents the period of time the toleration (which must be + of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, + it is not set, which means tolerate the taint forever (do not evict). Zero and + negative values will be treated as 0 (evict immediately) by the system. + format: int64 + type: integer + value: + description: |- + Value is the taint value the toleration matches to. + If the operator is Exists, the value should be empty, otherwise just a regular string. + type: string + type: object + maxItems: 10 + minItems: 1 + type: array + x-kubernetes-list-type: atomic + topologySpreadConstraints: + description: |- + topologySpreadConstraints defines rules for how Prometheus Pods should be distributed + across topology domains such as zones, nodes, or other user-defined labels. + topologySpreadConstraints is optional. + This helps improve high availability and resource efficiency by avoiding placing + too many replicas in the same failure domain. + + When omitted, this means no opinion and the platform is left to choose a default, which is subject to change over time. + This field maps directly to the `topologySpreadConstraints` field in the Pod spec. + Default is empty list. + Maximum length for this list is 10. + Minimum length for this list is 1 + Entries must have unique topologyKey and whenUnsatisfiable pairs. + items: + description: TopologySpreadConstraint specifies how to spread + matching pods among the given topology. + properties: + labelSelector: + description: |- + LabelSelector is used to find matching pods. + Pods that match this label selector are counted to determine the number of pods + in their corresponding topology domain. + properties: + matchExpressions: + description: matchExpressions is a list of label selector + requirements. The requirements are ANDed. + items: + description: |- + A label selector requirement is a selector that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: key is the label key that the selector + applies to. + type: string + operator: + description: |- + operator represents a key's relationship to a set of values. + Valid operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: |- + values is an array of string values. If the operator is In or NotIn, + the values array must be non-empty. If the operator is Exists or DoesNotExist, + the values array must be empty. This array is replaced during a strategic + merge patch. + items: + type: string + type: array + x-kubernetes-list-type: atomic + required: + - key + - operator + type: object + type: array + x-kubernetes-list-type: atomic + matchLabels: + additionalProperties: + type: string + description: |- + matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, whose key field is "key", the + operator is "In", and the values array contains only "value". The requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + matchLabelKeys: + description: |- + MatchLabelKeys is a set of pod label keys to select the pods over which + spreading will be calculated. The keys are used to lookup values from the + incoming pod labels, those key-value labels are ANDed with labelSelector + to select the group of existing pods over which spreading will be calculated + for the incoming pod. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. + MatchLabelKeys cannot be set when LabelSelector isn't set. + Keys that don't exist in the incoming pod labels will + be ignored. A null or empty list means only match against labelSelector. + + This is a beta field and requires the MatchLabelKeysInPodTopologySpread feature gate to be enabled (enabled by default). + items: + type: string + type: array + x-kubernetes-list-type: atomic + maxSkew: + description: |- + MaxSkew describes the degree to which pods may be unevenly distributed. + When `whenUnsatisfiable=DoNotSchedule`, it is the maximum permitted difference + between the number of matching pods in the target topology and the global minimum. + The global minimum is the minimum number of matching pods in an eligible domain + or zero if the number of eligible domains is less than MinDomains. + For example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same + labelSelector spread as 2/2/1: + In this case, the global minimum is 1. + | zone1 | zone2 | zone3 | + | P P | P P | P | + - if MaxSkew is 1, incoming pod can only be scheduled to zone3 to become 2/2/2; + scheduling it onto zone1(zone2) would make the ActualSkew(3-1) on zone1(zone2) + violate MaxSkew(1). + - if MaxSkew is 2, incoming pod can be scheduled onto any zone. + When `whenUnsatisfiable=ScheduleAnyway`, it is used to give higher precedence + to topologies that satisfy it. + It's a required field. Default value is 1 and 0 is not allowed. + format: int32 + type: integer + minDomains: + description: |- + MinDomains indicates a minimum number of eligible domains. + When the number of eligible domains with matching topology keys is less than minDomains, + Pod Topology Spread treats "global minimum" as 0, and then the calculation of Skew is performed. + And when the number of eligible domains with matching topology keys equals or greater than minDomains, + this value has no effect on scheduling. + As a result, when the number of eligible domains is less than minDomains, + scheduler won't schedule more than maxSkew Pods to those domains. + If value is nil, the constraint behaves as if MinDomains is equal to 1. + Valid values are integers greater than 0. + When value is not nil, WhenUnsatisfiable must be DoNotSchedule. + + For example, in a 3-zone cluster, MaxSkew is set to 2, MinDomains is set to 5 and pods with the same + labelSelector spread as 2/2/2: + | zone1 | zone2 | zone3 | + | P P | P P | P P | + The number of domains is less than 5(MinDomains), so "global minimum" is treated as 0. + In this situation, new pod with the same labelSelector cannot be scheduled, + because computed skew will be 3(3 - 0) if new Pod is scheduled to any of the three zones, + it will violate MaxSkew. + format: int32 + type: integer + nodeAffinityPolicy: + description: |- + NodeAffinityPolicy indicates how we will treat Pod's nodeAffinity/nodeSelector + when calculating pod topology spread skew. Options are: + - Honor: only nodes matching nodeAffinity/nodeSelector are included in the calculations. + - Ignore: nodeAffinity/nodeSelector are ignored. All nodes are included in the calculations. + + If this value is nil, the behavior is equivalent to the Honor policy. + type: string + nodeTaintsPolicy: + description: |- + NodeTaintsPolicy indicates how we will treat node taints when calculating + pod topology spread skew. Options are: + - Honor: nodes without taints, along with tainted nodes for which the incoming pod + has a toleration, are included. + - Ignore: node taints are ignored. All nodes are included. + + If this value is nil, the behavior is equivalent to the Ignore policy. + type: string + topologyKey: + description: |- + TopologyKey is the key of node labels. Nodes that have a label with this key + and identical values are considered to be in the same topology. + We consider each as a "bucket", and try to put balanced number + of pods into each bucket. + We define a domain as a particular instance of a topology. + Also, we define an eligible domain as a domain whose nodes meet the requirements of + nodeAffinityPolicy and nodeTaintsPolicy. + e.g. If TopologyKey is "kubernetes.io/hostname", each Node is a domain of that topology. + And, if TopologyKey is "topology.kubernetes.io/zone", each zone is a domain of that topology. + It's a required field. + type: string + whenUnsatisfiable: + description: |- + WhenUnsatisfiable indicates how to deal with a pod if it doesn't satisfy + the spread constraint. + - DoNotSchedule (default) tells the scheduler not to schedule it. + - ScheduleAnyway tells the scheduler to schedule the pod in any location, + but giving higher precedence to topologies that would help reduce the + skew. + A constraint is considered "Unsatisfiable" for an incoming pod + if and only if every possible node assignment for that pod would violate + "MaxSkew" on some topology. + For example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same + labelSelector spread as 3/1/1: + | zone1 | zone2 | zone3 | + | P P P | P | P | + If WhenUnsatisfiable is set to DoNotSchedule, incoming pod can only be scheduled + to zone2(zone3) to become 3/2/1(3/1/2) as ActualSkew(2-1) on zone2(zone3) satisfies + MaxSkew(1). In other words, the cluster can still be imbalanced, but scheduler + won't make it *more* imbalanced. + It's a required field. + type: string + required: + - maxSkew + - topologyKey + - whenUnsatisfiable + type: object + maxItems: 10 + minItems: 1 + type: array + x-kubernetes-list-map-keys: + - topologyKey + - whenUnsatisfiable + x-kubernetes-list-type: map + volumeClaimTemplate: + description: |- + volumeClaimTemplate Defines persistent storage for Prometheus. Use this setting to + configure the persistent volume claim, including storage class, volume + size, and name. + If omitted, the Pod uses ephemeral storage and Prometheus data will not persist + across restarts. + This field is optional. + properties: + apiVersion: + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + type: string + kind: + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + type: string + metadata: + description: |- + Standard object's metadata. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata + type: object + spec: + description: |- + spec defines the desired characteristics of a volume requested by a pod author. + More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims + properties: + accessModes: + description: |- + accessModes contains the desired access modes the volume should have. + More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1 + items: + type: string + type: array + x-kubernetes-list-type: atomic + dataSource: + description: |- + dataSource field can be used to specify either: + * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot) + * An existing PVC (PersistentVolumeClaim) + If the provisioner or an external controller can support the specified data source, + it will create a new volume based on the contents of the specified data source. + When the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef, + and dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified. + If the namespace is specified, then dataSourceRef will not be copied to dataSource. + properties: + apiGroup: + description: |- + APIGroup is the group for the resource being referenced. + If APIGroup is not specified, the specified Kind must be in the core API group. + For any other third-party types, APIGroup is required. + type: string + kind: + description: Kind is the type of resource being referenced + type: string + name: + description: Name is the name of resource being referenced + type: string + required: + - kind + - name + type: object + x-kubernetes-map-type: atomic + dataSourceRef: + description: |- + dataSourceRef specifies the object from which to populate the volume with data, if a non-empty + volume is desired. This may be any object from a non-empty API group (non + core object) or a PersistentVolumeClaim object. + When this field is specified, volume binding will only succeed if the type of + the specified object matches some installed volume populator or dynamic + provisioner. + This field will replace the functionality of the dataSource field and as such + if both fields are non-empty, they must have the same value. For backwards + compatibility, when namespace isn't specified in dataSourceRef, + both fields (dataSource and dataSourceRef) will be set to the same + value automatically if one of them is empty and the other is non-empty. + When namespace is specified in dataSourceRef, + dataSource isn't set to the same value and must be empty. + There are three important differences between dataSource and dataSourceRef: + * While dataSource only allows two specific types of objects, dataSourceRef + allows any non-core object, as well as PersistentVolumeClaim objects. + * While dataSource ignores disallowed values (dropping them), dataSourceRef + preserves all values, and generates an error if a disallowed value is + specified. + * While dataSource only allows local objects, dataSourceRef allows objects + in any namespaces. + (Beta) Using this field requires the AnyVolumeDataSource feature gate to be enabled. + (Alpha) Using the namespace field of dataSourceRef requires the CrossNamespaceVolumeDataSource feature gate to be enabled. + properties: + apiGroup: + description: |- + APIGroup is the group for the resource being referenced. + If APIGroup is not specified, the specified Kind must be in the core API group. + For any other third-party types, APIGroup is required. + type: string + kind: + description: Kind is the type of resource being referenced + type: string + name: + description: Name is the name of resource being referenced + type: string + namespace: + description: |- + Namespace is the namespace of resource being referenced + Note that when a namespace is specified, a gateway.networking.k8s.io/ReferenceGrant object is required in the referent namespace to allow that namespace's owner to accept the reference. See the ReferenceGrant documentation for details. + (Alpha) This field requires the CrossNamespaceVolumeDataSource feature gate to be enabled. + type: string + required: + - kind + - name + type: object + resources: + description: |- + resources represents the minimum resources the volume should have. + If RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements + that are lower than previous value but must still be higher than capacity recorded in the + status field of the claim. + More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources + properties: + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: |- + Limits describes the maximum amount of compute resources allowed. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: |- + Requests describes the minimum amount of compute resources required. + If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, + otherwise to an implementation-defined value. Requests cannot exceed Limits. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + type: object + type: object + selector: + description: selector is a label query over volumes to + consider for binding. + properties: + matchExpressions: + description: matchExpressions is a list of label selector + requirements. The requirements are ANDed. + items: + description: |- + A label selector requirement is a selector that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: key is the label key that the selector + applies to. + type: string + operator: + description: |- + operator represents a key's relationship to a set of values. + Valid operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: |- + values is an array of string values. If the operator is In or NotIn, + the values array must be non-empty. If the operator is Exists or DoesNotExist, + the values array must be empty. This array is replaced during a strategic + merge patch. + items: + type: string + type: array + x-kubernetes-list-type: atomic + required: + - key + - operator + type: object + type: array + x-kubernetes-list-type: atomic + matchLabels: + additionalProperties: + type: string + description: |- + matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, whose key field is "key", the + operator is "In", and the values array contains only "value". The requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + storageClassName: + description: |- + storageClassName is the name of the StorageClass required by the claim. + More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1 + type: string + volumeAttributesClassName: + description: |- + volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim. + If specified, the CSI driver will create or update the volume with the attributes defined + in the corresponding VolumeAttributesClass. This has a different purpose than storageClassName, + it can be changed after the claim is created. An empty string value means that no VolumeAttributesClass + will be applied to the claim but it's not allowed to reset this field to empty string once it is set. + If unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass + will be set by the persistentvolume controller if it exists. + If the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be + set to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource + exists. + More info: https://kubernetes.io/docs/concepts/storage/volume-attributes-classes/ + (Beta) Using this field requires the VolumeAttributesClass feature gate to be enabled (off by default). + type: string + volumeMode: + description: |- + volumeMode defines what type of volume is required by the claim. + Value of Filesystem is implied when not included in claim spec. + type: string + volumeName: + description: volumeName is the binding reference to the + PersistentVolume backing this claim. + type: string + type: object + status: + description: |- + status represents the current information/status of a persistent volume claim. + Read-only. + More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims + properties: + accessModes: + description: |- + accessModes contains the actual access modes the volume backing the PVC has. + More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1 + items: + type: string + type: array + x-kubernetes-list-type: atomic + allocatedResourceStatuses: + additionalProperties: + description: |- + When a controller receives persistentvolume claim update with ClaimResourceStatus for a resource + that it does not recognizes, then it should ignore that update and let other controllers + handle it. + type: string + description: "allocatedResourceStatuses stores status + of resource being resized for the given PVC.\nKey names + follow standard Kubernetes label syntax. Valid values + are either:\n\t* Un-prefixed keys:\n\t\t- storage - + the capacity of the volume.\n\t* Custom resources must + use implementation-defined prefixed names such as \"example.com/my-custom-resource\"\nApart + from above values - keys that are unprefixed or have + kubernetes.io prefix are considered\nreserved and hence + may not be used.\n\nClaimResourceStatus can be in any + of following states:\n\t- ControllerResizeInProgress:\n\t\tState + set when resize controller starts resizing the volume + in control-plane.\n\t- ControllerResizeFailed:\n\t\tState + set when resize has failed in resize controller with + a terminal error.\n\t- NodeResizePending:\n\t\tState + set when resize controller has finished resizing the + volume but further resizing of\n\t\tvolume is needed + on the node.\n\t- NodeResizeInProgress:\n\t\tState set + when kubelet starts resizing the volume.\n\t- NodeResizeFailed:\n\t\tState + set when resizing has failed in kubelet with a terminal + error. Transient errors don't set\n\t\tNodeResizeFailed.\nFor + example: if expanding a PVC for more capacity - this + field can be one of the following states:\n\t- pvc.status.allocatedResourceStatus['storage'] + = \"ControllerResizeInProgress\"\n - pvc.status.allocatedResourceStatus['storage'] + = \"ControllerResizeFailed\"\n - pvc.status.allocatedResourceStatus['storage'] + = \"NodeResizePending\"\n - pvc.status.allocatedResourceStatus['storage'] + = \"NodeResizeInProgress\"\n - pvc.status.allocatedResourceStatus['storage'] + = \"NodeResizeFailed\"\nWhen this field is not set, + it means that no resize operation is in progress for + the given PVC.\n\nA controller that receives PVC update + with previously unknown resourceName or ClaimResourceStatus\nshould + ignore the update for the purpose it was designed. For + example - a controller that\nonly is responsible for + resizing capacity of the volume, should ignore PVC updates + that change other valid\nresources associated with PVC.\n\nThis + is an alpha field and requires enabling RecoverVolumeExpansionFailure + feature." + type: object + x-kubernetes-map-type: granular + allocatedResources: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: "allocatedResources tracks the resources + allocated to a PVC including its capacity.\nKey names + follow standard Kubernetes label syntax. Valid values + are either:\n\t* Un-prefixed keys:\n\t\t- storage - + the capacity of the volume.\n\t* Custom resources must + use implementation-defined prefixed names such as \"example.com/my-custom-resource\"\nApart + from above values - keys that are unprefixed or have + kubernetes.io prefix are considered\nreserved and hence + may not be used.\n\nCapacity reported here may be larger + than the actual capacity when a volume expansion operation\nis + requested.\nFor storage quota, the larger value from + allocatedResources and PVC.spec.resources is used.\nIf + allocatedResources is not set, PVC.spec.resources alone + is used for quota calculation.\nIf a volume expansion + capacity request is lowered, allocatedResources is only\nlowered + if there are no expansion operations in progress and + if the actual volume capacity\nis equal or lower than + the requested capacity.\n\nA controller that receives + PVC update with previously unknown resourceName\nshould + ignore the update for the purpose it was designed. For + example - a controller that\nonly is responsible for + resizing capacity of the volume, should ignore PVC updates + that change other valid\nresources associated with PVC.\n\nThis + is an alpha field and requires enabling RecoverVolumeExpansionFailure + feature." + type: object + capacity: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: capacity represents the actual resources + of the underlying volume. + type: object + conditions: + description: |- + conditions is the current Condition of persistent volume claim. If underlying persistent volume is being + resized then the Condition will be set to 'Resizing'. + items: + description: PersistentVolumeClaimCondition contains + details about state of pvc + properties: + lastProbeTime: + description: lastProbeTime is the time we probed + the condition. + format: date-time + type: string + lastTransitionTime: + description: lastTransitionTime is the time the + condition transitioned from one status to another. + format: date-time + type: string + message: + description: message is the human-readable message + indicating details about last transition. + type: string + reason: + description: |- + reason is a unique, this should be a short, machine understandable string that gives the reason + for condition's last transition. If it reports "Resizing" that means the underlying + persistent volume is being resized. + type: string + status: + description: |- + Status is the status of the condition. + Can be True, False, Unknown. + More info: https://kubernetes.io/docs/reference/kubernetes-api/config-and-storage-resources/persistent-volume-claim-v1/#:~:text=state%20of%20pvc-,conditions.status,-(string)%2C%20required + type: string + type: + description: |- + Type is the type of the condition. + More info: https://kubernetes.io/docs/reference/kubernetes-api/config-and-storage-resources/persistent-volume-claim-v1/#:~:text=set%20to%20%27ResizeStarted%27.-,PersistentVolumeClaimCondition,-contains%20details%20about + type: string + required: + - status + - type + type: object + type: array + x-kubernetes-list-map-keys: + - type + x-kubernetes-list-type: map + currentVolumeAttributesClassName: + description: |- + currentVolumeAttributesClassName is the current name of the VolumeAttributesClass the PVC is using. + When unset, there is no VolumeAttributeClass applied to this PersistentVolumeClaim + This is a beta field and requires enabling VolumeAttributesClass feature (off by default). + type: string + modifyVolumeStatus: + description: |- + ModifyVolumeStatus represents the status object of ControllerModifyVolume operation. + When this is unset, there is no ModifyVolume operation being attempted. + This is a beta field and requires enabling VolumeAttributesClass feature (off by default). + properties: + status: + description: "status is the status of the ControllerModifyVolume + operation. It can be in any of following states:\n + - Pending\n Pending indicates that the PersistentVolumeClaim + cannot be modified due to unmet requirements, such + as\n the specified VolumeAttributesClass not existing.\n + - InProgress\n InProgress indicates that the volume + is being modified.\n - Infeasible\n Infeasible + indicates that the request has been rejected as + invalid by the CSI driver. To\n\t resolve the error, + a valid VolumeAttributesClass needs to be specified.\nNote: + New statuses can be added in the future. Consumers + should check for unknown statuses and fail appropriately." + type: string + targetVolumeAttributesClassName: + description: targetVolumeAttributesClassName is the + name of the VolumeAttributesClass the PVC currently + being reconciled + type: string + required: + - status + type: object + phase: + description: phase represents the current phase of PersistentVolumeClaim. + type: string + type: object + type: object + type: object userDefined: description: |- userDefined set the deployment mode for user-defined monitoring in addition to the default platform monitoring. From 36ab4005e7579d8e0e8bc13c3451fc3920bb6628 Mon Sep 17 00:00:00 2001 From: Mario Fernandez Date: Thu, 18 Sep 2025 20:45:00 +0200 Subject: [PATCH 2/5] add suggestions Signed-off-by: Mario Fernandez --- config/v1alpha1/types_cluster_monitoring.go | 116 +++-- ...clustermonitoring-CustomNoUpgrade.crd.yaml | 106 ++-- ...termonitoring-DevPreviewNoUpgrade.crd.yaml | 106 ++-- ...ermonitoring-TechPreviewNoUpgrade.crd.yaml | 106 ++-- config/v1alpha1/zz_generated.deepcopy.go | 144 ++---- .../ClusterMonitoringConfig.yaml | 106 ++-- .../zz_generated.swagger_doc_generated.go | 55 +- .../generated_openapi/zz_generated.openapi.go | 489 ++++++++++-------- openapi/openapi.json | 276 ++++++---- ...clustermonitoring-CustomNoUpgrade.crd.yaml | 106 ++-- ...termonitoring-DevPreviewNoUpgrade.crd.yaml | 106 ++-- ...ermonitoring-TechPreviewNoUpgrade.crd.yaml | 106 ++-- 12 files changed, 1111 insertions(+), 711 deletions(-) diff --git a/config/v1alpha1/types_cluster_monitoring.go b/config/v1alpha1/types_cluster_monitoring.go index cfe2b1b0527..143be3577af 100644 --- a/config/v1alpha1/types_cluster_monitoring.go +++ b/config/v1alpha1/types_cluster_monitoring.go @@ -94,7 +94,7 @@ type ClusterMonitoringSpec struct { // prometheusK8sConfig is optional. // When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time. // +optional - PrometheusK8sConfig PrometheusK8sConfig `json:"prometheusK8sConfig,omitempty,omitzero"` + PrometheusK8sConfig prometheusK8sConfig `json:"prometheusK8sConfig,omitempty,omitzero"` // metricsServerConfig is an optional field that can be used to configure the Kubernetes Metrics Server that runs in the openshift-monitoring namespace. // Specifically, it can configure how the Metrics Server instance is deployed, pod scheduling, its audit policy and log verbosity. // When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time. @@ -422,16 +422,16 @@ type MetricsServerConfig struct { TopologySpreadConstraints []v1.TopologySpreadConstraint `json:"topologySpreadConstraints,omitempty"` } -// PrometheusK8sConfig provides configuration options for the Prometheus instance +// prometheusK8sConfig provides configuration options for the Prometheus instance // Use this configuration to control // Prometheus deployment, pod scheduling, resource allocation, retention policies, and external integrations. // +kubebuilder:validation:MinProperties=1 -type PrometheusK8sConfig struct { +type prometheusK8sConfig struct { // additionalAlertmanagerConfigs configures additional Alertmanager instances that receive alerts from // the Prometheus component. By default, no additional Alertmanager instances are configured. // +optional // +kubebuilder:validation:MaxItems=10 - // +listType=atomic + // +listType=map AdditionalAlertmanagerConfigs []AdditionalAlertmanagerConfig `json:"additionalAlertmanagerConfigs,omitempty"` // enforcedBodySizeLimit enforces a body size limit for Prometheus scraped metrics. If a scraped // target's body response is larger than the limit, the scrape will fail. @@ -440,16 +440,19 @@ type PrometheusK8sConfig struct { // a numeric value in Prometheus size format (such as `64MB`), or // the string `automatic`, which indicates that the limit will be // automatically calculated based on cluster capacity. - // The default value is empty, which indicates no limit. - // +optional + // To specify no limit, omit this field. + // Minimum length for this list is 1 + // Maximum length for this list is 50. + // +kubebuilder:validation:MinLength=1 // +kubebuilder:validation:MaxLength=50 + // +optional EnforcedBodySizeLimit *string `json:"enforcedBodySizeLimit,omitempty"` // externalLabels defines labels to be added to any time series or alerts when // communicating with external systems such as federation, remote storage, // and Alertmanager. By default, no labels are added. // +optional ExternalLabels ExternalLabels `json:"externalLabels,omitempty,omitzero"` - // logLevel defines the verbosity of logs emitted by Prometheus. + // logLevel defines the verbosity of logs emitted by Alertmanager. // This field allows users to control the amount and severity of logs generated, which can be useful // for debugging issues or reducing noise in production environments. // Allowed values are Error, Warn, Info, and Debug. @@ -460,8 +463,7 @@ type PrometheusK8sConfig struct { // When omitted, this means no opinion and the platform is left to choose a reasonable default, that is subject to change over time. // The current default value is `Info`. // +optional - // +kubebuilder:validation:MaxLength=10 - LogLevel *string `json:"logLevel,omitempty"` + LogLevel LogLevel `json:"logLevel,omitempty"` // nodeSelector defines the nodes on which the Pods are scheduled // nodeSelector is optional. // @@ -482,13 +484,15 @@ type PrometheusK8sConfig struct { // also not supported. // By default, PromQL queries are not logged. // +optional + // +kubebuilder:validation:MinLength=1 // +kubebuilder:validation:MaxLength=255 QueryLogFile *string `json:"queryLogFile,omitempty"` // remoteWrite defines the remote write configuration, including URL, authentication, // and relabeling settings. // +optional + // remoteWrite supports a maximum of 10 items in the list. // +kubebuilder:validation:MaxItems=10 - // +listType=atomic + // +listType=map RemoteWrite []RemoteWriteSpec `json:"remoteWrite,omitempty"` // resources defines the compute resource requests and limits for the Prometheus container. // This includes CPU, memory and HugePages constraints to help control scheduling and resource usage. @@ -516,15 +520,17 @@ type PrometheusK8sConfig struct { // This definition must be specified using the following regular // expression pattern: `[0-9]+(ms|s|m|h|d|w|y)` (ms = milliseconds, // s= seconds,m = minutes, h = hours, d = days, w = weeks, y = years). + // When omitted, this means the user has no opinion and the platform is left + // to choose reasonable defaults, which are subject to change over time. // The default value is `15d`. // +optional + // +kubebuilder:validation:MinLength=1 // +kubebuilder:validation:MaxLength=20 Retention *string `json:"retention,omitempty"` - // retentionSize defines the maximum amount of disk space used by data blocks plus the - // write-ahead log (WAL). - // Supported values are `B`, `KB`, `KiB`, `MB`, `MiB`, `GB`, `GiB`, `TB`, - // `TiB`, `PB`, `PiB`, `EB`, and `EiB`. - // By default, no limit is defined. + // retentionSize specifies the maximum volume of persistent storage that Prometheus uses for data blocks and the write-ahead log (WAL). + // Acceptable values use standard Kubernetes resource quantity formats, such as `Mi`, `Gi`, `Ti`, etc. + // When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time. + // The default is no storage size limit is enforced and Prometheus will use the available storage capacity of the PersistentVolume. // +optional // +kubebuilder:validation:MaxLength=20 RetentionSize *string `json:"retentionSize,omitempty"` @@ -566,6 +572,8 @@ type PrometheusK8sConfig struct { // metrics that are exposed by the platform components. In the `minimal` // profile, Prometheus only collects metrics necessary for the default // platform alerts, recording rules, telemetry and console dashboards. + // When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time. + // The default value is `full`. // +optional CollectionProfile CollectionProfile `json:"collectionProfile,omitempty"` // volumeClaimTemplate Defines persistent storage for Prometheus. Use this setting to @@ -578,50 +586,100 @@ type PrometheusK8sConfig struct { VolumeClaimTemplate *v1.PersistentVolumeClaim `json:"volumeClaimTemplate,omitempty"` } +type AlertmanagerAPIVersion string + +const ( + AlertmanagerAPIVersionV2 AlertmanagerAPIVersion = "v2" +) + +// SecretKeyReference represents a reference to a secret key. +type SecretKeyReference struct { + // The name of the secret in the pod's namespace to select from. + // +required + Name string `json:"name"` + // The key of the secret to select from. Must be a valid secret key. + // +required + Key string `json:"key"` + // Specify whether the Secret or its key must be defined + // +optional + Optional *bool `json:"optional,omitempty"` +} + +type AlertmanagerScheme string + +const ( + AlertmanagerSchemeHTTP AlertmanagerScheme = "http" + AlertmanagerSchemeHTTPS AlertmanagerScheme = "https" +) + // AdditionalAlertmanagerConfig represents configuration for additional Alertmanager instances. // The `AdditionalAlertmanagerConfig` resource defines settings for how a // component communicates with additional Alertmanager instances. type AdditionalAlertmanagerConfig struct { // apiVersion defines the API version of Alertmanager. - // `v1` is no longer supported, `v2` is set as the default value. + // Allowed values: "v2". "v1" is no longer supported, "v2" is set as the default value. + // +kubebuilder:validation:Enum=v2 // +required - // +kubebuilder:validation:MaxLength=10 - APIVersion *string `json:"apiVersion,omitempty"` - // bearerToken defines the secret key reference containing the bearer token + APIVersion AlertmanagerAPIVersion `json:"apiVersion,omitempty"` + // bearerToken defines the secret reference containing the bearer token // to use when authenticating to Alertmanager. + // This is a custom type to allow for admission time validations. // +optional - BearerToken *v1.SecretKeySelector `json:"bearerToken,omitempty"` + BearerToken *SecretKeyReference `json:"bearerToken,omitempty"` // pathPrefix defines the path prefix to add in front of the push endpoint path. - // +optional // +kubebuilder:validation:MaxLength=255 + // +kubebuilder:validation:MinLength=1 + // +optional PathPrefix *string `json:"pathPrefix,omitempty"` // scheme defines the URL scheme to use when communicating with Alertmanager // instances. // Possible values are `http` or `https`. The default value is `http`. - // +optional - // +kubebuilder:validation:MaxLength=10 - Scheme *string `json:"scheme,omitempty"` + // +kubebuilder:validation:Enum=http;https + // +required + Scheme AlertmanagerScheme `json:"scheme,omitempty"` // staticConfigs is a list of statically configured Alertmanager endpoints in the form - // of `:`. - // +optional + // of `:`. Each entry must be a valid hostname or IP address followed by a colon and a valid port number (1-65535). // +kubebuilder:validation:MaxItems=10 // +kubebuilder:validation:items:MaxLength=255 + // +kubebuilder:validation:items:Pattern=`^([a-zA-Z0-9.-]+|\[[a-fA-F0-9:]+\]):([1-9][0-9]{0,4})$` // +listType=set + // +required StaticConfigs []string `json:"staticConfigs,omitempty"` // timeout defines the timeout value used when sending alerts. + // The value must be a valid Go time.Duration string (e.g. 30s, 5m, 1h). + // +kubebuilder:validation:Pattern=`^([0-9]+(\.[0-9]+)?(ns|us|µs|ms|s|m|h))+$` + // +kubebuilder:validation:MinLength=2 // +optional - // +kubebuilder:validation:MaxLength=20 Timeout *string `json:"timeout,omitempty"` // tlsConfig defines the TLS settings to use for Alertmanager connections. + // When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time. // +optional TLSConfig *TLSConfig `json:"tlsConfig,omitempty"` } +// Label represents a key/value pair for external labels. +type Label struct { + // key is the name of the label. + // +required + // +kubebuilder:validation:MaxLength=63 + // +kubebuilder:validation:MinLength=1 + Key string `json:"key"` + // value is the value of the label. + // +required + // +kubebuilder:validation:MaxLength=63 + // +kubebuilder:validation:MinLength=1 + Value string `json:"value"` +} + // ExternalLabels represents labels to be added to time series and alerts. type ExternalLabels struct { - // labels is a map of label names to label values. + // labels is a list of label key/value pairs. // +required - Labels map[string]string `json:"labels,omitempty"` + // +kubebuilder:validation:MinItems=1 + // +kubebuilder:validation:MaxItems=50 + // +listType=map + // +listMapKey=key + Labels []Label `json:"labels,omitempty"` } // RemoteWriteSpec represents configuration for remote write endpoints. diff --git a/config/v1alpha1/zz_generated.crd-manifests/0000_10_config-operator_01_clustermonitoring-CustomNoUpgrade.crd.yaml b/config/v1alpha1/zz_generated.crd-manifests/0000_10_config-operator_01_clustermonitoring-CustomNoUpgrade.crd.yaml index 84bf6fa9f0f..abfe382f0ff 100644 --- a/config/v1alpha1/zz_generated.crd-manifests/0000_10_config-operator_01_clustermonitoring-CustomNoUpgrade.crd.yaml +++ b/config/v1alpha1/zz_generated.crd-manifests/0000_10_config-operator_01_clustermonitoring-CustomNoUpgrade.crd.yaml @@ -1309,26 +1309,23 @@ spec: apiVersion: description: |- apiVersion defines the API version of Alertmanager. - `v1` is no longer supported, `v2` is set as the default value. - maxLength: 10 + Allowed values: "v2". "v1" is no longer supported, "v2" is set as the default value. + enum: + - v2 type: string bearerToken: description: |- - bearerToken defines the secret key reference containing the bearer token + bearerToken defines the secret reference containing the bearer token to use when authenticating to Alertmanager. + This is a custom type to allow for admission time validations. properties: key: - description: The key of the secret to select from. Must + description: The key of the secret to select from. Must be a valid secret key. type: string name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + description: The name of the secret in the pod's namespace + to select from. type: string optional: description: Specify whether the Secret or its key must @@ -1336,38 +1333,45 @@ spec: type: boolean required: - key + - name type: object - x-kubernetes-map-type: atomic pathPrefix: description: pathPrefix defines the path prefix to add in front of the push endpoint path. maxLength: 255 + minLength: 1 type: string scheme: description: |- scheme defines the URL scheme to use when communicating with Alertmanager instances. Possible values are `http` or `https`. The default value is `http`. - maxLength: 10 + enum: + - http + - https type: string staticConfigs: description: |- staticConfigs is a list of statically configured Alertmanager endpoints in the form - of `:`. + of `:`. Each entry must be a valid hostname or IP address followed by a colon and a valid port number (1-65535). items: maxLength: 255 + pattern: ^([a-zA-Z0-9.-]+|\[[a-fA-F0-9:]+\]):([1-9][0-9]{0,4})$ type: string maxItems: 10 type: array x-kubernetes-list-type: set timeout: - description: timeout defines the timeout value used when - sending alerts. - maxLength: 20 + description: |- + timeout defines the timeout value used when sending alerts. + The value must be a valid Go time.Duration string (e.g. 30s, 5m, 1h). + minLength: 2 + pattern: ^([0-9]+(\.[0-9]+)?(ns|us|µs|ms|s|m|h))+$ type: string tlsConfig: - description: tlsConfig defines the TLS settings to use for - Alertmanager connections. + description: |- + tlsConfig defines the TLS settings to use for Alertmanager connections. + When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time. properties: ca: description: ca is the CA certificate to use for TLS @@ -1458,10 +1462,12 @@ spec: type: object required: - apiVersion + - scheme + - staticConfigs type: object maxItems: 10 type: array - x-kubernetes-list-type: atomic + x-kubernetes-list-type: map collectionProfile: description: |- collectionProfile defines the metrics collection profile that Prometheus uses to collect @@ -1470,6 +1476,8 @@ spec: metrics that are exposed by the platform components. In the `minimal` profile, Prometheus only collects metrics necessary for the default platform alerts, recording rules, telemetry and console dashboards. + When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time. + The default value is `full`. enum: - full - minimal @@ -1483,8 +1491,11 @@ spec: a numeric value in Prometheus size format (such as `64MB`), or the string `automatic`, which indicates that the limit will be automatically calculated based on cluster capacity. - The default value is empty, which indicates no limit. + To specify no limit, omit this field. + Minimum length for this list is 1 + Maximum length for this list is 50. maxLength: 50 + minLength: 1 type: string externalLabels: description: |- @@ -1493,16 +1504,37 @@ spec: and Alertmanager. By default, no labels are added. properties: labels: - additionalProperties: - type: string - description: labels is a map of label names to label values. - type: object + description: labels is a list of label key/value pairs. + items: + description: Label represents a key/value pair for external + labels. + properties: + key: + description: key is the name of the label. + maxLength: 63 + minLength: 1 + type: string + value: + description: value is the value of the label. + maxLength: 63 + minLength: 1 + type: string + required: + - key + - value + type: object + maxItems: 50 + minItems: 1 + type: array + x-kubernetes-list-map-keys: + - key + x-kubernetes-list-type: map required: - labels type: object logLevel: description: |- - logLevel defines the verbosity of logs emitted by Prometheus. + logLevel defines the verbosity of logs emitted by Alertmanager. This field allows users to control the amount and severity of logs generated, which can be useful for debugging issues or reducing noise in production environments. Allowed values are Error, Warn, Info, and Debug. @@ -1512,7 +1544,11 @@ spec: When set to Debug, detailed debugging information will be logged. When omitted, this means no opinion and the platform is left to choose a reasonable default, that is subject to change over time. The current default value is `Info`. - maxLength: 10 + enum: + - Error + - Warn + - Info + - Debug type: string nodeSelector: additionalProperties: @@ -1539,11 +1575,13 @@ spec: also not supported. By default, PromQL queries are not logged. maxLength: 255 + minLength: 1 type: string remoteWrite: description: |- remoteWrite defines the remote write configuration, including URL, authentication, and relabeling settings. + remoteWrite supports a maximum of 10 items in the list. items: description: RemoteWriteSpec represents configuration for remote write endpoints. @@ -1608,7 +1646,7 @@ spec: type: object maxItems: 10 type: array - x-kubernetes-list-type: atomic + x-kubernetes-list-type: map resources: description: |- resources defines the compute resource requests and limits for the Prometheus container. @@ -1696,16 +1734,18 @@ spec: This definition must be specified using the following regular expression pattern: `[0-9]+(ms|s|m|h|d|w|y)` (ms = milliseconds, s= seconds,m = minutes, h = hours, d = days, w = weeks, y = years). + When omitted, this means the user has no opinion and the platform is left + to choose reasonable defaults, which are subject to change over time. The default value is `15d`. maxLength: 20 + minLength: 1 type: string retentionSize: description: |- - retentionSize defines the maximum amount of disk space used by data blocks plus the - write-ahead log (WAL). - Supported values are `B`, `KB`, `KiB`, `MB`, `MiB`, `GB`, `GiB`, `TB`, - `TiB`, `PB`, `PiB`, `EB`, and `EiB`. - By default, no limit is defined. + retentionSize specifies the maximum volume of persistent storage that Prometheus uses for data blocks and the write-ahead log (WAL). + Acceptable values use standard Kubernetes resource quantity formats, such as `Mi`, `Gi`, `Ti`, etc. + When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time. + The default is no storage size limit is enforced and Prometheus will use the available storage capacity of the PersistentVolume. maxLength: 20 type: string tolerations: diff --git a/config/v1alpha1/zz_generated.crd-manifests/0000_10_config-operator_01_clustermonitoring-DevPreviewNoUpgrade.crd.yaml b/config/v1alpha1/zz_generated.crd-manifests/0000_10_config-operator_01_clustermonitoring-DevPreviewNoUpgrade.crd.yaml index 8b3f6f17bb1..c75d35066bc 100644 --- a/config/v1alpha1/zz_generated.crd-manifests/0000_10_config-operator_01_clustermonitoring-DevPreviewNoUpgrade.crd.yaml +++ b/config/v1alpha1/zz_generated.crd-manifests/0000_10_config-operator_01_clustermonitoring-DevPreviewNoUpgrade.crd.yaml @@ -1309,26 +1309,23 @@ spec: apiVersion: description: |- apiVersion defines the API version of Alertmanager. - `v1` is no longer supported, `v2` is set as the default value. - maxLength: 10 + Allowed values: "v2". "v1" is no longer supported, "v2" is set as the default value. + enum: + - v2 type: string bearerToken: description: |- - bearerToken defines the secret key reference containing the bearer token + bearerToken defines the secret reference containing the bearer token to use when authenticating to Alertmanager. + This is a custom type to allow for admission time validations. properties: key: - description: The key of the secret to select from. Must + description: The key of the secret to select from. Must be a valid secret key. type: string name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + description: The name of the secret in the pod's namespace + to select from. type: string optional: description: Specify whether the Secret or its key must @@ -1336,38 +1333,45 @@ spec: type: boolean required: - key + - name type: object - x-kubernetes-map-type: atomic pathPrefix: description: pathPrefix defines the path prefix to add in front of the push endpoint path. maxLength: 255 + minLength: 1 type: string scheme: description: |- scheme defines the URL scheme to use when communicating with Alertmanager instances. Possible values are `http` or `https`. The default value is `http`. - maxLength: 10 + enum: + - http + - https type: string staticConfigs: description: |- staticConfigs is a list of statically configured Alertmanager endpoints in the form - of `:`. + of `:`. Each entry must be a valid hostname or IP address followed by a colon and a valid port number (1-65535). items: maxLength: 255 + pattern: ^([a-zA-Z0-9.-]+|\[[a-fA-F0-9:]+\]):([1-9][0-9]{0,4})$ type: string maxItems: 10 type: array x-kubernetes-list-type: set timeout: - description: timeout defines the timeout value used when - sending alerts. - maxLength: 20 + description: |- + timeout defines the timeout value used when sending alerts. + The value must be a valid Go time.Duration string (e.g. 30s, 5m, 1h). + minLength: 2 + pattern: ^([0-9]+(\.[0-9]+)?(ns|us|µs|ms|s|m|h))+$ type: string tlsConfig: - description: tlsConfig defines the TLS settings to use for - Alertmanager connections. + description: |- + tlsConfig defines the TLS settings to use for Alertmanager connections. + When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time. properties: ca: description: ca is the CA certificate to use for TLS @@ -1458,10 +1462,12 @@ spec: type: object required: - apiVersion + - scheme + - staticConfigs type: object maxItems: 10 type: array - x-kubernetes-list-type: atomic + x-kubernetes-list-type: map collectionProfile: description: |- collectionProfile defines the metrics collection profile that Prometheus uses to collect @@ -1470,6 +1476,8 @@ spec: metrics that are exposed by the platform components. In the `minimal` profile, Prometheus only collects metrics necessary for the default platform alerts, recording rules, telemetry and console dashboards. + When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time. + The default value is `full`. enum: - full - minimal @@ -1483,8 +1491,11 @@ spec: a numeric value in Prometheus size format (such as `64MB`), or the string `automatic`, which indicates that the limit will be automatically calculated based on cluster capacity. - The default value is empty, which indicates no limit. + To specify no limit, omit this field. + Minimum length for this list is 1 + Maximum length for this list is 50. maxLength: 50 + minLength: 1 type: string externalLabels: description: |- @@ -1493,16 +1504,37 @@ spec: and Alertmanager. By default, no labels are added. properties: labels: - additionalProperties: - type: string - description: labels is a map of label names to label values. - type: object + description: labels is a list of label key/value pairs. + items: + description: Label represents a key/value pair for external + labels. + properties: + key: + description: key is the name of the label. + maxLength: 63 + minLength: 1 + type: string + value: + description: value is the value of the label. + maxLength: 63 + minLength: 1 + type: string + required: + - key + - value + type: object + maxItems: 50 + minItems: 1 + type: array + x-kubernetes-list-map-keys: + - key + x-kubernetes-list-type: map required: - labels type: object logLevel: description: |- - logLevel defines the verbosity of logs emitted by Prometheus. + logLevel defines the verbosity of logs emitted by Alertmanager. This field allows users to control the amount and severity of logs generated, which can be useful for debugging issues or reducing noise in production environments. Allowed values are Error, Warn, Info, and Debug. @@ -1512,7 +1544,11 @@ spec: When set to Debug, detailed debugging information will be logged. When omitted, this means no opinion and the platform is left to choose a reasonable default, that is subject to change over time. The current default value is `Info`. - maxLength: 10 + enum: + - Error + - Warn + - Info + - Debug type: string nodeSelector: additionalProperties: @@ -1539,11 +1575,13 @@ spec: also not supported. By default, PromQL queries are not logged. maxLength: 255 + minLength: 1 type: string remoteWrite: description: |- remoteWrite defines the remote write configuration, including URL, authentication, and relabeling settings. + remoteWrite supports a maximum of 10 items in the list. items: description: RemoteWriteSpec represents configuration for remote write endpoints. @@ -1608,7 +1646,7 @@ spec: type: object maxItems: 10 type: array - x-kubernetes-list-type: atomic + x-kubernetes-list-type: map resources: description: |- resources defines the compute resource requests and limits for the Prometheus container. @@ -1696,16 +1734,18 @@ spec: This definition must be specified using the following regular expression pattern: `[0-9]+(ms|s|m|h|d|w|y)` (ms = milliseconds, s= seconds,m = minutes, h = hours, d = days, w = weeks, y = years). + When omitted, this means the user has no opinion and the platform is left + to choose reasonable defaults, which are subject to change over time. The default value is `15d`. maxLength: 20 + minLength: 1 type: string retentionSize: description: |- - retentionSize defines the maximum amount of disk space used by data blocks plus the - write-ahead log (WAL). - Supported values are `B`, `KB`, `KiB`, `MB`, `MiB`, `GB`, `GiB`, `TB`, - `TiB`, `PB`, `PiB`, `EB`, and `EiB`. - By default, no limit is defined. + retentionSize specifies the maximum volume of persistent storage that Prometheus uses for data blocks and the write-ahead log (WAL). + Acceptable values use standard Kubernetes resource quantity formats, such as `Mi`, `Gi`, `Ti`, etc. + When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time. + The default is no storage size limit is enforced and Prometheus will use the available storage capacity of the PersistentVolume. maxLength: 20 type: string tolerations: diff --git a/config/v1alpha1/zz_generated.crd-manifests/0000_10_config-operator_01_clustermonitoring-TechPreviewNoUpgrade.crd.yaml b/config/v1alpha1/zz_generated.crd-manifests/0000_10_config-operator_01_clustermonitoring-TechPreviewNoUpgrade.crd.yaml index 32bddd337aa..baacd020e9f 100644 --- a/config/v1alpha1/zz_generated.crd-manifests/0000_10_config-operator_01_clustermonitoring-TechPreviewNoUpgrade.crd.yaml +++ b/config/v1alpha1/zz_generated.crd-manifests/0000_10_config-operator_01_clustermonitoring-TechPreviewNoUpgrade.crd.yaml @@ -1309,26 +1309,23 @@ spec: apiVersion: description: |- apiVersion defines the API version of Alertmanager. - `v1` is no longer supported, `v2` is set as the default value. - maxLength: 10 + Allowed values: "v2". "v1" is no longer supported, "v2" is set as the default value. + enum: + - v2 type: string bearerToken: description: |- - bearerToken defines the secret key reference containing the bearer token + bearerToken defines the secret reference containing the bearer token to use when authenticating to Alertmanager. + This is a custom type to allow for admission time validations. properties: key: - description: The key of the secret to select from. Must + description: The key of the secret to select from. Must be a valid secret key. type: string name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + description: The name of the secret in the pod's namespace + to select from. type: string optional: description: Specify whether the Secret or its key must @@ -1336,38 +1333,45 @@ spec: type: boolean required: - key + - name type: object - x-kubernetes-map-type: atomic pathPrefix: description: pathPrefix defines the path prefix to add in front of the push endpoint path. maxLength: 255 + minLength: 1 type: string scheme: description: |- scheme defines the URL scheme to use when communicating with Alertmanager instances. Possible values are `http` or `https`. The default value is `http`. - maxLength: 10 + enum: + - http + - https type: string staticConfigs: description: |- staticConfigs is a list of statically configured Alertmanager endpoints in the form - of `:`. + of `:`. Each entry must be a valid hostname or IP address followed by a colon and a valid port number (1-65535). items: maxLength: 255 + pattern: ^([a-zA-Z0-9.-]+|\[[a-fA-F0-9:]+\]):([1-9][0-9]{0,4})$ type: string maxItems: 10 type: array x-kubernetes-list-type: set timeout: - description: timeout defines the timeout value used when - sending alerts. - maxLength: 20 + description: |- + timeout defines the timeout value used when sending alerts. + The value must be a valid Go time.Duration string (e.g. 30s, 5m, 1h). + minLength: 2 + pattern: ^([0-9]+(\.[0-9]+)?(ns|us|µs|ms|s|m|h))+$ type: string tlsConfig: - description: tlsConfig defines the TLS settings to use for - Alertmanager connections. + description: |- + tlsConfig defines the TLS settings to use for Alertmanager connections. + When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time. properties: ca: description: ca is the CA certificate to use for TLS @@ -1458,10 +1462,12 @@ spec: type: object required: - apiVersion + - scheme + - staticConfigs type: object maxItems: 10 type: array - x-kubernetes-list-type: atomic + x-kubernetes-list-type: map collectionProfile: description: |- collectionProfile defines the metrics collection profile that Prometheus uses to collect @@ -1470,6 +1476,8 @@ spec: metrics that are exposed by the platform components. In the `minimal` profile, Prometheus only collects metrics necessary for the default platform alerts, recording rules, telemetry and console dashboards. + When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time. + The default value is `full`. enum: - full - minimal @@ -1483,8 +1491,11 @@ spec: a numeric value in Prometheus size format (such as `64MB`), or the string `automatic`, which indicates that the limit will be automatically calculated based on cluster capacity. - The default value is empty, which indicates no limit. + To specify no limit, omit this field. + Minimum length for this list is 1 + Maximum length for this list is 50. maxLength: 50 + minLength: 1 type: string externalLabels: description: |- @@ -1493,16 +1504,37 @@ spec: and Alertmanager. By default, no labels are added. properties: labels: - additionalProperties: - type: string - description: labels is a map of label names to label values. - type: object + description: labels is a list of label key/value pairs. + items: + description: Label represents a key/value pair for external + labels. + properties: + key: + description: key is the name of the label. + maxLength: 63 + minLength: 1 + type: string + value: + description: value is the value of the label. + maxLength: 63 + minLength: 1 + type: string + required: + - key + - value + type: object + maxItems: 50 + minItems: 1 + type: array + x-kubernetes-list-map-keys: + - key + x-kubernetes-list-type: map required: - labels type: object logLevel: description: |- - logLevel defines the verbosity of logs emitted by Prometheus. + logLevel defines the verbosity of logs emitted by Alertmanager. This field allows users to control the amount and severity of logs generated, which can be useful for debugging issues or reducing noise in production environments. Allowed values are Error, Warn, Info, and Debug. @@ -1512,7 +1544,11 @@ spec: When set to Debug, detailed debugging information will be logged. When omitted, this means no opinion and the platform is left to choose a reasonable default, that is subject to change over time. The current default value is `Info`. - maxLength: 10 + enum: + - Error + - Warn + - Info + - Debug type: string nodeSelector: additionalProperties: @@ -1539,11 +1575,13 @@ spec: also not supported. By default, PromQL queries are not logged. maxLength: 255 + minLength: 1 type: string remoteWrite: description: |- remoteWrite defines the remote write configuration, including URL, authentication, and relabeling settings. + remoteWrite supports a maximum of 10 items in the list. items: description: RemoteWriteSpec represents configuration for remote write endpoints. @@ -1608,7 +1646,7 @@ spec: type: object maxItems: 10 type: array - x-kubernetes-list-type: atomic + x-kubernetes-list-type: map resources: description: |- resources defines the compute resource requests and limits for the Prometheus container. @@ -1696,16 +1734,18 @@ spec: This definition must be specified using the following regular expression pattern: `[0-9]+(ms|s|m|h|d|w|y)` (ms = milliseconds, s= seconds,m = minutes, h = hours, d = days, w = weeks, y = years). + When omitted, this means the user has no opinion and the platform is left + to choose reasonable defaults, which are subject to change over time. The default value is `15d`. maxLength: 20 + minLength: 1 type: string retentionSize: description: |- - retentionSize defines the maximum amount of disk space used by data blocks plus the - write-ahead log (WAL). - Supported values are `B`, `KB`, `KiB`, `MB`, `MiB`, `GB`, `GiB`, `TB`, - `TiB`, `PB`, `PiB`, `EB`, and `EiB`. - By default, no limit is defined. + retentionSize specifies the maximum volume of persistent storage that Prometheus uses for data blocks and the write-ahead log (WAL). + Acceptable values use standard Kubernetes resource quantity formats, such as `Mi`, `Gi`, `Ti`, etc. + When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time. + The default is no storage size limit is enforced and Prometheus will use the available storage capacity of the PersistentVolume. maxLength: 20 type: string tolerations: diff --git a/config/v1alpha1/zz_generated.deepcopy.go b/config/v1alpha1/zz_generated.deepcopy.go index fc78c2a9c4b..a230f710075 100644 --- a/config/v1alpha1/zz_generated.deepcopy.go +++ b/config/v1alpha1/zz_generated.deepcopy.go @@ -14,14 +14,9 @@ import ( // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *AdditionalAlertmanagerConfig) DeepCopyInto(out *AdditionalAlertmanagerConfig) { *out = *in - if in.APIVersion != nil { - in, out := &in.APIVersion, &out.APIVersion - *out = new(string) - **out = **in - } if in.BearerToken != nil { in, out := &in.BearerToken, &out.BearerToken - *out = new(v1.SecretKeySelector) + *out = new(SecretKeyReference) (*in).DeepCopyInto(*out) } if in.PathPrefix != nil { @@ -29,11 +24,6 @@ func (in *AdditionalAlertmanagerConfig) DeepCopyInto(out *AdditionalAlertmanager *out = new(string) **out = **in } - if in.Scheme != nil { - in, out := &in.Scheme, &out.Scheme - *out = new(string) - **out = **in - } if in.StaticConfigs != nil { in, out := &in.StaticConfigs, &out.StaticConfigs *out = make([]string, len(*in)) @@ -486,10 +476,8 @@ func (in *ExternalLabels) DeepCopyInto(out *ExternalLabels) { *out = *in if in.Labels != nil { in, out := &in.Labels, &out.Labels - *out = make(map[string]string, len(*in)) - for key, val := range *in { - (*out)[key] = val - } + *out = make([]Label, len(*in)) + copy(*out, *in) } return } @@ -757,6 +745,22 @@ func (in *InsightsDataGatherStatus) DeepCopy() *InsightsDataGatherStatus { return out } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *Label) DeepCopyInto(out *Label) { + *out = *in + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Label. +func (in *Label) DeepCopy() *Label { + if in == nil { + return nil + } + out := new(Label) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *MetricsServerConfig) DeepCopyInto(out *MetricsServerConfig) { *out = *in @@ -1001,95 +1005,6 @@ func (in *PolicyRootOfTrust) DeepCopy() *PolicyRootOfTrust { return out } -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *PrometheusK8sConfig) DeepCopyInto(out *PrometheusK8sConfig) { - *out = *in - if in.AdditionalAlertmanagerConfigs != nil { - in, out := &in.AdditionalAlertmanagerConfigs, &out.AdditionalAlertmanagerConfigs - *out = make([]AdditionalAlertmanagerConfig, len(*in)) - for i := range *in { - (*in)[i].DeepCopyInto(&(*out)[i]) - } - } - if in.EnforcedBodySizeLimit != nil { - in, out := &in.EnforcedBodySizeLimit, &out.EnforcedBodySizeLimit - *out = new(string) - **out = **in - } - in.ExternalLabels.DeepCopyInto(&out.ExternalLabels) - if in.LogLevel != nil { - in, out := &in.LogLevel, &out.LogLevel - *out = new(string) - **out = **in - } - if in.NodeSelector != nil { - in, out := &in.NodeSelector, &out.NodeSelector - *out = make(map[string]string, len(*in)) - for key, val := range *in { - (*out)[key] = val - } - } - if in.QueryLogFile != nil { - in, out := &in.QueryLogFile, &out.QueryLogFile - *out = new(string) - **out = **in - } - if in.RemoteWrite != nil { - in, out := &in.RemoteWrite, &out.RemoteWrite - *out = make([]RemoteWriteSpec, len(*in)) - for i := range *in { - (*in)[i].DeepCopyInto(&(*out)[i]) - } - } - if in.Resources != nil { - in, out := &in.Resources, &out.Resources - *out = make([]ContainerResource, len(*in)) - for i := range *in { - (*in)[i].DeepCopyInto(&(*out)[i]) - } - } - if in.Retention != nil { - in, out := &in.Retention, &out.Retention - *out = new(string) - **out = **in - } - if in.RetentionSize != nil { - in, out := &in.RetentionSize, &out.RetentionSize - *out = new(string) - **out = **in - } - if in.Tolerations != nil { - in, out := &in.Tolerations, &out.Tolerations - *out = make([]v1.Toleration, len(*in)) - for i := range *in { - (*in)[i].DeepCopyInto(&(*out)[i]) - } - } - if in.TopologySpreadConstraints != nil { - in, out := &in.TopologySpreadConstraints, &out.TopologySpreadConstraints - *out = make([]v1.TopologySpreadConstraint, len(*in)) - for i := range *in { - (*in)[i].DeepCopyInto(&(*out)[i]) - } - } - if in.VolumeClaimTemplate != nil { - in, out := &in.VolumeClaimTemplate, &out.VolumeClaimTemplate - *out = new(v1.PersistentVolumeClaim) - (*in).DeepCopyInto(*out) - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PrometheusK8sConfig. -func (in *PrometheusK8sConfig) DeepCopy() *PrometheusK8sConfig { - if in == nil { - return nil - } - out := new(PrometheusK8sConfig) - in.DeepCopyInto(out) - return out -} - // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *PublicKey) DeepCopyInto(out *PublicKey) { *out = *in @@ -1258,6 +1173,27 @@ func (in *RetentionSizeConfig) DeepCopy() *RetentionSizeConfig { return out } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *SecretKeyReference) DeepCopyInto(out *SecretKeyReference) { + *out = *in + if in.Optional != nil { + in, out := &in.Optional, &out.Optional + *out = new(bool) + **out = **in + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new SecretKeyReference. +func (in *SecretKeyReference) DeepCopy() *SecretKeyReference { + if in == nil { + return nil + } + out := new(SecretKeyReference) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *Storage) DeepCopyInto(out *Storage) { *out = *in diff --git a/config/v1alpha1/zz_generated.featuregated-crd-manifests/clustermonitoring.config.openshift.io/ClusterMonitoringConfig.yaml b/config/v1alpha1/zz_generated.featuregated-crd-manifests/clustermonitoring.config.openshift.io/ClusterMonitoringConfig.yaml index abe34236459..aee2309385d 100644 --- a/config/v1alpha1/zz_generated.featuregated-crd-manifests/clustermonitoring.config.openshift.io/ClusterMonitoringConfig.yaml +++ b/config/v1alpha1/zz_generated.featuregated-crd-manifests/clustermonitoring.config.openshift.io/ClusterMonitoringConfig.yaml @@ -1309,26 +1309,23 @@ spec: apiVersion: description: |- apiVersion defines the API version of Alertmanager. - `v1` is no longer supported, `v2` is set as the default value. - maxLength: 10 + Allowed values: "v2". "v1" is no longer supported, "v2" is set as the default value. + enum: + - v2 type: string bearerToken: description: |- - bearerToken defines the secret key reference containing the bearer token + bearerToken defines the secret reference containing the bearer token to use when authenticating to Alertmanager. + This is a custom type to allow for admission time validations. properties: key: - description: The key of the secret to select from. Must + description: The key of the secret to select from. Must be a valid secret key. type: string name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + description: The name of the secret in the pod's namespace + to select from. type: string optional: description: Specify whether the Secret or its key must @@ -1336,38 +1333,45 @@ spec: type: boolean required: - key + - name type: object - x-kubernetes-map-type: atomic pathPrefix: description: pathPrefix defines the path prefix to add in front of the push endpoint path. maxLength: 255 + minLength: 1 type: string scheme: description: |- scheme defines the URL scheme to use when communicating with Alertmanager instances. Possible values are `http` or `https`. The default value is `http`. - maxLength: 10 + enum: + - http + - https type: string staticConfigs: description: |- staticConfigs is a list of statically configured Alertmanager endpoints in the form - of `:`. + of `:`. Each entry must be a valid hostname or IP address followed by a colon and a valid port number (1-65535). items: maxLength: 255 + pattern: ^([a-zA-Z0-9.-]+|\[[a-fA-F0-9:]+\]):([1-9][0-9]{0,4})$ type: string maxItems: 10 type: array x-kubernetes-list-type: set timeout: - description: timeout defines the timeout value used when - sending alerts. - maxLength: 20 + description: |- + timeout defines the timeout value used when sending alerts. + The value must be a valid Go time.Duration string (e.g. 30s, 5m, 1h). + minLength: 2 + pattern: ^([0-9]+(\.[0-9]+)?(ns|us|µs|ms|s|m|h))+$ type: string tlsConfig: - description: tlsConfig defines the TLS settings to use for - Alertmanager connections. + description: |- + tlsConfig defines the TLS settings to use for Alertmanager connections. + When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time. properties: ca: description: ca is the CA certificate to use for TLS @@ -1458,10 +1462,12 @@ spec: type: object required: - apiVersion + - scheme + - staticConfigs type: object maxItems: 10 type: array - x-kubernetes-list-type: atomic + x-kubernetes-list-type: map collectionProfile: description: |- collectionProfile defines the metrics collection profile that Prometheus uses to collect @@ -1470,6 +1476,8 @@ spec: metrics that are exposed by the platform components. In the `minimal` profile, Prometheus only collects metrics necessary for the default platform alerts, recording rules, telemetry and console dashboards. + When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time. + The default value is `full`. enum: - full - minimal @@ -1483,8 +1491,11 @@ spec: a numeric value in Prometheus size format (such as `64MB`), or the string `automatic`, which indicates that the limit will be automatically calculated based on cluster capacity. - The default value is empty, which indicates no limit. + To specify no limit, omit this field. + Minimum length for this list is 1 + Maximum length for this list is 50. maxLength: 50 + minLength: 1 type: string externalLabels: description: |- @@ -1493,16 +1504,37 @@ spec: and Alertmanager. By default, no labels are added. properties: labels: - additionalProperties: - type: string - description: labels is a map of label names to label values. - type: object + description: labels is a list of label key/value pairs. + items: + description: Label represents a key/value pair for external + labels. + properties: + key: + description: key is the name of the label. + maxLength: 63 + minLength: 1 + type: string + value: + description: value is the value of the label. + maxLength: 63 + minLength: 1 + type: string + required: + - key + - value + type: object + maxItems: 50 + minItems: 1 + type: array + x-kubernetes-list-map-keys: + - key + x-kubernetes-list-type: map required: - labels type: object logLevel: description: |- - logLevel defines the verbosity of logs emitted by Prometheus. + logLevel defines the verbosity of logs emitted by Alertmanager. This field allows users to control the amount and severity of logs generated, which can be useful for debugging issues or reducing noise in production environments. Allowed values are Error, Warn, Info, and Debug. @@ -1512,7 +1544,11 @@ spec: When set to Debug, detailed debugging information will be logged. When omitted, this means no opinion and the platform is left to choose a reasonable default, that is subject to change over time. The current default value is `Info`. - maxLength: 10 + enum: + - Error + - Warn + - Info + - Debug type: string nodeSelector: additionalProperties: @@ -1539,11 +1575,13 @@ spec: also not supported. By default, PromQL queries are not logged. maxLength: 255 + minLength: 1 type: string remoteWrite: description: |- remoteWrite defines the remote write configuration, including URL, authentication, and relabeling settings. + remoteWrite supports a maximum of 10 items in the list. items: description: RemoteWriteSpec represents configuration for remote write endpoints. @@ -1608,7 +1646,7 @@ spec: type: object maxItems: 10 type: array - x-kubernetes-list-type: atomic + x-kubernetes-list-type: map resources: description: |- resources defines the compute resource requests and limits for the Prometheus container. @@ -1696,16 +1734,18 @@ spec: This definition must be specified using the following regular expression pattern: `[0-9]+(ms|s|m|h|d|w|y)` (ms = milliseconds, s= seconds,m = minutes, h = hours, d = days, w = weeks, y = years). + When omitted, this means the user has no opinion and the platform is left + to choose reasonable defaults, which are subject to change over time. The default value is `15d`. maxLength: 20 + minLength: 1 type: string retentionSize: description: |- - retentionSize defines the maximum amount of disk space used by data blocks plus the - write-ahead log (WAL). - Supported values are `B`, `KB`, `KiB`, `MB`, `MiB`, `GB`, `GiB`, `TB`, - `TiB`, `PB`, `PiB`, `EB`, and `EiB`. - By default, no limit is defined. + retentionSize specifies the maximum volume of persistent storage that Prometheus uses for data blocks and the write-ahead log (WAL). + Acceptable values use standard Kubernetes resource quantity formats, such as `Mi`, `Gi`, `Ti`, etc. + When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time. + The default is no storage size limit is enforced and Prometheus will use the available storage capacity of the PersistentVolume. maxLength: 20 type: string tolerations: diff --git a/config/v1alpha1/zz_generated.swagger_doc_generated.go b/config/v1alpha1/zz_generated.swagger_doc_generated.go index c5be8698404..467460c51e1 100644 --- a/config/v1alpha1/zz_generated.swagger_doc_generated.go +++ b/config/v1alpha1/zz_generated.swagger_doc_generated.go @@ -120,13 +120,13 @@ func (ClusterImagePolicyStatus) SwaggerDoc() map[string]string { var map_AdditionalAlertmanagerConfig = map[string]string{ "": "AdditionalAlertmanagerConfig represents configuration for additional Alertmanager instances. The `AdditionalAlertmanagerConfig` resource defines settings for how a component communicates with additional Alertmanager instances.", - "apiVersion": "apiVersion defines the API version of Alertmanager. `v1` is no longer supported, `v2` is set as the default value.", - "bearerToken": "bearerToken defines the secret key reference containing the bearer token to use when authenticating to Alertmanager.", + "apiVersion": "apiVersion defines the API version of Alertmanager. Allowed values: \"v2\". \"v1\" is no longer supported, \"v2\" is set as the default value.", + "bearerToken": "bearerToken defines the secret reference containing the bearer token to use when authenticating to Alertmanager. This is a custom type to allow for admission time validations.", "pathPrefix": "pathPrefix defines the path prefix to add in front of the push endpoint path.", "scheme": "scheme defines the URL scheme to use when communicating with Alertmanager instances. Possible values are `http` or `https`. The default value is `http`.", - "staticConfigs": "staticConfigs is a list of statically configured Alertmanager endpoints in the form of `:`.", - "timeout": "timeout defines the timeout value used when sending alerts.", - "tlsConfig": "tlsConfig defines the TLS settings to use for Alertmanager connections.", + "staticConfigs": "staticConfigs is a list of statically configured Alertmanager endpoints in the form of `:`. Each entry must be a valid hostname or IP address followed by a colon and a valid port number (1-65535).", + "timeout": "timeout defines the timeout value used when sending alerts. The value must be a valid Go time.Duration string (e.g. 30s, 5m, 1h).", + "tlsConfig": "tlsConfig defines the TLS settings to use for Alertmanager connections. When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time.", } func (AdditionalAlertmanagerConfig) SwaggerDoc() map[string]string { @@ -221,13 +221,23 @@ func (ContainerResource) SwaggerDoc() map[string]string { var map_ExternalLabels = map[string]string{ "": "ExternalLabels represents labels to be added to time series and alerts.", - "labels": "labels is a map of label names to label values.", + "labels": "labels is a list of label key/value pairs.", } func (ExternalLabels) SwaggerDoc() map[string]string { return map_ExternalLabels } +var map_Label = map[string]string{ + "": "Label represents a key/value pair for external labels.", + "key": "key is the name of the label.", + "value": "value is the value of the label.", +} + +func (Label) SwaggerDoc() map[string]string { + return map_Label +} + var map_MetricsServerConfig = map[string]string{ "": "MetricsServerConfig provides configuration options for the Metrics Server instance that runs in the `openshift-monitoring` namespace. Use this configuration to control how the Metrics Server instance is deployed, how it logs, and how its pods are scheduled.", "audit": "audit defines the audit configuration used by the Metrics Server instance. audit is optional. When omitted, this means no opinion and the platform is left to choose a reasonable default, that is subject to change over time. The current default sets audit.profile to Metadata", @@ -242,28 +252,6 @@ func (MetricsServerConfig) SwaggerDoc() map[string]string { return map_MetricsServerConfig } -var map_PrometheusK8sConfig = map[string]string{ - "": "PrometheusK8sConfig provides configuration options for the Prometheus instance Use this configuration to control Prometheus deployment, pod scheduling, resource allocation, retention policies, and external integrations.", - "additionalAlertmanagerConfigs": "additionalAlertmanagerConfigs configures additional Alertmanager instances that receive alerts from the Prometheus component. By default, no additional Alertmanager instances are configured.", - "enforcedBodySizeLimit": "enforcedBodySizeLimit enforces a body size limit for Prometheus scraped metrics. If a scraped target's body response is larger than the limit, the scrape will fail. The following values are valid: an empty value to specify no limit, a numeric value in Prometheus size format (such as `64MB`), or the string `automatic`, which indicates that the limit will be automatically calculated based on cluster capacity. The default value is empty, which indicates no limit.", - "externalLabels": "externalLabels defines labels to be added to any time series or alerts when communicating with external systems such as federation, remote storage, and Alertmanager. By default, no labels are added.", - "logLevel": "logLevel defines the verbosity of logs emitted by Prometheus. This field allows users to control the amount and severity of logs generated, which can be useful for debugging issues or reducing noise in production environments. Allowed values are Error, Warn, Info, and Debug. When set to Error, only errors will be logged. When set to Warn, both warnings and errors will be logged. When set to Info, general information, warnings, and errors will all be logged. When set to Debug, detailed debugging information will be logged. When omitted, this means no opinion and the platform is left to choose a reasonable default, that is subject to change over time. The current default value is `Info`.", - "nodeSelector": "nodeSelector defines the nodes on which the Pods are scheduled nodeSelector is optional.\n\nWhen omitted, this means the user has no opinion and the platform is left to choose reasonable defaults. These defaults are subject to change over time. The current default value is `kubernetes.io/os: linux`.", - "queryLogFile": "queryLogFile specifies the file to which PromQL queries are logged. This setting can be either a filename, in which case the queries are saved to an `emptyDir` volume at `/var/log/prometheus`, or a full path to a location where an `emptyDir` volume will be mounted and the queries saved. Writing to `/dev/stderr`, `/dev/stdout` or `/dev/null` is supported, but writing to any other `/dev/` path is not supported. Relative paths are also not supported. By default, PromQL queries are not logged.", - "remoteWrite": "remoteWrite defines the remote write configuration, including URL, authentication, and relabeling settings.", - "resources": "resources defines the compute resource requests and limits for the Prometheus container. This includes CPU, memory and HugePages constraints to help control scheduling and resource usage. When not specified, defaults are used by the platform. Requests cannot exceed limits. This field is optional. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ This is a simplified API that maps to Kubernetes ResourceRequirements. The current default values are:\n resources:\n - name: cpu\n request: 4m\n limit: null\n - name: memory\n request: 40Mi\n limit: null\nMaximum length for this list is 10. Minimum length for this list is 1.", - "retention": "retention defines the duration for which Prometheus retains data. This definition must be specified using the following regular expression pattern: `[0-9]+(ms|s|m|h|d|w|y)` (ms = milliseconds, s= seconds,m = minutes, h = hours, d = days, w = weeks, y = years). The default value is `15d`.", - "retentionSize": "retentionSize defines the maximum amount of disk space used by data blocks plus the write-ahead log (WAL). Supported values are `B`, `KB`, `KiB`, `MB`, `MiB`, `GB`, `GiB`, `TB`, `TiB`, `PB`, `PiB`, `EB`, and `EiB`. By default, no limit is defined.", - "tolerations": "tolerations defines tolerations for the pods. tolerations is optional.\n\nWhen omitted, this means the user has no opinion and the platform is left to choose reasonable defaults. These defaults are subject to change over time. Defaults are empty/unset. Maximum length for this list is 10 Minimum length for this list is 1", - "topologySpreadConstraints": "topologySpreadConstraints defines rules for how Prometheus Pods should be distributed across topology domains such as zones, nodes, or other user-defined labels. topologySpreadConstraints is optional. This helps improve high availability and resource efficiency by avoiding placing too many replicas in the same failure domain.\n\nWhen omitted, this means no opinion and the platform is left to choose a default, which is subject to change over time. This field maps directly to the `topologySpreadConstraints` field in the Pod spec. Default is empty list. Maximum length for this list is 10. Minimum length for this list is 1 Entries must have unique topologyKey and whenUnsatisfiable pairs.", - "collectionProfile": "collectionProfile defines the metrics collection profile that Prometheus uses to collect metrics from the platform components. Supported values are `full` or `minimal`. In the `full` profile (default), Prometheus collects all metrics that are exposed by the platform components. In the `minimal` profile, Prometheus only collects metrics necessary for the default platform alerts, recording rules, telemetry and console dashboards.", - "volumeClaimTemplate": "volumeClaimTemplate Defines persistent storage for Prometheus. Use this setting to configure the persistent volume claim, including storage class, volume size, and name. If omitted, the Pod uses ephemeral storage and Prometheus data will not persist across restarts. This field is optional.", -} - -func (PrometheusK8sConfig) SwaggerDoc() map[string]string { - return map_PrometheusK8sConfig -} - var map_RelabelConfig = map[string]string{ "": "RelabelConfig represents a relabeling rule.", "sourceLabels": "sourceLabels is a list of source label names.", @@ -290,6 +278,17 @@ func (RemoteWriteSpec) SwaggerDoc() map[string]string { return map_RemoteWriteSpec } +var map_SecretKeyReference = map[string]string{ + "": "SecretKeyReference represents a reference to a secret key.", + "name": "The name of the secret in the pod's namespace to select from.", + "key": "The key of the secret to select from. Must be a valid secret key.", + "optional": "Specify whether the Secret or its key must be defined", +} + +func (SecretKeyReference) SwaggerDoc() map[string]string { + return map_SecretKeyReference +} + var map_TLSConfig = map[string]string{ "": "TLSConfig represents TLS configuration for Alertmanager connections.", "ca": "ca is the CA certificate to use for TLS connections.", diff --git a/openapi/generated_openapi/zz_generated.openapi.go b/openapi/generated_openapi/zz_generated.openapi.go index 5210ecb57a6..4b573f54c9d 100644 --- a/openapi/generated_openapi/zz_generated.openapi.go +++ b/openapi/generated_openapi/zz_generated.openapi.go @@ -451,6 +451,7 @@ func GetOpenAPIDefinitions(ref common.ReferenceCallback) map[string]common.OpenA "github.com/openshift/api/config/v1alpha1.InsightsDataGatherList": schema_openshift_api_config_v1alpha1_InsightsDataGatherList(ref), "github.com/openshift/api/config/v1alpha1.InsightsDataGatherSpec": schema_openshift_api_config_v1alpha1_InsightsDataGatherSpec(ref), "github.com/openshift/api/config/v1alpha1.InsightsDataGatherStatus": schema_openshift_api_config_v1alpha1_InsightsDataGatherStatus(ref), + "github.com/openshift/api/config/v1alpha1.Label": schema_openshift_api_config_v1alpha1_Label(ref), "github.com/openshift/api/config/v1alpha1.MetricsServerConfig": schema_openshift_api_config_v1alpha1_MetricsServerConfig(ref), "github.com/openshift/api/config/v1alpha1.PKI": schema_openshift_api_config_v1alpha1_PKI(ref), "github.com/openshift/api/config/v1alpha1.PKICertificateSubject": schema_openshift_api_config_v1alpha1_PKICertificateSubject(ref), @@ -462,16 +463,17 @@ func GetOpenAPIDefinitions(ref common.ReferenceCallback) map[string]common.OpenA "github.com/openshift/api/config/v1alpha1.PolicyMatchExactRepository": schema_openshift_api_config_v1alpha1_PolicyMatchExactRepository(ref), "github.com/openshift/api/config/v1alpha1.PolicyMatchRemapIdentity": schema_openshift_api_config_v1alpha1_PolicyMatchRemapIdentity(ref), "github.com/openshift/api/config/v1alpha1.PolicyRootOfTrust": schema_openshift_api_config_v1alpha1_PolicyRootOfTrust(ref), - "github.com/openshift/api/config/v1alpha1.PrometheusK8sConfig": schema_openshift_api_config_v1alpha1_PrometheusK8sConfig(ref), "github.com/openshift/api/config/v1alpha1.PublicKey": schema_openshift_api_config_v1alpha1_PublicKey(ref), "github.com/openshift/api/config/v1alpha1.RelabelConfig": schema_openshift_api_config_v1alpha1_RelabelConfig(ref), "github.com/openshift/api/config/v1alpha1.RemoteWriteSpec": schema_openshift_api_config_v1alpha1_RemoteWriteSpec(ref), "github.com/openshift/api/config/v1alpha1.RetentionNumberConfig": schema_openshift_api_config_v1alpha1_RetentionNumberConfig(ref), "github.com/openshift/api/config/v1alpha1.RetentionPolicy": schema_openshift_api_config_v1alpha1_RetentionPolicy(ref), "github.com/openshift/api/config/v1alpha1.RetentionSizeConfig": schema_openshift_api_config_v1alpha1_RetentionSizeConfig(ref), + "github.com/openshift/api/config/v1alpha1.SecretKeyReference": schema_openshift_api_config_v1alpha1_SecretKeyReference(ref), "github.com/openshift/api/config/v1alpha1.Storage": schema_openshift_api_config_v1alpha1_Storage(ref), "github.com/openshift/api/config/v1alpha1.TLSConfig": schema_openshift_api_config_v1alpha1_TLSConfig(ref), "github.com/openshift/api/config/v1alpha1.UserDefinedMonitoring": schema_openshift_api_config_v1alpha1_UserDefinedMonitoring(ref), + "github.com/openshift/api/config/v1alpha1.prometheusK8sConfig": schema_openshift_api_config_v1alpha1_prometheusK8sConfig(ref), "github.com/openshift/api/config/v1alpha2.Custom": schema_openshift_api_config_v1alpha2_Custom(ref), "github.com/openshift/api/config/v1alpha2.GatherConfig": schema_openshift_api_config_v1alpha2_GatherConfig(ref), "github.com/openshift/api/config/v1alpha2.GathererConfig": schema_openshift_api_config_v1alpha2_GathererConfig(ref), @@ -21203,15 +21205,15 @@ func schema_openshift_api_config_v1alpha1_AdditionalAlertmanagerConfig(ref commo Properties: map[string]spec.Schema{ "apiVersion": { SchemaProps: spec.SchemaProps{ - Description: "apiVersion defines the API version of Alertmanager. `v1` is no longer supported, `v2` is set as the default value.", + Description: "apiVersion defines the API version of Alertmanager. Allowed values: \"v2\". \"v1\" is no longer supported, \"v2\" is set as the default value.", Type: []string{"string"}, Format: "", }, }, "bearerToken": { SchemaProps: spec.SchemaProps{ - Description: "bearerToken defines the secret key reference containing the bearer token to use when authenticating to Alertmanager.", - Ref: ref("k8s.io/api/core/v1.SecretKeySelector"), + Description: "bearerToken defines the secret reference containing the bearer token to use when authenticating to Alertmanager. This is a custom type to allow for admission time validations.", + Ref: ref("github.com/openshift/api/config/v1alpha1.SecretKeyReference"), }, }, "pathPrefix": { @@ -21235,7 +21237,7 @@ func schema_openshift_api_config_v1alpha1_AdditionalAlertmanagerConfig(ref commo }, }, SchemaProps: spec.SchemaProps{ - Description: "staticConfigs is a list of statically configured Alertmanager endpoints in the form of `:`.", + Description: "staticConfigs is a list of statically configured Alertmanager endpoints in the form of `:`. Each entry must be a valid hostname or IP address followed by a colon and a valid port number (1-65535).", Type: []string{"array"}, Items: &spec.SchemaOrArray{ Schema: &spec.Schema{ @@ -21250,23 +21252,23 @@ func schema_openshift_api_config_v1alpha1_AdditionalAlertmanagerConfig(ref commo }, "timeout": { SchemaProps: spec.SchemaProps{ - Description: "timeout defines the timeout value used when sending alerts.", + Description: "timeout defines the timeout value used when sending alerts. The value must be a valid Go time.Duration string (e.g. 30s, 5m, 1h).", Type: []string{"string"}, Format: "", }, }, "tlsConfig": { SchemaProps: spec.SchemaProps{ - Description: "tlsConfig defines the TLS settings to use for Alertmanager connections.", + Description: "tlsConfig defines the TLS settings to use for Alertmanager connections. When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time.", Ref: ref("github.com/openshift/api/config/v1alpha1.TLSConfig"), }, }, }, - Required: []string{"apiVersion"}, + Required: []string{"apiVersion", "scheme", "staticConfigs"}, }, }, Dependencies: []string{ - "github.com/openshift/api/config/v1alpha1.TLSConfig", "k8s.io/api/core/v1.SecretKeySelector"}, + "github.com/openshift/api/config/v1alpha1.SecretKeyReference", "github.com/openshift/api/config/v1alpha1.TLSConfig"}, } } @@ -21888,7 +21890,7 @@ func schema_openshift_api_config_v1alpha1_ClusterMonitoringSpec(ref common.Refer SchemaProps: spec.SchemaProps{ Description: "prometheusK8sConfig provides configuration options for the Prometheus instance Prometheus deployment, pod scheduling, resource allocation, retention policies, and external integrations. prometheusK8sConfig is optional. When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time.", Default: map[string]interface{}{}, - Ref: ref("github.com/openshift/api/config/v1alpha1.PrometheusK8sConfig"), + Ref: ref("github.com/openshift/api/config/v1alpha1.prometheusK8sConfig"), }, }, "metricsServerConfig": { @@ -21902,7 +21904,7 @@ func schema_openshift_api_config_v1alpha1_ClusterMonitoringSpec(ref common.Refer }, }, Dependencies: []string{ - "github.com/openshift/api/config/v1alpha1.AlertmanagerConfig", "github.com/openshift/api/config/v1alpha1.MetricsServerConfig", "github.com/openshift/api/config/v1alpha1.PrometheusK8sConfig", "github.com/openshift/api/config/v1alpha1.UserDefinedMonitoring"}, + "github.com/openshift/api/config/v1alpha1.AlertmanagerConfig", "github.com/openshift/api/config/v1alpha1.MetricsServerConfig", "github.com/openshift/api/config/v1alpha1.UserDefinedMonitoring", "github.com/openshift/api/config/v1alpha1.prometheusK8sConfig"}, } } @@ -22006,16 +22008,22 @@ func schema_openshift_api_config_v1alpha1_ExternalLabels(ref common.ReferenceCal Type: []string{"object"}, Properties: map[string]spec.Schema{ "labels": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-map-keys": []interface{}{ + "key", + }, + "x-kubernetes-list-type": "map", + }, + }, SchemaProps: spec.SchemaProps{ - Description: "labels is a map of label names to label values.", - Type: []string{"object"}, - AdditionalProperties: &spec.SchemaOrBool{ - Allows: true, + Description: "labels is a list of label key/value pairs.", + Type: []string{"array"}, + Items: &spec.SchemaOrArray{ Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ - Default: "", - Type: []string{"string"}, - Format: "", + Default: map[string]interface{}{}, + Ref: ref("github.com/openshift/api/config/v1alpha1.Label"), }, }, }, @@ -22025,6 +22033,8 @@ func schema_openshift_api_config_v1alpha1_ExternalLabels(ref common.ReferenceCal Required: []string{"labels"}, }, }, + Dependencies: []string{ + "github.com/openshift/api/config/v1alpha1.Label"}, } } @@ -22420,6 +22430,36 @@ func schema_openshift_api_config_v1alpha1_InsightsDataGatherStatus(ref common.Re } } +func schema_openshift_api_config_v1alpha1_Label(ref common.ReferenceCallback) common.OpenAPIDefinition { + return common.OpenAPIDefinition{ + Schema: spec.Schema{ + SchemaProps: spec.SchemaProps{ + Description: "Label represents a key/value pair for external labels.", + Type: []string{"object"}, + Properties: map[string]spec.Schema{ + "key": { + SchemaProps: spec.SchemaProps{ + Description: "key is the name of the label.", + Default: "", + Type: []string{"string"}, + Format: "", + }, + }, + "value": { + SchemaProps: spec.SchemaProps{ + Description: "value is the value of the label.", + Default: "", + Type: []string{"string"}, + Format: "", + }, + }, + }, + Required: []string{"key", "value"}, + }, + }, + } +} + func schema_openshift_api_config_v1alpha1_MetricsServerConfig(ref common.ReferenceCallback) common.OpenAPIDefinition { return common.OpenAPIDefinition{ Schema: spec.Schema{ @@ -22860,194 +22900,6 @@ func schema_openshift_api_config_v1alpha1_PolicyRootOfTrust(ref common.Reference } } -func schema_openshift_api_config_v1alpha1_PrometheusK8sConfig(ref common.ReferenceCallback) common.OpenAPIDefinition { - return common.OpenAPIDefinition{ - Schema: spec.Schema{ - SchemaProps: spec.SchemaProps{ - Description: "PrometheusK8sConfig provides configuration options for the Prometheus instance Use this configuration to control Prometheus deployment, pod scheduling, resource allocation, retention policies, and external integrations.", - Type: []string{"object"}, - Properties: map[string]spec.Schema{ - "additionalAlertmanagerConfigs": { - VendorExtensible: spec.VendorExtensible{ - Extensions: spec.Extensions{ - "x-kubernetes-list-type": "atomic", - }, - }, - SchemaProps: spec.SchemaProps{ - Description: "additionalAlertmanagerConfigs configures additional Alertmanager instances that receive alerts from the Prometheus component. By default, no additional Alertmanager instances are configured.", - Type: []string{"array"}, - Items: &spec.SchemaOrArray{ - Schema: &spec.Schema{ - SchemaProps: spec.SchemaProps{ - Default: map[string]interface{}{}, - Ref: ref("github.com/openshift/api/config/v1alpha1.AdditionalAlertmanagerConfig"), - }, - }, - }, - }, - }, - "enforcedBodySizeLimit": { - SchemaProps: spec.SchemaProps{ - Description: "enforcedBodySizeLimit enforces a body size limit for Prometheus scraped metrics. If a scraped target's body response is larger than the limit, the scrape will fail. The following values are valid: an empty value to specify no limit, a numeric value in Prometheus size format (such as `64MB`), or the string `automatic`, which indicates that the limit will be automatically calculated based on cluster capacity. The default value is empty, which indicates no limit.", - Type: []string{"string"}, - Format: "", - }, - }, - "externalLabels": { - SchemaProps: spec.SchemaProps{ - Description: "externalLabels defines labels to be added to any time series or alerts when communicating with external systems such as federation, remote storage, and Alertmanager. By default, no labels are added.", - Default: map[string]interface{}{}, - Ref: ref("github.com/openshift/api/config/v1alpha1.ExternalLabels"), - }, - }, - "logLevel": { - SchemaProps: spec.SchemaProps{ - Description: "logLevel defines the verbosity of logs emitted by Prometheus. This field allows users to control the amount and severity of logs generated, which can be useful for debugging issues or reducing noise in production environments. Allowed values are Error, Warn, Info, and Debug. When set to Error, only errors will be logged. When set to Warn, both warnings and errors will be logged. When set to Info, general information, warnings, and errors will all be logged. When set to Debug, detailed debugging information will be logged. When omitted, this means no opinion and the platform is left to choose a reasonable default, that is subject to change over time. The current default value is `Info`.", - Type: []string{"string"}, - Format: "", - }, - }, - "nodeSelector": { - SchemaProps: spec.SchemaProps{ - Description: "nodeSelector defines the nodes on which the Pods are scheduled nodeSelector is optional.\n\nWhen omitted, this means the user has no opinion and the platform is left to choose reasonable defaults. These defaults are subject to change over time. The current default value is `kubernetes.io/os: linux`.", - Type: []string{"object"}, - AdditionalProperties: &spec.SchemaOrBool{ - Allows: true, - Schema: &spec.Schema{ - SchemaProps: spec.SchemaProps{ - Default: "", - Type: []string{"string"}, - Format: "", - }, - }, - }, - }, - }, - "queryLogFile": { - SchemaProps: spec.SchemaProps{ - Description: "queryLogFile specifies the file to which PromQL queries are logged. This setting can be either a filename, in which case the queries are saved to an `emptyDir` volume at `/var/log/prometheus`, or a full path to a location where an `emptyDir` volume will be mounted and the queries saved. Writing to `/dev/stderr`, `/dev/stdout` or `/dev/null` is supported, but writing to any other `/dev/` path is not supported. Relative paths are also not supported. By default, PromQL queries are not logged.", - Type: []string{"string"}, - Format: "", - }, - }, - "remoteWrite": { - VendorExtensible: spec.VendorExtensible{ - Extensions: spec.Extensions{ - "x-kubernetes-list-type": "atomic", - }, - }, - SchemaProps: spec.SchemaProps{ - Description: "remoteWrite defines the remote write configuration, including URL, authentication, and relabeling settings.", - Type: []string{"array"}, - Items: &spec.SchemaOrArray{ - Schema: &spec.Schema{ - SchemaProps: spec.SchemaProps{ - Default: map[string]interface{}{}, - Ref: ref("github.com/openshift/api/config/v1alpha1.RemoteWriteSpec"), - }, - }, - }, - }, - }, - "resources": { - VendorExtensible: spec.VendorExtensible{ - Extensions: spec.Extensions{ - "x-kubernetes-list-map-keys": []interface{}{ - "name", - }, - "x-kubernetes-list-type": "map", - }, - }, - SchemaProps: spec.SchemaProps{ - Description: "resources defines the compute resource requests and limits for the Prometheus container. This includes CPU, memory and HugePages constraints to help control scheduling and resource usage. When not specified, defaults are used by the platform. Requests cannot exceed limits. This field is optional. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ This is a simplified API that maps to Kubernetes ResourceRequirements. The current default values are:\n resources:\n - name: cpu\n request: 4m\n limit: null\n - name: memory\n request: 40Mi\n limit: null\nMaximum length for this list is 10. Minimum length for this list is 1.", - Type: []string{"array"}, - Items: &spec.SchemaOrArray{ - Schema: &spec.Schema{ - SchemaProps: spec.SchemaProps{ - Default: map[string]interface{}{}, - Ref: ref("github.com/openshift/api/config/v1alpha1.ContainerResource"), - }, - }, - }, - }, - }, - "retention": { - SchemaProps: spec.SchemaProps{ - Description: "retention defines the duration for which Prometheus retains data. This definition must be specified using the following regular expression pattern: `[0-9]+(ms|s|m|h|d|w|y)` (ms = milliseconds, s= seconds,m = minutes, h = hours, d = days, w = weeks, y = years). The default value is `15d`.", - Type: []string{"string"}, - Format: "", - }, - }, - "retentionSize": { - SchemaProps: spec.SchemaProps{ - Description: "retentionSize defines the maximum amount of disk space used by data blocks plus the write-ahead log (WAL). Supported values are `B`, `KB`, `KiB`, `MB`, `MiB`, `GB`, `GiB`, `TB`, `TiB`, `PB`, `PiB`, `EB`, and `EiB`. By default, no limit is defined.", - Type: []string{"string"}, - Format: "", - }, - }, - "tolerations": { - VendorExtensible: spec.VendorExtensible{ - Extensions: spec.Extensions{ - "x-kubernetes-list-type": "atomic", - }, - }, - SchemaProps: spec.SchemaProps{ - Description: "tolerations defines tolerations for the pods. tolerations is optional.\n\nWhen omitted, this means the user has no opinion and the platform is left to choose reasonable defaults. These defaults are subject to change over time. Defaults are empty/unset. Maximum length for this list is 10 Minimum length for this list is 1", - Type: []string{"array"}, - Items: &spec.SchemaOrArray{ - Schema: &spec.Schema{ - SchemaProps: spec.SchemaProps{ - Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.Toleration"), - }, - }, - }, - }, - }, - "topologySpreadConstraints": { - VendorExtensible: spec.VendorExtensible{ - Extensions: spec.Extensions{ - "x-kubernetes-list-map-keys": []interface{}{ - "topologyKey", - "whenUnsatisfiable", - }, - "x-kubernetes-list-type": "map", - }, - }, - SchemaProps: spec.SchemaProps{ - Description: "topologySpreadConstraints defines rules for how Prometheus Pods should be distributed across topology domains such as zones, nodes, or other user-defined labels. topologySpreadConstraints is optional. This helps improve high availability and resource efficiency by avoiding placing too many replicas in the same failure domain.\n\nWhen omitted, this means no opinion and the platform is left to choose a default, which is subject to change over time. This field maps directly to the `topologySpreadConstraints` field in the Pod spec. Default is empty list. Maximum length for this list is 10. Minimum length for this list is 1 Entries must have unique topologyKey and whenUnsatisfiable pairs.", - Type: []string{"array"}, - Items: &spec.SchemaOrArray{ - Schema: &spec.Schema{ - SchemaProps: spec.SchemaProps{ - Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.TopologySpreadConstraint"), - }, - }, - }, - }, - }, - "collectionProfile": { - SchemaProps: spec.SchemaProps{ - Description: "collectionProfile defines the metrics collection profile that Prometheus uses to collect metrics from the platform components. Supported values are `full` or `minimal`. In the `full` profile (default), Prometheus collects all metrics that are exposed by the platform components. In the `minimal` profile, Prometheus only collects metrics necessary for the default platform alerts, recording rules, telemetry and console dashboards.", - Type: []string{"string"}, - Format: "", - }, - }, - "volumeClaimTemplate": { - SchemaProps: spec.SchemaProps{ - Description: "volumeClaimTemplate Defines persistent storage for Prometheus. Use this setting to configure the persistent volume claim, including storage class, volume size, and name. If omitted, the Pod uses ephemeral storage and Prometheus data will not persist across restarts. This field is optional.", - Ref: ref("k8s.io/api/core/v1.PersistentVolumeClaim"), - }, - }, - }, - }, - }, - Dependencies: []string{ - "github.com/openshift/api/config/v1alpha1.AdditionalAlertmanagerConfig", "github.com/openshift/api/config/v1alpha1.ContainerResource", "github.com/openshift/api/config/v1alpha1.ExternalLabels", "github.com/openshift/api/config/v1alpha1.RemoteWriteSpec", "k8s.io/api/core/v1.PersistentVolumeClaim", "k8s.io/api/core/v1.Toleration", "k8s.io/api/core/v1.TopologySpreadConstraint"}, - } -} - func schema_openshift_api_config_v1alpha1_PublicKey(ref common.ReferenceCallback) common.OpenAPIDefinition { return common.OpenAPIDefinition{ Schema: spec.Schema{ @@ -23294,6 +23146,43 @@ func schema_openshift_api_config_v1alpha1_RetentionSizeConfig(ref common.Referen } } +func schema_openshift_api_config_v1alpha1_SecretKeyReference(ref common.ReferenceCallback) common.OpenAPIDefinition { + return common.OpenAPIDefinition{ + Schema: spec.Schema{ + SchemaProps: spec.SchemaProps{ + Description: "SecretKeyReference represents a reference to a secret key.", + Type: []string{"object"}, + Properties: map[string]spec.Schema{ + "name": { + SchemaProps: spec.SchemaProps{ + Description: "The name of the secret in the pod's namespace to select from.", + Default: "", + Type: []string{"string"}, + Format: "", + }, + }, + "key": { + SchemaProps: spec.SchemaProps{ + Description: "The key of the secret to select from. Must be a valid secret key.", + Default: "", + Type: []string{"string"}, + Format: "", + }, + }, + "optional": { + SchemaProps: spec.SchemaProps{ + Description: "Specify whether the Secret or its key must be defined", + Type: []string{"boolean"}, + Format: "", + }, + }, + }, + Required: []string{"name", "key"}, + }, + }, + } +} + func schema_openshift_api_config_v1alpha1_Storage(ref common.ReferenceCallback) common.OpenAPIDefinition { return common.OpenAPIDefinition{ Schema: spec.Schema{ @@ -23394,6 +23283,194 @@ func schema_openshift_api_config_v1alpha1_UserDefinedMonitoring(ref common.Refer } } +func schema_openshift_api_config_v1alpha1_prometheusK8sConfig(ref common.ReferenceCallback) common.OpenAPIDefinition { + return common.OpenAPIDefinition{ + Schema: spec.Schema{ + SchemaProps: spec.SchemaProps{ + Description: "prometheusK8sConfig provides configuration options for the Prometheus instance Use this configuration to control Prometheus deployment, pod scheduling, resource allocation, retention policies, and external integrations.", + Type: []string{"object"}, + Properties: map[string]spec.Schema{ + "additionalAlertmanagerConfigs": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "map", + }, + }, + SchemaProps: spec.SchemaProps{ + Description: "additionalAlertmanagerConfigs configures additional Alertmanager instances that receive alerts from the Prometheus component. By default, no additional Alertmanager instances are configured.", + Type: []string{"array"}, + Items: &spec.SchemaOrArray{ + Schema: &spec.Schema{ + SchemaProps: spec.SchemaProps{ + Default: map[string]interface{}{}, + Ref: ref("github.com/openshift/api/config/v1alpha1.AdditionalAlertmanagerConfig"), + }, + }, + }, + }, + }, + "enforcedBodySizeLimit": { + SchemaProps: spec.SchemaProps{ + Description: "enforcedBodySizeLimit enforces a body size limit for Prometheus scraped metrics. If a scraped target's body response is larger than the limit, the scrape will fail. The following values are valid: an empty value to specify no limit, a numeric value in Prometheus size format (such as `64MB`), or the string `automatic`, which indicates that the limit will be automatically calculated based on cluster capacity. To specify no limit, omit this field. Minimum length for this list is 1 Maximum length for this list is 50.", + Type: []string{"string"}, + Format: "", + }, + }, + "externalLabels": { + SchemaProps: spec.SchemaProps{ + Description: "externalLabels defines labels to be added to any time series or alerts when communicating with external systems such as federation, remote storage, and Alertmanager. By default, no labels are added.", + Default: map[string]interface{}{}, + Ref: ref("github.com/openshift/api/config/v1alpha1.ExternalLabels"), + }, + }, + "logLevel": { + SchemaProps: spec.SchemaProps{ + Description: "logLevel defines the verbosity of logs emitted by Alertmanager. This field allows users to control the amount and severity of logs generated, which can be useful for debugging issues or reducing noise in production environments. Allowed values are Error, Warn, Info, and Debug. When set to Error, only errors will be logged. When set to Warn, both warnings and errors will be logged. When set to Info, general information, warnings, and errors will all be logged. When set to Debug, detailed debugging information will be logged. When omitted, this means no opinion and the platform is left to choose a reasonable default, that is subject to change over time. The current default value is `Info`.", + Type: []string{"string"}, + Format: "", + }, + }, + "nodeSelector": { + SchemaProps: spec.SchemaProps{ + Description: "nodeSelector defines the nodes on which the Pods are scheduled nodeSelector is optional.\n\nWhen omitted, this means the user has no opinion and the platform is left to choose reasonable defaults. These defaults are subject to change over time. The current default value is `kubernetes.io/os: linux`.", + Type: []string{"object"}, + AdditionalProperties: &spec.SchemaOrBool{ + Allows: true, + Schema: &spec.Schema{ + SchemaProps: spec.SchemaProps{ + Default: "", + Type: []string{"string"}, + Format: "", + }, + }, + }, + }, + }, + "queryLogFile": { + SchemaProps: spec.SchemaProps{ + Description: "queryLogFile specifies the file to which PromQL queries are logged. This setting can be either a filename, in which case the queries are saved to an `emptyDir` volume at `/var/log/prometheus`, or a full path to a location where an `emptyDir` volume will be mounted and the queries saved. Writing to `/dev/stderr`, `/dev/stdout` or `/dev/null` is supported, but writing to any other `/dev/` path is not supported. Relative paths are also not supported. By default, PromQL queries are not logged.", + Type: []string{"string"}, + Format: "", + }, + }, + "remoteWrite": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "map", + }, + }, + SchemaProps: spec.SchemaProps{ + Description: "remoteWrite defines the remote write configuration, including URL, authentication, and relabeling settings. remoteWrite supports a maximum of 10 items in the list.", + Type: []string{"array"}, + Items: &spec.SchemaOrArray{ + Schema: &spec.Schema{ + SchemaProps: spec.SchemaProps{ + Default: map[string]interface{}{}, + Ref: ref("github.com/openshift/api/config/v1alpha1.RemoteWriteSpec"), + }, + }, + }, + }, + }, + "resources": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-map-keys": []interface{}{ + "name", + }, + "x-kubernetes-list-type": "map", + }, + }, + SchemaProps: spec.SchemaProps{ + Description: "resources defines the compute resource requests and limits for the Prometheus container. This includes CPU, memory and HugePages constraints to help control scheduling and resource usage. When not specified, defaults are used by the platform. Requests cannot exceed limits. This field is optional. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ This is a simplified API that maps to Kubernetes ResourceRequirements. The current default values are:\n resources:\n - name: cpu\n request: 4m\n limit: null\n - name: memory\n request: 40Mi\n limit: null\nMaximum length for this list is 10. Minimum length for this list is 1.", + Type: []string{"array"}, + Items: &spec.SchemaOrArray{ + Schema: &spec.Schema{ + SchemaProps: spec.SchemaProps{ + Default: map[string]interface{}{}, + Ref: ref("github.com/openshift/api/config/v1alpha1.ContainerResource"), + }, + }, + }, + }, + }, + "retention": { + SchemaProps: spec.SchemaProps{ + Description: "retention defines the duration for which Prometheus retains data. This definition must be specified using the following regular expression pattern: `[0-9]+(ms|s|m|h|d|w|y)` (ms = milliseconds, s= seconds,m = minutes, h = hours, d = days, w = weeks, y = years). When omitted, this means the user has no opinion and the platform is left to choose reasonable defaults, which are subject to change over time. The default value is `15d`.", + Type: []string{"string"}, + Format: "", + }, + }, + "retentionSize": { + SchemaProps: spec.SchemaProps{ + Description: "retentionSize specifies the maximum volume of persistent storage that Prometheus uses for data blocks and the write-ahead log (WAL). Acceptable values use standard Kubernetes resource quantity formats, such as `Mi`, `Gi`, `Ti`, etc. When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time. The default is no storage size limit is enforced and Prometheus will use the available storage capacity of the PersistentVolume.", + Type: []string{"string"}, + Format: "", + }, + }, + "tolerations": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, + SchemaProps: spec.SchemaProps{ + Description: "tolerations defines tolerations for the pods. tolerations is optional.\n\nWhen omitted, this means the user has no opinion and the platform is left to choose reasonable defaults. These defaults are subject to change over time. Defaults are empty/unset. Maximum length for this list is 10 Minimum length for this list is 1", + Type: []string{"array"}, + Items: &spec.SchemaOrArray{ + Schema: &spec.Schema{ + SchemaProps: spec.SchemaProps{ + Default: map[string]interface{}{}, + Ref: ref("k8s.io/api/core/v1.Toleration"), + }, + }, + }, + }, + }, + "topologySpreadConstraints": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-map-keys": []interface{}{ + "topologyKey", + "whenUnsatisfiable", + }, + "x-kubernetes-list-type": "map", + }, + }, + SchemaProps: spec.SchemaProps{ + Description: "topologySpreadConstraints defines rules for how Prometheus Pods should be distributed across topology domains such as zones, nodes, or other user-defined labels. topologySpreadConstraints is optional. This helps improve high availability and resource efficiency by avoiding placing too many replicas in the same failure domain.\n\nWhen omitted, this means no opinion and the platform is left to choose a default, which is subject to change over time. This field maps directly to the `topologySpreadConstraints` field in the Pod spec. Default is empty list. Maximum length for this list is 10. Minimum length for this list is 1 Entries must have unique topologyKey and whenUnsatisfiable pairs.", + Type: []string{"array"}, + Items: &spec.SchemaOrArray{ + Schema: &spec.Schema{ + SchemaProps: spec.SchemaProps{ + Default: map[string]interface{}{}, + Ref: ref("k8s.io/api/core/v1.TopologySpreadConstraint"), + }, + }, + }, + }, + }, + "collectionProfile": { + SchemaProps: spec.SchemaProps{ + Description: "collectionProfile defines the metrics collection profile that Prometheus uses to collect metrics from the platform components. Supported values are `full` or `minimal`. In the `full` profile (default), Prometheus collects all metrics that are exposed by the platform components. In the `minimal` profile, Prometheus only collects metrics necessary for the default platform alerts, recording rules, telemetry and console dashboards. When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time. The default value is `full`.", + Type: []string{"string"}, + Format: "", + }, + }, + "volumeClaimTemplate": { + SchemaProps: spec.SchemaProps{ + Description: "volumeClaimTemplate Defines persistent storage for Prometheus. Use this setting to configure the persistent volume claim, including storage class, volume size, and name. If omitted, the Pod uses ephemeral storage and Prometheus data will not persist across restarts. This field is optional.", + Ref: ref("k8s.io/api/core/v1.PersistentVolumeClaim"), + }, + }, + }, + }, + }, + Dependencies: []string{ + "github.com/openshift/api/config/v1alpha1.AdditionalAlertmanagerConfig", "github.com/openshift/api/config/v1alpha1.ContainerResource", "github.com/openshift/api/config/v1alpha1.ExternalLabels", "github.com/openshift/api/config/v1alpha1.RemoteWriteSpec", "k8s.io/api/core/v1.PersistentVolumeClaim", "k8s.io/api/core/v1.Toleration", "k8s.io/api/core/v1.TopologySpreadConstraint"}, + } +} + func schema_openshift_api_config_v1alpha2_Custom(ref common.ReferenceCallback) common.OpenAPIDefinition { return common.OpenAPIDefinition{ Schema: spec.Schema{ diff --git a/openapi/openapi.json b/openapi/openapi.json index fe2b8f0a7d3..60bf56ac5c2 100644 --- a/openapi/openapi.json +++ b/openapi/openapi.json @@ -11533,16 +11533,18 @@ "description": "AdditionalAlertmanagerConfig represents configuration for additional Alertmanager instances. The `AdditionalAlertmanagerConfig` resource defines settings for how a component communicates with additional Alertmanager instances.", "type": "object", "required": [ - "apiVersion" + "apiVersion", + "scheme", + "staticConfigs" ], "properties": { "apiVersion": { - "description": "apiVersion defines the API version of Alertmanager. `v1` is no longer supported, `v2` is set as the default value.", + "description": "apiVersion defines the API version of Alertmanager. Allowed values: \"v2\". \"v1\" is no longer supported, \"v2\" is set as the default value.", "type": "string" }, "bearerToken": { - "description": "bearerToken defines the secret key reference containing the bearer token to use when authenticating to Alertmanager.", - "$ref": "#/definitions/io.k8s.api.core.v1.SecretKeySelector" + "description": "bearerToken defines the secret reference containing the bearer token to use when authenticating to Alertmanager. This is a custom type to allow for admission time validations.", + "$ref": "#/definitions/com.github.openshift.api.config.v1alpha1.SecretKeyReference" }, "pathPrefix": { "description": "pathPrefix defines the path prefix to add in front of the push endpoint path.", @@ -11553,7 +11555,7 @@ "type": "string" }, "staticConfigs": { - "description": "staticConfigs is a list of statically configured Alertmanager endpoints in the form of `:`.", + "description": "staticConfigs is a list of statically configured Alertmanager endpoints in the form of `:`. Each entry must be a valid hostname or IP address followed by a colon and a valid port number (1-65535).", "type": "array", "items": { "type": "string", @@ -11562,11 +11564,11 @@ "x-kubernetes-list-type": "set" }, "timeout": { - "description": "timeout defines the timeout value used when sending alerts.", + "description": "timeout defines the timeout value used when sending alerts. The value must be a valid Go time.Duration string (e.g. 30s, 5m, 1h).", "type": "string" }, "tlsConfig": { - "description": "tlsConfig defines the TLS settings to use for Alertmanager connections.", + "description": "tlsConfig defines the TLS settings to use for Alertmanager connections. When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time.", "$ref": "#/definitions/com.github.openshift.api.config.v1alpha1.TLSConfig" } } @@ -11924,7 +11926,7 @@ "prometheusK8sConfig": { "description": "prometheusK8sConfig provides configuration options for the Prometheus instance Prometheus deployment, pod scheduling, resource allocation, retention policies, and external integrations. prometheusK8sConfig is optional. When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time.", "default": {}, - "$ref": "#/definitions/com.github.openshift.api.config.v1alpha1.PrometheusK8sConfig" + "$ref": "#/definitions/com.github.openshift.api.config.v1alpha1.prometheusK8sConfig" }, "userDefined": { "description": "userDefined set the deployment mode for user-defined monitoring in addition to the default platform monitoring. userDefined is optional. When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time. The current default value is `Disabled`.", @@ -11992,12 +11994,16 @@ ], "properties": { "labels": { - "description": "labels is a map of label names to label values.", - "type": "object", - "additionalProperties": { - "type": "string", - "default": "" - } + "description": "labels is a list of label key/value pairs.", + "type": "array", + "items": { + "default": {}, + "$ref": "#/definitions/com.github.openshift.api.config.v1alpha1.Label" + }, + "x-kubernetes-list-map-keys": [ + "key" + ], + "x-kubernetes-list-type": "map" } } }, @@ -12227,6 +12233,26 @@ "com.github.openshift.api.config.v1alpha1.InsightsDataGatherStatus": { "type": "object" }, + "com.github.openshift.api.config.v1alpha1.Label": { + "description": "Label represents a key/value pair for external labels.", + "type": "object", + "required": [ + "key", + "value" + ], + "properties": { + "key": { + "description": "key is the name of the label.", + "type": "string", + "default": "" + }, + "value": { + "description": "value is the value of the label.", + "type": "string", + "default": "" + } + } + }, "com.github.openshift.api.config.v1alpha1.MetricsServerConfig": { "description": "MetricsServerConfig provides configuration options for the Metrics Server instance that runs in the `openshift-monitoring` namespace. Use this configuration to control how the Metrics Server instance is deployed, how it logs, and how its pods are scheduled.", "type": "object", @@ -12493,105 +12519,6 @@ } ] }, - "com.github.openshift.api.config.v1alpha1.PrometheusK8sConfig": { - "description": "PrometheusK8sConfig provides configuration options for the Prometheus instance Use this configuration to control Prometheus deployment, pod scheduling, resource allocation, retention policies, and external integrations.", - "type": "object", - "properties": { - "additionalAlertmanagerConfigs": { - "description": "additionalAlertmanagerConfigs configures additional Alertmanager instances that receive alerts from the Prometheus component. By default, no additional Alertmanager instances are configured.", - "type": "array", - "items": { - "default": {}, - "$ref": "#/definitions/com.github.openshift.api.config.v1alpha1.AdditionalAlertmanagerConfig" - }, - "x-kubernetes-list-type": "atomic" - }, - "collectionProfile": { - "description": "collectionProfile defines the metrics collection profile that Prometheus uses to collect metrics from the platform components. Supported values are `full` or `minimal`. In the `full` profile (default), Prometheus collects all metrics that are exposed by the platform components. In the `minimal` profile, Prometheus only collects metrics necessary for the default platform alerts, recording rules, telemetry and console dashboards.", - "type": "string" - }, - "enforcedBodySizeLimit": { - "description": "enforcedBodySizeLimit enforces a body size limit for Prometheus scraped metrics. If a scraped target's body response is larger than the limit, the scrape will fail. The following values are valid: an empty value to specify no limit, a numeric value in Prometheus size format (such as `64MB`), or the string `automatic`, which indicates that the limit will be automatically calculated based on cluster capacity. The default value is empty, which indicates no limit.", - "type": "string" - }, - "externalLabels": { - "description": "externalLabels defines labels to be added to any time series or alerts when communicating with external systems such as federation, remote storage, and Alertmanager. By default, no labels are added.", - "default": {}, - "$ref": "#/definitions/com.github.openshift.api.config.v1alpha1.ExternalLabels" - }, - "logLevel": { - "description": "logLevel defines the verbosity of logs emitted by Prometheus. This field allows users to control the amount and severity of logs generated, which can be useful for debugging issues or reducing noise in production environments. Allowed values are Error, Warn, Info, and Debug. When set to Error, only errors will be logged. When set to Warn, both warnings and errors will be logged. When set to Info, general information, warnings, and errors will all be logged. When set to Debug, detailed debugging information will be logged. When omitted, this means no opinion and the platform is left to choose a reasonable default, that is subject to change over time. The current default value is `Info`.", - "type": "string" - }, - "nodeSelector": { - "description": "nodeSelector defines the nodes on which the Pods are scheduled nodeSelector is optional.\n\nWhen omitted, this means the user has no opinion and the platform is left to choose reasonable defaults. These defaults are subject to change over time. The current default value is `kubernetes.io/os: linux`.", - "type": "object", - "additionalProperties": { - "type": "string", - "default": "" - } - }, - "queryLogFile": { - "description": "queryLogFile specifies the file to which PromQL queries are logged. This setting can be either a filename, in which case the queries are saved to an `emptyDir` volume at `/var/log/prometheus`, or a full path to a location where an `emptyDir` volume will be mounted and the queries saved. Writing to `/dev/stderr`, `/dev/stdout` or `/dev/null` is supported, but writing to any other `/dev/` path is not supported. Relative paths are also not supported. By default, PromQL queries are not logged.", - "type": "string" - }, - "remoteWrite": { - "description": "remoteWrite defines the remote write configuration, including URL, authentication, and relabeling settings.", - "type": "array", - "items": { - "default": {}, - "$ref": "#/definitions/com.github.openshift.api.config.v1alpha1.RemoteWriteSpec" - }, - "x-kubernetes-list-type": "atomic" - }, - "resources": { - "description": "resources defines the compute resource requests and limits for the Prometheus container. This includes CPU, memory and HugePages constraints to help control scheduling and resource usage. When not specified, defaults are used by the platform. Requests cannot exceed limits. This field is optional. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ This is a simplified API that maps to Kubernetes ResourceRequirements. The current default values are:\n resources:\n - name: cpu\n request: 4m\n limit: null\n - name: memory\n request: 40Mi\n limit: null\nMaximum length for this list is 10. Minimum length for this list is 1.", - "type": "array", - "items": { - "default": {}, - "$ref": "#/definitions/com.github.openshift.api.config.v1alpha1.ContainerResource" - }, - "x-kubernetes-list-map-keys": [ - "name" - ], - "x-kubernetes-list-type": "map" - }, - "retention": { - "description": "retention defines the duration for which Prometheus retains data. This definition must be specified using the following regular expression pattern: `[0-9]+(ms|s|m|h|d|w|y)` (ms = milliseconds, s= seconds,m = minutes, h = hours, d = days, w = weeks, y = years). The default value is `15d`.", - "type": "string" - }, - "retentionSize": { - "description": "retentionSize defines the maximum amount of disk space used by data blocks plus the write-ahead log (WAL). Supported values are `B`, `KB`, `KiB`, `MB`, `MiB`, `GB`, `GiB`, `TB`, `TiB`, `PB`, `PiB`, `EB`, and `EiB`. By default, no limit is defined.", - "type": "string" - }, - "tolerations": { - "description": "tolerations defines tolerations for the pods. tolerations is optional.\n\nWhen omitted, this means the user has no opinion and the platform is left to choose reasonable defaults. These defaults are subject to change over time. Defaults are empty/unset. Maximum length for this list is 10 Minimum length for this list is 1", - "type": "array", - "items": { - "default": {}, - "$ref": "#/definitions/io.k8s.api.core.v1.Toleration" - }, - "x-kubernetes-list-type": "atomic" - }, - "topologySpreadConstraints": { - "description": "topologySpreadConstraints defines rules for how Prometheus Pods should be distributed across topology domains such as zones, nodes, or other user-defined labels. topologySpreadConstraints is optional. This helps improve high availability and resource efficiency by avoiding placing too many replicas in the same failure domain.\n\nWhen omitted, this means no opinion and the platform is left to choose a default, which is subject to change over time. This field maps directly to the `topologySpreadConstraints` field in the Pod spec. Default is empty list. Maximum length for this list is 10. Minimum length for this list is 1 Entries must have unique topologyKey and whenUnsatisfiable pairs.", - "type": "array", - "items": { - "default": {}, - "$ref": "#/definitions/io.k8s.api.core.v1.TopologySpreadConstraint" - }, - "x-kubernetes-list-map-keys": [ - "topologyKey", - "whenUnsatisfiable" - ], - "x-kubernetes-list-type": "map" - }, - "volumeClaimTemplate": { - "description": "volumeClaimTemplate Defines persistent storage for Prometheus. Use this setting to configure the persistent volume claim, including storage class, volume size, and name. If omitted, the Pod uses ephemeral storage and Prometheus data will not persist across restarts. This field is optional.", - "$ref": "#/definitions/io.k8s.api.core.v1.PersistentVolumeClaim" - } - } - }, "com.github.openshift.api.config.v1alpha1.PublicKey": { "description": "PublicKey defines the root of trust based on a sigstore public key.", "type": "object", @@ -12741,6 +12668,30 @@ } } }, + "com.github.openshift.api.config.v1alpha1.SecretKeyReference": { + "description": "SecretKeyReference represents a reference to a secret key.", + "type": "object", + "required": [ + "name", + "key" + ], + "properties": { + "key": { + "description": "The key of the secret to select from. Must be a valid secret key.", + "type": "string", + "default": "" + }, + "name": { + "description": "The name of the secret in the pod's namespace to select from.", + "type": "string", + "default": "" + }, + "optional": { + "description": "Specify whether the Secret or its key must be defined", + "type": "boolean" + } + } + }, "com.github.openshift.api.config.v1alpha1.Storage": { "description": "storage provides persistent storage configuration options for gathering jobs. If the type is set to PersistentVolume, then the PersistentVolume must be defined. If the type is set to Ephemeral, then the PersistentVolume must not be defined.", "type": "object", @@ -12803,6 +12754,105 @@ } } }, + "com.github.openshift.api.config.v1alpha1.prometheusK8sConfig": { + "description": "prometheusK8sConfig provides configuration options for the Prometheus instance Use this configuration to control Prometheus deployment, pod scheduling, resource allocation, retention policies, and external integrations.", + "type": "object", + "properties": { + "additionalAlertmanagerConfigs": { + "description": "additionalAlertmanagerConfigs configures additional Alertmanager instances that receive alerts from the Prometheus component. By default, no additional Alertmanager instances are configured.", + "type": "array", + "items": { + "default": {}, + "$ref": "#/definitions/com.github.openshift.api.config.v1alpha1.AdditionalAlertmanagerConfig" + }, + "x-kubernetes-list-type": "map" + }, + "collectionProfile": { + "description": "collectionProfile defines the metrics collection profile that Prometheus uses to collect metrics from the platform components. Supported values are `full` or `minimal`. In the `full` profile (default), Prometheus collects all metrics that are exposed by the platform components. In the `minimal` profile, Prometheus only collects metrics necessary for the default platform alerts, recording rules, telemetry and console dashboards. When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time. The default value is `full`.", + "type": "string" + }, + "enforcedBodySizeLimit": { + "description": "enforcedBodySizeLimit enforces a body size limit for Prometheus scraped metrics. If a scraped target's body response is larger than the limit, the scrape will fail. The following values are valid: an empty value to specify no limit, a numeric value in Prometheus size format (such as `64MB`), or the string `automatic`, which indicates that the limit will be automatically calculated based on cluster capacity. To specify no limit, omit this field. Minimum length for this list is 1 Maximum length for this list is 50.", + "type": "string" + }, + "externalLabels": { + "description": "externalLabels defines labels to be added to any time series or alerts when communicating with external systems such as federation, remote storage, and Alertmanager. By default, no labels are added.", + "default": {}, + "$ref": "#/definitions/com.github.openshift.api.config.v1alpha1.ExternalLabels" + }, + "logLevel": { + "description": "logLevel defines the verbosity of logs emitted by Alertmanager. This field allows users to control the amount and severity of logs generated, which can be useful for debugging issues or reducing noise in production environments. Allowed values are Error, Warn, Info, and Debug. When set to Error, only errors will be logged. When set to Warn, both warnings and errors will be logged. When set to Info, general information, warnings, and errors will all be logged. When set to Debug, detailed debugging information will be logged. When omitted, this means no opinion and the platform is left to choose a reasonable default, that is subject to change over time. The current default value is `Info`.", + "type": "string" + }, + "nodeSelector": { + "description": "nodeSelector defines the nodes on which the Pods are scheduled nodeSelector is optional.\n\nWhen omitted, this means the user has no opinion and the platform is left to choose reasonable defaults. These defaults are subject to change over time. The current default value is `kubernetes.io/os: linux`.", + "type": "object", + "additionalProperties": { + "type": "string", + "default": "" + } + }, + "queryLogFile": { + "description": "queryLogFile specifies the file to which PromQL queries are logged. This setting can be either a filename, in which case the queries are saved to an `emptyDir` volume at `/var/log/prometheus`, or a full path to a location where an `emptyDir` volume will be mounted and the queries saved. Writing to `/dev/stderr`, `/dev/stdout` or `/dev/null` is supported, but writing to any other `/dev/` path is not supported. Relative paths are also not supported. By default, PromQL queries are not logged.", + "type": "string" + }, + "remoteWrite": { + "description": "remoteWrite defines the remote write configuration, including URL, authentication, and relabeling settings. remoteWrite supports a maximum of 10 items in the list.", + "type": "array", + "items": { + "default": {}, + "$ref": "#/definitions/com.github.openshift.api.config.v1alpha1.RemoteWriteSpec" + }, + "x-kubernetes-list-type": "map" + }, + "resources": { + "description": "resources defines the compute resource requests and limits for the Prometheus container. This includes CPU, memory and HugePages constraints to help control scheduling and resource usage. When not specified, defaults are used by the platform. Requests cannot exceed limits. This field is optional. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ This is a simplified API that maps to Kubernetes ResourceRequirements. The current default values are:\n resources:\n - name: cpu\n request: 4m\n limit: null\n - name: memory\n request: 40Mi\n limit: null\nMaximum length for this list is 10. Minimum length for this list is 1.", + "type": "array", + "items": { + "default": {}, + "$ref": "#/definitions/com.github.openshift.api.config.v1alpha1.ContainerResource" + }, + "x-kubernetes-list-map-keys": [ + "name" + ], + "x-kubernetes-list-type": "map" + }, + "retention": { + "description": "retention defines the duration for which Prometheus retains data. This definition must be specified using the following regular expression pattern: `[0-9]+(ms|s|m|h|d|w|y)` (ms = milliseconds, s= seconds,m = minutes, h = hours, d = days, w = weeks, y = years). When omitted, this means the user has no opinion and the platform is left to choose reasonable defaults, which are subject to change over time. The default value is `15d`.", + "type": "string" + }, + "retentionSize": { + "description": "retentionSize specifies the maximum volume of persistent storage that Prometheus uses for data blocks and the write-ahead log (WAL). Acceptable values use standard Kubernetes resource quantity formats, such as `Mi`, `Gi`, `Ti`, etc. When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time. The default is no storage size limit is enforced and Prometheus will use the available storage capacity of the PersistentVolume.", + "type": "string" + }, + "tolerations": { + "description": "tolerations defines tolerations for the pods. tolerations is optional.\n\nWhen omitted, this means the user has no opinion and the platform is left to choose reasonable defaults. These defaults are subject to change over time. Defaults are empty/unset. Maximum length for this list is 10 Minimum length for this list is 1", + "type": "array", + "items": { + "default": {}, + "$ref": "#/definitions/io.k8s.api.core.v1.Toleration" + }, + "x-kubernetes-list-type": "atomic" + }, + "topologySpreadConstraints": { + "description": "topologySpreadConstraints defines rules for how Prometheus Pods should be distributed across topology domains such as zones, nodes, or other user-defined labels. topologySpreadConstraints is optional. This helps improve high availability and resource efficiency by avoiding placing too many replicas in the same failure domain.\n\nWhen omitted, this means no opinion and the platform is left to choose a default, which is subject to change over time. This field maps directly to the `topologySpreadConstraints` field in the Pod spec. Default is empty list. Maximum length for this list is 10. Minimum length for this list is 1 Entries must have unique topologyKey and whenUnsatisfiable pairs.", + "type": "array", + "items": { + "default": {}, + "$ref": "#/definitions/io.k8s.api.core.v1.TopologySpreadConstraint" + }, + "x-kubernetes-list-map-keys": [ + "topologyKey", + "whenUnsatisfiable" + ], + "x-kubernetes-list-type": "map" + }, + "volumeClaimTemplate": { + "description": "volumeClaimTemplate Defines persistent storage for Prometheus. Use this setting to configure the persistent volume claim, including storage class, volume size, and name. If omitted, the Pod uses ephemeral storage and Prometheus data will not persist across restarts. This field is optional.", + "$ref": "#/definitions/io.k8s.api.core.v1.PersistentVolumeClaim" + } + } + }, "com.github.openshift.api.config.v1alpha2.Custom": { "description": "custom provides the custom configuration of gatherers", "type": "object", diff --git a/payload-manifests/crds/0000_10_config-operator_01_clustermonitoring-CustomNoUpgrade.crd.yaml b/payload-manifests/crds/0000_10_config-operator_01_clustermonitoring-CustomNoUpgrade.crd.yaml index 84bf6fa9f0f..abfe382f0ff 100644 --- a/payload-manifests/crds/0000_10_config-operator_01_clustermonitoring-CustomNoUpgrade.crd.yaml +++ b/payload-manifests/crds/0000_10_config-operator_01_clustermonitoring-CustomNoUpgrade.crd.yaml @@ -1309,26 +1309,23 @@ spec: apiVersion: description: |- apiVersion defines the API version of Alertmanager. - `v1` is no longer supported, `v2` is set as the default value. - maxLength: 10 + Allowed values: "v2". "v1" is no longer supported, "v2" is set as the default value. + enum: + - v2 type: string bearerToken: description: |- - bearerToken defines the secret key reference containing the bearer token + bearerToken defines the secret reference containing the bearer token to use when authenticating to Alertmanager. + This is a custom type to allow for admission time validations. properties: key: - description: The key of the secret to select from. Must + description: The key of the secret to select from. Must be a valid secret key. type: string name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + description: The name of the secret in the pod's namespace + to select from. type: string optional: description: Specify whether the Secret or its key must @@ -1336,38 +1333,45 @@ spec: type: boolean required: - key + - name type: object - x-kubernetes-map-type: atomic pathPrefix: description: pathPrefix defines the path prefix to add in front of the push endpoint path. maxLength: 255 + minLength: 1 type: string scheme: description: |- scheme defines the URL scheme to use when communicating with Alertmanager instances. Possible values are `http` or `https`. The default value is `http`. - maxLength: 10 + enum: + - http + - https type: string staticConfigs: description: |- staticConfigs is a list of statically configured Alertmanager endpoints in the form - of `:`. + of `:`. Each entry must be a valid hostname or IP address followed by a colon and a valid port number (1-65535). items: maxLength: 255 + pattern: ^([a-zA-Z0-9.-]+|\[[a-fA-F0-9:]+\]):([1-9][0-9]{0,4})$ type: string maxItems: 10 type: array x-kubernetes-list-type: set timeout: - description: timeout defines the timeout value used when - sending alerts. - maxLength: 20 + description: |- + timeout defines the timeout value used when sending alerts. + The value must be a valid Go time.Duration string (e.g. 30s, 5m, 1h). + minLength: 2 + pattern: ^([0-9]+(\.[0-9]+)?(ns|us|µs|ms|s|m|h))+$ type: string tlsConfig: - description: tlsConfig defines the TLS settings to use for - Alertmanager connections. + description: |- + tlsConfig defines the TLS settings to use for Alertmanager connections. + When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time. properties: ca: description: ca is the CA certificate to use for TLS @@ -1458,10 +1462,12 @@ spec: type: object required: - apiVersion + - scheme + - staticConfigs type: object maxItems: 10 type: array - x-kubernetes-list-type: atomic + x-kubernetes-list-type: map collectionProfile: description: |- collectionProfile defines the metrics collection profile that Prometheus uses to collect @@ -1470,6 +1476,8 @@ spec: metrics that are exposed by the platform components. In the `minimal` profile, Prometheus only collects metrics necessary for the default platform alerts, recording rules, telemetry and console dashboards. + When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time. + The default value is `full`. enum: - full - minimal @@ -1483,8 +1491,11 @@ spec: a numeric value in Prometheus size format (such as `64MB`), or the string `automatic`, which indicates that the limit will be automatically calculated based on cluster capacity. - The default value is empty, which indicates no limit. + To specify no limit, omit this field. + Minimum length for this list is 1 + Maximum length for this list is 50. maxLength: 50 + minLength: 1 type: string externalLabels: description: |- @@ -1493,16 +1504,37 @@ spec: and Alertmanager. By default, no labels are added. properties: labels: - additionalProperties: - type: string - description: labels is a map of label names to label values. - type: object + description: labels is a list of label key/value pairs. + items: + description: Label represents a key/value pair for external + labels. + properties: + key: + description: key is the name of the label. + maxLength: 63 + minLength: 1 + type: string + value: + description: value is the value of the label. + maxLength: 63 + minLength: 1 + type: string + required: + - key + - value + type: object + maxItems: 50 + minItems: 1 + type: array + x-kubernetes-list-map-keys: + - key + x-kubernetes-list-type: map required: - labels type: object logLevel: description: |- - logLevel defines the verbosity of logs emitted by Prometheus. + logLevel defines the verbosity of logs emitted by Alertmanager. This field allows users to control the amount and severity of logs generated, which can be useful for debugging issues or reducing noise in production environments. Allowed values are Error, Warn, Info, and Debug. @@ -1512,7 +1544,11 @@ spec: When set to Debug, detailed debugging information will be logged. When omitted, this means no opinion and the platform is left to choose a reasonable default, that is subject to change over time. The current default value is `Info`. - maxLength: 10 + enum: + - Error + - Warn + - Info + - Debug type: string nodeSelector: additionalProperties: @@ -1539,11 +1575,13 @@ spec: also not supported. By default, PromQL queries are not logged. maxLength: 255 + minLength: 1 type: string remoteWrite: description: |- remoteWrite defines the remote write configuration, including URL, authentication, and relabeling settings. + remoteWrite supports a maximum of 10 items in the list. items: description: RemoteWriteSpec represents configuration for remote write endpoints. @@ -1608,7 +1646,7 @@ spec: type: object maxItems: 10 type: array - x-kubernetes-list-type: atomic + x-kubernetes-list-type: map resources: description: |- resources defines the compute resource requests and limits for the Prometheus container. @@ -1696,16 +1734,18 @@ spec: This definition must be specified using the following regular expression pattern: `[0-9]+(ms|s|m|h|d|w|y)` (ms = milliseconds, s= seconds,m = minutes, h = hours, d = days, w = weeks, y = years). + When omitted, this means the user has no opinion and the platform is left + to choose reasonable defaults, which are subject to change over time. The default value is `15d`. maxLength: 20 + minLength: 1 type: string retentionSize: description: |- - retentionSize defines the maximum amount of disk space used by data blocks plus the - write-ahead log (WAL). - Supported values are `B`, `KB`, `KiB`, `MB`, `MiB`, `GB`, `GiB`, `TB`, - `TiB`, `PB`, `PiB`, `EB`, and `EiB`. - By default, no limit is defined. + retentionSize specifies the maximum volume of persistent storage that Prometheus uses for data blocks and the write-ahead log (WAL). + Acceptable values use standard Kubernetes resource quantity formats, such as `Mi`, `Gi`, `Ti`, etc. + When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time. + The default is no storage size limit is enforced and Prometheus will use the available storage capacity of the PersistentVolume. maxLength: 20 type: string tolerations: diff --git a/payload-manifests/crds/0000_10_config-operator_01_clustermonitoring-DevPreviewNoUpgrade.crd.yaml b/payload-manifests/crds/0000_10_config-operator_01_clustermonitoring-DevPreviewNoUpgrade.crd.yaml index 8b3f6f17bb1..c75d35066bc 100644 --- a/payload-manifests/crds/0000_10_config-operator_01_clustermonitoring-DevPreviewNoUpgrade.crd.yaml +++ b/payload-manifests/crds/0000_10_config-operator_01_clustermonitoring-DevPreviewNoUpgrade.crd.yaml @@ -1309,26 +1309,23 @@ spec: apiVersion: description: |- apiVersion defines the API version of Alertmanager. - `v1` is no longer supported, `v2` is set as the default value. - maxLength: 10 + Allowed values: "v2". "v1" is no longer supported, "v2" is set as the default value. + enum: + - v2 type: string bearerToken: description: |- - bearerToken defines the secret key reference containing the bearer token + bearerToken defines the secret reference containing the bearer token to use when authenticating to Alertmanager. + This is a custom type to allow for admission time validations. properties: key: - description: The key of the secret to select from. Must + description: The key of the secret to select from. Must be a valid secret key. type: string name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + description: The name of the secret in the pod's namespace + to select from. type: string optional: description: Specify whether the Secret or its key must @@ -1336,38 +1333,45 @@ spec: type: boolean required: - key + - name type: object - x-kubernetes-map-type: atomic pathPrefix: description: pathPrefix defines the path prefix to add in front of the push endpoint path. maxLength: 255 + minLength: 1 type: string scheme: description: |- scheme defines the URL scheme to use when communicating with Alertmanager instances. Possible values are `http` or `https`. The default value is `http`. - maxLength: 10 + enum: + - http + - https type: string staticConfigs: description: |- staticConfigs is a list of statically configured Alertmanager endpoints in the form - of `:`. + of `:`. Each entry must be a valid hostname or IP address followed by a colon and a valid port number (1-65535). items: maxLength: 255 + pattern: ^([a-zA-Z0-9.-]+|\[[a-fA-F0-9:]+\]):([1-9][0-9]{0,4})$ type: string maxItems: 10 type: array x-kubernetes-list-type: set timeout: - description: timeout defines the timeout value used when - sending alerts. - maxLength: 20 + description: |- + timeout defines the timeout value used when sending alerts. + The value must be a valid Go time.Duration string (e.g. 30s, 5m, 1h). + minLength: 2 + pattern: ^([0-9]+(\.[0-9]+)?(ns|us|µs|ms|s|m|h))+$ type: string tlsConfig: - description: tlsConfig defines the TLS settings to use for - Alertmanager connections. + description: |- + tlsConfig defines the TLS settings to use for Alertmanager connections. + When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time. properties: ca: description: ca is the CA certificate to use for TLS @@ -1458,10 +1462,12 @@ spec: type: object required: - apiVersion + - scheme + - staticConfigs type: object maxItems: 10 type: array - x-kubernetes-list-type: atomic + x-kubernetes-list-type: map collectionProfile: description: |- collectionProfile defines the metrics collection profile that Prometheus uses to collect @@ -1470,6 +1476,8 @@ spec: metrics that are exposed by the platform components. In the `minimal` profile, Prometheus only collects metrics necessary for the default platform alerts, recording rules, telemetry and console dashboards. + When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time. + The default value is `full`. enum: - full - minimal @@ -1483,8 +1491,11 @@ spec: a numeric value in Prometheus size format (such as `64MB`), or the string `automatic`, which indicates that the limit will be automatically calculated based on cluster capacity. - The default value is empty, which indicates no limit. + To specify no limit, omit this field. + Minimum length for this list is 1 + Maximum length for this list is 50. maxLength: 50 + minLength: 1 type: string externalLabels: description: |- @@ -1493,16 +1504,37 @@ spec: and Alertmanager. By default, no labels are added. properties: labels: - additionalProperties: - type: string - description: labels is a map of label names to label values. - type: object + description: labels is a list of label key/value pairs. + items: + description: Label represents a key/value pair for external + labels. + properties: + key: + description: key is the name of the label. + maxLength: 63 + minLength: 1 + type: string + value: + description: value is the value of the label. + maxLength: 63 + minLength: 1 + type: string + required: + - key + - value + type: object + maxItems: 50 + minItems: 1 + type: array + x-kubernetes-list-map-keys: + - key + x-kubernetes-list-type: map required: - labels type: object logLevel: description: |- - logLevel defines the verbosity of logs emitted by Prometheus. + logLevel defines the verbosity of logs emitted by Alertmanager. This field allows users to control the amount and severity of logs generated, which can be useful for debugging issues or reducing noise in production environments. Allowed values are Error, Warn, Info, and Debug. @@ -1512,7 +1544,11 @@ spec: When set to Debug, detailed debugging information will be logged. When omitted, this means no opinion and the platform is left to choose a reasonable default, that is subject to change over time. The current default value is `Info`. - maxLength: 10 + enum: + - Error + - Warn + - Info + - Debug type: string nodeSelector: additionalProperties: @@ -1539,11 +1575,13 @@ spec: also not supported. By default, PromQL queries are not logged. maxLength: 255 + minLength: 1 type: string remoteWrite: description: |- remoteWrite defines the remote write configuration, including URL, authentication, and relabeling settings. + remoteWrite supports a maximum of 10 items in the list. items: description: RemoteWriteSpec represents configuration for remote write endpoints. @@ -1608,7 +1646,7 @@ spec: type: object maxItems: 10 type: array - x-kubernetes-list-type: atomic + x-kubernetes-list-type: map resources: description: |- resources defines the compute resource requests and limits for the Prometheus container. @@ -1696,16 +1734,18 @@ spec: This definition must be specified using the following regular expression pattern: `[0-9]+(ms|s|m|h|d|w|y)` (ms = milliseconds, s= seconds,m = minutes, h = hours, d = days, w = weeks, y = years). + When omitted, this means the user has no opinion and the platform is left + to choose reasonable defaults, which are subject to change over time. The default value is `15d`. maxLength: 20 + minLength: 1 type: string retentionSize: description: |- - retentionSize defines the maximum amount of disk space used by data blocks plus the - write-ahead log (WAL). - Supported values are `B`, `KB`, `KiB`, `MB`, `MiB`, `GB`, `GiB`, `TB`, - `TiB`, `PB`, `PiB`, `EB`, and `EiB`. - By default, no limit is defined. + retentionSize specifies the maximum volume of persistent storage that Prometheus uses for data blocks and the write-ahead log (WAL). + Acceptable values use standard Kubernetes resource quantity formats, such as `Mi`, `Gi`, `Ti`, etc. + When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time. + The default is no storage size limit is enforced and Prometheus will use the available storage capacity of the PersistentVolume. maxLength: 20 type: string tolerations: diff --git a/payload-manifests/crds/0000_10_config-operator_01_clustermonitoring-TechPreviewNoUpgrade.crd.yaml b/payload-manifests/crds/0000_10_config-operator_01_clustermonitoring-TechPreviewNoUpgrade.crd.yaml index 32bddd337aa..baacd020e9f 100644 --- a/payload-manifests/crds/0000_10_config-operator_01_clustermonitoring-TechPreviewNoUpgrade.crd.yaml +++ b/payload-manifests/crds/0000_10_config-operator_01_clustermonitoring-TechPreviewNoUpgrade.crd.yaml @@ -1309,26 +1309,23 @@ spec: apiVersion: description: |- apiVersion defines the API version of Alertmanager. - `v1` is no longer supported, `v2` is set as the default value. - maxLength: 10 + Allowed values: "v2". "v1" is no longer supported, "v2" is set as the default value. + enum: + - v2 type: string bearerToken: description: |- - bearerToken defines the secret key reference containing the bearer token + bearerToken defines the secret reference containing the bearer token to use when authenticating to Alertmanager. + This is a custom type to allow for admission time validations. properties: key: - description: The key of the secret to select from. Must + description: The key of the secret to select from. Must be a valid secret key. type: string name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + description: The name of the secret in the pod's namespace + to select from. type: string optional: description: Specify whether the Secret or its key must @@ -1336,38 +1333,45 @@ spec: type: boolean required: - key + - name type: object - x-kubernetes-map-type: atomic pathPrefix: description: pathPrefix defines the path prefix to add in front of the push endpoint path. maxLength: 255 + minLength: 1 type: string scheme: description: |- scheme defines the URL scheme to use when communicating with Alertmanager instances. Possible values are `http` or `https`. The default value is `http`. - maxLength: 10 + enum: + - http + - https type: string staticConfigs: description: |- staticConfigs is a list of statically configured Alertmanager endpoints in the form - of `:`. + of `:`. Each entry must be a valid hostname or IP address followed by a colon and a valid port number (1-65535). items: maxLength: 255 + pattern: ^([a-zA-Z0-9.-]+|\[[a-fA-F0-9:]+\]):([1-9][0-9]{0,4})$ type: string maxItems: 10 type: array x-kubernetes-list-type: set timeout: - description: timeout defines the timeout value used when - sending alerts. - maxLength: 20 + description: |- + timeout defines the timeout value used when sending alerts. + The value must be a valid Go time.Duration string (e.g. 30s, 5m, 1h). + minLength: 2 + pattern: ^([0-9]+(\.[0-9]+)?(ns|us|µs|ms|s|m|h))+$ type: string tlsConfig: - description: tlsConfig defines the TLS settings to use for - Alertmanager connections. + description: |- + tlsConfig defines the TLS settings to use for Alertmanager connections. + When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time. properties: ca: description: ca is the CA certificate to use for TLS @@ -1458,10 +1462,12 @@ spec: type: object required: - apiVersion + - scheme + - staticConfigs type: object maxItems: 10 type: array - x-kubernetes-list-type: atomic + x-kubernetes-list-type: map collectionProfile: description: |- collectionProfile defines the metrics collection profile that Prometheus uses to collect @@ -1470,6 +1476,8 @@ spec: metrics that are exposed by the platform components. In the `minimal` profile, Prometheus only collects metrics necessary for the default platform alerts, recording rules, telemetry and console dashboards. + When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time. + The default value is `full`. enum: - full - minimal @@ -1483,8 +1491,11 @@ spec: a numeric value in Prometheus size format (such as `64MB`), or the string `automatic`, which indicates that the limit will be automatically calculated based on cluster capacity. - The default value is empty, which indicates no limit. + To specify no limit, omit this field. + Minimum length for this list is 1 + Maximum length for this list is 50. maxLength: 50 + minLength: 1 type: string externalLabels: description: |- @@ -1493,16 +1504,37 @@ spec: and Alertmanager. By default, no labels are added. properties: labels: - additionalProperties: - type: string - description: labels is a map of label names to label values. - type: object + description: labels is a list of label key/value pairs. + items: + description: Label represents a key/value pair for external + labels. + properties: + key: + description: key is the name of the label. + maxLength: 63 + minLength: 1 + type: string + value: + description: value is the value of the label. + maxLength: 63 + minLength: 1 + type: string + required: + - key + - value + type: object + maxItems: 50 + minItems: 1 + type: array + x-kubernetes-list-map-keys: + - key + x-kubernetes-list-type: map required: - labels type: object logLevel: description: |- - logLevel defines the verbosity of logs emitted by Prometheus. + logLevel defines the verbosity of logs emitted by Alertmanager. This field allows users to control the amount and severity of logs generated, which can be useful for debugging issues or reducing noise in production environments. Allowed values are Error, Warn, Info, and Debug. @@ -1512,7 +1544,11 @@ spec: When set to Debug, detailed debugging information will be logged. When omitted, this means no opinion and the platform is left to choose a reasonable default, that is subject to change over time. The current default value is `Info`. - maxLength: 10 + enum: + - Error + - Warn + - Info + - Debug type: string nodeSelector: additionalProperties: @@ -1539,11 +1575,13 @@ spec: also not supported. By default, PromQL queries are not logged. maxLength: 255 + minLength: 1 type: string remoteWrite: description: |- remoteWrite defines the remote write configuration, including URL, authentication, and relabeling settings. + remoteWrite supports a maximum of 10 items in the list. items: description: RemoteWriteSpec represents configuration for remote write endpoints. @@ -1608,7 +1646,7 @@ spec: type: object maxItems: 10 type: array - x-kubernetes-list-type: atomic + x-kubernetes-list-type: map resources: description: |- resources defines the compute resource requests and limits for the Prometheus container. @@ -1696,16 +1734,18 @@ spec: This definition must be specified using the following regular expression pattern: `[0-9]+(ms|s|m|h|d|w|y)` (ms = milliseconds, s= seconds,m = minutes, h = hours, d = days, w = weeks, y = years). + When omitted, this means the user has no opinion and the platform is left + to choose reasonable defaults, which are subject to change over time. The default value is `15d`. maxLength: 20 + minLength: 1 type: string retentionSize: description: |- - retentionSize defines the maximum amount of disk space used by data blocks plus the - write-ahead log (WAL). - Supported values are `B`, `KB`, `KiB`, `MB`, `MiB`, `GB`, `GiB`, `TB`, - `TiB`, `PB`, `PiB`, `EB`, and `EiB`. - By default, no limit is defined. + retentionSize specifies the maximum volume of persistent storage that Prometheus uses for data blocks and the write-ahead log (WAL). + Acceptable values use standard Kubernetes resource quantity formats, such as `Mi`, `Gi`, `Ti`, etc. + When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time. + The default is no storage size limit is enforced and Prometheus will use the available storage capacity of the PersistentVolume. maxLength: 20 type: string tolerations: From a81fca7abef1d47477a5c7a45d8141c2ad2d3ab1 Mon Sep 17 00:00:00 2001 From: Mario Fernandez Date: Mon, 22 Sep 2025 12:09:02 +0200 Subject: [PATCH 3/5] add suggestions Signed-off-by: Mario Fernandez --- config/v1alpha1/types_cluster_monitoring.go | 123 +++++++++++++++--- ...clustermonitoring-CustomNoUpgrade.crd.yaml | 92 +++++++++---- ...termonitoring-DevPreviewNoUpgrade.crd.yaml | 92 +++++++++---- ...ermonitoring-TechPreviewNoUpgrade.crd.yaml | 92 +++++++++---- config/v1alpha1/zz_generated.deepcopy.go | 44 ++++++- .../ClusterMonitoringConfig.yaml | 92 +++++++++---- .../zz_generated.swagger_doc_generated.go | 31 ++++- .../generated_openapi/zz_generated.openapi.go | 96 ++++++++++++-- openapi/openapi.json | 60 +++++++-- ...clustermonitoring-CustomNoUpgrade.crd.yaml | 92 +++++++++---- ...termonitoring-DevPreviewNoUpgrade.crd.yaml | 92 +++++++++---- ...ermonitoring-TechPreviewNoUpgrade.crd.yaml | 92 +++++++++---- 12 files changed, 747 insertions(+), 251 deletions(-) diff --git a/config/v1alpha1/types_cluster_monitoring.go b/config/v1alpha1/types_cluster_monitoring.go index 143be3577af..38abef5335e 100644 --- a/config/v1alpha1/types_cluster_monitoring.go +++ b/config/v1alpha1/types_cluster_monitoring.go @@ -89,10 +89,28 @@ type ClusterMonitoringSpec struct { // The current default value is `DefaultConfig`. // +optional AlertmanagerConfig AlertmanagerConfig `json:"alertmanagerConfig,omitempty,omitzero"` - // prometheusK8sConfig provides configuration options for the Prometheus instance - // Prometheus deployment, pod scheduling, resource allocation, retention policies, and external integrations. - // prometheusK8sConfig is optional. - // When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time. + // prometheusK8sConfig provides configuration options for the Prometheus instance, which is the pod running Prometheus in the cluster. + // By default, at least one Prometheus pod is deployed in the `openshift-monitoring` namespace to collect and store metrics for the platform. + // + // This field allows you to customize how Prometheus is deployed and operated, including: + // - Deployment settings (such as replica count and update strategy) + // - Pod scheduling (node selectors, tolerations, affinity) + // - Resource allocation (CPU, memory, and storage requests/limits) + // - Retention policies (how long metrics are stored) + // - External integrations (remote write/read, alerting, and scraping configuration) + // + // Configuring Prometheus is important because it enables you to tailor monitoring to your cluster's needs, such as: + // - Ensuring high availability and reliability of monitoring data + // - Managing resource usage to fit your infrastructure + // - Controlling how long metrics are retained for compliance or troubleshooting + // - Integrating with external systems for alerting or long-term storage + // - Adjusting scraping and relabeling to match your workloads and security requirements + // + // For more information on Prometheus configuration, see: + // https://prometheus.io/docs/prometheus/latest/configuration/configuration/ + // https://prometheus.io/docs/prometheus/latest/storage/ + // + // This field is optional. When omitted, the platform chooses reasonable defaults, which may change over time. // +optional PrometheusK8sConfig prometheusK8sConfig `json:"prometheusK8sConfig,omitempty,omitzero"` // metricsServerConfig is an optional field that can be used to configure the Kubernetes Metrics Server that runs in the openshift-monitoring namespace. @@ -437,14 +455,16 @@ type prometheusK8sConfig struct { // target's body response is larger than the limit, the scrape will fail. // The following values are valid: // an empty value to specify no limit, - // a numeric value in Prometheus size format (such as `64MB`), or - // the string `automatic`, which indicates that the limit will be + // a numeric value in Prometheus size format (such as "4MB", "1000", "1GB", "512KB", "100B") + // or the string `automatic`, which indicates that the limit will be // automatically calculated based on cluster capacity. // To specify no limit, omit this field. + // The value must match the following pattern: ^(automatic|[0-9]+(B|KB|MB|GB|TB)?)$ // Minimum length for this list is 1 // Maximum length for this list is 50. // +kubebuilder:validation:MinLength=1 // +kubebuilder:validation:MaxLength=50 + // +kubebuilder:validation:Pattern=`^(automatic|[0-9]+(B|KB|MB|GB|TB)?)$` // +optional EnforcedBodySizeLimit *string `json:"enforcedBodySizeLimit,omitempty"` // externalLabels defines labels to be added to any time series or alerts when @@ -483,16 +503,19 @@ type prometheusK8sConfig struct { // writing to any other `/dev/` path is not supported. Relative paths are // also not supported. // By default, PromQL queries are not logged. + // The value must be a valid filename. // +optional // +kubebuilder:validation:MinLength=1 // +kubebuilder:validation:MaxLength=255 + // +kubebuilder:validation:Pattern=`^[a-zA-Z0-9_\-\./]+$` QueryLogFile *string `json:"queryLogFile,omitempty"` - // remoteWrite defines the remote write configuration, including URL, authentication, - // and relabeling settings. - // +optional + // remoteWrite defines the remote write configuration, including URL, authentication, and relabeling settings. + // The remote-write protocol is intended to allow Prometheus instances to actively send the metrics they collect/receive to other instances. + // For more information, see: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#remote_write // remoteWrite supports a maximum of 10 items in the list. // +kubebuilder:validation:MaxItems=10 // +listType=map + // +optional RemoteWrite []RemoteWriteSpec `json:"remoteWrite,omitempty"` // resources defines the compute resource requests and limits for the Prometheus container. // This includes CPU, memory and HugePages constraints to help control scheduling and resource usage. @@ -523,16 +546,18 @@ type prometheusK8sConfig struct { // When omitted, this means the user has no opinion and the platform is left // to choose reasonable defaults, which are subject to change over time. // The default value is `15d`. - // +optional // +kubebuilder:validation:MinLength=1 // +kubebuilder:validation:MaxLength=20 + // +kubebuilder:validation:Pattern=`^[0-9]+(ms|s|m|h|d|w|y)$` + // +optional Retention *string `json:"retention,omitempty"` // retentionSize specifies the maximum volume of persistent storage that Prometheus uses for data blocks and the write-ahead log (WAL). // Acceptable values use standard Kubernetes resource quantity formats, such as `Mi`, `Gi`, `Ti`, etc. // When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time. // The default is no storage size limit is enforced and Prometheus will use the available storage capacity of the PersistentVolume. - // +optional // +kubebuilder:validation:MaxLength=20 + // +kubebuilder:validation:Pattern=`^[0-9]+(Ei|Pi|Ti|Gi|Mi|Ki|E|P|T|G|M|K)?$` + // +optional RetentionSize *string `json:"retentionSize,omitempty"` // tolerations defines tolerations for the pods. // tolerations is optional. @@ -687,14 +712,20 @@ type RemoteWriteSpec struct { // url is the URL of the remote write endpoint. // +required // +kubebuilder:validation:MaxLength=2048 + // +kubebuilder:validation:MinLength=1 + // +kubebuilder:validation:Pattern=`^https?://[^\s]+$` URL *string `json:"url,omitempty"` // name is the name of the remote write configuration. // +optional // +kubebuilder:validation:MaxLength=63 + // +kubebuilder:validation:Pattern=`^[a-zA-Z0-9]([-a-zA-Z0-9_.]*[a-zA-Z0-9])?$` Name *string `json:"name,omitempty"` // remoteTimeout is the timeout for requests to the remote write endpoint. + // When omitted, the default is 30s. // +optional // +kubebuilder:validation:MaxLength=20 + // +kubebuilder:validation:Pattern=`^([0-9]+(\.[0-9]+)?(ns|us|µs|ms|s|m|h))+$` + // +kubebuilder:validation:MinLength=2 RemoteTimeout *string `json:"remoteTimeout,omitempty"` // writeRelabelConfigs is a list of relabeling rules to apply before sending data to the remote endpoint. // +optional @@ -705,7 +736,11 @@ type RemoteWriteSpec struct { // RelabelConfig represents a relabeling rule. type RelabelConfig struct { - // sourceLabels is a list of source label names. + // sourceLabels specifies which labels to extract from each series for this relabeling rule. + // If a label does not exist, an empty string ("") is used in its place. + // The values of these labels are joined together using the configured separator, + // and the resulting string is then matched against the regular expression for + // the replace, keep, or drop actions. // +optional // +kubebuilder:validation:MaxItems=10 // +kubebuilder:validation:items:MaxLength=63 @@ -723,7 +758,8 @@ type RelabelConfig struct { // +optional // +kubebuilder:validation:MaxLength=63 TargetLabel *string `json:"targetLabel,omitempty"` - // replacement is the replacement value for the target label. + // replacement is the value against which a regex replace is performed if the + // regular expression matches. Regex capture groups are available. // +optional // +kubebuilder:validation:MaxLength=255 Replacement *string `json:"replacement,omitempty"` @@ -737,33 +773,78 @@ type RelabelConfig struct { type TLSConfig struct { // ca is the CA certificate to use for TLS connections. // +optional - CA *v1.SecretKeySelector `json:"ca,omitempty"` + CA *SecretKeySelector `json:"ca,omitempty"` // cert is the client certificate to use for TLS connections. // +optional - Cert *v1.SecretKeySelector `json:"cert,omitempty"` + Cert *SecretKeySelector `json:"cert,omitempty"` // key is the client key to use for TLS connections. // +optional - Key *v1.SecretKeySelector `json:"key,omitempty"` + Key *SecretKeySelector `json:"key,omitempty"` // serverName is the server name to use for TLS connections. + // If specified, must be a valid DNS subdomain as per RFC 1123. // +optional + // +kubebuilder:validation:MinLength=1 // +kubebuilder:validation:MaxLength=253 + // +kubebuilder:validation:Pattern=`^([a-zA-Z0-9][-a-zA-Z0-9]*\.)*[a-zA-Z0-9][-a-zA-Z0-9]*$` ServerName *string `json:"serverName,omitempty"` - // insecureSkipVerify determines whether to skip TLS certificate verification. + // verificationPolicy determines the policy for TLS certificate verification. + // Allowed values are "Verify" (default, secure) and "InsecureSkipVerify" (skip certificate verification, insecure). + // By default, certificate verification is performed ("Verify"). // +optional - // +kubebuilder:validation:Enum=true;false + // +kubebuilder:validation:Enum=Verify;InsecureSkipVerify + // +kubebuilder:default=Verify InsecureSkipVerify string `json:"insecureSkipVerify,omitempty"` } +// LocalObjectReference contains enough information to let you locate the +// referenced object inside the same namespace. +// --- +// New uses of this type are discouraged because of difficulty describing its usage when embedded in APIs. +// 1. Invalid usage help. It is impossible to add specific help for individual usage. In most embedded usages, there are particular +// restrictions like, "must refer only to types A and B" or "UID not honored" or "name must be restricted". +// Those cannot be well described when embedded. +// 2. Inconsistent validation. Because the usages are different, the validation rules are different by usage, which makes it hard for users to predict what will happen. +// 3. We cannot easily change it. Because this type is embedded in many locations, updates to this type +// will affect numerous schemas. Don't make new APIs embed an underspecified API type they do not control. +// +// Instead of using this type, create a locally provided and used type that is well-focused on your reference. +// For example, ServiceReferences for admission registration: https://github.com/kubernetes/api/blob/release-1.17/admissionregistration/v1/types.go#L533 . +// +structType=atomic +type LocalObjectReference struct { + // Name of the referent. + // This field is effectively required, but due to backwards compatibility is + // allowed to be empty. Instances of this type with an empty value here are + // almost certainly wrong. + // More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + // +optional + // +default="" + // +kubebuilder:default="" + // TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. + Name string `json:"name,omitempty" protobuf:"bytes,1,opt,name=name"` +} + +// SecretKeySelector selects a key of a Secret. +// +structType=atomic +type SecretKeySelector struct { + // The name of the secret in the pod's namespace to select from. + LocalObjectReference `json:",inline" protobuf:"bytes,1,opt,name=localObjectReference"` + // The key of the secret to select from. Must be a valid secret key. + Key string `json:"key" protobuf:"bytes,2,opt,name=key"` + // Specify whether the Secret or its key must be defined + // +optional + Optional *bool `json:"optional,omitempty" protobuf:"varint,3,opt,name=optional"` +} + // CollectionProfile defines the metrics collection profile for Prometheus. -// +kubebuilder:validation:Enum=full;minimal +// +kubebuilder:validation:Enum=Full;Minimal type CollectionProfile string const ( // CollectionProfileFull means Prometheus collects all metrics that are exposed by the platform components. - CollectionProfileFull CollectionProfile = "full" + CollectionProfileFull CollectionProfile = "Full" // CollectionProfileMinimal means Prometheus only collects metrics necessary for the default // platform alerts, recording rules, telemetry and console dashboards. - CollectionProfileMinimal CollectionProfile = "minimal" + CollectionProfileMinimal CollectionProfile = "Minimal" ) // AuditProfile defines the audit log level for the Metrics Server. diff --git a/config/v1alpha1/zz_generated.crd-manifests/0000_10_config-operator_01_clustermonitoring-CustomNoUpgrade.crd.yaml b/config/v1alpha1/zz_generated.crd-manifests/0000_10_config-operator_01_clustermonitoring-CustomNoUpgrade.crd.yaml index abfe382f0ff..e527fec32e2 100644 --- a/config/v1alpha1/zz_generated.crd-manifests/0000_10_config-operator_01_clustermonitoring-CustomNoUpgrade.crd.yaml +++ b/config/v1alpha1/zz_generated.crd-manifests/0000_10_config-operator_01_clustermonitoring-CustomNoUpgrade.crd.yaml @@ -1290,10 +1290,28 @@ spec: type: object prometheusK8sConfig: description: |- - prometheusK8sConfig provides configuration options for the Prometheus instance - Prometheus deployment, pod scheduling, resource allocation, retention policies, and external integrations. - prometheusK8sConfig is optional. - When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time. + prometheusK8sConfig provides configuration options for the Prometheus instance, which is the pod running Prometheus in the cluster. + By default, at least one Prometheus pod is deployed in the `openshift-monitoring` namespace to collect and store metrics for the platform. + + This field allows you to customize how Prometheus is deployed and operated, including: + - Deployment settings (such as replica count and update strategy) + - Pod scheduling (node selectors, tolerations, affinity) + - Resource allocation (CPU, memory, and storage requests/limits) + - Retention policies (how long metrics are stored) + - External integrations (remote write/read, alerting, and scraping configuration) + + Configuring Prometheus is important because it enables you to tailor monitoring to your cluster's needs, such as: + - Ensuring high availability and reliability of monitoring data + - Managing resource usage to fit your infrastructure + - Controlling how long metrics are retained for compliance or troubleshooting + - Integrating with external systems for alerting or long-term storage + - Adjusting scraping and relabeling to match your workloads and security requirements + + For more information on Prometheus configuration, see: + https://prometheus.io/docs/prometheus/latest/configuration/configuration/ + https://prometheus.io/docs/prometheus/latest/storage/ + + This field is optional. When omitted, the platform chooses reasonable defaults, which may change over time. minProperties: 1 properties: additionalAlertmanagerConfigs: @@ -1394,8 +1412,6 @@ spec: description: Specify whether the Secret or its key must be defined type: boolean - required: - - key type: object x-kubernetes-map-type: atomic cert: @@ -1419,16 +1435,17 @@ spec: description: Specify whether the Secret or its key must be defined type: boolean - required: - - key type: object x-kubernetes-map-type: atomic insecureSkipVerify: - description: insecureSkipVerify determines whether to - skip TLS certificate verification. + default: Verify + description: |- + verificationPolicy determines the policy for TLS certificate verification. + Allowed values are "Verify" (default, secure) and "InsecureSkipVerify" (skip certificate verification, insecure). + By default, certificate verification is performed ("Verify"). enum: - - true - - false + - Verify + - InsecureSkipVerify type: string key: description: key is the client key to use for TLS connections. @@ -1450,14 +1467,15 @@ spec: description: Specify whether the Secret or its key must be defined type: boolean - required: - - key type: object x-kubernetes-map-type: atomic serverName: - description: serverName is the server name to use for - TLS connections. + description: |- + serverName is the server name to use for TLS connections. + If specified, must be a valid DNS subdomain as per RFC 1123. maxLength: 253 + minLength: 1 + pattern: ^([a-zA-Z0-9][-a-zA-Z0-9]*\.)*[a-zA-Z0-9][-a-zA-Z0-9]*$ type: string type: object required: @@ -1479,8 +1497,8 @@ spec: When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time. The default value is `full`. enum: - - full - - minimal + - Full + - Minimal type: string enforcedBodySizeLimit: description: |- @@ -1488,14 +1506,16 @@ spec: target's body response is larger than the limit, the scrape will fail. The following values are valid: an empty value to specify no limit, - a numeric value in Prometheus size format (such as `64MB`), or - the string `automatic`, which indicates that the limit will be + a numeric value in Prometheus size format (such as "4MB", "1000", "1GB", "512KB", "100B") + or the string `automatic`, which indicates that the limit will be automatically calculated based on cluster capacity. To specify no limit, omit this field. + The value must match the following pattern: ^(automatic|[0-9]+(B|KB|MB|GB|TB)?)$ Minimum length for this list is 1 Maximum length for this list is 50. maxLength: 50 minLength: 1 + pattern: ^(automatic|[0-9]+(B|KB|MB|GB|TB)?)$ type: string externalLabels: description: |- @@ -1574,13 +1594,16 @@ spec: writing to any other `/dev/` path is not supported. Relative paths are also not supported. By default, PromQL queries are not logged. + The value must be a valid filename. maxLength: 255 minLength: 1 + pattern: ^[a-zA-Z0-9_\-\./]+$ type: string remoteWrite: description: |- - remoteWrite defines the remote write configuration, including URL, authentication, - and relabeling settings. + remoteWrite defines the remote write configuration, including URL, authentication, and relabeling settings. + The remote-write protocol is intended to allow Prometheus instances to actively send the metrics they collect/receive to other instances. + For more information, see: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#remote_write remoteWrite supports a maximum of 10 items in the list. items: description: RemoteWriteSpec represents configuration for remote @@ -1589,15 +1612,21 @@ spec: name: description: name is the name of the remote write configuration. maxLength: 63 + pattern: ^[a-zA-Z0-9]([-a-zA-Z0-9_.]*[a-zA-Z0-9])?$ type: string remoteTimeout: - description: remoteTimeout is the timeout for requests to - the remote write endpoint. + description: |- + remoteTimeout is the timeout for requests to the remote write endpoint. + When omitted, the default is 30s. maxLength: 20 + minLength: 2 + pattern: ^([0-9]+(\.[0-9]+)?(ns|us|µs|ms|s|m|h))+$ type: string url: description: url is the URL of the remote write endpoint. maxLength: 2048 + minLength: 1 + pattern: ^https?://[^\s]+$ type: string writeRelabelConfigs: description: writeRelabelConfigs is a list of relabeling @@ -1615,8 +1644,9 @@ spec: maxLength: 1000 type: string replacement: - description: replacement is the replacement value - for the target label. + description: |- + replacement is the value against which a regex replace is performed if the + regular expression matches. Regex capture groups are available. maxLength: 255 type: string separator: @@ -1625,8 +1655,12 @@ spec: maxLength: 10 type: string sourceLabels: - description: sourceLabels is a list of source label - names. + description: |- + sourceLabels specifies which labels to extract from each series for this relabeling rule. + If a label does not exist, an empty string ("") is used in its place. + The values of these labels are joined together using the configured separator, + and the resulting string is then matched against the regular expression for + the replace, keep, or drop actions. items: maxLength: 63 type: string @@ -1739,6 +1773,7 @@ spec: The default value is `15d`. maxLength: 20 minLength: 1 + pattern: ^[0-9]+(ms|s|m|h|d|w|y)$ type: string retentionSize: description: |- @@ -1747,6 +1782,7 @@ spec: When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time. The default is no storage size limit is enforced and Prometheus will use the available storage capacity of the PersistentVolume. maxLength: 20 + pattern: ^[0-9]+(Ei|Pi|Ti|Gi|Mi|Ki|E|P|T|G|M|K)?$ type: string tolerations: description: |- diff --git a/config/v1alpha1/zz_generated.crd-manifests/0000_10_config-operator_01_clustermonitoring-DevPreviewNoUpgrade.crd.yaml b/config/v1alpha1/zz_generated.crd-manifests/0000_10_config-operator_01_clustermonitoring-DevPreviewNoUpgrade.crd.yaml index c75d35066bc..68302fb891d 100644 --- a/config/v1alpha1/zz_generated.crd-manifests/0000_10_config-operator_01_clustermonitoring-DevPreviewNoUpgrade.crd.yaml +++ b/config/v1alpha1/zz_generated.crd-manifests/0000_10_config-operator_01_clustermonitoring-DevPreviewNoUpgrade.crd.yaml @@ -1290,10 +1290,28 @@ spec: type: object prometheusK8sConfig: description: |- - prometheusK8sConfig provides configuration options for the Prometheus instance - Prometheus deployment, pod scheduling, resource allocation, retention policies, and external integrations. - prometheusK8sConfig is optional. - When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time. + prometheusK8sConfig provides configuration options for the Prometheus instance, which is the pod running Prometheus in the cluster. + By default, at least one Prometheus pod is deployed in the `openshift-monitoring` namespace to collect and store metrics for the platform. + + This field allows you to customize how Prometheus is deployed and operated, including: + - Deployment settings (such as replica count and update strategy) + - Pod scheduling (node selectors, tolerations, affinity) + - Resource allocation (CPU, memory, and storage requests/limits) + - Retention policies (how long metrics are stored) + - External integrations (remote write/read, alerting, and scraping configuration) + + Configuring Prometheus is important because it enables you to tailor monitoring to your cluster's needs, such as: + - Ensuring high availability and reliability of monitoring data + - Managing resource usage to fit your infrastructure + - Controlling how long metrics are retained for compliance or troubleshooting + - Integrating with external systems for alerting or long-term storage + - Adjusting scraping and relabeling to match your workloads and security requirements + + For more information on Prometheus configuration, see: + https://prometheus.io/docs/prometheus/latest/configuration/configuration/ + https://prometheus.io/docs/prometheus/latest/storage/ + + This field is optional. When omitted, the platform chooses reasonable defaults, which may change over time. minProperties: 1 properties: additionalAlertmanagerConfigs: @@ -1394,8 +1412,6 @@ spec: description: Specify whether the Secret or its key must be defined type: boolean - required: - - key type: object x-kubernetes-map-type: atomic cert: @@ -1419,16 +1435,17 @@ spec: description: Specify whether the Secret or its key must be defined type: boolean - required: - - key type: object x-kubernetes-map-type: atomic insecureSkipVerify: - description: insecureSkipVerify determines whether to - skip TLS certificate verification. + default: Verify + description: |- + verificationPolicy determines the policy for TLS certificate verification. + Allowed values are "Verify" (default, secure) and "InsecureSkipVerify" (skip certificate verification, insecure). + By default, certificate verification is performed ("Verify"). enum: - - true - - false + - Verify + - InsecureSkipVerify type: string key: description: key is the client key to use for TLS connections. @@ -1450,14 +1467,15 @@ spec: description: Specify whether the Secret or its key must be defined type: boolean - required: - - key type: object x-kubernetes-map-type: atomic serverName: - description: serverName is the server name to use for - TLS connections. + description: |- + serverName is the server name to use for TLS connections. + If specified, must be a valid DNS subdomain as per RFC 1123. maxLength: 253 + minLength: 1 + pattern: ^([a-zA-Z0-9][-a-zA-Z0-9]*\.)*[a-zA-Z0-9][-a-zA-Z0-9]*$ type: string type: object required: @@ -1479,8 +1497,8 @@ spec: When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time. The default value is `full`. enum: - - full - - minimal + - Full + - Minimal type: string enforcedBodySizeLimit: description: |- @@ -1488,14 +1506,16 @@ spec: target's body response is larger than the limit, the scrape will fail. The following values are valid: an empty value to specify no limit, - a numeric value in Prometheus size format (such as `64MB`), or - the string `automatic`, which indicates that the limit will be + a numeric value in Prometheus size format (such as "4MB", "1000", "1GB", "512KB", "100B") + or the string `automatic`, which indicates that the limit will be automatically calculated based on cluster capacity. To specify no limit, omit this field. + The value must match the following pattern: ^(automatic|[0-9]+(B|KB|MB|GB|TB)?)$ Minimum length for this list is 1 Maximum length for this list is 50. maxLength: 50 minLength: 1 + pattern: ^(automatic|[0-9]+(B|KB|MB|GB|TB)?)$ type: string externalLabels: description: |- @@ -1574,13 +1594,16 @@ spec: writing to any other `/dev/` path is not supported. Relative paths are also not supported. By default, PromQL queries are not logged. + The value must be a valid filename. maxLength: 255 minLength: 1 + pattern: ^[a-zA-Z0-9_\-\./]+$ type: string remoteWrite: description: |- - remoteWrite defines the remote write configuration, including URL, authentication, - and relabeling settings. + remoteWrite defines the remote write configuration, including URL, authentication, and relabeling settings. + The remote-write protocol is intended to allow Prometheus instances to actively send the metrics they collect/receive to other instances. + For more information, see: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#remote_write remoteWrite supports a maximum of 10 items in the list. items: description: RemoteWriteSpec represents configuration for remote @@ -1589,15 +1612,21 @@ spec: name: description: name is the name of the remote write configuration. maxLength: 63 + pattern: ^[a-zA-Z0-9]([-a-zA-Z0-9_.]*[a-zA-Z0-9])?$ type: string remoteTimeout: - description: remoteTimeout is the timeout for requests to - the remote write endpoint. + description: |- + remoteTimeout is the timeout for requests to the remote write endpoint. + When omitted, the default is 30s. maxLength: 20 + minLength: 2 + pattern: ^([0-9]+(\.[0-9]+)?(ns|us|µs|ms|s|m|h))+$ type: string url: description: url is the URL of the remote write endpoint. maxLength: 2048 + minLength: 1 + pattern: ^https?://[^\s]+$ type: string writeRelabelConfigs: description: writeRelabelConfigs is a list of relabeling @@ -1615,8 +1644,9 @@ spec: maxLength: 1000 type: string replacement: - description: replacement is the replacement value - for the target label. + description: |- + replacement is the value against which a regex replace is performed if the + regular expression matches. Regex capture groups are available. maxLength: 255 type: string separator: @@ -1625,8 +1655,12 @@ spec: maxLength: 10 type: string sourceLabels: - description: sourceLabels is a list of source label - names. + description: |- + sourceLabels specifies which labels to extract from each series for this relabeling rule. + If a label does not exist, an empty string ("") is used in its place. + The values of these labels are joined together using the configured separator, + and the resulting string is then matched against the regular expression for + the replace, keep, or drop actions. items: maxLength: 63 type: string @@ -1739,6 +1773,7 @@ spec: The default value is `15d`. maxLength: 20 minLength: 1 + pattern: ^[0-9]+(ms|s|m|h|d|w|y)$ type: string retentionSize: description: |- @@ -1747,6 +1782,7 @@ spec: When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time. The default is no storage size limit is enforced and Prometheus will use the available storage capacity of the PersistentVolume. maxLength: 20 + pattern: ^[0-9]+(Ei|Pi|Ti|Gi|Mi|Ki|E|P|T|G|M|K)?$ type: string tolerations: description: |- diff --git a/config/v1alpha1/zz_generated.crd-manifests/0000_10_config-operator_01_clustermonitoring-TechPreviewNoUpgrade.crd.yaml b/config/v1alpha1/zz_generated.crd-manifests/0000_10_config-operator_01_clustermonitoring-TechPreviewNoUpgrade.crd.yaml index baacd020e9f..4fdbef2a285 100644 --- a/config/v1alpha1/zz_generated.crd-manifests/0000_10_config-operator_01_clustermonitoring-TechPreviewNoUpgrade.crd.yaml +++ b/config/v1alpha1/zz_generated.crd-manifests/0000_10_config-operator_01_clustermonitoring-TechPreviewNoUpgrade.crd.yaml @@ -1290,10 +1290,28 @@ spec: type: object prometheusK8sConfig: description: |- - prometheusK8sConfig provides configuration options for the Prometheus instance - Prometheus deployment, pod scheduling, resource allocation, retention policies, and external integrations. - prometheusK8sConfig is optional. - When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time. + prometheusK8sConfig provides configuration options for the Prometheus instance, which is the pod running Prometheus in the cluster. + By default, at least one Prometheus pod is deployed in the `openshift-monitoring` namespace to collect and store metrics for the platform. + + This field allows you to customize how Prometheus is deployed and operated, including: + - Deployment settings (such as replica count and update strategy) + - Pod scheduling (node selectors, tolerations, affinity) + - Resource allocation (CPU, memory, and storage requests/limits) + - Retention policies (how long metrics are stored) + - External integrations (remote write/read, alerting, and scraping configuration) + + Configuring Prometheus is important because it enables you to tailor monitoring to your cluster's needs, such as: + - Ensuring high availability and reliability of monitoring data + - Managing resource usage to fit your infrastructure + - Controlling how long metrics are retained for compliance or troubleshooting + - Integrating with external systems for alerting or long-term storage + - Adjusting scraping and relabeling to match your workloads and security requirements + + For more information on Prometheus configuration, see: + https://prometheus.io/docs/prometheus/latest/configuration/configuration/ + https://prometheus.io/docs/prometheus/latest/storage/ + + This field is optional. When omitted, the platform chooses reasonable defaults, which may change over time. minProperties: 1 properties: additionalAlertmanagerConfigs: @@ -1394,8 +1412,6 @@ spec: description: Specify whether the Secret or its key must be defined type: boolean - required: - - key type: object x-kubernetes-map-type: atomic cert: @@ -1419,16 +1435,17 @@ spec: description: Specify whether the Secret or its key must be defined type: boolean - required: - - key type: object x-kubernetes-map-type: atomic insecureSkipVerify: - description: insecureSkipVerify determines whether to - skip TLS certificate verification. + default: Verify + description: |- + verificationPolicy determines the policy for TLS certificate verification. + Allowed values are "Verify" (default, secure) and "InsecureSkipVerify" (skip certificate verification, insecure). + By default, certificate verification is performed ("Verify"). enum: - - true - - false + - Verify + - InsecureSkipVerify type: string key: description: key is the client key to use for TLS connections. @@ -1450,14 +1467,15 @@ spec: description: Specify whether the Secret or its key must be defined type: boolean - required: - - key type: object x-kubernetes-map-type: atomic serverName: - description: serverName is the server name to use for - TLS connections. + description: |- + serverName is the server name to use for TLS connections. + If specified, must be a valid DNS subdomain as per RFC 1123. maxLength: 253 + minLength: 1 + pattern: ^([a-zA-Z0-9][-a-zA-Z0-9]*\.)*[a-zA-Z0-9][-a-zA-Z0-9]*$ type: string type: object required: @@ -1479,8 +1497,8 @@ spec: When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time. The default value is `full`. enum: - - full - - minimal + - Full + - Minimal type: string enforcedBodySizeLimit: description: |- @@ -1488,14 +1506,16 @@ spec: target's body response is larger than the limit, the scrape will fail. The following values are valid: an empty value to specify no limit, - a numeric value in Prometheus size format (such as `64MB`), or - the string `automatic`, which indicates that the limit will be + a numeric value in Prometheus size format (such as "4MB", "1000", "1GB", "512KB", "100B") + or the string `automatic`, which indicates that the limit will be automatically calculated based on cluster capacity. To specify no limit, omit this field. + The value must match the following pattern: ^(automatic|[0-9]+(B|KB|MB|GB|TB)?)$ Minimum length for this list is 1 Maximum length for this list is 50. maxLength: 50 minLength: 1 + pattern: ^(automatic|[0-9]+(B|KB|MB|GB|TB)?)$ type: string externalLabels: description: |- @@ -1574,13 +1594,16 @@ spec: writing to any other `/dev/` path is not supported. Relative paths are also not supported. By default, PromQL queries are not logged. + The value must be a valid filename. maxLength: 255 minLength: 1 + pattern: ^[a-zA-Z0-9_\-\./]+$ type: string remoteWrite: description: |- - remoteWrite defines the remote write configuration, including URL, authentication, - and relabeling settings. + remoteWrite defines the remote write configuration, including URL, authentication, and relabeling settings. + The remote-write protocol is intended to allow Prometheus instances to actively send the metrics they collect/receive to other instances. + For more information, see: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#remote_write remoteWrite supports a maximum of 10 items in the list. items: description: RemoteWriteSpec represents configuration for remote @@ -1589,15 +1612,21 @@ spec: name: description: name is the name of the remote write configuration. maxLength: 63 + pattern: ^[a-zA-Z0-9]([-a-zA-Z0-9_.]*[a-zA-Z0-9])?$ type: string remoteTimeout: - description: remoteTimeout is the timeout for requests to - the remote write endpoint. + description: |- + remoteTimeout is the timeout for requests to the remote write endpoint. + When omitted, the default is 30s. maxLength: 20 + minLength: 2 + pattern: ^([0-9]+(\.[0-9]+)?(ns|us|µs|ms|s|m|h))+$ type: string url: description: url is the URL of the remote write endpoint. maxLength: 2048 + minLength: 1 + pattern: ^https?://[^\s]+$ type: string writeRelabelConfigs: description: writeRelabelConfigs is a list of relabeling @@ -1615,8 +1644,9 @@ spec: maxLength: 1000 type: string replacement: - description: replacement is the replacement value - for the target label. + description: |- + replacement is the value against which a regex replace is performed if the + regular expression matches. Regex capture groups are available. maxLength: 255 type: string separator: @@ -1625,8 +1655,12 @@ spec: maxLength: 10 type: string sourceLabels: - description: sourceLabels is a list of source label - names. + description: |- + sourceLabels specifies which labels to extract from each series for this relabeling rule. + If a label does not exist, an empty string ("") is used in its place. + The values of these labels are joined together using the configured separator, + and the resulting string is then matched against the regular expression for + the replace, keep, or drop actions. items: maxLength: 63 type: string @@ -1739,6 +1773,7 @@ spec: The default value is `15d`. maxLength: 20 minLength: 1 + pattern: ^[0-9]+(ms|s|m|h|d|w|y)$ type: string retentionSize: description: |- @@ -1747,6 +1782,7 @@ spec: When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time. The default is no storage size limit is enforced and Prometheus will use the available storage capacity of the PersistentVolume. maxLength: 20 + pattern: ^[0-9]+(Ei|Pi|Ti|Gi|Mi|Ki|E|P|T|G|M|K)?$ type: string tolerations: description: |- diff --git a/config/v1alpha1/zz_generated.deepcopy.go b/config/v1alpha1/zz_generated.deepcopy.go index a230f710075..e69f4f651fe 100644 --- a/config/v1alpha1/zz_generated.deepcopy.go +++ b/config/v1alpha1/zz_generated.deepcopy.go @@ -761,6 +761,22 @@ func (in *Label) DeepCopy() *Label { return out } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *LocalObjectReference) DeepCopyInto(out *LocalObjectReference) { + *out = *in + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new LocalObjectReference. +func (in *LocalObjectReference) DeepCopy() *LocalObjectReference { + if in == nil { + return nil + } + out := new(LocalObjectReference) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *MetricsServerConfig) DeepCopyInto(out *MetricsServerConfig) { *out = *in @@ -1194,6 +1210,28 @@ func (in *SecretKeyReference) DeepCopy() *SecretKeyReference { return out } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *SecretKeySelector) DeepCopyInto(out *SecretKeySelector) { + *out = *in + out.LocalObjectReference = in.LocalObjectReference + if in.Optional != nil { + in, out := &in.Optional, &out.Optional + *out = new(bool) + **out = **in + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new SecretKeySelector. +func (in *SecretKeySelector) DeepCopy() *SecretKeySelector { + if in == nil { + return nil + } + out := new(SecretKeySelector) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *Storage) DeepCopyInto(out *Storage) { *out = *in @@ -1220,17 +1258,17 @@ func (in *TLSConfig) DeepCopyInto(out *TLSConfig) { *out = *in if in.CA != nil { in, out := &in.CA, &out.CA - *out = new(v1.SecretKeySelector) + *out = new(SecretKeySelector) (*in).DeepCopyInto(*out) } if in.Cert != nil { in, out := &in.Cert, &out.Cert - *out = new(v1.SecretKeySelector) + *out = new(SecretKeySelector) (*in).DeepCopyInto(*out) } if in.Key != nil { in, out := &in.Key, &out.Key - *out = new(v1.SecretKeySelector) + *out = new(SecretKeySelector) (*in).DeepCopyInto(*out) } if in.ServerName != nil { diff --git a/config/v1alpha1/zz_generated.featuregated-crd-manifests/clustermonitoring.config.openshift.io/ClusterMonitoringConfig.yaml b/config/v1alpha1/zz_generated.featuregated-crd-manifests/clustermonitoring.config.openshift.io/ClusterMonitoringConfig.yaml index aee2309385d..8589a75a922 100644 --- a/config/v1alpha1/zz_generated.featuregated-crd-manifests/clustermonitoring.config.openshift.io/ClusterMonitoringConfig.yaml +++ b/config/v1alpha1/zz_generated.featuregated-crd-manifests/clustermonitoring.config.openshift.io/ClusterMonitoringConfig.yaml @@ -1290,10 +1290,28 @@ spec: type: object prometheusK8sConfig: description: |- - prometheusK8sConfig provides configuration options for the Prometheus instance - Prometheus deployment, pod scheduling, resource allocation, retention policies, and external integrations. - prometheusK8sConfig is optional. - When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time. + prometheusK8sConfig provides configuration options for the Prometheus instance, which is the pod running Prometheus in the cluster. + By default, at least one Prometheus pod is deployed in the `openshift-monitoring` namespace to collect and store metrics for the platform. + + This field allows you to customize how Prometheus is deployed and operated, including: + - Deployment settings (such as replica count and update strategy) + - Pod scheduling (node selectors, tolerations, affinity) + - Resource allocation (CPU, memory, and storage requests/limits) + - Retention policies (how long metrics are stored) + - External integrations (remote write/read, alerting, and scraping configuration) + + Configuring Prometheus is important because it enables you to tailor monitoring to your cluster's needs, such as: + - Ensuring high availability and reliability of monitoring data + - Managing resource usage to fit your infrastructure + - Controlling how long metrics are retained for compliance or troubleshooting + - Integrating with external systems for alerting or long-term storage + - Adjusting scraping and relabeling to match your workloads and security requirements + + For more information on Prometheus configuration, see: + https://prometheus.io/docs/prometheus/latest/configuration/configuration/ + https://prometheus.io/docs/prometheus/latest/storage/ + + This field is optional. When omitted, the platform chooses reasonable defaults, which may change over time. minProperties: 1 properties: additionalAlertmanagerConfigs: @@ -1394,8 +1412,6 @@ spec: description: Specify whether the Secret or its key must be defined type: boolean - required: - - key type: object x-kubernetes-map-type: atomic cert: @@ -1419,16 +1435,17 @@ spec: description: Specify whether the Secret or its key must be defined type: boolean - required: - - key type: object x-kubernetes-map-type: atomic insecureSkipVerify: - description: insecureSkipVerify determines whether to - skip TLS certificate verification. + default: Verify + description: |- + verificationPolicy determines the policy for TLS certificate verification. + Allowed values are "Verify" (default, secure) and "InsecureSkipVerify" (skip certificate verification, insecure). + By default, certificate verification is performed ("Verify"). enum: - - true - - false + - Verify + - InsecureSkipVerify type: string key: description: key is the client key to use for TLS connections. @@ -1450,14 +1467,15 @@ spec: description: Specify whether the Secret or its key must be defined type: boolean - required: - - key type: object x-kubernetes-map-type: atomic serverName: - description: serverName is the server name to use for - TLS connections. + description: |- + serverName is the server name to use for TLS connections. + If specified, must be a valid DNS subdomain as per RFC 1123. maxLength: 253 + minLength: 1 + pattern: ^([a-zA-Z0-9][-a-zA-Z0-9]*\.)*[a-zA-Z0-9][-a-zA-Z0-9]*$ type: string type: object required: @@ -1479,8 +1497,8 @@ spec: When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time. The default value is `full`. enum: - - full - - minimal + - Full + - Minimal type: string enforcedBodySizeLimit: description: |- @@ -1488,14 +1506,16 @@ spec: target's body response is larger than the limit, the scrape will fail. The following values are valid: an empty value to specify no limit, - a numeric value in Prometheus size format (such as `64MB`), or - the string `automatic`, which indicates that the limit will be + a numeric value in Prometheus size format (such as "4MB", "1000", "1GB", "512KB", "100B") + or the string `automatic`, which indicates that the limit will be automatically calculated based on cluster capacity. To specify no limit, omit this field. + The value must match the following pattern: ^(automatic|[0-9]+(B|KB|MB|GB|TB)?)$ Minimum length for this list is 1 Maximum length for this list is 50. maxLength: 50 minLength: 1 + pattern: ^(automatic|[0-9]+(B|KB|MB|GB|TB)?)$ type: string externalLabels: description: |- @@ -1574,13 +1594,16 @@ spec: writing to any other `/dev/` path is not supported. Relative paths are also not supported. By default, PromQL queries are not logged. + The value must be a valid filename. maxLength: 255 minLength: 1 + pattern: ^[a-zA-Z0-9_\-\./]+$ type: string remoteWrite: description: |- - remoteWrite defines the remote write configuration, including URL, authentication, - and relabeling settings. + remoteWrite defines the remote write configuration, including URL, authentication, and relabeling settings. + The remote-write protocol is intended to allow Prometheus instances to actively send the metrics they collect/receive to other instances. + For more information, see: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#remote_write remoteWrite supports a maximum of 10 items in the list. items: description: RemoteWriteSpec represents configuration for remote @@ -1589,15 +1612,21 @@ spec: name: description: name is the name of the remote write configuration. maxLength: 63 + pattern: ^[a-zA-Z0-9]([-a-zA-Z0-9_.]*[a-zA-Z0-9])?$ type: string remoteTimeout: - description: remoteTimeout is the timeout for requests to - the remote write endpoint. + description: |- + remoteTimeout is the timeout for requests to the remote write endpoint. + When omitted, the default is 30s. maxLength: 20 + minLength: 2 + pattern: ^([0-9]+(\.[0-9]+)?(ns|us|µs|ms|s|m|h))+$ type: string url: description: url is the URL of the remote write endpoint. maxLength: 2048 + minLength: 1 + pattern: ^https?://[^\s]+$ type: string writeRelabelConfigs: description: writeRelabelConfigs is a list of relabeling @@ -1615,8 +1644,9 @@ spec: maxLength: 1000 type: string replacement: - description: replacement is the replacement value - for the target label. + description: |- + replacement is the value against which a regex replace is performed if the + regular expression matches. Regex capture groups are available. maxLength: 255 type: string separator: @@ -1625,8 +1655,12 @@ spec: maxLength: 10 type: string sourceLabels: - description: sourceLabels is a list of source label - names. + description: |- + sourceLabels specifies which labels to extract from each series for this relabeling rule. + If a label does not exist, an empty string ("") is used in its place. + The values of these labels are joined together using the configured separator, + and the resulting string is then matched against the regular expression for + the replace, keep, or drop actions. items: maxLength: 63 type: string @@ -1739,6 +1773,7 @@ spec: The default value is `15d`. maxLength: 20 minLength: 1 + pattern: ^[0-9]+(ms|s|m|h|d|w|y)$ type: string retentionSize: description: |- @@ -1747,6 +1782,7 @@ spec: When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time. The default is no storage size limit is enforced and Prometheus will use the available storage capacity of the PersistentVolume. maxLength: 20 + pattern: ^[0-9]+(Ei|Pi|Ti|Gi|Mi|Ki|E|P|T|G|M|K)?$ type: string tolerations: description: |- diff --git a/config/v1alpha1/zz_generated.swagger_doc_generated.go b/config/v1alpha1/zz_generated.swagger_doc_generated.go index 467460c51e1..0b38a5b93fa 100644 --- a/config/v1alpha1/zz_generated.swagger_doc_generated.go +++ b/config/v1alpha1/zz_generated.swagger_doc_generated.go @@ -192,7 +192,7 @@ var map_ClusterMonitoringSpec = map[string]string{ "": "ClusterMonitoringSpec defines the desired state of Cluster Monitoring Operator", "userDefined": "userDefined set the deployment mode for user-defined monitoring in addition to the default platform monitoring. userDefined is optional. When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time. The current default value is `Disabled`.", "alertmanagerConfig": "alertmanagerConfig allows users to configure how the default Alertmanager instance should be deployed in the `openshift-monitoring` namespace. alertmanagerConfig is optional. When omitted, this means no opinion and the platform is left to choose a reasonable default, that is subject to change over time. The current default value is `DefaultConfig`.", - "prometheusK8sConfig": "prometheusK8sConfig provides configuration options for the Prometheus instance Prometheus deployment, pod scheduling, resource allocation, retention policies, and external integrations. prometheusK8sConfig is optional. When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time.", + "prometheusK8sConfig": "prometheusK8sConfig provides configuration options for the Prometheus instance, which is the pod running Prometheus in the cluster. By default, at least one Prometheus pod is deployed in the `openshift-monitoring` namespace to collect and store metrics for the platform.\n\nThis field allows you to customize how Prometheus is deployed and operated, including:\n - Deployment settings (such as replica count and update strategy)\n - Pod scheduling (node selectors, tolerations, affinity)\n - Resource allocation (CPU, memory, and storage requests/limits)\n - Retention policies (how long metrics are stored)\n - External integrations (remote write/read, alerting, and scraping configuration)\n\nConfiguring Prometheus is important because it enables you to tailor monitoring to your cluster's needs, such as:\n - Ensuring high availability and reliability of monitoring data\n - Managing resource usage to fit your infrastructure\n - Controlling how long metrics are retained for compliance or troubleshooting\n - Integrating with external systems for alerting or long-term storage\n - Adjusting scraping and relabeling to match your workloads and security requirements\n\nFor more information on Prometheus configuration, see:\n https://prometheus.io/docs/prometheus/latest/configuration/configuration/\n https://prometheus.io/docs/prometheus/latest/storage/\n\nThis field is optional. When omitted, the platform chooses reasonable defaults, which may change over time.", "metricsServerConfig": "metricsServerConfig is an optional field that can be used to configure the Kubernetes Metrics Server that runs in the openshift-monitoring namespace. Specifically, it can configure how the Metrics Server instance is deployed, pod scheduling, its audit policy and log verbosity. When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time.", } @@ -238,6 +238,15 @@ func (Label) SwaggerDoc() map[string]string { return map_Label } +var map_LocalObjectReference = map[string]string{ + "": "LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace.", + "name": "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names", +} + +func (LocalObjectReference) SwaggerDoc() map[string]string { + return map_LocalObjectReference +} + var map_MetricsServerConfig = map[string]string{ "": "MetricsServerConfig provides configuration options for the Metrics Server instance that runs in the `openshift-monitoring` namespace. Use this configuration to control how the Metrics Server instance is deployed, how it logs, and how its pods are scheduled.", "audit": "audit defines the audit configuration used by the Metrics Server instance. audit is optional. When omitted, this means no opinion and the platform is left to choose a reasonable default, that is subject to change over time. The current default sets audit.profile to Metadata", @@ -254,11 +263,11 @@ func (MetricsServerConfig) SwaggerDoc() map[string]string { var map_RelabelConfig = map[string]string{ "": "RelabelConfig represents a relabeling rule.", - "sourceLabels": "sourceLabels is a list of source label names.", + "sourceLabels": "sourceLabels specifies which labels to extract from each series for this relabeling rule. If a label does not exist, an empty string (\"\") is used in its place. The values of these labels are joined together using the configured separator, and the resulting string is then matched against the regular expression for the replace, keep, or drop actions.", "separator": "separator is the separator used to join source label values.", "regex": "regex is the regular expression to match against the concatenated source label values.", "targetLabel": "targetLabel is the target label name.", - "replacement": "replacement is the replacement value for the target label.", + "replacement": "replacement is the value against which a regex replace is performed if the regular expression matches. Regex capture groups are available.", "action": "action is the action to perform.", } @@ -270,7 +279,7 @@ var map_RemoteWriteSpec = map[string]string{ "": "RemoteWriteSpec represents configuration for remote write endpoints.", "url": "url is the URL of the remote write endpoint.", "name": "name is the name of the remote write configuration.", - "remoteTimeout": "remoteTimeout is the timeout for requests to the remote write endpoint.", + "remoteTimeout": "remoteTimeout is the timeout for requests to the remote write endpoint. When omitted, the default is 30s.", "writeRelabelConfigs": "writeRelabelConfigs is a list of relabeling rules to apply before sending data to the remote endpoint.", } @@ -289,13 +298,23 @@ func (SecretKeyReference) SwaggerDoc() map[string]string { return map_SecretKeyReference } +var map_SecretKeySelector = map[string]string{ + "": "SecretKeySelector selects a key of a Secret.", + "key": "The key of the secret to select from. Must be a valid secret key.", + "optional": "Specify whether the Secret or its key must be defined", +} + +func (SecretKeySelector) SwaggerDoc() map[string]string { + return map_SecretKeySelector +} + var map_TLSConfig = map[string]string{ "": "TLSConfig represents TLS configuration for Alertmanager connections.", "ca": "ca is the CA certificate to use for TLS connections.", "cert": "cert is the client certificate to use for TLS connections.", "key": "key is the client key to use for TLS connections.", - "serverName": "serverName is the server name to use for TLS connections.", - "insecureSkipVerify": "insecureSkipVerify determines whether to skip TLS certificate verification.", + "serverName": "serverName is the server name to use for TLS connections. If specified, must be a valid DNS subdomain as per RFC 1123.", + "insecureSkipVerify": "verificationPolicy determines the policy for TLS certificate verification. Allowed values are \"Verify\" (default, secure) and \"InsecureSkipVerify\" (skip certificate verification, insecure). By default, certificate verification is performed (\"Verify\").", } func (TLSConfig) SwaggerDoc() map[string]string { diff --git a/openapi/generated_openapi/zz_generated.openapi.go b/openapi/generated_openapi/zz_generated.openapi.go index 4b573f54c9d..65e01cfe9f9 100644 --- a/openapi/generated_openapi/zz_generated.openapi.go +++ b/openapi/generated_openapi/zz_generated.openapi.go @@ -452,6 +452,7 @@ func GetOpenAPIDefinitions(ref common.ReferenceCallback) map[string]common.OpenA "github.com/openshift/api/config/v1alpha1.InsightsDataGatherSpec": schema_openshift_api_config_v1alpha1_InsightsDataGatherSpec(ref), "github.com/openshift/api/config/v1alpha1.InsightsDataGatherStatus": schema_openshift_api_config_v1alpha1_InsightsDataGatherStatus(ref), "github.com/openshift/api/config/v1alpha1.Label": schema_openshift_api_config_v1alpha1_Label(ref), + "github.com/openshift/api/config/v1alpha1.LocalObjectReference": schema_openshift_api_config_v1alpha1_LocalObjectReference(ref), "github.com/openshift/api/config/v1alpha1.MetricsServerConfig": schema_openshift_api_config_v1alpha1_MetricsServerConfig(ref), "github.com/openshift/api/config/v1alpha1.PKI": schema_openshift_api_config_v1alpha1_PKI(ref), "github.com/openshift/api/config/v1alpha1.PKICertificateSubject": schema_openshift_api_config_v1alpha1_PKICertificateSubject(ref), @@ -470,6 +471,7 @@ func GetOpenAPIDefinitions(ref common.ReferenceCallback) map[string]common.OpenA "github.com/openshift/api/config/v1alpha1.RetentionPolicy": schema_openshift_api_config_v1alpha1_RetentionPolicy(ref), "github.com/openshift/api/config/v1alpha1.RetentionSizeConfig": schema_openshift_api_config_v1alpha1_RetentionSizeConfig(ref), "github.com/openshift/api/config/v1alpha1.SecretKeyReference": schema_openshift_api_config_v1alpha1_SecretKeyReference(ref), + "github.com/openshift/api/config/v1alpha1.SecretKeySelector": schema_openshift_api_config_v1alpha1_SecretKeySelector(ref), "github.com/openshift/api/config/v1alpha1.Storage": schema_openshift_api_config_v1alpha1_Storage(ref), "github.com/openshift/api/config/v1alpha1.TLSConfig": schema_openshift_api_config_v1alpha1_TLSConfig(ref), "github.com/openshift/api/config/v1alpha1.UserDefinedMonitoring": schema_openshift_api_config_v1alpha1_UserDefinedMonitoring(ref), @@ -21888,7 +21890,7 @@ func schema_openshift_api_config_v1alpha1_ClusterMonitoringSpec(ref common.Refer }, "prometheusK8sConfig": { SchemaProps: spec.SchemaProps{ - Description: "prometheusK8sConfig provides configuration options for the Prometheus instance Prometheus deployment, pod scheduling, resource allocation, retention policies, and external integrations. prometheusK8sConfig is optional. When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time.", + Description: "prometheusK8sConfig provides configuration options for the Prometheus instance, which is the pod running Prometheus in the cluster. By default, at least one Prometheus pod is deployed in the `openshift-monitoring` namespace to collect and store metrics for the platform.\n\nThis field allows you to customize how Prometheus is deployed and operated, including:\n - Deployment settings (such as replica count and update strategy)\n - Pod scheduling (node selectors, tolerations, affinity)\n - Resource allocation (CPU, memory, and storage requests/limits)\n - Retention policies (how long metrics are stored)\n - External integrations (remote write/read, alerting, and scraping configuration)\n\nConfiguring Prometheus is important because it enables you to tailor monitoring to your cluster's needs, such as:\n - Ensuring high availability and reliability of monitoring data\n - Managing resource usage to fit your infrastructure\n - Controlling how long metrics are retained for compliance or troubleshooting\n - Integrating with external systems for alerting or long-term storage\n - Adjusting scraping and relabeling to match your workloads and security requirements\n\nFor more information on Prometheus configuration, see:\n https://prometheus.io/docs/prometheus/latest/configuration/configuration/\n https://prometheus.io/docs/prometheus/latest/storage/\n\nThis field is optional. When omitted, the platform chooses reasonable defaults, which may change over time.", Default: map[string]interface{}{}, Ref: ref("github.com/openshift/api/config/v1alpha1.prometheusK8sConfig"), }, @@ -22460,6 +22462,32 @@ func schema_openshift_api_config_v1alpha1_Label(ref common.ReferenceCallback) co } } +func schema_openshift_api_config_v1alpha1_LocalObjectReference(ref common.ReferenceCallback) common.OpenAPIDefinition { + return common.OpenAPIDefinition{ + Schema: spec.Schema{ + SchemaProps: spec.SchemaProps{ + Description: "LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace.", + Type: []string{"object"}, + Properties: map[string]spec.Schema{ + "name": { + SchemaProps: spec.SchemaProps{ + Description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names", + Default: "", + Type: []string{"string"}, + Format: "", + }, + }, + }, + }, + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-map-type": "atomic", + }, + }, + }, + } +} + func schema_openshift_api_config_v1alpha1_MetricsServerConfig(ref common.ReferenceCallback) common.OpenAPIDefinition { return common.OpenAPIDefinition{ Schema: spec.Schema{ @@ -22942,7 +22970,7 @@ func schema_openshift_api_config_v1alpha1_RelabelConfig(ref common.ReferenceCall }, }, SchemaProps: spec.SchemaProps{ - Description: "sourceLabels is a list of source label names.", + Description: "sourceLabels specifies which labels to extract from each series for this relabeling rule. If a label does not exist, an empty string (\"\") is used in its place. The values of these labels are joined together using the configured separator, and the resulting string is then matched against the regular expression for the replace, keep, or drop actions.", Type: []string{"array"}, Items: &spec.SchemaOrArray{ Schema: &spec.Schema{ @@ -22978,7 +23006,7 @@ func schema_openshift_api_config_v1alpha1_RelabelConfig(ref common.ReferenceCall }, "replacement": { SchemaProps: spec.SchemaProps{ - Description: "replacement is the replacement value for the target label.", + Description: "replacement is the value against which a regex replace is performed if the regular expression matches. Regex capture groups are available.", Type: []string{"string"}, Format: "", }, @@ -23019,7 +23047,7 @@ func schema_openshift_api_config_v1alpha1_RemoteWriteSpec(ref common.ReferenceCa }, "remoteTimeout": { SchemaProps: spec.SchemaProps{ - Description: "remoteTimeout is the timeout for requests to the remote write endpoint.", + Description: "remoteTimeout is the timeout for requests to the remote write endpoint. When omitted, the default is 30s.", Type: []string{"string"}, Format: "", }, @@ -23183,6 +23211,48 @@ func schema_openshift_api_config_v1alpha1_SecretKeyReference(ref common.Referenc } } +func schema_openshift_api_config_v1alpha1_SecretKeySelector(ref common.ReferenceCallback) common.OpenAPIDefinition { + return common.OpenAPIDefinition{ + Schema: spec.Schema{ + SchemaProps: spec.SchemaProps{ + Description: "SecretKeySelector selects a key of a Secret.", + Type: []string{"object"}, + Properties: map[string]spec.Schema{ + "name": { + SchemaProps: spec.SchemaProps{ + Description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names", + Default: "", + Type: []string{"string"}, + Format: "", + }, + }, + "key": { + SchemaProps: spec.SchemaProps{ + Description: "The key of the secret to select from. Must be a valid secret key.", + Default: "", + Type: []string{"string"}, + Format: "", + }, + }, + "optional": { + SchemaProps: spec.SchemaProps{ + Description: "Specify whether the Secret or its key must be defined", + Type: []string{"boolean"}, + Format: "", + }, + }, + }, + Required: []string{"key"}, + }, + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-map-type": "atomic", + }, + }, + }, + } +} + func schema_openshift_api_config_v1alpha1_Storage(ref common.ReferenceCallback) common.OpenAPIDefinition { return common.OpenAPIDefinition{ Schema: spec.Schema{ @@ -23223,31 +23293,31 @@ func schema_openshift_api_config_v1alpha1_TLSConfig(ref common.ReferenceCallback "ca": { SchemaProps: spec.SchemaProps{ Description: "ca is the CA certificate to use for TLS connections.", - Ref: ref("k8s.io/api/core/v1.SecretKeySelector"), + Ref: ref("github.com/openshift/api/config/v1alpha1.SecretKeySelector"), }, }, "cert": { SchemaProps: spec.SchemaProps{ Description: "cert is the client certificate to use for TLS connections.", - Ref: ref("k8s.io/api/core/v1.SecretKeySelector"), + Ref: ref("github.com/openshift/api/config/v1alpha1.SecretKeySelector"), }, }, "key": { SchemaProps: spec.SchemaProps{ Description: "key is the client key to use for TLS connections.", - Ref: ref("k8s.io/api/core/v1.SecretKeySelector"), + Ref: ref("github.com/openshift/api/config/v1alpha1.SecretKeySelector"), }, }, "serverName": { SchemaProps: spec.SchemaProps{ - Description: "serverName is the server name to use for TLS connections.", + Description: "serverName is the server name to use for TLS connections. If specified, must be a valid DNS subdomain as per RFC 1123.", Type: []string{"string"}, Format: "", }, }, "insecureSkipVerify": { SchemaProps: spec.SchemaProps{ - Description: "insecureSkipVerify determines whether to skip TLS certificate verification.", + Description: "verificationPolicy determines the policy for TLS certificate verification. Allowed values are \"Verify\" (default, secure) and \"InsecureSkipVerify\" (skip certificate verification, insecure). By default, certificate verification is performed (\"Verify\").", Type: []string{"string"}, Format: "", }, @@ -23256,7 +23326,7 @@ func schema_openshift_api_config_v1alpha1_TLSConfig(ref common.ReferenceCallback }, }, Dependencies: []string{ - "k8s.io/api/core/v1.SecretKeySelector"}, + "github.com/openshift/api/config/v1alpha1.SecretKeySelector"}, } } @@ -23311,7 +23381,7 @@ func schema_openshift_api_config_v1alpha1_prometheusK8sConfig(ref common.Referen }, "enforcedBodySizeLimit": { SchemaProps: spec.SchemaProps{ - Description: "enforcedBodySizeLimit enforces a body size limit for Prometheus scraped metrics. If a scraped target's body response is larger than the limit, the scrape will fail. The following values are valid: an empty value to specify no limit, a numeric value in Prometheus size format (such as `64MB`), or the string `automatic`, which indicates that the limit will be automatically calculated based on cluster capacity. To specify no limit, omit this field. Minimum length for this list is 1 Maximum length for this list is 50.", + Description: "enforcedBodySizeLimit enforces a body size limit for Prometheus scraped metrics. If a scraped target's body response is larger than the limit, the scrape will fail. The following values are valid: an empty value to specify no limit, a numeric value in Prometheus size format (such as \"4MB\", \"1000\", \"1GB\", \"512KB\", \"100B\") or the string `automatic`, which indicates that the limit will be automatically calculated based on cluster capacity. To specify no limit, omit this field. The value must match the following pattern: ^(automatic|[0-9]+(B|KB|MB|GB|TB)?)$ Minimum length for this list is 1 Maximum length for this list is 50.", Type: []string{"string"}, Format: "", }, @@ -23348,7 +23418,7 @@ func schema_openshift_api_config_v1alpha1_prometheusK8sConfig(ref common.Referen }, "queryLogFile": { SchemaProps: spec.SchemaProps{ - Description: "queryLogFile specifies the file to which PromQL queries are logged. This setting can be either a filename, in which case the queries are saved to an `emptyDir` volume at `/var/log/prometheus`, or a full path to a location where an `emptyDir` volume will be mounted and the queries saved. Writing to `/dev/stderr`, `/dev/stdout` or `/dev/null` is supported, but writing to any other `/dev/` path is not supported. Relative paths are also not supported. By default, PromQL queries are not logged.", + Description: "queryLogFile specifies the file to which PromQL queries are logged. This setting can be either a filename, in which case the queries are saved to an `emptyDir` volume at `/var/log/prometheus`, or a full path to a location where an `emptyDir` volume will be mounted and the queries saved. Writing to `/dev/stderr`, `/dev/stdout` or `/dev/null` is supported, but writing to any other `/dev/` path is not supported. Relative paths are also not supported. By default, PromQL queries are not logged. The value must be a valid filename.", Type: []string{"string"}, Format: "", }, @@ -23360,7 +23430,7 @@ func schema_openshift_api_config_v1alpha1_prometheusK8sConfig(ref common.Referen }, }, SchemaProps: spec.SchemaProps{ - Description: "remoteWrite defines the remote write configuration, including URL, authentication, and relabeling settings. remoteWrite supports a maximum of 10 items in the list.", + Description: "remoteWrite defines the remote write configuration, including URL, authentication, and relabeling settings. The remote-write protocol is intended to allow Prometheus instances to actively send the metrics they collect/receive to other instances. For more information, see: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#remote_write remoteWrite supports a maximum of 10 items in the list.", Type: []string{"array"}, Items: &spec.SchemaOrArray{ Schema: &spec.Schema{ diff --git a/openapi/openapi.json b/openapi/openapi.json index 60bf56ac5c2..543847489ed 100644 --- a/openapi/openapi.json +++ b/openapi/openapi.json @@ -11924,7 +11924,7 @@ "$ref": "#/definitions/com.github.openshift.api.config.v1alpha1.MetricsServerConfig" }, "prometheusK8sConfig": { - "description": "prometheusK8sConfig provides configuration options for the Prometheus instance Prometheus deployment, pod scheduling, resource allocation, retention policies, and external integrations. prometheusK8sConfig is optional. When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time.", + "description": "prometheusK8sConfig provides configuration options for the Prometheus instance, which is the pod running Prometheus in the cluster. By default, at least one Prometheus pod is deployed in the `openshift-monitoring` namespace to collect and store metrics for the platform.\n\nThis field allows you to customize how Prometheus is deployed and operated, including:\n - Deployment settings (such as replica count and update strategy)\n - Pod scheduling (node selectors, tolerations, affinity)\n - Resource allocation (CPU, memory, and storage requests/limits)\n - Retention policies (how long metrics are stored)\n - External integrations (remote write/read, alerting, and scraping configuration)\n\nConfiguring Prometheus is important because it enables you to tailor monitoring to your cluster's needs, such as:\n - Ensuring high availability and reliability of monitoring data\n - Managing resource usage to fit your infrastructure\n - Controlling how long metrics are retained for compliance or troubleshooting\n - Integrating with external systems for alerting or long-term storage\n - Adjusting scraping and relabeling to match your workloads and security requirements\n\nFor more information on Prometheus configuration, see:\n https://prometheus.io/docs/prometheus/latest/configuration/configuration/\n https://prometheus.io/docs/prometheus/latest/storage/\n\nThis field is optional. When omitted, the platform chooses reasonable defaults, which may change over time.", "default": {}, "$ref": "#/definitions/com.github.openshift.api.config.v1alpha1.prometheusK8sConfig" }, @@ -12253,6 +12253,18 @@ } } }, + "com.github.openshift.api.config.v1alpha1.LocalObjectReference": { + "description": "LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace.", + "type": "object", + "properties": { + "name": { + "description": "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names", + "type": "string", + "default": "" + } + }, + "x-kubernetes-map-type": "atomic" + }, "com.github.openshift.api.config.v1alpha1.MetricsServerConfig": { "description": "MetricsServerConfig provides configuration options for the Metrics Server instance that runs in the `openshift-monitoring` namespace. Use this configuration to control how the Metrics Server instance is deployed, how it logs, and how its pods are scheduled.", "type": "object", @@ -12551,7 +12563,7 @@ "type": "string" }, "replacement": { - "description": "replacement is the replacement value for the target label.", + "description": "replacement is the value against which a regex replace is performed if the regular expression matches. Regex capture groups are available.", "type": "string" }, "separator": { @@ -12559,7 +12571,7 @@ "type": "string" }, "sourceLabels": { - "description": "sourceLabels is a list of source label names.", + "description": "sourceLabels specifies which labels to extract from each series for this relabeling rule. If a label does not exist, an empty string (\"\") is used in its place. The values of these labels are joined together using the configured separator, and the resulting string is then matched against the regular expression for the replace, keep, or drop actions.", "type": "array", "items": { "type": "string", @@ -12585,7 +12597,7 @@ "type": "string" }, "remoteTimeout": { - "description": "remoteTimeout is the timeout for requests to the remote write endpoint.", + "description": "remoteTimeout is the timeout for requests to the remote write endpoint. When omitted, the default is 30s.", "type": "string" }, "url": { @@ -12692,6 +12704,30 @@ } } }, + "com.github.openshift.api.config.v1alpha1.SecretKeySelector": { + "description": "SecretKeySelector selects a key of a Secret.", + "type": "object", + "required": [ + "key" + ], + "properties": { + "key": { + "description": "The key of the secret to select from. Must be a valid secret key.", + "type": "string", + "default": "" + }, + "name": { + "description": "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names", + "type": "string", + "default": "" + }, + "optional": { + "description": "Specify whether the Secret or its key must be defined", + "type": "boolean" + } + }, + "x-kubernetes-map-type": "atomic" + }, "com.github.openshift.api.config.v1alpha1.Storage": { "description": "storage provides persistent storage configuration options for gathering jobs. If the type is set to PersistentVolume, then the PersistentVolume must be defined. If the type is set to Ephemeral, then the PersistentVolume must not be defined.", "type": "object", @@ -12716,22 +12752,22 @@ "properties": { "ca": { "description": "ca is the CA certificate to use for TLS connections.", - "$ref": "#/definitions/io.k8s.api.core.v1.SecretKeySelector" + "$ref": "#/definitions/com.github.openshift.api.config.v1alpha1.SecretKeySelector" }, "cert": { "description": "cert is the client certificate to use for TLS connections.", - "$ref": "#/definitions/io.k8s.api.core.v1.SecretKeySelector" + "$ref": "#/definitions/com.github.openshift.api.config.v1alpha1.SecretKeySelector" }, "insecureSkipVerify": { - "description": "insecureSkipVerify determines whether to skip TLS certificate verification.", + "description": "verificationPolicy determines the policy for TLS certificate verification. Allowed values are \"Verify\" (default, secure) and \"InsecureSkipVerify\" (skip certificate verification, insecure). By default, certificate verification is performed (\"Verify\").", "type": "string" }, "key": { "description": "key is the client key to use for TLS connections.", - "$ref": "#/definitions/io.k8s.api.core.v1.SecretKeySelector" + "$ref": "#/definitions/com.github.openshift.api.config.v1alpha1.SecretKeySelector" }, "serverName": { - "description": "serverName is the server name to use for TLS connections.", + "description": "serverName is the server name to use for TLS connections. If specified, must be a valid DNS subdomain as per RFC 1123.", "type": "string" } } @@ -12772,7 +12808,7 @@ "type": "string" }, "enforcedBodySizeLimit": { - "description": "enforcedBodySizeLimit enforces a body size limit for Prometheus scraped metrics. If a scraped target's body response is larger than the limit, the scrape will fail. The following values are valid: an empty value to specify no limit, a numeric value in Prometheus size format (such as `64MB`), or the string `automatic`, which indicates that the limit will be automatically calculated based on cluster capacity. To specify no limit, omit this field. Minimum length for this list is 1 Maximum length for this list is 50.", + "description": "enforcedBodySizeLimit enforces a body size limit for Prometheus scraped metrics. If a scraped target's body response is larger than the limit, the scrape will fail. The following values are valid: an empty value to specify no limit, a numeric value in Prometheus size format (such as \"4MB\", \"1000\", \"1GB\", \"512KB\", \"100B\") or the string `automatic`, which indicates that the limit will be automatically calculated based on cluster capacity. To specify no limit, omit this field. The value must match the following pattern: ^(automatic|[0-9]+(B|KB|MB|GB|TB)?)$ Minimum length for this list is 1 Maximum length for this list is 50.", "type": "string" }, "externalLabels": { @@ -12793,11 +12829,11 @@ } }, "queryLogFile": { - "description": "queryLogFile specifies the file to which PromQL queries are logged. This setting can be either a filename, in which case the queries are saved to an `emptyDir` volume at `/var/log/prometheus`, or a full path to a location where an `emptyDir` volume will be mounted and the queries saved. Writing to `/dev/stderr`, `/dev/stdout` or `/dev/null` is supported, but writing to any other `/dev/` path is not supported. Relative paths are also not supported. By default, PromQL queries are not logged.", + "description": "queryLogFile specifies the file to which PromQL queries are logged. This setting can be either a filename, in which case the queries are saved to an `emptyDir` volume at `/var/log/prometheus`, or a full path to a location where an `emptyDir` volume will be mounted and the queries saved. Writing to `/dev/stderr`, `/dev/stdout` or `/dev/null` is supported, but writing to any other `/dev/` path is not supported. Relative paths are also not supported. By default, PromQL queries are not logged. The value must be a valid filename.", "type": "string" }, "remoteWrite": { - "description": "remoteWrite defines the remote write configuration, including URL, authentication, and relabeling settings. remoteWrite supports a maximum of 10 items in the list.", + "description": "remoteWrite defines the remote write configuration, including URL, authentication, and relabeling settings. The remote-write protocol is intended to allow Prometheus instances to actively send the metrics they collect/receive to other instances. For more information, see: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#remote_write remoteWrite supports a maximum of 10 items in the list.", "type": "array", "items": { "default": {}, diff --git a/payload-manifests/crds/0000_10_config-operator_01_clustermonitoring-CustomNoUpgrade.crd.yaml b/payload-manifests/crds/0000_10_config-operator_01_clustermonitoring-CustomNoUpgrade.crd.yaml index abfe382f0ff..e527fec32e2 100644 --- a/payload-manifests/crds/0000_10_config-operator_01_clustermonitoring-CustomNoUpgrade.crd.yaml +++ b/payload-manifests/crds/0000_10_config-operator_01_clustermonitoring-CustomNoUpgrade.crd.yaml @@ -1290,10 +1290,28 @@ spec: type: object prometheusK8sConfig: description: |- - prometheusK8sConfig provides configuration options for the Prometheus instance - Prometheus deployment, pod scheduling, resource allocation, retention policies, and external integrations. - prometheusK8sConfig is optional. - When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time. + prometheusK8sConfig provides configuration options for the Prometheus instance, which is the pod running Prometheus in the cluster. + By default, at least one Prometheus pod is deployed in the `openshift-monitoring` namespace to collect and store metrics for the platform. + + This field allows you to customize how Prometheus is deployed and operated, including: + - Deployment settings (such as replica count and update strategy) + - Pod scheduling (node selectors, tolerations, affinity) + - Resource allocation (CPU, memory, and storage requests/limits) + - Retention policies (how long metrics are stored) + - External integrations (remote write/read, alerting, and scraping configuration) + + Configuring Prometheus is important because it enables you to tailor monitoring to your cluster's needs, such as: + - Ensuring high availability and reliability of monitoring data + - Managing resource usage to fit your infrastructure + - Controlling how long metrics are retained for compliance or troubleshooting + - Integrating with external systems for alerting or long-term storage + - Adjusting scraping and relabeling to match your workloads and security requirements + + For more information on Prometheus configuration, see: + https://prometheus.io/docs/prometheus/latest/configuration/configuration/ + https://prometheus.io/docs/prometheus/latest/storage/ + + This field is optional. When omitted, the platform chooses reasonable defaults, which may change over time. minProperties: 1 properties: additionalAlertmanagerConfigs: @@ -1394,8 +1412,6 @@ spec: description: Specify whether the Secret or its key must be defined type: boolean - required: - - key type: object x-kubernetes-map-type: atomic cert: @@ -1419,16 +1435,17 @@ spec: description: Specify whether the Secret or its key must be defined type: boolean - required: - - key type: object x-kubernetes-map-type: atomic insecureSkipVerify: - description: insecureSkipVerify determines whether to - skip TLS certificate verification. + default: Verify + description: |- + verificationPolicy determines the policy for TLS certificate verification. + Allowed values are "Verify" (default, secure) and "InsecureSkipVerify" (skip certificate verification, insecure). + By default, certificate verification is performed ("Verify"). enum: - - true - - false + - Verify + - InsecureSkipVerify type: string key: description: key is the client key to use for TLS connections. @@ -1450,14 +1467,15 @@ spec: description: Specify whether the Secret or its key must be defined type: boolean - required: - - key type: object x-kubernetes-map-type: atomic serverName: - description: serverName is the server name to use for - TLS connections. + description: |- + serverName is the server name to use for TLS connections. + If specified, must be a valid DNS subdomain as per RFC 1123. maxLength: 253 + minLength: 1 + pattern: ^([a-zA-Z0-9][-a-zA-Z0-9]*\.)*[a-zA-Z0-9][-a-zA-Z0-9]*$ type: string type: object required: @@ -1479,8 +1497,8 @@ spec: When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time. The default value is `full`. enum: - - full - - minimal + - Full + - Minimal type: string enforcedBodySizeLimit: description: |- @@ -1488,14 +1506,16 @@ spec: target's body response is larger than the limit, the scrape will fail. The following values are valid: an empty value to specify no limit, - a numeric value in Prometheus size format (such as `64MB`), or - the string `automatic`, which indicates that the limit will be + a numeric value in Prometheus size format (such as "4MB", "1000", "1GB", "512KB", "100B") + or the string `automatic`, which indicates that the limit will be automatically calculated based on cluster capacity. To specify no limit, omit this field. + The value must match the following pattern: ^(automatic|[0-9]+(B|KB|MB|GB|TB)?)$ Minimum length for this list is 1 Maximum length for this list is 50. maxLength: 50 minLength: 1 + pattern: ^(automatic|[0-9]+(B|KB|MB|GB|TB)?)$ type: string externalLabels: description: |- @@ -1574,13 +1594,16 @@ spec: writing to any other `/dev/` path is not supported. Relative paths are also not supported. By default, PromQL queries are not logged. + The value must be a valid filename. maxLength: 255 minLength: 1 + pattern: ^[a-zA-Z0-9_\-\./]+$ type: string remoteWrite: description: |- - remoteWrite defines the remote write configuration, including URL, authentication, - and relabeling settings. + remoteWrite defines the remote write configuration, including URL, authentication, and relabeling settings. + The remote-write protocol is intended to allow Prometheus instances to actively send the metrics they collect/receive to other instances. + For more information, see: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#remote_write remoteWrite supports a maximum of 10 items in the list. items: description: RemoteWriteSpec represents configuration for remote @@ -1589,15 +1612,21 @@ spec: name: description: name is the name of the remote write configuration. maxLength: 63 + pattern: ^[a-zA-Z0-9]([-a-zA-Z0-9_.]*[a-zA-Z0-9])?$ type: string remoteTimeout: - description: remoteTimeout is the timeout for requests to - the remote write endpoint. + description: |- + remoteTimeout is the timeout for requests to the remote write endpoint. + When omitted, the default is 30s. maxLength: 20 + minLength: 2 + pattern: ^([0-9]+(\.[0-9]+)?(ns|us|µs|ms|s|m|h))+$ type: string url: description: url is the URL of the remote write endpoint. maxLength: 2048 + minLength: 1 + pattern: ^https?://[^\s]+$ type: string writeRelabelConfigs: description: writeRelabelConfigs is a list of relabeling @@ -1615,8 +1644,9 @@ spec: maxLength: 1000 type: string replacement: - description: replacement is the replacement value - for the target label. + description: |- + replacement is the value against which a regex replace is performed if the + regular expression matches. Regex capture groups are available. maxLength: 255 type: string separator: @@ -1625,8 +1655,12 @@ spec: maxLength: 10 type: string sourceLabels: - description: sourceLabels is a list of source label - names. + description: |- + sourceLabels specifies which labels to extract from each series for this relabeling rule. + If a label does not exist, an empty string ("") is used in its place. + The values of these labels are joined together using the configured separator, + and the resulting string is then matched against the regular expression for + the replace, keep, or drop actions. items: maxLength: 63 type: string @@ -1739,6 +1773,7 @@ spec: The default value is `15d`. maxLength: 20 minLength: 1 + pattern: ^[0-9]+(ms|s|m|h|d|w|y)$ type: string retentionSize: description: |- @@ -1747,6 +1782,7 @@ spec: When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time. The default is no storage size limit is enforced and Prometheus will use the available storage capacity of the PersistentVolume. maxLength: 20 + pattern: ^[0-9]+(Ei|Pi|Ti|Gi|Mi|Ki|E|P|T|G|M|K)?$ type: string tolerations: description: |- diff --git a/payload-manifests/crds/0000_10_config-operator_01_clustermonitoring-DevPreviewNoUpgrade.crd.yaml b/payload-manifests/crds/0000_10_config-operator_01_clustermonitoring-DevPreviewNoUpgrade.crd.yaml index c75d35066bc..68302fb891d 100644 --- a/payload-manifests/crds/0000_10_config-operator_01_clustermonitoring-DevPreviewNoUpgrade.crd.yaml +++ b/payload-manifests/crds/0000_10_config-operator_01_clustermonitoring-DevPreviewNoUpgrade.crd.yaml @@ -1290,10 +1290,28 @@ spec: type: object prometheusK8sConfig: description: |- - prometheusK8sConfig provides configuration options for the Prometheus instance - Prometheus deployment, pod scheduling, resource allocation, retention policies, and external integrations. - prometheusK8sConfig is optional. - When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time. + prometheusK8sConfig provides configuration options for the Prometheus instance, which is the pod running Prometheus in the cluster. + By default, at least one Prometheus pod is deployed in the `openshift-monitoring` namespace to collect and store metrics for the platform. + + This field allows you to customize how Prometheus is deployed and operated, including: + - Deployment settings (such as replica count and update strategy) + - Pod scheduling (node selectors, tolerations, affinity) + - Resource allocation (CPU, memory, and storage requests/limits) + - Retention policies (how long metrics are stored) + - External integrations (remote write/read, alerting, and scraping configuration) + + Configuring Prometheus is important because it enables you to tailor monitoring to your cluster's needs, such as: + - Ensuring high availability and reliability of monitoring data + - Managing resource usage to fit your infrastructure + - Controlling how long metrics are retained for compliance or troubleshooting + - Integrating with external systems for alerting or long-term storage + - Adjusting scraping and relabeling to match your workloads and security requirements + + For more information on Prometheus configuration, see: + https://prometheus.io/docs/prometheus/latest/configuration/configuration/ + https://prometheus.io/docs/prometheus/latest/storage/ + + This field is optional. When omitted, the platform chooses reasonable defaults, which may change over time. minProperties: 1 properties: additionalAlertmanagerConfigs: @@ -1394,8 +1412,6 @@ spec: description: Specify whether the Secret or its key must be defined type: boolean - required: - - key type: object x-kubernetes-map-type: atomic cert: @@ -1419,16 +1435,17 @@ spec: description: Specify whether the Secret or its key must be defined type: boolean - required: - - key type: object x-kubernetes-map-type: atomic insecureSkipVerify: - description: insecureSkipVerify determines whether to - skip TLS certificate verification. + default: Verify + description: |- + verificationPolicy determines the policy for TLS certificate verification. + Allowed values are "Verify" (default, secure) and "InsecureSkipVerify" (skip certificate verification, insecure). + By default, certificate verification is performed ("Verify"). enum: - - true - - false + - Verify + - InsecureSkipVerify type: string key: description: key is the client key to use for TLS connections. @@ -1450,14 +1467,15 @@ spec: description: Specify whether the Secret or its key must be defined type: boolean - required: - - key type: object x-kubernetes-map-type: atomic serverName: - description: serverName is the server name to use for - TLS connections. + description: |- + serverName is the server name to use for TLS connections. + If specified, must be a valid DNS subdomain as per RFC 1123. maxLength: 253 + minLength: 1 + pattern: ^([a-zA-Z0-9][-a-zA-Z0-9]*\.)*[a-zA-Z0-9][-a-zA-Z0-9]*$ type: string type: object required: @@ -1479,8 +1497,8 @@ spec: When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time. The default value is `full`. enum: - - full - - minimal + - Full + - Minimal type: string enforcedBodySizeLimit: description: |- @@ -1488,14 +1506,16 @@ spec: target's body response is larger than the limit, the scrape will fail. The following values are valid: an empty value to specify no limit, - a numeric value in Prometheus size format (such as `64MB`), or - the string `automatic`, which indicates that the limit will be + a numeric value in Prometheus size format (such as "4MB", "1000", "1GB", "512KB", "100B") + or the string `automatic`, which indicates that the limit will be automatically calculated based on cluster capacity. To specify no limit, omit this field. + The value must match the following pattern: ^(automatic|[0-9]+(B|KB|MB|GB|TB)?)$ Minimum length for this list is 1 Maximum length for this list is 50. maxLength: 50 minLength: 1 + pattern: ^(automatic|[0-9]+(B|KB|MB|GB|TB)?)$ type: string externalLabels: description: |- @@ -1574,13 +1594,16 @@ spec: writing to any other `/dev/` path is not supported. Relative paths are also not supported. By default, PromQL queries are not logged. + The value must be a valid filename. maxLength: 255 minLength: 1 + pattern: ^[a-zA-Z0-9_\-\./]+$ type: string remoteWrite: description: |- - remoteWrite defines the remote write configuration, including URL, authentication, - and relabeling settings. + remoteWrite defines the remote write configuration, including URL, authentication, and relabeling settings. + The remote-write protocol is intended to allow Prometheus instances to actively send the metrics they collect/receive to other instances. + For more information, see: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#remote_write remoteWrite supports a maximum of 10 items in the list. items: description: RemoteWriteSpec represents configuration for remote @@ -1589,15 +1612,21 @@ spec: name: description: name is the name of the remote write configuration. maxLength: 63 + pattern: ^[a-zA-Z0-9]([-a-zA-Z0-9_.]*[a-zA-Z0-9])?$ type: string remoteTimeout: - description: remoteTimeout is the timeout for requests to - the remote write endpoint. + description: |- + remoteTimeout is the timeout for requests to the remote write endpoint. + When omitted, the default is 30s. maxLength: 20 + minLength: 2 + pattern: ^([0-9]+(\.[0-9]+)?(ns|us|µs|ms|s|m|h))+$ type: string url: description: url is the URL of the remote write endpoint. maxLength: 2048 + minLength: 1 + pattern: ^https?://[^\s]+$ type: string writeRelabelConfigs: description: writeRelabelConfigs is a list of relabeling @@ -1615,8 +1644,9 @@ spec: maxLength: 1000 type: string replacement: - description: replacement is the replacement value - for the target label. + description: |- + replacement is the value against which a regex replace is performed if the + regular expression matches. Regex capture groups are available. maxLength: 255 type: string separator: @@ -1625,8 +1655,12 @@ spec: maxLength: 10 type: string sourceLabels: - description: sourceLabels is a list of source label - names. + description: |- + sourceLabels specifies which labels to extract from each series for this relabeling rule. + If a label does not exist, an empty string ("") is used in its place. + The values of these labels are joined together using the configured separator, + and the resulting string is then matched against the regular expression for + the replace, keep, or drop actions. items: maxLength: 63 type: string @@ -1739,6 +1773,7 @@ spec: The default value is `15d`. maxLength: 20 minLength: 1 + pattern: ^[0-9]+(ms|s|m|h|d|w|y)$ type: string retentionSize: description: |- @@ -1747,6 +1782,7 @@ spec: When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time. The default is no storage size limit is enforced and Prometheus will use the available storage capacity of the PersistentVolume. maxLength: 20 + pattern: ^[0-9]+(Ei|Pi|Ti|Gi|Mi|Ki|E|P|T|G|M|K)?$ type: string tolerations: description: |- diff --git a/payload-manifests/crds/0000_10_config-operator_01_clustermonitoring-TechPreviewNoUpgrade.crd.yaml b/payload-manifests/crds/0000_10_config-operator_01_clustermonitoring-TechPreviewNoUpgrade.crd.yaml index baacd020e9f..4fdbef2a285 100644 --- a/payload-manifests/crds/0000_10_config-operator_01_clustermonitoring-TechPreviewNoUpgrade.crd.yaml +++ b/payload-manifests/crds/0000_10_config-operator_01_clustermonitoring-TechPreviewNoUpgrade.crd.yaml @@ -1290,10 +1290,28 @@ spec: type: object prometheusK8sConfig: description: |- - prometheusK8sConfig provides configuration options for the Prometheus instance - Prometheus deployment, pod scheduling, resource allocation, retention policies, and external integrations. - prometheusK8sConfig is optional. - When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time. + prometheusK8sConfig provides configuration options for the Prometheus instance, which is the pod running Prometheus in the cluster. + By default, at least one Prometheus pod is deployed in the `openshift-monitoring` namespace to collect and store metrics for the platform. + + This field allows you to customize how Prometheus is deployed and operated, including: + - Deployment settings (such as replica count and update strategy) + - Pod scheduling (node selectors, tolerations, affinity) + - Resource allocation (CPU, memory, and storage requests/limits) + - Retention policies (how long metrics are stored) + - External integrations (remote write/read, alerting, and scraping configuration) + + Configuring Prometheus is important because it enables you to tailor monitoring to your cluster's needs, such as: + - Ensuring high availability and reliability of monitoring data + - Managing resource usage to fit your infrastructure + - Controlling how long metrics are retained for compliance or troubleshooting + - Integrating with external systems for alerting or long-term storage + - Adjusting scraping and relabeling to match your workloads and security requirements + + For more information on Prometheus configuration, see: + https://prometheus.io/docs/prometheus/latest/configuration/configuration/ + https://prometheus.io/docs/prometheus/latest/storage/ + + This field is optional. When omitted, the platform chooses reasonable defaults, which may change over time. minProperties: 1 properties: additionalAlertmanagerConfigs: @@ -1394,8 +1412,6 @@ spec: description: Specify whether the Secret or its key must be defined type: boolean - required: - - key type: object x-kubernetes-map-type: atomic cert: @@ -1419,16 +1435,17 @@ spec: description: Specify whether the Secret or its key must be defined type: boolean - required: - - key type: object x-kubernetes-map-type: atomic insecureSkipVerify: - description: insecureSkipVerify determines whether to - skip TLS certificate verification. + default: Verify + description: |- + verificationPolicy determines the policy for TLS certificate verification. + Allowed values are "Verify" (default, secure) and "InsecureSkipVerify" (skip certificate verification, insecure). + By default, certificate verification is performed ("Verify"). enum: - - true - - false + - Verify + - InsecureSkipVerify type: string key: description: key is the client key to use for TLS connections. @@ -1450,14 +1467,15 @@ spec: description: Specify whether the Secret or its key must be defined type: boolean - required: - - key type: object x-kubernetes-map-type: atomic serverName: - description: serverName is the server name to use for - TLS connections. + description: |- + serverName is the server name to use for TLS connections. + If specified, must be a valid DNS subdomain as per RFC 1123. maxLength: 253 + minLength: 1 + pattern: ^([a-zA-Z0-9][-a-zA-Z0-9]*\.)*[a-zA-Z0-9][-a-zA-Z0-9]*$ type: string type: object required: @@ -1479,8 +1497,8 @@ spec: When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time. The default value is `full`. enum: - - full - - minimal + - Full + - Minimal type: string enforcedBodySizeLimit: description: |- @@ -1488,14 +1506,16 @@ spec: target's body response is larger than the limit, the scrape will fail. The following values are valid: an empty value to specify no limit, - a numeric value in Prometheus size format (such as `64MB`), or - the string `automatic`, which indicates that the limit will be + a numeric value in Prometheus size format (such as "4MB", "1000", "1GB", "512KB", "100B") + or the string `automatic`, which indicates that the limit will be automatically calculated based on cluster capacity. To specify no limit, omit this field. + The value must match the following pattern: ^(automatic|[0-9]+(B|KB|MB|GB|TB)?)$ Minimum length for this list is 1 Maximum length for this list is 50. maxLength: 50 minLength: 1 + pattern: ^(automatic|[0-9]+(B|KB|MB|GB|TB)?)$ type: string externalLabels: description: |- @@ -1574,13 +1594,16 @@ spec: writing to any other `/dev/` path is not supported. Relative paths are also not supported. By default, PromQL queries are not logged. + The value must be a valid filename. maxLength: 255 minLength: 1 + pattern: ^[a-zA-Z0-9_\-\./]+$ type: string remoteWrite: description: |- - remoteWrite defines the remote write configuration, including URL, authentication, - and relabeling settings. + remoteWrite defines the remote write configuration, including URL, authentication, and relabeling settings. + The remote-write protocol is intended to allow Prometheus instances to actively send the metrics they collect/receive to other instances. + For more information, see: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#remote_write remoteWrite supports a maximum of 10 items in the list. items: description: RemoteWriteSpec represents configuration for remote @@ -1589,15 +1612,21 @@ spec: name: description: name is the name of the remote write configuration. maxLength: 63 + pattern: ^[a-zA-Z0-9]([-a-zA-Z0-9_.]*[a-zA-Z0-9])?$ type: string remoteTimeout: - description: remoteTimeout is the timeout for requests to - the remote write endpoint. + description: |- + remoteTimeout is the timeout for requests to the remote write endpoint. + When omitted, the default is 30s. maxLength: 20 + minLength: 2 + pattern: ^([0-9]+(\.[0-9]+)?(ns|us|µs|ms|s|m|h))+$ type: string url: description: url is the URL of the remote write endpoint. maxLength: 2048 + minLength: 1 + pattern: ^https?://[^\s]+$ type: string writeRelabelConfigs: description: writeRelabelConfigs is a list of relabeling @@ -1615,8 +1644,9 @@ spec: maxLength: 1000 type: string replacement: - description: replacement is the replacement value - for the target label. + description: |- + replacement is the value against which a regex replace is performed if the + regular expression matches. Regex capture groups are available. maxLength: 255 type: string separator: @@ -1625,8 +1655,12 @@ spec: maxLength: 10 type: string sourceLabels: - description: sourceLabels is a list of source label - names. + description: |- + sourceLabels specifies which labels to extract from each series for this relabeling rule. + If a label does not exist, an empty string ("") is used in its place. + The values of these labels are joined together using the configured separator, + and the resulting string is then matched against the regular expression for + the replace, keep, or drop actions. items: maxLength: 63 type: string @@ -1739,6 +1773,7 @@ spec: The default value is `15d`. maxLength: 20 minLength: 1 + pattern: ^[0-9]+(ms|s|m|h|d|w|y)$ type: string retentionSize: description: |- @@ -1747,6 +1782,7 @@ spec: When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time. The default is no storage size limit is enforced and Prometheus will use the available storage capacity of the PersistentVolume. maxLength: 20 + pattern: ^[0-9]+(Ei|Pi|Ti|Gi|Mi|Ki|E|P|T|G|M|K)?$ type: string tolerations: description: |- From 9ffe6c7908cb1f0b3a97566ffc4665d66896146d Mon Sep 17 00:00:00 2001 From: Mario Fernandez Date: Mon, 22 Sep 2025 13:02:34 +0200 Subject: [PATCH 4/5] fix lint Signed-off-by: Mario Fernandez --- config/v1alpha1/types_cluster_monitoring.go | 71 +-- ...clustermonitoring-CustomNoUpgrade.crd.yaml | 76 +++- ...termonitoring-DevPreviewNoUpgrade.crd.yaml | 76 +++- ...ermonitoring-TechPreviewNoUpgrade.crd.yaml | 76 +++- config/v1alpha1/zz_generated.deepcopy.go | 141 +++--- .../ClusterMonitoringConfig.yaml | 76 +++- .../zz_generated.swagger_doc_generated.go | 36 +- .../generated_openapi/zz_generated.openapi.go | 417 +++++++++--------- openapi/openapi.json | 245 +++++----- ...clustermonitoring-CustomNoUpgrade.crd.yaml | 76 +++- ...termonitoring-DevPreviewNoUpgrade.crd.yaml | 76 +++- ...ermonitoring-TechPreviewNoUpgrade.crd.yaml | 76 +++- 12 files changed, 878 insertions(+), 564 deletions(-) diff --git a/config/v1alpha1/types_cluster_monitoring.go b/config/v1alpha1/types_cluster_monitoring.go index 38abef5335e..a2d9c277865 100644 --- a/config/v1alpha1/types_cluster_monitoring.go +++ b/config/v1alpha1/types_cluster_monitoring.go @@ -112,7 +112,7 @@ type ClusterMonitoringSpec struct { // // This field is optional. When omitted, the platform chooses reasonable defaults, which may change over time. // +optional - PrometheusK8sConfig prometheusK8sConfig `json:"prometheusK8sConfig,omitempty,omitzero"` + PrometheusK8sConfig PrometheusK8sConfig `json:"prometheusK8sConfig,omitempty,omitzero"` // metricsServerConfig is an optional field that can be used to configure the Kubernetes Metrics Server that runs in the openshift-monitoring namespace. // Specifically, it can configure how the Metrics Server instance is deployed, pod scheduling, its audit policy and log verbosity. // When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time. @@ -440,16 +440,17 @@ type MetricsServerConfig struct { TopologySpreadConstraints []v1.TopologySpreadConstraint `json:"topologySpreadConstraints,omitempty"` } -// prometheusK8sConfig provides configuration options for the Prometheus instance +// PrometheusK8sConfig provides configuration options for the Prometheus instance // Use this configuration to control // Prometheus deployment, pod scheduling, resource allocation, retention policies, and external integrations. // +kubebuilder:validation:MinProperties=1 -type prometheusK8sConfig struct { +type PrometheusK8sConfig struct { // additionalAlertmanagerConfigs configures additional Alertmanager instances that receive alerts from // the Prometheus component. By default, no additional Alertmanager instances are configured. // +optional // +kubebuilder:validation:MaxItems=10 // +listType=map + // +listMapKey=apiVersion AdditionalAlertmanagerConfigs []AdditionalAlertmanagerConfig `json:"additionalAlertmanagerConfigs,omitempty"` // enforcedBodySizeLimit enforces a body size limit for Prometheus scraped metrics. If a scraped // target's body response is larger than the limit, the scrape will fail. @@ -466,7 +467,7 @@ type prometheusK8sConfig struct { // +kubebuilder:validation:MaxLength=50 // +kubebuilder:validation:Pattern=`^(automatic|[0-9]+(B|KB|MB|GB|TB)?)$` // +optional - EnforcedBodySizeLimit *string `json:"enforcedBodySizeLimit,omitempty"` + EnforcedBodySizeLimit string `json:"enforcedBodySizeLimit,omitempty"` // externalLabels defines labels to be added to any time series or alerts when // communicating with external systems such as federation, remote storage, // and Alertmanager. By default, no labels are added. @@ -508,13 +509,14 @@ type prometheusK8sConfig struct { // +kubebuilder:validation:MinLength=1 // +kubebuilder:validation:MaxLength=255 // +kubebuilder:validation:Pattern=`^[a-zA-Z0-9_\-\./]+$` - QueryLogFile *string `json:"queryLogFile,omitempty"` + QueryLogFile string `json:"queryLogFile,omitempty"` // remoteWrite defines the remote write configuration, including URL, authentication, and relabeling settings. // The remote-write protocol is intended to allow Prometheus instances to actively send the metrics they collect/receive to other instances. // For more information, see: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#remote_write // remoteWrite supports a maximum of 10 items in the list. // +kubebuilder:validation:MaxItems=10 // +listType=map + // +listMapKey=url // +optional RemoteWrite []RemoteWriteSpec `json:"remoteWrite,omitempty"` // resources defines the compute resource requests and limits for the Prometheus container. @@ -550,7 +552,7 @@ type prometheusK8sConfig struct { // +kubebuilder:validation:MaxLength=20 // +kubebuilder:validation:Pattern=`^[0-9]+(ms|s|m|h|d|w|y)$` // +optional - Retention *string `json:"retention,omitempty"` + Retention string `json:"retention,omitempty"` // retentionSize specifies the maximum volume of persistent storage that Prometheus uses for data blocks and the write-ahead log (WAL). // Acceptable values use standard Kubernetes resource quantity formats, such as `Mi`, `Gi`, `Ti`, etc. // When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time. @@ -619,15 +621,18 @@ const ( // SecretKeyReference represents a reference to a secret key. type SecretKeyReference struct { - // The name of the secret in the pod's namespace to select from. + // name of the secret in the pod's namespace to select from. // +required - Name string `json:"name"` - // The key of the secret to select from. Must be a valid secret key. + // +kubebuilder:validation:MaxLength=253 + Name *string `json:"name,omitempty"` + // key of the secret to select from. Must be a valid secret key. // +required - Key string `json:"key"` - // Specify whether the Secret or its key must be defined + // +kubebuilder:validation:MaxLength=253 + Key *string `json:"key,omitempty"` + // optional specifies whether the Secret or its key must be defined // +optional - Optional *bool `json:"optional,omitempty"` + // +kubebuilder:validation:Enum=true;false + Optional string `json:"optional,omitempty"` } type AlertmanagerScheme string @@ -650,12 +655,12 @@ type AdditionalAlertmanagerConfig struct { // to use when authenticating to Alertmanager. // This is a custom type to allow for admission time validations. // +optional - BearerToken *SecretKeyReference `json:"bearerToken,omitempty"` + BearerToken SecretKeyReference `json:"bearerToken,omitempty,omitzero"` // pathPrefix defines the path prefix to add in front of the push endpoint path. // +kubebuilder:validation:MaxLength=255 // +kubebuilder:validation:MinLength=1 // +optional - PathPrefix *string `json:"pathPrefix,omitempty"` + PathPrefix string `json:"pathPrefix,omitempty"` // scheme defines the URL scheme to use when communicating with Alertmanager // instances. // Possible values are `http` or `https`. The default value is `http`. @@ -674,8 +679,9 @@ type AdditionalAlertmanagerConfig struct { // The value must be a valid Go time.Duration string (e.g. 30s, 5m, 1h). // +kubebuilder:validation:Pattern=`^([0-9]+(\.[0-9]+)?(ns|us|µs|ms|s|m|h))+$` // +kubebuilder:validation:MinLength=2 + // +kubebuilder:validation:MaxLength=20 // +optional - Timeout *string `json:"timeout,omitempty"` + Timeout string `json:"timeout,omitempty"` // tlsConfig defines the TLS settings to use for Alertmanager connections. // When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time. // +optional @@ -688,12 +694,12 @@ type Label struct { // +required // +kubebuilder:validation:MaxLength=63 // +kubebuilder:validation:MinLength=1 - Key string `json:"key"` + Key string `json:"key,omitempty"` // value is the value of the label. // +required // +kubebuilder:validation:MaxLength=63 // +kubebuilder:validation:MinLength=1 - Value string `json:"value"` + Value string `json:"value,omitempty"` } // ExternalLabels represents labels to be added to time series and alerts. @@ -714,7 +720,7 @@ type RemoteWriteSpec struct { // +kubebuilder:validation:MaxLength=2048 // +kubebuilder:validation:MinLength=1 // +kubebuilder:validation:Pattern=`^https?://[^\s]+$` - URL *string `json:"url,omitempty"` + URL string `json:"url,omitempty"` // name is the name of the remote write configuration. // +optional // +kubebuilder:validation:MaxLength=63 @@ -726,7 +732,7 @@ type RemoteWriteSpec struct { // +kubebuilder:validation:MaxLength=20 // +kubebuilder:validation:Pattern=`^([0-9]+(\.[0-9]+)?(ns|us|µs|ms|s|m|h))+$` // +kubebuilder:validation:MinLength=2 - RemoteTimeout *string `json:"remoteTimeout,omitempty"` + RemoteTimeout string `json:"remoteTimeout,omitempty"` // writeRelabelConfigs is a list of relabeling rules to apply before sending data to the remote endpoint. // +optional // +kubebuilder:validation:MaxItems=10 @@ -773,21 +779,21 @@ type RelabelConfig struct { type TLSConfig struct { // ca is the CA certificate to use for TLS connections. // +optional - CA *SecretKeySelector `json:"ca,omitempty"` + CA SecretKeySelector `json:"ca,omitempty,omitzero"` // cert is the client certificate to use for TLS connections. // +optional - Cert *SecretKeySelector `json:"cert,omitempty"` + Cert SecretKeySelector `json:"cert,omitempty,omitzero"` // key is the client key to use for TLS connections. // +optional - Key *SecretKeySelector `json:"key,omitempty"` + Key SecretKeySelector `json:"key,omitempty,omitzero"` // serverName is the server name to use for TLS connections. // If specified, must be a valid DNS subdomain as per RFC 1123. // +optional // +kubebuilder:validation:MinLength=1 // +kubebuilder:validation:MaxLength=253 // +kubebuilder:validation:Pattern=`^([a-zA-Z0-9][-a-zA-Z0-9]*\.)*[a-zA-Z0-9][-a-zA-Z0-9]*$` - ServerName *string `json:"serverName,omitempty"` - // verificationPolicy determines the policy for TLS certificate verification. + ServerName string `json:"serverName,omitempty"` + // insecureSkipVerify determines the policy for TLS certificate verification. // Allowed values are "Verify" (default, secure) and "InsecureSkipVerify" (skip certificate verification, insecure). // By default, certificate verification is performed ("Verify"). // +optional @@ -811,7 +817,7 @@ type TLSConfig struct { // For example, ServiceReferences for admission registration: https://github.com/kubernetes/api/blob/release-1.17/admissionregistration/v1/types.go#L533 . // +structType=atomic type LocalObjectReference struct { - // Name of the referent. + // name of the referent. // This field is effectively required, but due to backwards compatibility is // allowed to be empty. Instances of this type with an empty value here are // almost certainly wrong. @@ -819,8 +825,9 @@ type LocalObjectReference struct { // +optional // +default="" // +kubebuilder:default="" + // +kubebuilder:validation:MaxLength=253 // TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. - Name string `json:"name,omitempty" protobuf:"bytes,1,opt,name=name"` + Name *string `json:"name,omitempty" protobuf:"bytes,1,opt,name=name"` } // SecretKeySelector selects a key of a Secret. @@ -828,11 +835,15 @@ type LocalObjectReference struct { type SecretKeySelector struct { // The name of the secret in the pod's namespace to select from. LocalObjectReference `json:",inline" protobuf:"bytes,1,opt,name=localObjectReference"` - // The key of the secret to select from. Must be a valid secret key. - Key string `json:"key" protobuf:"bytes,2,opt,name=key"` - // Specify whether the Secret or its key must be defined + // key of the secret to select from. Must be a valid secret key. + // +required + // +kubebuilder:validation:MinLength=1 + // +kubebuilder:validation:MaxLength=253 + Key string `json:"key,omitempty" protobuf:"bytes,2,opt,name=key"` + // optional specifies whether the Secret or its key must be defined // +optional - Optional *bool `json:"optional,omitempty" protobuf:"varint,3,opt,name=optional"` + // +kubebuilder:validation:Enum=true;false + Optional string `json:"optional,omitempty" protobuf:"varint,3,opt,name=optional"` } // CollectionProfile defines the metrics collection profile for Prometheus. diff --git a/config/v1alpha1/zz_generated.crd-manifests/0000_10_config-operator_01_clustermonitoring-CustomNoUpgrade.crd.yaml b/config/v1alpha1/zz_generated.crd-manifests/0000_10_config-operator_01_clustermonitoring-CustomNoUpgrade.crd.yaml index e527fec32e2..979a4692b3e 100644 --- a/config/v1alpha1/zz_generated.crd-manifests/0000_10_config-operator_01_clustermonitoring-CustomNoUpgrade.crd.yaml +++ b/config/v1alpha1/zz_generated.crd-manifests/0000_10_config-operator_01_clustermonitoring-CustomNoUpgrade.crd.yaml @@ -1338,17 +1338,22 @@ spec: This is a custom type to allow for admission time validations. properties: key: - description: The key of the secret to select from. Must + description: key of the secret to select from. Must be a valid secret key. + maxLength: 253 type: string name: - description: The name of the secret in the pod's namespace + description: name of the secret in the pod's namespace to select from. + maxLength: 253 type: string optional: - description: Specify whether the Secret or its key must - be defined - type: boolean + description: optional specifies whether the Secret or + its key must be defined + enum: + - true + - false + type: string required: - key - name @@ -1383,6 +1388,7 @@ spec: description: |- timeout defines the timeout value used when sending alerts. The value must be a valid Go time.Duration string (e.g. 30s, 5m, 1h). + maxLength: 20 minLength: 2 pattern: ^([0-9]+(\.[0-9]+)?(ns|us|µs|ms|s|m|h))+$ type: string @@ -1396,22 +1402,30 @@ spec: connections. properties: key: - description: The key of the secret to select from. Must + description: key of the secret to select from. Must be a valid secret key. + maxLength: 253 + minLength: 1 type: string name: default: "" description: |- - Name of the referent. + name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + maxLength: 253 type: string optional: - description: Specify whether the Secret or its key - must be defined - type: boolean + description: optional specifies whether the Secret + or its key must be defined + enum: + - true + - false + type: string + required: + - key type: object x-kubernetes-map-type: atomic cert: @@ -1419,28 +1433,36 @@ spec: TLS connections. properties: key: - description: The key of the secret to select from. Must + description: key of the secret to select from. Must be a valid secret key. + maxLength: 253 + minLength: 1 type: string name: default: "" description: |- - Name of the referent. + name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + maxLength: 253 type: string optional: - description: Specify whether the Secret or its key - must be defined - type: boolean + description: optional specifies whether the Secret + or its key must be defined + enum: + - true + - false + type: string + required: + - key type: object x-kubernetes-map-type: atomic insecureSkipVerify: default: Verify description: |- - verificationPolicy determines the policy for TLS certificate verification. + insecureSkipVerify determines the policy for TLS certificate verification. Allowed values are "Verify" (default, secure) and "InsecureSkipVerify" (skip certificate verification, insecure). By default, certificate verification is performed ("Verify"). enum: @@ -1451,22 +1473,30 @@ spec: description: key is the client key to use for TLS connections. properties: key: - description: The key of the secret to select from. Must + description: key of the secret to select from. Must be a valid secret key. + maxLength: 253 + minLength: 1 type: string name: default: "" description: |- - Name of the referent. + name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + maxLength: 253 type: string optional: - description: Specify whether the Secret or its key - must be defined - type: boolean + description: optional specifies whether the Secret + or its key must be defined + enum: + - true + - false + type: string + required: + - key type: object x-kubernetes-map-type: atomic serverName: @@ -1485,6 +1515,8 @@ spec: type: object maxItems: 10 type: array + x-kubernetes-list-map-keys: + - apiVersion x-kubernetes-list-type: map collectionProfile: description: |- @@ -1680,6 +1712,8 @@ spec: type: object maxItems: 10 type: array + x-kubernetes-list-map-keys: + - url x-kubernetes-list-type: map resources: description: |- diff --git a/config/v1alpha1/zz_generated.crd-manifests/0000_10_config-operator_01_clustermonitoring-DevPreviewNoUpgrade.crd.yaml b/config/v1alpha1/zz_generated.crd-manifests/0000_10_config-operator_01_clustermonitoring-DevPreviewNoUpgrade.crd.yaml index 68302fb891d..ca67f0c12bc 100644 --- a/config/v1alpha1/zz_generated.crd-manifests/0000_10_config-operator_01_clustermonitoring-DevPreviewNoUpgrade.crd.yaml +++ b/config/v1alpha1/zz_generated.crd-manifests/0000_10_config-operator_01_clustermonitoring-DevPreviewNoUpgrade.crd.yaml @@ -1338,17 +1338,22 @@ spec: This is a custom type to allow for admission time validations. properties: key: - description: The key of the secret to select from. Must + description: key of the secret to select from. Must be a valid secret key. + maxLength: 253 type: string name: - description: The name of the secret in the pod's namespace + description: name of the secret in the pod's namespace to select from. + maxLength: 253 type: string optional: - description: Specify whether the Secret or its key must - be defined - type: boolean + description: optional specifies whether the Secret or + its key must be defined + enum: + - true + - false + type: string required: - key - name @@ -1383,6 +1388,7 @@ spec: description: |- timeout defines the timeout value used when sending alerts. The value must be a valid Go time.Duration string (e.g. 30s, 5m, 1h). + maxLength: 20 minLength: 2 pattern: ^([0-9]+(\.[0-9]+)?(ns|us|µs|ms|s|m|h))+$ type: string @@ -1396,22 +1402,30 @@ spec: connections. properties: key: - description: The key of the secret to select from. Must + description: key of the secret to select from. Must be a valid secret key. + maxLength: 253 + minLength: 1 type: string name: default: "" description: |- - Name of the referent. + name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + maxLength: 253 type: string optional: - description: Specify whether the Secret or its key - must be defined - type: boolean + description: optional specifies whether the Secret + or its key must be defined + enum: + - true + - false + type: string + required: + - key type: object x-kubernetes-map-type: atomic cert: @@ -1419,28 +1433,36 @@ spec: TLS connections. properties: key: - description: The key of the secret to select from. Must + description: key of the secret to select from. Must be a valid secret key. + maxLength: 253 + minLength: 1 type: string name: default: "" description: |- - Name of the referent. + name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + maxLength: 253 type: string optional: - description: Specify whether the Secret or its key - must be defined - type: boolean + description: optional specifies whether the Secret + or its key must be defined + enum: + - true + - false + type: string + required: + - key type: object x-kubernetes-map-type: atomic insecureSkipVerify: default: Verify description: |- - verificationPolicy determines the policy for TLS certificate verification. + insecureSkipVerify determines the policy for TLS certificate verification. Allowed values are "Verify" (default, secure) and "InsecureSkipVerify" (skip certificate verification, insecure). By default, certificate verification is performed ("Verify"). enum: @@ -1451,22 +1473,30 @@ spec: description: key is the client key to use for TLS connections. properties: key: - description: The key of the secret to select from. Must + description: key of the secret to select from. Must be a valid secret key. + maxLength: 253 + minLength: 1 type: string name: default: "" description: |- - Name of the referent. + name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + maxLength: 253 type: string optional: - description: Specify whether the Secret or its key - must be defined - type: boolean + description: optional specifies whether the Secret + or its key must be defined + enum: + - true + - false + type: string + required: + - key type: object x-kubernetes-map-type: atomic serverName: @@ -1485,6 +1515,8 @@ spec: type: object maxItems: 10 type: array + x-kubernetes-list-map-keys: + - apiVersion x-kubernetes-list-type: map collectionProfile: description: |- @@ -1680,6 +1712,8 @@ spec: type: object maxItems: 10 type: array + x-kubernetes-list-map-keys: + - url x-kubernetes-list-type: map resources: description: |- diff --git a/config/v1alpha1/zz_generated.crd-manifests/0000_10_config-operator_01_clustermonitoring-TechPreviewNoUpgrade.crd.yaml b/config/v1alpha1/zz_generated.crd-manifests/0000_10_config-operator_01_clustermonitoring-TechPreviewNoUpgrade.crd.yaml index 4fdbef2a285..8ee71e0c86b 100644 --- a/config/v1alpha1/zz_generated.crd-manifests/0000_10_config-operator_01_clustermonitoring-TechPreviewNoUpgrade.crd.yaml +++ b/config/v1alpha1/zz_generated.crd-manifests/0000_10_config-operator_01_clustermonitoring-TechPreviewNoUpgrade.crd.yaml @@ -1338,17 +1338,22 @@ spec: This is a custom type to allow for admission time validations. properties: key: - description: The key of the secret to select from. Must + description: key of the secret to select from. Must be a valid secret key. + maxLength: 253 type: string name: - description: The name of the secret in the pod's namespace + description: name of the secret in the pod's namespace to select from. + maxLength: 253 type: string optional: - description: Specify whether the Secret or its key must - be defined - type: boolean + description: optional specifies whether the Secret or + its key must be defined + enum: + - true + - false + type: string required: - key - name @@ -1383,6 +1388,7 @@ spec: description: |- timeout defines the timeout value used when sending alerts. The value must be a valid Go time.Duration string (e.g. 30s, 5m, 1h). + maxLength: 20 minLength: 2 pattern: ^([0-9]+(\.[0-9]+)?(ns|us|µs|ms|s|m|h))+$ type: string @@ -1396,22 +1402,30 @@ spec: connections. properties: key: - description: The key of the secret to select from. Must + description: key of the secret to select from. Must be a valid secret key. + maxLength: 253 + minLength: 1 type: string name: default: "" description: |- - Name of the referent. + name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + maxLength: 253 type: string optional: - description: Specify whether the Secret or its key - must be defined - type: boolean + description: optional specifies whether the Secret + or its key must be defined + enum: + - true + - false + type: string + required: + - key type: object x-kubernetes-map-type: atomic cert: @@ -1419,28 +1433,36 @@ spec: TLS connections. properties: key: - description: The key of the secret to select from. Must + description: key of the secret to select from. Must be a valid secret key. + maxLength: 253 + minLength: 1 type: string name: default: "" description: |- - Name of the referent. + name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + maxLength: 253 type: string optional: - description: Specify whether the Secret or its key - must be defined - type: boolean + description: optional specifies whether the Secret + or its key must be defined + enum: + - true + - false + type: string + required: + - key type: object x-kubernetes-map-type: atomic insecureSkipVerify: default: Verify description: |- - verificationPolicy determines the policy for TLS certificate verification. + insecureSkipVerify determines the policy for TLS certificate verification. Allowed values are "Verify" (default, secure) and "InsecureSkipVerify" (skip certificate verification, insecure). By default, certificate verification is performed ("Verify"). enum: @@ -1451,22 +1473,30 @@ spec: description: key is the client key to use for TLS connections. properties: key: - description: The key of the secret to select from. Must + description: key of the secret to select from. Must be a valid secret key. + maxLength: 253 + minLength: 1 type: string name: default: "" description: |- - Name of the referent. + name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + maxLength: 253 type: string optional: - description: Specify whether the Secret or its key - must be defined - type: boolean + description: optional specifies whether the Secret + or its key must be defined + enum: + - true + - false + type: string + required: + - key type: object x-kubernetes-map-type: atomic serverName: @@ -1485,6 +1515,8 @@ spec: type: object maxItems: 10 type: array + x-kubernetes-list-map-keys: + - apiVersion x-kubernetes-list-type: map collectionProfile: description: |- @@ -1680,6 +1712,8 @@ spec: type: object maxItems: 10 type: array + x-kubernetes-list-map-keys: + - url x-kubernetes-list-type: map resources: description: |- diff --git a/config/v1alpha1/zz_generated.deepcopy.go b/config/v1alpha1/zz_generated.deepcopy.go index e69f4f651fe..ce190c6c3e0 100644 --- a/config/v1alpha1/zz_generated.deepcopy.go +++ b/config/v1alpha1/zz_generated.deepcopy.go @@ -14,26 +14,12 @@ import ( // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *AdditionalAlertmanagerConfig) DeepCopyInto(out *AdditionalAlertmanagerConfig) { *out = *in - if in.BearerToken != nil { - in, out := &in.BearerToken, &out.BearerToken - *out = new(SecretKeyReference) - (*in).DeepCopyInto(*out) - } - if in.PathPrefix != nil { - in, out := &in.PathPrefix, &out.PathPrefix - *out = new(string) - **out = **in - } + in.BearerToken.DeepCopyInto(&out.BearerToken) if in.StaticConfigs != nil { in, out := &in.StaticConfigs, &out.StaticConfigs *out = make([]string, len(*in)) copy(*out, *in) } - if in.Timeout != nil { - in, out := &in.Timeout, &out.Timeout - *out = new(string) - **out = **in - } if in.TLSConfig != nil { in, out := &in.TLSConfig, &out.TLSConfig *out = new(TLSConfig) @@ -764,6 +750,11 @@ func (in *Label) DeepCopy() *Label { // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *LocalObjectReference) DeepCopyInto(out *LocalObjectReference) { *out = *in + if in.Name != nil { + in, out := &in.Name, &out.Name + *out = new(string) + **out = **in + } return } @@ -1021,6 +1012,75 @@ func (in *PolicyRootOfTrust) DeepCopy() *PolicyRootOfTrust { return out } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *PrometheusK8sConfig) DeepCopyInto(out *PrometheusK8sConfig) { + *out = *in + if in.AdditionalAlertmanagerConfigs != nil { + in, out := &in.AdditionalAlertmanagerConfigs, &out.AdditionalAlertmanagerConfigs + *out = make([]AdditionalAlertmanagerConfig, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + in.ExternalLabels.DeepCopyInto(&out.ExternalLabels) + if in.NodeSelector != nil { + in, out := &in.NodeSelector, &out.NodeSelector + *out = make(map[string]string, len(*in)) + for key, val := range *in { + (*out)[key] = val + } + } + if in.RemoteWrite != nil { + in, out := &in.RemoteWrite, &out.RemoteWrite + *out = make([]RemoteWriteSpec, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.Resources != nil { + in, out := &in.Resources, &out.Resources + *out = make([]ContainerResource, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.RetentionSize != nil { + in, out := &in.RetentionSize, &out.RetentionSize + *out = new(string) + **out = **in + } + if in.Tolerations != nil { + in, out := &in.Tolerations, &out.Tolerations + *out = make([]v1.Toleration, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.TopologySpreadConstraints != nil { + in, out := &in.TopologySpreadConstraints, &out.TopologySpreadConstraints + *out = make([]v1.TopologySpreadConstraint, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.VolumeClaimTemplate != nil { + in, out := &in.VolumeClaimTemplate, &out.VolumeClaimTemplate + *out = new(v1.PersistentVolumeClaim) + (*in).DeepCopyInto(*out) + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PrometheusK8sConfig. +func (in *PrometheusK8sConfig) DeepCopy() *PrometheusK8sConfig { + if in == nil { + return nil + } + out := new(PrometheusK8sConfig) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *PublicKey) DeepCopyInto(out *PublicKey) { *out = *in @@ -1096,21 +1156,11 @@ func (in *RelabelConfig) DeepCopy() *RelabelConfig { // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *RemoteWriteSpec) DeepCopyInto(out *RemoteWriteSpec) { *out = *in - if in.URL != nil { - in, out := &in.URL, &out.URL - *out = new(string) - **out = **in - } if in.Name != nil { in, out := &in.Name, &out.Name *out = new(string) **out = **in } - if in.RemoteTimeout != nil { - in, out := &in.RemoteTimeout, &out.RemoteTimeout - *out = new(string) - **out = **in - } if in.WriteRelabelConfigs != nil { in, out := &in.WriteRelabelConfigs, &out.WriteRelabelConfigs *out = make([]RelabelConfig, len(*in)) @@ -1192,9 +1242,14 @@ func (in *RetentionSizeConfig) DeepCopy() *RetentionSizeConfig { // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *SecretKeyReference) DeepCopyInto(out *SecretKeyReference) { *out = *in - if in.Optional != nil { - in, out := &in.Optional, &out.Optional - *out = new(bool) + if in.Name != nil { + in, out := &in.Name, &out.Name + *out = new(string) + **out = **in + } + if in.Key != nil { + in, out := &in.Key, &out.Key + *out = new(string) **out = **in } return @@ -1213,12 +1268,7 @@ func (in *SecretKeyReference) DeepCopy() *SecretKeyReference { // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *SecretKeySelector) DeepCopyInto(out *SecretKeySelector) { *out = *in - out.LocalObjectReference = in.LocalObjectReference - if in.Optional != nil { - in, out := &in.Optional, &out.Optional - *out = new(bool) - **out = **in - } + in.LocalObjectReference.DeepCopyInto(&out.LocalObjectReference) return } @@ -1256,26 +1306,9 @@ func (in *Storage) DeepCopy() *Storage { // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *TLSConfig) DeepCopyInto(out *TLSConfig) { *out = *in - if in.CA != nil { - in, out := &in.CA, &out.CA - *out = new(SecretKeySelector) - (*in).DeepCopyInto(*out) - } - if in.Cert != nil { - in, out := &in.Cert, &out.Cert - *out = new(SecretKeySelector) - (*in).DeepCopyInto(*out) - } - if in.Key != nil { - in, out := &in.Key, &out.Key - *out = new(SecretKeySelector) - (*in).DeepCopyInto(*out) - } - if in.ServerName != nil { - in, out := &in.ServerName, &out.ServerName - *out = new(string) - **out = **in - } + in.CA.DeepCopyInto(&out.CA) + in.Cert.DeepCopyInto(&out.Cert) + in.Key.DeepCopyInto(&out.Key) return } diff --git a/config/v1alpha1/zz_generated.featuregated-crd-manifests/clustermonitoring.config.openshift.io/ClusterMonitoringConfig.yaml b/config/v1alpha1/zz_generated.featuregated-crd-manifests/clustermonitoring.config.openshift.io/ClusterMonitoringConfig.yaml index 8589a75a922..bc32455e817 100644 --- a/config/v1alpha1/zz_generated.featuregated-crd-manifests/clustermonitoring.config.openshift.io/ClusterMonitoringConfig.yaml +++ b/config/v1alpha1/zz_generated.featuregated-crd-manifests/clustermonitoring.config.openshift.io/ClusterMonitoringConfig.yaml @@ -1338,17 +1338,22 @@ spec: This is a custom type to allow for admission time validations. properties: key: - description: The key of the secret to select from. Must + description: key of the secret to select from. Must be a valid secret key. + maxLength: 253 type: string name: - description: The name of the secret in the pod's namespace + description: name of the secret in the pod's namespace to select from. + maxLength: 253 type: string optional: - description: Specify whether the Secret or its key must - be defined - type: boolean + description: optional specifies whether the Secret or + its key must be defined + enum: + - true + - false + type: string required: - key - name @@ -1383,6 +1388,7 @@ spec: description: |- timeout defines the timeout value used when sending alerts. The value must be a valid Go time.Duration string (e.g. 30s, 5m, 1h). + maxLength: 20 minLength: 2 pattern: ^([0-9]+(\.[0-9]+)?(ns|us|µs|ms|s|m|h))+$ type: string @@ -1396,22 +1402,30 @@ spec: connections. properties: key: - description: The key of the secret to select from. Must + description: key of the secret to select from. Must be a valid secret key. + maxLength: 253 + minLength: 1 type: string name: default: "" description: |- - Name of the referent. + name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + maxLength: 253 type: string optional: - description: Specify whether the Secret or its key - must be defined - type: boolean + description: optional specifies whether the Secret + or its key must be defined + enum: + - true + - false + type: string + required: + - key type: object x-kubernetes-map-type: atomic cert: @@ -1419,28 +1433,36 @@ spec: TLS connections. properties: key: - description: The key of the secret to select from. Must + description: key of the secret to select from. Must be a valid secret key. + maxLength: 253 + minLength: 1 type: string name: default: "" description: |- - Name of the referent. + name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + maxLength: 253 type: string optional: - description: Specify whether the Secret or its key - must be defined - type: boolean + description: optional specifies whether the Secret + or its key must be defined + enum: + - true + - false + type: string + required: + - key type: object x-kubernetes-map-type: atomic insecureSkipVerify: default: Verify description: |- - verificationPolicy determines the policy for TLS certificate verification. + insecureSkipVerify determines the policy for TLS certificate verification. Allowed values are "Verify" (default, secure) and "InsecureSkipVerify" (skip certificate verification, insecure). By default, certificate verification is performed ("Verify"). enum: @@ -1451,22 +1473,30 @@ spec: description: key is the client key to use for TLS connections. properties: key: - description: The key of the secret to select from. Must + description: key of the secret to select from. Must be a valid secret key. + maxLength: 253 + minLength: 1 type: string name: default: "" description: |- - Name of the referent. + name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + maxLength: 253 type: string optional: - description: Specify whether the Secret or its key - must be defined - type: boolean + description: optional specifies whether the Secret + or its key must be defined + enum: + - true + - false + type: string + required: + - key type: object x-kubernetes-map-type: atomic serverName: @@ -1485,6 +1515,8 @@ spec: type: object maxItems: 10 type: array + x-kubernetes-list-map-keys: + - apiVersion x-kubernetes-list-type: map collectionProfile: description: |- @@ -1680,6 +1712,8 @@ spec: type: object maxItems: 10 type: array + x-kubernetes-list-map-keys: + - url x-kubernetes-list-type: map resources: description: |- diff --git a/config/v1alpha1/zz_generated.swagger_doc_generated.go b/config/v1alpha1/zz_generated.swagger_doc_generated.go index 0b38a5b93fa..879c9dd79fc 100644 --- a/config/v1alpha1/zz_generated.swagger_doc_generated.go +++ b/config/v1alpha1/zz_generated.swagger_doc_generated.go @@ -240,7 +240,7 @@ func (Label) SwaggerDoc() map[string]string { var map_LocalObjectReference = map[string]string{ "": "LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace.", - "name": "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names", + "name": "name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names", } func (LocalObjectReference) SwaggerDoc() map[string]string { @@ -261,6 +261,28 @@ func (MetricsServerConfig) SwaggerDoc() map[string]string { return map_MetricsServerConfig } +var map_PrometheusK8sConfig = map[string]string{ + "": "PrometheusK8sConfig provides configuration options for the Prometheus instance Use this configuration to control Prometheus deployment, pod scheduling, resource allocation, retention policies, and external integrations.", + "additionalAlertmanagerConfigs": "additionalAlertmanagerConfigs configures additional Alertmanager instances that receive alerts from the Prometheus component. By default, no additional Alertmanager instances are configured.", + "enforcedBodySizeLimit": "enforcedBodySizeLimit enforces a body size limit for Prometheus scraped metrics. If a scraped target's body response is larger than the limit, the scrape will fail. The following values are valid: an empty value to specify no limit, a numeric value in Prometheus size format (such as \"4MB\", \"1000\", \"1GB\", \"512KB\", \"100B\") or the string `automatic`, which indicates that the limit will be automatically calculated based on cluster capacity. To specify no limit, omit this field. The value must match the following pattern: ^(automatic|[0-9]+(B|KB|MB|GB|TB)?)$ Minimum length for this list is 1 Maximum length for this list is 50.", + "externalLabels": "externalLabels defines labels to be added to any time series or alerts when communicating with external systems such as federation, remote storage, and Alertmanager. By default, no labels are added.", + "logLevel": "logLevel defines the verbosity of logs emitted by Alertmanager. This field allows users to control the amount and severity of logs generated, which can be useful for debugging issues or reducing noise in production environments. Allowed values are Error, Warn, Info, and Debug. When set to Error, only errors will be logged. When set to Warn, both warnings and errors will be logged. When set to Info, general information, warnings, and errors will all be logged. When set to Debug, detailed debugging information will be logged. When omitted, this means no opinion and the platform is left to choose a reasonable default, that is subject to change over time. The current default value is `Info`.", + "nodeSelector": "nodeSelector defines the nodes on which the Pods are scheduled nodeSelector is optional.\n\nWhen omitted, this means the user has no opinion and the platform is left to choose reasonable defaults. These defaults are subject to change over time. The current default value is `kubernetes.io/os: linux`.", + "queryLogFile": "queryLogFile specifies the file to which PromQL queries are logged. This setting can be either a filename, in which case the queries are saved to an `emptyDir` volume at `/var/log/prometheus`, or a full path to a location where an `emptyDir` volume will be mounted and the queries saved. Writing to `/dev/stderr`, `/dev/stdout` or `/dev/null` is supported, but writing to any other `/dev/` path is not supported. Relative paths are also not supported. By default, PromQL queries are not logged. The value must be a valid filename.", + "remoteWrite": "remoteWrite defines the remote write configuration, including URL, authentication, and relabeling settings. The remote-write protocol is intended to allow Prometheus instances to actively send the metrics they collect/receive to other instances. For more information, see: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#remote_write remoteWrite supports a maximum of 10 items in the list.", + "resources": "resources defines the compute resource requests and limits for the Prometheus container. This includes CPU, memory and HugePages constraints to help control scheduling and resource usage. When not specified, defaults are used by the platform. Requests cannot exceed limits. This field is optional. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ This is a simplified API that maps to Kubernetes ResourceRequirements. The current default values are:\n resources:\n - name: cpu\n request: 4m\n limit: null\n - name: memory\n request: 40Mi\n limit: null\nMaximum length for this list is 10. Minimum length for this list is 1.", + "retention": "retention defines the duration for which Prometheus retains data. This definition must be specified using the following regular expression pattern: `[0-9]+(ms|s|m|h|d|w|y)` (ms = milliseconds, s= seconds,m = minutes, h = hours, d = days, w = weeks, y = years). When omitted, this means the user has no opinion and the platform is left to choose reasonable defaults, which are subject to change over time. The default value is `15d`.", + "retentionSize": "retentionSize specifies the maximum volume of persistent storage that Prometheus uses for data blocks and the write-ahead log (WAL). Acceptable values use standard Kubernetes resource quantity formats, such as `Mi`, `Gi`, `Ti`, etc. When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time. The default is no storage size limit is enforced and Prometheus will use the available storage capacity of the PersistentVolume.", + "tolerations": "tolerations defines tolerations for the pods. tolerations is optional.\n\nWhen omitted, this means the user has no opinion and the platform is left to choose reasonable defaults. These defaults are subject to change over time. Defaults are empty/unset. Maximum length for this list is 10 Minimum length for this list is 1", + "topologySpreadConstraints": "topologySpreadConstraints defines rules for how Prometheus Pods should be distributed across topology domains such as zones, nodes, or other user-defined labels. topologySpreadConstraints is optional. This helps improve high availability and resource efficiency by avoiding placing too many replicas in the same failure domain.\n\nWhen omitted, this means no opinion and the platform is left to choose a default, which is subject to change over time. This field maps directly to the `topologySpreadConstraints` field in the Pod spec. Default is empty list. Maximum length for this list is 10. Minimum length for this list is 1 Entries must have unique topologyKey and whenUnsatisfiable pairs.", + "collectionProfile": "collectionProfile defines the metrics collection profile that Prometheus uses to collect metrics from the platform components. Supported values are `full` or `minimal`. In the `full` profile (default), Prometheus collects all metrics that are exposed by the platform components. In the `minimal` profile, Prometheus only collects metrics necessary for the default platform alerts, recording rules, telemetry and console dashboards. When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time. The default value is `full`.", + "volumeClaimTemplate": "volumeClaimTemplate Defines persistent storage for Prometheus. Use this setting to configure the persistent volume claim, including storage class, volume size, and name. If omitted, the Pod uses ephemeral storage and Prometheus data will not persist across restarts. This field is optional.", +} + +func (PrometheusK8sConfig) SwaggerDoc() map[string]string { + return map_PrometheusK8sConfig +} + var map_RelabelConfig = map[string]string{ "": "RelabelConfig represents a relabeling rule.", "sourceLabels": "sourceLabels specifies which labels to extract from each series for this relabeling rule. If a label does not exist, an empty string (\"\") is used in its place. The values of these labels are joined together using the configured separator, and the resulting string is then matched against the regular expression for the replace, keep, or drop actions.", @@ -289,9 +311,9 @@ func (RemoteWriteSpec) SwaggerDoc() map[string]string { var map_SecretKeyReference = map[string]string{ "": "SecretKeyReference represents a reference to a secret key.", - "name": "The name of the secret in the pod's namespace to select from.", - "key": "The key of the secret to select from. Must be a valid secret key.", - "optional": "Specify whether the Secret or its key must be defined", + "name": "name of the secret in the pod's namespace to select from.", + "key": "key of the secret to select from. Must be a valid secret key.", + "optional": "optional specifies whether the Secret or its key must be defined", } func (SecretKeyReference) SwaggerDoc() map[string]string { @@ -300,8 +322,8 @@ func (SecretKeyReference) SwaggerDoc() map[string]string { var map_SecretKeySelector = map[string]string{ "": "SecretKeySelector selects a key of a Secret.", - "key": "The key of the secret to select from. Must be a valid secret key.", - "optional": "Specify whether the Secret or its key must be defined", + "key": "key of the secret to select from. Must be a valid secret key.", + "optional": "optional specifies whether the Secret or its key must be defined", } func (SecretKeySelector) SwaggerDoc() map[string]string { @@ -314,7 +336,7 @@ var map_TLSConfig = map[string]string{ "cert": "cert is the client certificate to use for TLS connections.", "key": "key is the client key to use for TLS connections.", "serverName": "serverName is the server name to use for TLS connections. If specified, must be a valid DNS subdomain as per RFC 1123.", - "insecureSkipVerify": "verificationPolicy determines the policy for TLS certificate verification. Allowed values are \"Verify\" (default, secure) and \"InsecureSkipVerify\" (skip certificate verification, insecure). By default, certificate verification is performed (\"Verify\").", + "insecureSkipVerify": "insecureSkipVerify determines the policy for TLS certificate verification. Allowed values are \"Verify\" (default, secure) and \"InsecureSkipVerify\" (skip certificate verification, insecure). By default, certificate verification is performed (\"Verify\").", } func (TLSConfig) SwaggerDoc() map[string]string { diff --git a/openapi/generated_openapi/zz_generated.openapi.go b/openapi/generated_openapi/zz_generated.openapi.go index 65e01cfe9f9..2b737801a95 100644 --- a/openapi/generated_openapi/zz_generated.openapi.go +++ b/openapi/generated_openapi/zz_generated.openapi.go @@ -464,6 +464,7 @@ func GetOpenAPIDefinitions(ref common.ReferenceCallback) map[string]common.OpenA "github.com/openshift/api/config/v1alpha1.PolicyMatchExactRepository": schema_openshift_api_config_v1alpha1_PolicyMatchExactRepository(ref), "github.com/openshift/api/config/v1alpha1.PolicyMatchRemapIdentity": schema_openshift_api_config_v1alpha1_PolicyMatchRemapIdentity(ref), "github.com/openshift/api/config/v1alpha1.PolicyRootOfTrust": schema_openshift_api_config_v1alpha1_PolicyRootOfTrust(ref), + "github.com/openshift/api/config/v1alpha1.PrometheusK8sConfig": schema_openshift_api_config_v1alpha1_PrometheusK8sConfig(ref), "github.com/openshift/api/config/v1alpha1.PublicKey": schema_openshift_api_config_v1alpha1_PublicKey(ref), "github.com/openshift/api/config/v1alpha1.RelabelConfig": schema_openshift_api_config_v1alpha1_RelabelConfig(ref), "github.com/openshift/api/config/v1alpha1.RemoteWriteSpec": schema_openshift_api_config_v1alpha1_RemoteWriteSpec(ref), @@ -475,7 +476,6 @@ func GetOpenAPIDefinitions(ref common.ReferenceCallback) map[string]common.OpenA "github.com/openshift/api/config/v1alpha1.Storage": schema_openshift_api_config_v1alpha1_Storage(ref), "github.com/openshift/api/config/v1alpha1.TLSConfig": schema_openshift_api_config_v1alpha1_TLSConfig(ref), "github.com/openshift/api/config/v1alpha1.UserDefinedMonitoring": schema_openshift_api_config_v1alpha1_UserDefinedMonitoring(ref), - "github.com/openshift/api/config/v1alpha1.prometheusK8sConfig": schema_openshift_api_config_v1alpha1_prometheusK8sConfig(ref), "github.com/openshift/api/config/v1alpha2.Custom": schema_openshift_api_config_v1alpha2_Custom(ref), "github.com/openshift/api/config/v1alpha2.GatherConfig": schema_openshift_api_config_v1alpha2_GatherConfig(ref), "github.com/openshift/api/config/v1alpha2.GathererConfig": schema_openshift_api_config_v1alpha2_GathererConfig(ref), @@ -21215,6 +21215,7 @@ func schema_openshift_api_config_v1alpha1_AdditionalAlertmanagerConfig(ref commo "bearerToken": { SchemaProps: spec.SchemaProps{ Description: "bearerToken defines the secret reference containing the bearer token to use when authenticating to Alertmanager. This is a custom type to allow for admission time validations.", + Default: map[string]interface{}{}, Ref: ref("github.com/openshift/api/config/v1alpha1.SecretKeyReference"), }, }, @@ -21892,7 +21893,7 @@ func schema_openshift_api_config_v1alpha1_ClusterMonitoringSpec(ref common.Refer SchemaProps: spec.SchemaProps{ Description: "prometheusK8sConfig provides configuration options for the Prometheus instance, which is the pod running Prometheus in the cluster. By default, at least one Prometheus pod is deployed in the `openshift-monitoring` namespace to collect and store metrics for the platform.\n\nThis field allows you to customize how Prometheus is deployed and operated, including:\n - Deployment settings (such as replica count and update strategy)\n - Pod scheduling (node selectors, tolerations, affinity)\n - Resource allocation (CPU, memory, and storage requests/limits)\n - Retention policies (how long metrics are stored)\n - External integrations (remote write/read, alerting, and scraping configuration)\n\nConfiguring Prometheus is important because it enables you to tailor monitoring to your cluster's needs, such as:\n - Ensuring high availability and reliability of monitoring data\n - Managing resource usage to fit your infrastructure\n - Controlling how long metrics are retained for compliance or troubleshooting\n - Integrating with external systems for alerting or long-term storage\n - Adjusting scraping and relabeling to match your workloads and security requirements\n\nFor more information on Prometheus configuration, see:\n https://prometheus.io/docs/prometheus/latest/configuration/configuration/\n https://prometheus.io/docs/prometheus/latest/storage/\n\nThis field is optional. When omitted, the platform chooses reasonable defaults, which may change over time.", Default: map[string]interface{}{}, - Ref: ref("github.com/openshift/api/config/v1alpha1.prometheusK8sConfig"), + Ref: ref("github.com/openshift/api/config/v1alpha1.PrometheusK8sConfig"), }, }, "metricsServerConfig": { @@ -21906,7 +21907,7 @@ func schema_openshift_api_config_v1alpha1_ClusterMonitoringSpec(ref common.Refer }, }, Dependencies: []string{ - "github.com/openshift/api/config/v1alpha1.AlertmanagerConfig", "github.com/openshift/api/config/v1alpha1.MetricsServerConfig", "github.com/openshift/api/config/v1alpha1.UserDefinedMonitoring", "github.com/openshift/api/config/v1alpha1.prometheusK8sConfig"}, + "github.com/openshift/api/config/v1alpha1.AlertmanagerConfig", "github.com/openshift/api/config/v1alpha1.MetricsServerConfig", "github.com/openshift/api/config/v1alpha1.PrometheusK8sConfig", "github.com/openshift/api/config/v1alpha1.UserDefinedMonitoring"}, } } @@ -22442,7 +22443,6 @@ func schema_openshift_api_config_v1alpha1_Label(ref common.ReferenceCallback) co "key": { SchemaProps: spec.SchemaProps{ Description: "key is the name of the label.", - Default: "", Type: []string{"string"}, Format: "", }, @@ -22450,7 +22450,6 @@ func schema_openshift_api_config_v1alpha1_Label(ref common.ReferenceCallback) co "value": { SchemaProps: spec.SchemaProps{ Description: "value is the value of the label.", - Default: "", Type: []string{"string"}, Format: "", }, @@ -22471,7 +22470,7 @@ func schema_openshift_api_config_v1alpha1_LocalObjectReference(ref common.Refere Properties: map[string]spec.Schema{ "name": { SchemaProps: spec.SchemaProps{ - Description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names", + Description: "name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names", Default: "", Type: []string{"string"}, Format: "", @@ -22928,6 +22927,200 @@ func schema_openshift_api_config_v1alpha1_PolicyRootOfTrust(ref common.Reference } } +func schema_openshift_api_config_v1alpha1_PrometheusK8sConfig(ref common.ReferenceCallback) common.OpenAPIDefinition { + return common.OpenAPIDefinition{ + Schema: spec.Schema{ + SchemaProps: spec.SchemaProps{ + Description: "PrometheusK8sConfig provides configuration options for the Prometheus instance Use this configuration to control Prometheus deployment, pod scheduling, resource allocation, retention policies, and external integrations.", + Type: []string{"object"}, + Properties: map[string]spec.Schema{ + "additionalAlertmanagerConfigs": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-map-keys": []interface{}{ + "apiVersion", + }, + "x-kubernetes-list-type": "map", + }, + }, + SchemaProps: spec.SchemaProps{ + Description: "additionalAlertmanagerConfigs configures additional Alertmanager instances that receive alerts from the Prometheus component. By default, no additional Alertmanager instances are configured.", + Type: []string{"array"}, + Items: &spec.SchemaOrArray{ + Schema: &spec.Schema{ + SchemaProps: spec.SchemaProps{ + Default: map[string]interface{}{}, + Ref: ref("github.com/openshift/api/config/v1alpha1.AdditionalAlertmanagerConfig"), + }, + }, + }, + }, + }, + "enforcedBodySizeLimit": { + SchemaProps: spec.SchemaProps{ + Description: "enforcedBodySizeLimit enforces a body size limit for Prometheus scraped metrics. If a scraped target's body response is larger than the limit, the scrape will fail. The following values are valid: an empty value to specify no limit, a numeric value in Prometheus size format (such as \"4MB\", \"1000\", \"1GB\", \"512KB\", \"100B\") or the string `automatic`, which indicates that the limit will be automatically calculated based on cluster capacity. To specify no limit, omit this field. The value must match the following pattern: ^(automatic|[0-9]+(B|KB|MB|GB|TB)?)$ Minimum length for this list is 1 Maximum length for this list is 50.", + Type: []string{"string"}, + Format: "", + }, + }, + "externalLabels": { + SchemaProps: spec.SchemaProps{ + Description: "externalLabels defines labels to be added to any time series or alerts when communicating with external systems such as federation, remote storage, and Alertmanager. By default, no labels are added.", + Default: map[string]interface{}{}, + Ref: ref("github.com/openshift/api/config/v1alpha1.ExternalLabels"), + }, + }, + "logLevel": { + SchemaProps: spec.SchemaProps{ + Description: "logLevel defines the verbosity of logs emitted by Alertmanager. This field allows users to control the amount and severity of logs generated, which can be useful for debugging issues or reducing noise in production environments. Allowed values are Error, Warn, Info, and Debug. When set to Error, only errors will be logged. When set to Warn, both warnings and errors will be logged. When set to Info, general information, warnings, and errors will all be logged. When set to Debug, detailed debugging information will be logged. When omitted, this means no opinion and the platform is left to choose a reasonable default, that is subject to change over time. The current default value is `Info`.", + Type: []string{"string"}, + Format: "", + }, + }, + "nodeSelector": { + SchemaProps: spec.SchemaProps{ + Description: "nodeSelector defines the nodes on which the Pods are scheduled nodeSelector is optional.\n\nWhen omitted, this means the user has no opinion and the platform is left to choose reasonable defaults. These defaults are subject to change over time. The current default value is `kubernetes.io/os: linux`.", + Type: []string{"object"}, + AdditionalProperties: &spec.SchemaOrBool{ + Allows: true, + Schema: &spec.Schema{ + SchemaProps: spec.SchemaProps{ + Default: "", + Type: []string{"string"}, + Format: "", + }, + }, + }, + }, + }, + "queryLogFile": { + SchemaProps: spec.SchemaProps{ + Description: "queryLogFile specifies the file to which PromQL queries are logged. This setting can be either a filename, in which case the queries are saved to an `emptyDir` volume at `/var/log/prometheus`, or a full path to a location where an `emptyDir` volume will be mounted and the queries saved. Writing to `/dev/stderr`, `/dev/stdout` or `/dev/null` is supported, but writing to any other `/dev/` path is not supported. Relative paths are also not supported. By default, PromQL queries are not logged. The value must be a valid filename.", + Type: []string{"string"}, + Format: "", + }, + }, + "remoteWrite": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-map-keys": []interface{}{ + "url", + }, + "x-kubernetes-list-type": "map", + }, + }, + SchemaProps: spec.SchemaProps{ + Description: "remoteWrite defines the remote write configuration, including URL, authentication, and relabeling settings. The remote-write protocol is intended to allow Prometheus instances to actively send the metrics they collect/receive to other instances. For more information, see: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#remote_write remoteWrite supports a maximum of 10 items in the list.", + Type: []string{"array"}, + Items: &spec.SchemaOrArray{ + Schema: &spec.Schema{ + SchemaProps: spec.SchemaProps{ + Default: map[string]interface{}{}, + Ref: ref("github.com/openshift/api/config/v1alpha1.RemoteWriteSpec"), + }, + }, + }, + }, + }, + "resources": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-map-keys": []interface{}{ + "name", + }, + "x-kubernetes-list-type": "map", + }, + }, + SchemaProps: spec.SchemaProps{ + Description: "resources defines the compute resource requests and limits for the Prometheus container. This includes CPU, memory and HugePages constraints to help control scheduling and resource usage. When not specified, defaults are used by the platform. Requests cannot exceed limits. This field is optional. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ This is a simplified API that maps to Kubernetes ResourceRequirements. The current default values are:\n resources:\n - name: cpu\n request: 4m\n limit: null\n - name: memory\n request: 40Mi\n limit: null\nMaximum length for this list is 10. Minimum length for this list is 1.", + Type: []string{"array"}, + Items: &spec.SchemaOrArray{ + Schema: &spec.Schema{ + SchemaProps: spec.SchemaProps{ + Default: map[string]interface{}{}, + Ref: ref("github.com/openshift/api/config/v1alpha1.ContainerResource"), + }, + }, + }, + }, + }, + "retention": { + SchemaProps: spec.SchemaProps{ + Description: "retention defines the duration for which Prometheus retains data. This definition must be specified using the following regular expression pattern: `[0-9]+(ms|s|m|h|d|w|y)` (ms = milliseconds, s= seconds,m = minutes, h = hours, d = days, w = weeks, y = years). When omitted, this means the user has no opinion and the platform is left to choose reasonable defaults, which are subject to change over time. The default value is `15d`.", + Type: []string{"string"}, + Format: "", + }, + }, + "retentionSize": { + SchemaProps: spec.SchemaProps{ + Description: "retentionSize specifies the maximum volume of persistent storage that Prometheus uses for data blocks and the write-ahead log (WAL). Acceptable values use standard Kubernetes resource quantity formats, such as `Mi`, `Gi`, `Ti`, etc. When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time. The default is no storage size limit is enforced and Prometheus will use the available storage capacity of the PersistentVolume.", + Type: []string{"string"}, + Format: "", + }, + }, + "tolerations": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, + SchemaProps: spec.SchemaProps{ + Description: "tolerations defines tolerations for the pods. tolerations is optional.\n\nWhen omitted, this means the user has no opinion and the platform is left to choose reasonable defaults. These defaults are subject to change over time. Defaults are empty/unset. Maximum length for this list is 10 Minimum length for this list is 1", + Type: []string{"array"}, + Items: &spec.SchemaOrArray{ + Schema: &spec.Schema{ + SchemaProps: spec.SchemaProps{ + Default: map[string]interface{}{}, + Ref: ref("k8s.io/api/core/v1.Toleration"), + }, + }, + }, + }, + }, + "topologySpreadConstraints": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-map-keys": []interface{}{ + "topologyKey", + "whenUnsatisfiable", + }, + "x-kubernetes-list-type": "map", + }, + }, + SchemaProps: spec.SchemaProps{ + Description: "topologySpreadConstraints defines rules for how Prometheus Pods should be distributed across topology domains such as zones, nodes, or other user-defined labels. topologySpreadConstraints is optional. This helps improve high availability and resource efficiency by avoiding placing too many replicas in the same failure domain.\n\nWhen omitted, this means no opinion and the platform is left to choose a default, which is subject to change over time. This field maps directly to the `topologySpreadConstraints` field in the Pod spec. Default is empty list. Maximum length for this list is 10. Minimum length for this list is 1 Entries must have unique topologyKey and whenUnsatisfiable pairs.", + Type: []string{"array"}, + Items: &spec.SchemaOrArray{ + Schema: &spec.Schema{ + SchemaProps: spec.SchemaProps{ + Default: map[string]interface{}{}, + Ref: ref("k8s.io/api/core/v1.TopologySpreadConstraint"), + }, + }, + }, + }, + }, + "collectionProfile": { + SchemaProps: spec.SchemaProps{ + Description: "collectionProfile defines the metrics collection profile that Prometheus uses to collect metrics from the platform components. Supported values are `full` or `minimal`. In the `full` profile (default), Prometheus collects all metrics that are exposed by the platform components. In the `minimal` profile, Prometheus only collects metrics necessary for the default platform alerts, recording rules, telemetry and console dashboards. When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time. The default value is `full`.", + Type: []string{"string"}, + Format: "", + }, + }, + "volumeClaimTemplate": { + SchemaProps: spec.SchemaProps{ + Description: "volumeClaimTemplate Defines persistent storage for Prometheus. Use this setting to configure the persistent volume claim, including storage class, volume size, and name. If omitted, the Pod uses ephemeral storage and Prometheus data will not persist across restarts. This field is optional.", + Ref: ref("k8s.io/api/core/v1.PersistentVolumeClaim"), + }, + }, + }, + }, + }, + Dependencies: []string{ + "github.com/openshift/api/config/v1alpha1.AdditionalAlertmanagerConfig", "github.com/openshift/api/config/v1alpha1.ContainerResource", "github.com/openshift/api/config/v1alpha1.ExternalLabels", "github.com/openshift/api/config/v1alpha1.RemoteWriteSpec", "k8s.io/api/core/v1.PersistentVolumeClaim", "k8s.io/api/core/v1.Toleration", "k8s.io/api/core/v1.TopologySpreadConstraint"}, + } +} + func schema_openshift_api_config_v1alpha1_PublicKey(ref common.ReferenceCallback) common.OpenAPIDefinition { return common.OpenAPIDefinition{ Schema: spec.Schema{ @@ -23183,24 +23376,22 @@ func schema_openshift_api_config_v1alpha1_SecretKeyReference(ref common.Referenc Properties: map[string]spec.Schema{ "name": { SchemaProps: spec.SchemaProps{ - Description: "The name of the secret in the pod's namespace to select from.", - Default: "", + Description: "name of the secret in the pod's namespace to select from.", Type: []string{"string"}, Format: "", }, }, "key": { SchemaProps: spec.SchemaProps{ - Description: "The key of the secret to select from. Must be a valid secret key.", - Default: "", + Description: "key of the secret to select from. Must be a valid secret key.", Type: []string{"string"}, Format: "", }, }, "optional": { SchemaProps: spec.SchemaProps{ - Description: "Specify whether the Secret or its key must be defined", - Type: []string{"boolean"}, + Description: "optional specifies whether the Secret or its key must be defined", + Type: []string{"string"}, Format: "", }, }, @@ -23220,7 +23411,7 @@ func schema_openshift_api_config_v1alpha1_SecretKeySelector(ref common.Reference Properties: map[string]spec.Schema{ "name": { SchemaProps: spec.SchemaProps{ - Description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names", + Description: "name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names", Default: "", Type: []string{"string"}, Format: "", @@ -23228,16 +23419,15 @@ func schema_openshift_api_config_v1alpha1_SecretKeySelector(ref common.Reference }, "key": { SchemaProps: spec.SchemaProps{ - Description: "The key of the secret to select from. Must be a valid secret key.", - Default: "", + Description: "key of the secret to select from. Must be a valid secret key.", Type: []string{"string"}, Format: "", }, }, "optional": { SchemaProps: spec.SchemaProps{ - Description: "Specify whether the Secret or its key must be defined", - Type: []string{"boolean"}, + Description: "optional specifies whether the Secret or its key must be defined", + Type: []string{"string"}, Format: "", }, }, @@ -23293,18 +23483,21 @@ func schema_openshift_api_config_v1alpha1_TLSConfig(ref common.ReferenceCallback "ca": { SchemaProps: spec.SchemaProps{ Description: "ca is the CA certificate to use for TLS connections.", + Default: map[string]interface{}{}, Ref: ref("github.com/openshift/api/config/v1alpha1.SecretKeySelector"), }, }, "cert": { SchemaProps: spec.SchemaProps{ Description: "cert is the client certificate to use for TLS connections.", + Default: map[string]interface{}{}, Ref: ref("github.com/openshift/api/config/v1alpha1.SecretKeySelector"), }, }, "key": { SchemaProps: spec.SchemaProps{ Description: "key is the client key to use for TLS connections.", + Default: map[string]interface{}{}, Ref: ref("github.com/openshift/api/config/v1alpha1.SecretKeySelector"), }, }, @@ -23317,7 +23510,7 @@ func schema_openshift_api_config_v1alpha1_TLSConfig(ref common.ReferenceCallback }, "insecureSkipVerify": { SchemaProps: spec.SchemaProps{ - Description: "verificationPolicy determines the policy for TLS certificate verification. Allowed values are \"Verify\" (default, secure) and \"InsecureSkipVerify\" (skip certificate verification, insecure). By default, certificate verification is performed (\"Verify\").", + Description: "insecureSkipVerify determines the policy for TLS certificate verification. Allowed values are \"Verify\" (default, secure) and \"InsecureSkipVerify\" (skip certificate verification, insecure). By default, certificate verification is performed (\"Verify\").", Type: []string{"string"}, Format: "", }, @@ -23353,194 +23546,6 @@ func schema_openshift_api_config_v1alpha1_UserDefinedMonitoring(ref common.Refer } } -func schema_openshift_api_config_v1alpha1_prometheusK8sConfig(ref common.ReferenceCallback) common.OpenAPIDefinition { - return common.OpenAPIDefinition{ - Schema: spec.Schema{ - SchemaProps: spec.SchemaProps{ - Description: "prometheusK8sConfig provides configuration options for the Prometheus instance Use this configuration to control Prometheus deployment, pod scheduling, resource allocation, retention policies, and external integrations.", - Type: []string{"object"}, - Properties: map[string]spec.Schema{ - "additionalAlertmanagerConfigs": { - VendorExtensible: spec.VendorExtensible{ - Extensions: spec.Extensions{ - "x-kubernetes-list-type": "map", - }, - }, - SchemaProps: spec.SchemaProps{ - Description: "additionalAlertmanagerConfigs configures additional Alertmanager instances that receive alerts from the Prometheus component. By default, no additional Alertmanager instances are configured.", - Type: []string{"array"}, - Items: &spec.SchemaOrArray{ - Schema: &spec.Schema{ - SchemaProps: spec.SchemaProps{ - Default: map[string]interface{}{}, - Ref: ref("github.com/openshift/api/config/v1alpha1.AdditionalAlertmanagerConfig"), - }, - }, - }, - }, - }, - "enforcedBodySizeLimit": { - SchemaProps: spec.SchemaProps{ - Description: "enforcedBodySizeLimit enforces a body size limit for Prometheus scraped metrics. If a scraped target's body response is larger than the limit, the scrape will fail. The following values are valid: an empty value to specify no limit, a numeric value in Prometheus size format (such as \"4MB\", \"1000\", \"1GB\", \"512KB\", \"100B\") or the string `automatic`, which indicates that the limit will be automatically calculated based on cluster capacity. To specify no limit, omit this field. The value must match the following pattern: ^(automatic|[0-9]+(B|KB|MB|GB|TB)?)$ Minimum length for this list is 1 Maximum length for this list is 50.", - Type: []string{"string"}, - Format: "", - }, - }, - "externalLabels": { - SchemaProps: spec.SchemaProps{ - Description: "externalLabels defines labels to be added to any time series or alerts when communicating with external systems such as federation, remote storage, and Alertmanager. By default, no labels are added.", - Default: map[string]interface{}{}, - Ref: ref("github.com/openshift/api/config/v1alpha1.ExternalLabels"), - }, - }, - "logLevel": { - SchemaProps: spec.SchemaProps{ - Description: "logLevel defines the verbosity of logs emitted by Alertmanager. This field allows users to control the amount and severity of logs generated, which can be useful for debugging issues or reducing noise in production environments. Allowed values are Error, Warn, Info, and Debug. When set to Error, only errors will be logged. When set to Warn, both warnings and errors will be logged. When set to Info, general information, warnings, and errors will all be logged. When set to Debug, detailed debugging information will be logged. When omitted, this means no opinion and the platform is left to choose a reasonable default, that is subject to change over time. The current default value is `Info`.", - Type: []string{"string"}, - Format: "", - }, - }, - "nodeSelector": { - SchemaProps: spec.SchemaProps{ - Description: "nodeSelector defines the nodes on which the Pods are scheduled nodeSelector is optional.\n\nWhen omitted, this means the user has no opinion and the platform is left to choose reasonable defaults. These defaults are subject to change over time. The current default value is `kubernetes.io/os: linux`.", - Type: []string{"object"}, - AdditionalProperties: &spec.SchemaOrBool{ - Allows: true, - Schema: &spec.Schema{ - SchemaProps: spec.SchemaProps{ - Default: "", - Type: []string{"string"}, - Format: "", - }, - }, - }, - }, - }, - "queryLogFile": { - SchemaProps: spec.SchemaProps{ - Description: "queryLogFile specifies the file to which PromQL queries are logged. This setting can be either a filename, in which case the queries are saved to an `emptyDir` volume at `/var/log/prometheus`, or a full path to a location where an `emptyDir` volume will be mounted and the queries saved. Writing to `/dev/stderr`, `/dev/stdout` or `/dev/null` is supported, but writing to any other `/dev/` path is not supported. Relative paths are also not supported. By default, PromQL queries are not logged. The value must be a valid filename.", - Type: []string{"string"}, - Format: "", - }, - }, - "remoteWrite": { - VendorExtensible: spec.VendorExtensible{ - Extensions: spec.Extensions{ - "x-kubernetes-list-type": "map", - }, - }, - SchemaProps: spec.SchemaProps{ - Description: "remoteWrite defines the remote write configuration, including URL, authentication, and relabeling settings. The remote-write protocol is intended to allow Prometheus instances to actively send the metrics they collect/receive to other instances. For more information, see: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#remote_write remoteWrite supports a maximum of 10 items in the list.", - Type: []string{"array"}, - Items: &spec.SchemaOrArray{ - Schema: &spec.Schema{ - SchemaProps: spec.SchemaProps{ - Default: map[string]interface{}{}, - Ref: ref("github.com/openshift/api/config/v1alpha1.RemoteWriteSpec"), - }, - }, - }, - }, - }, - "resources": { - VendorExtensible: spec.VendorExtensible{ - Extensions: spec.Extensions{ - "x-kubernetes-list-map-keys": []interface{}{ - "name", - }, - "x-kubernetes-list-type": "map", - }, - }, - SchemaProps: spec.SchemaProps{ - Description: "resources defines the compute resource requests and limits for the Prometheus container. This includes CPU, memory and HugePages constraints to help control scheduling and resource usage. When not specified, defaults are used by the platform. Requests cannot exceed limits. This field is optional. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ This is a simplified API that maps to Kubernetes ResourceRequirements. The current default values are:\n resources:\n - name: cpu\n request: 4m\n limit: null\n - name: memory\n request: 40Mi\n limit: null\nMaximum length for this list is 10. Minimum length for this list is 1.", - Type: []string{"array"}, - Items: &spec.SchemaOrArray{ - Schema: &spec.Schema{ - SchemaProps: spec.SchemaProps{ - Default: map[string]interface{}{}, - Ref: ref("github.com/openshift/api/config/v1alpha1.ContainerResource"), - }, - }, - }, - }, - }, - "retention": { - SchemaProps: spec.SchemaProps{ - Description: "retention defines the duration for which Prometheus retains data. This definition must be specified using the following regular expression pattern: `[0-9]+(ms|s|m|h|d|w|y)` (ms = milliseconds, s= seconds,m = minutes, h = hours, d = days, w = weeks, y = years). When omitted, this means the user has no opinion and the platform is left to choose reasonable defaults, which are subject to change over time. The default value is `15d`.", - Type: []string{"string"}, - Format: "", - }, - }, - "retentionSize": { - SchemaProps: spec.SchemaProps{ - Description: "retentionSize specifies the maximum volume of persistent storage that Prometheus uses for data blocks and the write-ahead log (WAL). Acceptable values use standard Kubernetes resource quantity formats, such as `Mi`, `Gi`, `Ti`, etc. When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time. The default is no storage size limit is enforced and Prometheus will use the available storage capacity of the PersistentVolume.", - Type: []string{"string"}, - Format: "", - }, - }, - "tolerations": { - VendorExtensible: spec.VendorExtensible{ - Extensions: spec.Extensions{ - "x-kubernetes-list-type": "atomic", - }, - }, - SchemaProps: spec.SchemaProps{ - Description: "tolerations defines tolerations for the pods. tolerations is optional.\n\nWhen omitted, this means the user has no opinion and the platform is left to choose reasonable defaults. These defaults are subject to change over time. Defaults are empty/unset. Maximum length for this list is 10 Minimum length for this list is 1", - Type: []string{"array"}, - Items: &spec.SchemaOrArray{ - Schema: &spec.Schema{ - SchemaProps: spec.SchemaProps{ - Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.Toleration"), - }, - }, - }, - }, - }, - "topologySpreadConstraints": { - VendorExtensible: spec.VendorExtensible{ - Extensions: spec.Extensions{ - "x-kubernetes-list-map-keys": []interface{}{ - "topologyKey", - "whenUnsatisfiable", - }, - "x-kubernetes-list-type": "map", - }, - }, - SchemaProps: spec.SchemaProps{ - Description: "topologySpreadConstraints defines rules for how Prometheus Pods should be distributed across topology domains such as zones, nodes, or other user-defined labels. topologySpreadConstraints is optional. This helps improve high availability and resource efficiency by avoiding placing too many replicas in the same failure domain.\n\nWhen omitted, this means no opinion and the platform is left to choose a default, which is subject to change over time. This field maps directly to the `topologySpreadConstraints` field in the Pod spec. Default is empty list. Maximum length for this list is 10. Minimum length for this list is 1 Entries must have unique topologyKey and whenUnsatisfiable pairs.", - Type: []string{"array"}, - Items: &spec.SchemaOrArray{ - Schema: &spec.Schema{ - SchemaProps: spec.SchemaProps{ - Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.TopologySpreadConstraint"), - }, - }, - }, - }, - }, - "collectionProfile": { - SchemaProps: spec.SchemaProps{ - Description: "collectionProfile defines the metrics collection profile that Prometheus uses to collect metrics from the platform components. Supported values are `full` or `minimal`. In the `full` profile (default), Prometheus collects all metrics that are exposed by the platform components. In the `minimal` profile, Prometheus only collects metrics necessary for the default platform alerts, recording rules, telemetry and console dashboards. When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time. The default value is `full`.", - Type: []string{"string"}, - Format: "", - }, - }, - "volumeClaimTemplate": { - SchemaProps: spec.SchemaProps{ - Description: "volumeClaimTemplate Defines persistent storage for Prometheus. Use this setting to configure the persistent volume claim, including storage class, volume size, and name. If omitted, the Pod uses ephemeral storage and Prometheus data will not persist across restarts. This field is optional.", - Ref: ref("k8s.io/api/core/v1.PersistentVolumeClaim"), - }, - }, - }, - }, - }, - Dependencies: []string{ - "github.com/openshift/api/config/v1alpha1.AdditionalAlertmanagerConfig", "github.com/openshift/api/config/v1alpha1.ContainerResource", "github.com/openshift/api/config/v1alpha1.ExternalLabels", "github.com/openshift/api/config/v1alpha1.RemoteWriteSpec", "k8s.io/api/core/v1.PersistentVolumeClaim", "k8s.io/api/core/v1.Toleration", "k8s.io/api/core/v1.TopologySpreadConstraint"}, - } -} - func schema_openshift_api_config_v1alpha2_Custom(ref common.ReferenceCallback) common.OpenAPIDefinition { return common.OpenAPIDefinition{ Schema: spec.Schema{ diff --git a/openapi/openapi.json b/openapi/openapi.json index 543847489ed..efb3ee24a24 100644 --- a/openapi/openapi.json +++ b/openapi/openapi.json @@ -11544,6 +11544,7 @@ }, "bearerToken": { "description": "bearerToken defines the secret reference containing the bearer token to use when authenticating to Alertmanager. This is a custom type to allow for admission time validations.", + "default": {}, "$ref": "#/definitions/com.github.openshift.api.config.v1alpha1.SecretKeyReference" }, "pathPrefix": { @@ -11926,7 +11927,7 @@ "prometheusK8sConfig": { "description": "prometheusK8sConfig provides configuration options for the Prometheus instance, which is the pod running Prometheus in the cluster. By default, at least one Prometheus pod is deployed in the `openshift-monitoring` namespace to collect and store metrics for the platform.\n\nThis field allows you to customize how Prometheus is deployed and operated, including:\n - Deployment settings (such as replica count and update strategy)\n - Pod scheduling (node selectors, tolerations, affinity)\n - Resource allocation (CPU, memory, and storage requests/limits)\n - Retention policies (how long metrics are stored)\n - External integrations (remote write/read, alerting, and scraping configuration)\n\nConfiguring Prometheus is important because it enables you to tailor monitoring to your cluster's needs, such as:\n - Ensuring high availability and reliability of monitoring data\n - Managing resource usage to fit your infrastructure\n - Controlling how long metrics are retained for compliance or troubleshooting\n - Integrating with external systems for alerting or long-term storage\n - Adjusting scraping and relabeling to match your workloads and security requirements\n\nFor more information on Prometheus configuration, see:\n https://prometheus.io/docs/prometheus/latest/configuration/configuration/\n https://prometheus.io/docs/prometheus/latest/storage/\n\nThis field is optional. When omitted, the platform chooses reasonable defaults, which may change over time.", "default": {}, - "$ref": "#/definitions/com.github.openshift.api.config.v1alpha1.prometheusK8sConfig" + "$ref": "#/definitions/com.github.openshift.api.config.v1alpha1.PrometheusK8sConfig" }, "userDefined": { "description": "userDefined set the deployment mode for user-defined monitoring in addition to the default platform monitoring. userDefined is optional. When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time. The current default value is `Disabled`.", @@ -12243,13 +12244,11 @@ "properties": { "key": { "description": "key is the name of the label.", - "type": "string", - "default": "" + "type": "string" }, "value": { "description": "value is the value of the label.", - "type": "string", - "default": "" + "type": "string" } } }, @@ -12258,7 +12257,7 @@ "type": "object", "properties": { "name": { - "description": "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names", + "description": "name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names", "type": "string", "default": "" } @@ -12531,6 +12530,111 @@ } ] }, + "com.github.openshift.api.config.v1alpha1.PrometheusK8sConfig": { + "description": "PrometheusK8sConfig provides configuration options for the Prometheus instance Use this configuration to control Prometheus deployment, pod scheduling, resource allocation, retention policies, and external integrations.", + "type": "object", + "properties": { + "additionalAlertmanagerConfigs": { + "description": "additionalAlertmanagerConfigs configures additional Alertmanager instances that receive alerts from the Prometheus component. By default, no additional Alertmanager instances are configured.", + "type": "array", + "items": { + "default": {}, + "$ref": "#/definitions/com.github.openshift.api.config.v1alpha1.AdditionalAlertmanagerConfig" + }, + "x-kubernetes-list-map-keys": [ + "apiVersion" + ], + "x-kubernetes-list-type": "map" + }, + "collectionProfile": { + "description": "collectionProfile defines the metrics collection profile that Prometheus uses to collect metrics from the platform components. Supported values are `full` or `minimal`. In the `full` profile (default), Prometheus collects all metrics that are exposed by the platform components. In the `minimal` profile, Prometheus only collects metrics necessary for the default platform alerts, recording rules, telemetry and console dashboards. When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time. The default value is `full`.", + "type": "string" + }, + "enforcedBodySizeLimit": { + "description": "enforcedBodySizeLimit enforces a body size limit for Prometheus scraped metrics. If a scraped target's body response is larger than the limit, the scrape will fail. The following values are valid: an empty value to specify no limit, a numeric value in Prometheus size format (such as \"4MB\", \"1000\", \"1GB\", \"512KB\", \"100B\") or the string `automatic`, which indicates that the limit will be automatically calculated based on cluster capacity. To specify no limit, omit this field. The value must match the following pattern: ^(automatic|[0-9]+(B|KB|MB|GB|TB)?)$ Minimum length for this list is 1 Maximum length for this list is 50.", + "type": "string" + }, + "externalLabels": { + "description": "externalLabels defines labels to be added to any time series or alerts when communicating with external systems such as federation, remote storage, and Alertmanager. By default, no labels are added.", + "default": {}, + "$ref": "#/definitions/com.github.openshift.api.config.v1alpha1.ExternalLabels" + }, + "logLevel": { + "description": "logLevel defines the verbosity of logs emitted by Alertmanager. This field allows users to control the amount and severity of logs generated, which can be useful for debugging issues or reducing noise in production environments. Allowed values are Error, Warn, Info, and Debug. When set to Error, only errors will be logged. When set to Warn, both warnings and errors will be logged. When set to Info, general information, warnings, and errors will all be logged. When set to Debug, detailed debugging information will be logged. When omitted, this means no opinion and the platform is left to choose a reasonable default, that is subject to change over time. The current default value is `Info`.", + "type": "string" + }, + "nodeSelector": { + "description": "nodeSelector defines the nodes on which the Pods are scheduled nodeSelector is optional.\n\nWhen omitted, this means the user has no opinion and the platform is left to choose reasonable defaults. These defaults are subject to change over time. The current default value is `kubernetes.io/os: linux`.", + "type": "object", + "additionalProperties": { + "type": "string", + "default": "" + } + }, + "queryLogFile": { + "description": "queryLogFile specifies the file to which PromQL queries are logged. This setting can be either a filename, in which case the queries are saved to an `emptyDir` volume at `/var/log/prometheus`, or a full path to a location where an `emptyDir` volume will be mounted and the queries saved. Writing to `/dev/stderr`, `/dev/stdout` or `/dev/null` is supported, but writing to any other `/dev/` path is not supported. Relative paths are also not supported. By default, PromQL queries are not logged. The value must be a valid filename.", + "type": "string" + }, + "remoteWrite": { + "description": "remoteWrite defines the remote write configuration, including URL, authentication, and relabeling settings. The remote-write protocol is intended to allow Prometheus instances to actively send the metrics they collect/receive to other instances. For more information, see: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#remote_write remoteWrite supports a maximum of 10 items in the list.", + "type": "array", + "items": { + "default": {}, + "$ref": "#/definitions/com.github.openshift.api.config.v1alpha1.RemoteWriteSpec" + }, + "x-kubernetes-list-map-keys": [ + "url" + ], + "x-kubernetes-list-type": "map" + }, + "resources": { + "description": "resources defines the compute resource requests and limits for the Prometheus container. This includes CPU, memory and HugePages constraints to help control scheduling and resource usage. When not specified, defaults are used by the platform. Requests cannot exceed limits. This field is optional. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ This is a simplified API that maps to Kubernetes ResourceRequirements. The current default values are:\n resources:\n - name: cpu\n request: 4m\n limit: null\n - name: memory\n request: 40Mi\n limit: null\nMaximum length for this list is 10. Minimum length for this list is 1.", + "type": "array", + "items": { + "default": {}, + "$ref": "#/definitions/com.github.openshift.api.config.v1alpha1.ContainerResource" + }, + "x-kubernetes-list-map-keys": [ + "name" + ], + "x-kubernetes-list-type": "map" + }, + "retention": { + "description": "retention defines the duration for which Prometheus retains data. This definition must be specified using the following regular expression pattern: `[0-9]+(ms|s|m|h|d|w|y)` (ms = milliseconds, s= seconds,m = minutes, h = hours, d = days, w = weeks, y = years). When omitted, this means the user has no opinion and the platform is left to choose reasonable defaults, which are subject to change over time. The default value is `15d`.", + "type": "string" + }, + "retentionSize": { + "description": "retentionSize specifies the maximum volume of persistent storage that Prometheus uses for data blocks and the write-ahead log (WAL). Acceptable values use standard Kubernetes resource quantity formats, such as `Mi`, `Gi`, `Ti`, etc. When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time. The default is no storage size limit is enforced and Prometheus will use the available storage capacity of the PersistentVolume.", + "type": "string" + }, + "tolerations": { + "description": "tolerations defines tolerations for the pods. tolerations is optional.\n\nWhen omitted, this means the user has no opinion and the platform is left to choose reasonable defaults. These defaults are subject to change over time. Defaults are empty/unset. Maximum length for this list is 10 Minimum length for this list is 1", + "type": "array", + "items": { + "default": {}, + "$ref": "#/definitions/io.k8s.api.core.v1.Toleration" + }, + "x-kubernetes-list-type": "atomic" + }, + "topologySpreadConstraints": { + "description": "topologySpreadConstraints defines rules for how Prometheus Pods should be distributed across topology domains such as zones, nodes, or other user-defined labels. topologySpreadConstraints is optional. This helps improve high availability and resource efficiency by avoiding placing too many replicas in the same failure domain.\n\nWhen omitted, this means no opinion and the platform is left to choose a default, which is subject to change over time. This field maps directly to the `topologySpreadConstraints` field in the Pod spec. Default is empty list. Maximum length for this list is 10. Minimum length for this list is 1 Entries must have unique topologyKey and whenUnsatisfiable pairs.", + "type": "array", + "items": { + "default": {}, + "$ref": "#/definitions/io.k8s.api.core.v1.TopologySpreadConstraint" + }, + "x-kubernetes-list-map-keys": [ + "topologyKey", + "whenUnsatisfiable" + ], + "x-kubernetes-list-type": "map" + }, + "volumeClaimTemplate": { + "description": "volumeClaimTemplate Defines persistent storage for Prometheus. Use this setting to configure the persistent volume claim, including storage class, volume size, and name. If omitted, the Pod uses ephemeral storage and Prometheus data will not persist across restarts. This field is optional.", + "$ref": "#/definitions/io.k8s.api.core.v1.PersistentVolumeClaim" + } + } + }, "com.github.openshift.api.config.v1alpha1.PublicKey": { "description": "PublicKey defines the root of trust based on a sigstore public key.", "type": "object", @@ -12689,18 +12793,16 @@ ], "properties": { "key": { - "description": "The key of the secret to select from. Must be a valid secret key.", - "type": "string", - "default": "" + "description": "key of the secret to select from. Must be a valid secret key.", + "type": "string" }, "name": { - "description": "The name of the secret in the pod's namespace to select from.", - "type": "string", - "default": "" + "description": "name of the secret in the pod's namespace to select from.", + "type": "string" }, "optional": { - "description": "Specify whether the Secret or its key must be defined", - "type": "boolean" + "description": "optional specifies whether the Secret or its key must be defined", + "type": "string" } } }, @@ -12712,18 +12814,17 @@ ], "properties": { "key": { - "description": "The key of the secret to select from. Must be a valid secret key.", - "type": "string", - "default": "" + "description": "key of the secret to select from. Must be a valid secret key.", + "type": "string" }, "name": { - "description": "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names", + "description": "name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names", "type": "string", "default": "" }, "optional": { - "description": "Specify whether the Secret or its key must be defined", - "type": "boolean" + "description": "optional specifies whether the Secret or its key must be defined", + "type": "string" } }, "x-kubernetes-map-type": "atomic" @@ -12752,18 +12853,21 @@ "properties": { "ca": { "description": "ca is the CA certificate to use for TLS connections.", + "default": {}, "$ref": "#/definitions/com.github.openshift.api.config.v1alpha1.SecretKeySelector" }, "cert": { "description": "cert is the client certificate to use for TLS connections.", + "default": {}, "$ref": "#/definitions/com.github.openshift.api.config.v1alpha1.SecretKeySelector" }, "insecureSkipVerify": { - "description": "verificationPolicy determines the policy for TLS certificate verification. Allowed values are \"Verify\" (default, secure) and \"InsecureSkipVerify\" (skip certificate verification, insecure). By default, certificate verification is performed (\"Verify\").", + "description": "insecureSkipVerify determines the policy for TLS certificate verification. Allowed values are \"Verify\" (default, secure) and \"InsecureSkipVerify\" (skip certificate verification, insecure). By default, certificate verification is performed (\"Verify\").", "type": "string" }, "key": { "description": "key is the client key to use for TLS connections.", + "default": {}, "$ref": "#/definitions/com.github.openshift.api.config.v1alpha1.SecretKeySelector" }, "serverName": { @@ -12790,105 +12894,6 @@ } } }, - "com.github.openshift.api.config.v1alpha1.prometheusK8sConfig": { - "description": "prometheusK8sConfig provides configuration options for the Prometheus instance Use this configuration to control Prometheus deployment, pod scheduling, resource allocation, retention policies, and external integrations.", - "type": "object", - "properties": { - "additionalAlertmanagerConfigs": { - "description": "additionalAlertmanagerConfigs configures additional Alertmanager instances that receive alerts from the Prometheus component. By default, no additional Alertmanager instances are configured.", - "type": "array", - "items": { - "default": {}, - "$ref": "#/definitions/com.github.openshift.api.config.v1alpha1.AdditionalAlertmanagerConfig" - }, - "x-kubernetes-list-type": "map" - }, - "collectionProfile": { - "description": "collectionProfile defines the metrics collection profile that Prometheus uses to collect metrics from the platform components. Supported values are `full` or `minimal`. In the `full` profile (default), Prometheus collects all metrics that are exposed by the platform components. In the `minimal` profile, Prometheus only collects metrics necessary for the default platform alerts, recording rules, telemetry and console dashboards. When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time. The default value is `full`.", - "type": "string" - }, - "enforcedBodySizeLimit": { - "description": "enforcedBodySizeLimit enforces a body size limit for Prometheus scraped metrics. If a scraped target's body response is larger than the limit, the scrape will fail. The following values are valid: an empty value to specify no limit, a numeric value in Prometheus size format (such as \"4MB\", \"1000\", \"1GB\", \"512KB\", \"100B\") or the string `automatic`, which indicates that the limit will be automatically calculated based on cluster capacity. To specify no limit, omit this field. The value must match the following pattern: ^(automatic|[0-9]+(B|KB|MB|GB|TB)?)$ Minimum length for this list is 1 Maximum length for this list is 50.", - "type": "string" - }, - "externalLabels": { - "description": "externalLabels defines labels to be added to any time series or alerts when communicating with external systems such as federation, remote storage, and Alertmanager. By default, no labels are added.", - "default": {}, - "$ref": "#/definitions/com.github.openshift.api.config.v1alpha1.ExternalLabels" - }, - "logLevel": { - "description": "logLevel defines the verbosity of logs emitted by Alertmanager. This field allows users to control the amount and severity of logs generated, which can be useful for debugging issues or reducing noise in production environments. Allowed values are Error, Warn, Info, and Debug. When set to Error, only errors will be logged. When set to Warn, both warnings and errors will be logged. When set to Info, general information, warnings, and errors will all be logged. When set to Debug, detailed debugging information will be logged. When omitted, this means no opinion and the platform is left to choose a reasonable default, that is subject to change over time. The current default value is `Info`.", - "type": "string" - }, - "nodeSelector": { - "description": "nodeSelector defines the nodes on which the Pods are scheduled nodeSelector is optional.\n\nWhen omitted, this means the user has no opinion and the platform is left to choose reasonable defaults. These defaults are subject to change over time. The current default value is `kubernetes.io/os: linux`.", - "type": "object", - "additionalProperties": { - "type": "string", - "default": "" - } - }, - "queryLogFile": { - "description": "queryLogFile specifies the file to which PromQL queries are logged. This setting can be either a filename, in which case the queries are saved to an `emptyDir` volume at `/var/log/prometheus`, or a full path to a location where an `emptyDir` volume will be mounted and the queries saved. Writing to `/dev/stderr`, `/dev/stdout` or `/dev/null` is supported, but writing to any other `/dev/` path is not supported. Relative paths are also not supported. By default, PromQL queries are not logged. The value must be a valid filename.", - "type": "string" - }, - "remoteWrite": { - "description": "remoteWrite defines the remote write configuration, including URL, authentication, and relabeling settings. The remote-write protocol is intended to allow Prometheus instances to actively send the metrics they collect/receive to other instances. For more information, see: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#remote_write remoteWrite supports a maximum of 10 items in the list.", - "type": "array", - "items": { - "default": {}, - "$ref": "#/definitions/com.github.openshift.api.config.v1alpha1.RemoteWriteSpec" - }, - "x-kubernetes-list-type": "map" - }, - "resources": { - "description": "resources defines the compute resource requests and limits for the Prometheus container. This includes CPU, memory and HugePages constraints to help control scheduling and resource usage. When not specified, defaults are used by the platform. Requests cannot exceed limits. This field is optional. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ This is a simplified API that maps to Kubernetes ResourceRequirements. The current default values are:\n resources:\n - name: cpu\n request: 4m\n limit: null\n - name: memory\n request: 40Mi\n limit: null\nMaximum length for this list is 10. Minimum length for this list is 1.", - "type": "array", - "items": { - "default": {}, - "$ref": "#/definitions/com.github.openshift.api.config.v1alpha1.ContainerResource" - }, - "x-kubernetes-list-map-keys": [ - "name" - ], - "x-kubernetes-list-type": "map" - }, - "retention": { - "description": "retention defines the duration for which Prometheus retains data. This definition must be specified using the following regular expression pattern: `[0-9]+(ms|s|m|h|d|w|y)` (ms = milliseconds, s= seconds,m = minutes, h = hours, d = days, w = weeks, y = years). When omitted, this means the user has no opinion and the platform is left to choose reasonable defaults, which are subject to change over time. The default value is `15d`.", - "type": "string" - }, - "retentionSize": { - "description": "retentionSize specifies the maximum volume of persistent storage that Prometheus uses for data blocks and the write-ahead log (WAL). Acceptable values use standard Kubernetes resource quantity formats, such as `Mi`, `Gi`, `Ti`, etc. When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time. The default is no storage size limit is enforced and Prometheus will use the available storage capacity of the PersistentVolume.", - "type": "string" - }, - "tolerations": { - "description": "tolerations defines tolerations for the pods. tolerations is optional.\n\nWhen omitted, this means the user has no opinion and the platform is left to choose reasonable defaults. These defaults are subject to change over time. Defaults are empty/unset. Maximum length for this list is 10 Minimum length for this list is 1", - "type": "array", - "items": { - "default": {}, - "$ref": "#/definitions/io.k8s.api.core.v1.Toleration" - }, - "x-kubernetes-list-type": "atomic" - }, - "topologySpreadConstraints": { - "description": "topologySpreadConstraints defines rules for how Prometheus Pods should be distributed across topology domains such as zones, nodes, or other user-defined labels. topologySpreadConstraints is optional. This helps improve high availability and resource efficiency by avoiding placing too many replicas in the same failure domain.\n\nWhen omitted, this means no opinion and the platform is left to choose a default, which is subject to change over time. This field maps directly to the `topologySpreadConstraints` field in the Pod spec. Default is empty list. Maximum length for this list is 10. Minimum length for this list is 1 Entries must have unique topologyKey and whenUnsatisfiable pairs.", - "type": "array", - "items": { - "default": {}, - "$ref": "#/definitions/io.k8s.api.core.v1.TopologySpreadConstraint" - }, - "x-kubernetes-list-map-keys": [ - "topologyKey", - "whenUnsatisfiable" - ], - "x-kubernetes-list-type": "map" - }, - "volumeClaimTemplate": { - "description": "volumeClaimTemplate Defines persistent storage for Prometheus. Use this setting to configure the persistent volume claim, including storage class, volume size, and name. If omitted, the Pod uses ephemeral storage and Prometheus data will not persist across restarts. This field is optional.", - "$ref": "#/definitions/io.k8s.api.core.v1.PersistentVolumeClaim" - } - } - }, "com.github.openshift.api.config.v1alpha2.Custom": { "description": "custom provides the custom configuration of gatherers", "type": "object", diff --git a/payload-manifests/crds/0000_10_config-operator_01_clustermonitoring-CustomNoUpgrade.crd.yaml b/payload-manifests/crds/0000_10_config-operator_01_clustermonitoring-CustomNoUpgrade.crd.yaml index e527fec32e2..979a4692b3e 100644 --- a/payload-manifests/crds/0000_10_config-operator_01_clustermonitoring-CustomNoUpgrade.crd.yaml +++ b/payload-manifests/crds/0000_10_config-operator_01_clustermonitoring-CustomNoUpgrade.crd.yaml @@ -1338,17 +1338,22 @@ spec: This is a custom type to allow for admission time validations. properties: key: - description: The key of the secret to select from. Must + description: key of the secret to select from. Must be a valid secret key. + maxLength: 253 type: string name: - description: The name of the secret in the pod's namespace + description: name of the secret in the pod's namespace to select from. + maxLength: 253 type: string optional: - description: Specify whether the Secret or its key must - be defined - type: boolean + description: optional specifies whether the Secret or + its key must be defined + enum: + - true + - false + type: string required: - key - name @@ -1383,6 +1388,7 @@ spec: description: |- timeout defines the timeout value used when sending alerts. The value must be a valid Go time.Duration string (e.g. 30s, 5m, 1h). + maxLength: 20 minLength: 2 pattern: ^([0-9]+(\.[0-9]+)?(ns|us|µs|ms|s|m|h))+$ type: string @@ -1396,22 +1402,30 @@ spec: connections. properties: key: - description: The key of the secret to select from. Must + description: key of the secret to select from. Must be a valid secret key. + maxLength: 253 + minLength: 1 type: string name: default: "" description: |- - Name of the referent. + name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + maxLength: 253 type: string optional: - description: Specify whether the Secret or its key - must be defined - type: boolean + description: optional specifies whether the Secret + or its key must be defined + enum: + - true + - false + type: string + required: + - key type: object x-kubernetes-map-type: atomic cert: @@ -1419,28 +1433,36 @@ spec: TLS connections. properties: key: - description: The key of the secret to select from. Must + description: key of the secret to select from. Must be a valid secret key. + maxLength: 253 + minLength: 1 type: string name: default: "" description: |- - Name of the referent. + name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + maxLength: 253 type: string optional: - description: Specify whether the Secret or its key - must be defined - type: boolean + description: optional specifies whether the Secret + or its key must be defined + enum: + - true + - false + type: string + required: + - key type: object x-kubernetes-map-type: atomic insecureSkipVerify: default: Verify description: |- - verificationPolicy determines the policy for TLS certificate verification. + insecureSkipVerify determines the policy for TLS certificate verification. Allowed values are "Verify" (default, secure) and "InsecureSkipVerify" (skip certificate verification, insecure). By default, certificate verification is performed ("Verify"). enum: @@ -1451,22 +1473,30 @@ spec: description: key is the client key to use for TLS connections. properties: key: - description: The key of the secret to select from. Must + description: key of the secret to select from. Must be a valid secret key. + maxLength: 253 + minLength: 1 type: string name: default: "" description: |- - Name of the referent. + name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + maxLength: 253 type: string optional: - description: Specify whether the Secret or its key - must be defined - type: boolean + description: optional specifies whether the Secret + or its key must be defined + enum: + - true + - false + type: string + required: + - key type: object x-kubernetes-map-type: atomic serverName: @@ -1485,6 +1515,8 @@ spec: type: object maxItems: 10 type: array + x-kubernetes-list-map-keys: + - apiVersion x-kubernetes-list-type: map collectionProfile: description: |- @@ -1680,6 +1712,8 @@ spec: type: object maxItems: 10 type: array + x-kubernetes-list-map-keys: + - url x-kubernetes-list-type: map resources: description: |- diff --git a/payload-manifests/crds/0000_10_config-operator_01_clustermonitoring-DevPreviewNoUpgrade.crd.yaml b/payload-manifests/crds/0000_10_config-operator_01_clustermonitoring-DevPreviewNoUpgrade.crd.yaml index 68302fb891d..ca67f0c12bc 100644 --- a/payload-manifests/crds/0000_10_config-operator_01_clustermonitoring-DevPreviewNoUpgrade.crd.yaml +++ b/payload-manifests/crds/0000_10_config-operator_01_clustermonitoring-DevPreviewNoUpgrade.crd.yaml @@ -1338,17 +1338,22 @@ spec: This is a custom type to allow for admission time validations. properties: key: - description: The key of the secret to select from. Must + description: key of the secret to select from. Must be a valid secret key. + maxLength: 253 type: string name: - description: The name of the secret in the pod's namespace + description: name of the secret in the pod's namespace to select from. + maxLength: 253 type: string optional: - description: Specify whether the Secret or its key must - be defined - type: boolean + description: optional specifies whether the Secret or + its key must be defined + enum: + - true + - false + type: string required: - key - name @@ -1383,6 +1388,7 @@ spec: description: |- timeout defines the timeout value used when sending alerts. The value must be a valid Go time.Duration string (e.g. 30s, 5m, 1h). + maxLength: 20 minLength: 2 pattern: ^([0-9]+(\.[0-9]+)?(ns|us|µs|ms|s|m|h))+$ type: string @@ -1396,22 +1402,30 @@ spec: connections. properties: key: - description: The key of the secret to select from. Must + description: key of the secret to select from. Must be a valid secret key. + maxLength: 253 + minLength: 1 type: string name: default: "" description: |- - Name of the referent. + name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + maxLength: 253 type: string optional: - description: Specify whether the Secret or its key - must be defined - type: boolean + description: optional specifies whether the Secret + or its key must be defined + enum: + - true + - false + type: string + required: + - key type: object x-kubernetes-map-type: atomic cert: @@ -1419,28 +1433,36 @@ spec: TLS connections. properties: key: - description: The key of the secret to select from. Must + description: key of the secret to select from. Must be a valid secret key. + maxLength: 253 + minLength: 1 type: string name: default: "" description: |- - Name of the referent. + name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + maxLength: 253 type: string optional: - description: Specify whether the Secret or its key - must be defined - type: boolean + description: optional specifies whether the Secret + or its key must be defined + enum: + - true + - false + type: string + required: + - key type: object x-kubernetes-map-type: atomic insecureSkipVerify: default: Verify description: |- - verificationPolicy determines the policy for TLS certificate verification. + insecureSkipVerify determines the policy for TLS certificate verification. Allowed values are "Verify" (default, secure) and "InsecureSkipVerify" (skip certificate verification, insecure). By default, certificate verification is performed ("Verify"). enum: @@ -1451,22 +1473,30 @@ spec: description: key is the client key to use for TLS connections. properties: key: - description: The key of the secret to select from. Must + description: key of the secret to select from. Must be a valid secret key. + maxLength: 253 + minLength: 1 type: string name: default: "" description: |- - Name of the referent. + name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + maxLength: 253 type: string optional: - description: Specify whether the Secret or its key - must be defined - type: boolean + description: optional specifies whether the Secret + or its key must be defined + enum: + - true + - false + type: string + required: + - key type: object x-kubernetes-map-type: atomic serverName: @@ -1485,6 +1515,8 @@ spec: type: object maxItems: 10 type: array + x-kubernetes-list-map-keys: + - apiVersion x-kubernetes-list-type: map collectionProfile: description: |- @@ -1680,6 +1712,8 @@ spec: type: object maxItems: 10 type: array + x-kubernetes-list-map-keys: + - url x-kubernetes-list-type: map resources: description: |- diff --git a/payload-manifests/crds/0000_10_config-operator_01_clustermonitoring-TechPreviewNoUpgrade.crd.yaml b/payload-manifests/crds/0000_10_config-operator_01_clustermonitoring-TechPreviewNoUpgrade.crd.yaml index 4fdbef2a285..8ee71e0c86b 100644 --- a/payload-manifests/crds/0000_10_config-operator_01_clustermonitoring-TechPreviewNoUpgrade.crd.yaml +++ b/payload-manifests/crds/0000_10_config-operator_01_clustermonitoring-TechPreviewNoUpgrade.crd.yaml @@ -1338,17 +1338,22 @@ spec: This is a custom type to allow for admission time validations. properties: key: - description: The key of the secret to select from. Must + description: key of the secret to select from. Must be a valid secret key. + maxLength: 253 type: string name: - description: The name of the secret in the pod's namespace + description: name of the secret in the pod's namespace to select from. + maxLength: 253 type: string optional: - description: Specify whether the Secret or its key must - be defined - type: boolean + description: optional specifies whether the Secret or + its key must be defined + enum: + - true + - false + type: string required: - key - name @@ -1383,6 +1388,7 @@ spec: description: |- timeout defines the timeout value used when sending alerts. The value must be a valid Go time.Duration string (e.g. 30s, 5m, 1h). + maxLength: 20 minLength: 2 pattern: ^([0-9]+(\.[0-9]+)?(ns|us|µs|ms|s|m|h))+$ type: string @@ -1396,22 +1402,30 @@ spec: connections. properties: key: - description: The key of the secret to select from. Must + description: key of the secret to select from. Must be a valid secret key. + maxLength: 253 + minLength: 1 type: string name: default: "" description: |- - Name of the referent. + name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + maxLength: 253 type: string optional: - description: Specify whether the Secret or its key - must be defined - type: boolean + description: optional specifies whether the Secret + or its key must be defined + enum: + - true + - false + type: string + required: + - key type: object x-kubernetes-map-type: atomic cert: @@ -1419,28 +1433,36 @@ spec: TLS connections. properties: key: - description: The key of the secret to select from. Must + description: key of the secret to select from. Must be a valid secret key. + maxLength: 253 + minLength: 1 type: string name: default: "" description: |- - Name of the referent. + name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + maxLength: 253 type: string optional: - description: Specify whether the Secret or its key - must be defined - type: boolean + description: optional specifies whether the Secret + or its key must be defined + enum: + - true + - false + type: string + required: + - key type: object x-kubernetes-map-type: atomic insecureSkipVerify: default: Verify description: |- - verificationPolicy determines the policy for TLS certificate verification. + insecureSkipVerify determines the policy for TLS certificate verification. Allowed values are "Verify" (default, secure) and "InsecureSkipVerify" (skip certificate verification, insecure). By default, certificate verification is performed ("Verify"). enum: @@ -1451,22 +1473,30 @@ spec: description: key is the client key to use for TLS connections. properties: key: - description: The key of the secret to select from. Must + description: key of the secret to select from. Must be a valid secret key. + maxLength: 253 + minLength: 1 type: string name: default: "" description: |- - Name of the referent. + name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + maxLength: 253 type: string optional: - description: Specify whether the Secret or its key - must be defined - type: boolean + description: optional specifies whether the Secret + or its key must be defined + enum: + - true + - false + type: string + required: + - key type: object x-kubernetes-map-type: atomic serverName: @@ -1485,6 +1515,8 @@ spec: type: object maxItems: 10 type: array + x-kubernetes-list-map-keys: + - apiVersion x-kubernetes-list-type: map collectionProfile: description: |- @@ -1680,6 +1712,8 @@ spec: type: object maxItems: 10 type: array + x-kubernetes-list-map-keys: + - url x-kubernetes-list-type: map resources: description: |- From 505533b8d6c6ec4cded213a06779ff3ca23655cb Mon Sep 17 00:00:00 2001 From: Mario Fernandez Date: Tue, 23 Sep 2025 10:20:46 +0200 Subject: [PATCH 5/5] fix test Signed-off-by: Mario Fernandez --- .../ClusterMonitoringConfig.yaml | 16 ++++++++++------ 1 file changed, 10 insertions(+), 6 deletions(-) diff --git a/config/v1alpha1/tests/clustermonitoring.config.openshift.io/ClusterMonitoringConfig.yaml b/config/v1alpha1/tests/clustermonitoring.config.openshift.io/ClusterMonitoringConfig.yaml index b4d2d57469c..d8e1242ea41 100644 --- a/config/v1alpha1/tests/clustermonitoring.config.openshift.io/ClusterMonitoringConfig.yaml +++ b/config/v1alpha1/tests/clustermonitoring.config.openshift.io/ClusterMonitoringConfig.yaml @@ -359,7 +359,7 @@ tests: userDefined: mode: "Disabled" prometheusK8sConfig: - logLevel: "info" + logLevel: "Info" expected: | apiVersion: config.openshift.io/v1alpha1 kind: ClusterMonitoring @@ -367,7 +367,7 @@ tests: userDefined: mode: "Disabled" prometheusK8sConfig: - logLevel: "info" + logLevel: "Info" - name: Should accept PrometheusK8sConfig with valid nodeSelector initial: | apiVersion: config.openshift.io/v1alpha1 @@ -548,8 +548,10 @@ tests: prometheusK8sConfig: externalLabels: labels: - cluster: "production" - environment: "prod" + - key: "cluster" + value: "production" + - key: "environment" + value: "prod" expected: | apiVersion: config.openshift.io/v1alpha1 kind: ClusterMonitoring @@ -559,8 +561,10 @@ tests: prometheusK8sConfig: externalLabels: labels: - cluster: "production" - environment: "prod" + - key: "cluster" + value: "production" + - key: "environment" + value: "prod" - name: Should reject PrometheusK8sConfig with empty object initial: | apiVersion: config.openshift.io/v1alpha1