mirrors/prometheus-operator
mirrors/prometheus-operator
1
0
Fork 0
mirror of https://github.com/prometheus-operator/prometheus-operator.git synced 2025-04-15 16:56:24 +00:00
Code Activity

Add ability for custom DNSConfig and DNSPolicy (#3899)

Browse source 
---------

Signed-off-by: Stavros Foteinopoulos <stafot@gmail.com>
Co-authored-by: Simon Pasquier <spasquie@redhat.com>
This commit is contained in:
Stavros Foteinopoulos 2024-10-08 18:00:40 +03:00 committed by GitHub
parent 8068e59f95
commit d723855170
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
39 changed files with 2047 additions and 19 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

359
Documentation/api.md generated
View file

@ -470,6 +470,34 @@ This defaults to the default PodSecurityContext.</p>
</tr>
<tr>
<td>
<code>dnsPolicy</code><br/>
<em>
<a href="#monitoring.coreos.com/v1.DNSPolicy">
DNSPolicy
</a>
</em>
</td>
<td>
<em>(Optional)</em>
<p>Defines the DNS policy for the pods.</p>
</td>
</tr>
<tr>
<td>
<code>dnsConfig</code><br/>
<em>
<a href="#monitoring.coreos.com/v1.PodDNSConfig">
PodDNSConfig
</a>
</em>
</td>
<td>
<em>(Optional)</em>
<p>Defines the DNS configuration for the pods.</p>
</td>
</tr>
<tr>
<td>
<code>serviceAccountName</code><br/>
<em>
string
@ -2165,6 +2193,34 @@ This defaults to the default PodSecurityContext.</p>
</tr>
<tr>
<td>
<code>dnsPolicy</code><br/>
<em>
<a href="#monitoring.coreos.com/v1.DNSPolicy">
DNSPolicy
</a>
</em>
</td>
<td>
<em>(Optional)</em>
<p>Defines the DNS policy for the pods.</p>
</td>
</tr>
<tr>
<td>
<code>dnsConfig</code><br/>
<em>
<a href="#monitoring.coreos.com/v1.PodDNSConfig">
PodDNSConfig
</a>
</em>
</td>
<td>
<em>(Optional)</em>
<p>Defines the DNS configuration for the pods.</p>
</td>
</tr>
<tr>
<td>
<code>listenLocal</code><br/>
<em>
bool
@ -3797,6 +3853,34 @@ This defaults to the default PodSecurityContext.</p>
</tr>
<tr>
<td>
<code>dnsPolicy</code><br/>
<em>
<a href="#monitoring.coreos.com/v1.DNSPolicy">
DNSPolicy
</a>
</em>
</td>
<td>
<em>(Optional)</em>
<p>Defines the DNS policy for the pods.</p>
</td>
</tr>
<tr>
<td>
<code>dnsConfig</code><br/>
<em>
<a href="#monitoring.coreos.com/v1.PodDNSConfig">
PodDNSConfig
</a>
</em>
</td>
<td>
<em>(Optional)</em>
<p>Defines the DNS configuration for the pods.</p>
</td>
</tr>
<tr>
<td>
<code>priorityClassName</code><br/>
<em>
string
@ -5335,6 +5419,34 @@ This defaults to the default PodSecurityContext.</p>
</tr>
<tr>
<td>
<code>dnsPolicy</code><br/>
<em>
<a href="#monitoring.coreos.com/v1.DNSPolicy">
DNSPolicy
</a>
</em>
</td>
<td>
<em>(Optional)</em>
<p>Defines the DNS policy for the pods.</p>
</td>
</tr>
<tr>
<td>
<code>dnsConfig</code><br/>
<em>
<a href="#monitoring.coreos.com/v1.PodDNSConfig">
PodDNSConfig
</a>
</em>
</td>
<td>
<em>(Optional)</em>
<p>Defines the DNS configuration for the pods.</p>
</td>
</tr>
<tr>
<td>
<code>serviceAccountName</code><br/>
<em>
string
@ -6930,6 +7042,34 @@ This defaults to the default PodSecurityContext.</p>
</tr>
<tr>
<td>
<code>dnsPolicy</code><br/>
<em>
<a href="#monitoring.coreos.com/v1.DNSPolicy">
DNSPolicy
</a>
</em>
</td>
<td>
<em>(Optional)</em>
<p>Defines the DNS policy for the pods.</p>
</td>
</tr>
<tr>
<td>
<code>dnsConfig</code><br/>
<em>
<a href="#monitoring.coreos.com/v1.PodDNSConfig">
PodDNSConfig
</a>
</em>
</td>
<td>
<em>(Optional)</em>
<p>Defines the DNS configuration for the pods.</p>
</td>
</tr>
<tr>
<td>
<code>listenLocal</code><br/>
<em>
bool
@ -7958,6 +8098,14 @@ be ignored. A null or empty list means only match against labelSelector.</p>
</tr>
</tbody>
</table>
<h3 id="monitoring.coreos.com/v1.DNSPolicy">DNSPolicy
(<code>string</code> alias)</h3>
<p>
(<em>Appears on:</em><a href="#monitoring.coreos.com/v1.AlertmanagerSpec">AlertmanagerSpec</a>, <a href="#monitoring.coreos.com/v1.CommonPrometheusFields">CommonPrometheusFields</a>, <a href="#monitoring.coreos.com/v1.ThanosRulerSpec">ThanosRulerSpec</a>)
</p>
<div>
<p>DNSPolicy specifies the DNS policy for the pod.</p>
</div>
<h3 id="monitoring.coreos.com/v1.Duration">Duration
(<code>string</code> alias)</h3>
<p>
@ -9417,6 +9565,105 @@ string
</tr>
</tbody>
</table>
<h3 id="monitoring.coreos.com/v1.PodDNSConfig">PodDNSConfig
</h3>
<p>
(<em>Appears on:</em><a href="#monitoring.coreos.com/v1.AlertmanagerSpec">AlertmanagerSpec</a>, <a href="#monitoring.coreos.com/v1.CommonPrometheusFields">CommonPrometheusFields</a>, <a href="#monitoring.coreos.com/v1.ThanosRulerSpec">ThanosRulerSpec</a>)
</p>
<div>
<p>PodDNSConfig defines the DNS parameters of a pod in addition to
those generated from DNSPolicy.</p>
</div>
<table>
<thead>
<tr>
<th>Field</th>
<th>Description</th>
</tr>
</thead>
<tbody>
<tr>
<td>
<code>nameservers</code><br/>
<em>
[]string
</em>
</td>
<td>
<p>A list of DNS name server IP addresses.
This will be appended to the base nameservers generated from DNSPolicy.</p>
</td>
</tr>
<tr>
<td>
<code>searches</code><br/>
<em>
[]string
</em>
</td>
<td>
<p>A list of DNS search domains for host-name lookup.
This will be appended to the base search paths generated from DNSPolicy.</p>
</td>
</tr>
<tr>
<td>
<code>options</code><br/>
<em>
<a href="#monitoring.coreos.com/v1.PodDNSConfigOption">
[]PodDNSConfigOption
</a>
</em>
</td>
<td>
<p>A list of DNS resolver options.
This will be merged with the base options generated from DNSPolicy.
Resolution options given in Options
will override those that appear in the base DNSPolicy.</p>
</td>
</tr>
</tbody>
</table>
<h3 id="monitoring.coreos.com/v1.PodDNSConfigOption">PodDNSConfigOption
</h3>
<p>
(<em>Appears on:</em><a href="#monitoring.coreos.com/v1.PodDNSConfig">PodDNSConfig</a>)
</p>
<div>
<p>PodDNSConfigOption defines DNS resolver options of a pod.</p>
</div>
<table>
<thead>
<tr>
<th>Field</th>
<th>Description</th>
</tr>
</thead>
<tbody>
<tr>
<td>
<code>name</code><br/>
<em>
string
</em>
</td>
<td>
<p>Name is required and must be unique.</p>
</td>
</tr>
<tr>
<td>
<code>value</code><br/>
<em>
string
</em>
</td>
<td>
<p>Value is optional.</p>
</td>
</tr>
</tbody>
</table>
<h3 id="monitoring.coreos.com/v1.PodMetricsEndpoint">PodMetricsEndpoint
</h3>
<p>
@ -11296,6 +11543,34 @@ This defaults to the default PodSecurityContext.</p>
</tr>
<tr>
<td>
<code>dnsPolicy</code><br/>
<em>
<a href="#monitoring.coreos.com/v1.DNSPolicy">
DNSPolicy
</a>
</em>
</td>
<td>
<em>(Optional)</em>
<p>Defines the DNS policy for the pods.</p>
</td>
</tr>
<tr>
<td>
<code>dnsConfig</code><br/>
<em>
<a href="#monitoring.coreos.com/v1.PodDNSConfig">
PodDNSConfig
</a>
</em>
</td>
<td>
<em>(Optional)</em>
<p>Defines the DNS configuration for the pods.</p>
</td>
</tr>
<tr>
<td>
<code>listenLocal</code><br/>
<em>
bool
@ -15155,6 +15430,34 @@ This defaults to the default PodSecurityContext.</p>
</tr>
<tr>
<td>
<code>dnsPolicy</code><br/>
<em>
<a href="#monitoring.coreos.com/v1.DNSPolicy">
DNSPolicy
</a>
</em>
</td>
<td>
<em>(Optional)</em>
<p>Defines the DNS policy for the pods.</p>
</td>
</tr>
<tr>
<td>
<code>dnsConfig</code><br/>
<em>
<a href="#monitoring.coreos.com/v1.PodDNSConfig">
PodDNSConfig
</a>
</em>
</td>
<td>
<em>(Optional)</em>
<p>Defines the DNS configuration for the pods.</p>
</td>
</tr>
<tr>
<td>
<code>priorityClassName</code><br/>
<em>
string
@ -17624,6 +17927,34 @@ This defaults to the default PodSecurityContext.</p>
</tr>
<tr>
<td>
<code>dnsPolicy</code><br/>
<em>
<a href="#monitoring.coreos.com/v1.DNSPolicy">
DNSPolicy
</a>
</em>
</td>
<td>
<em>(Optional)</em>
<p>Defines the DNS policy for the pods.</p>
</td>
</tr>
<tr>
<td>
<code>dnsConfig</code><br/>
<em>
<a href="#monitoring.coreos.com/v1.PodDNSConfig">
PodDNSConfig
</a>
</em>
</td>
<td>
<em>(Optional)</em>
<p>Defines the DNS configuration for the pods.</p>
</td>
</tr>
<tr>
<td>
<code>listenLocal</code><br/>
<em>
bool
@ -25349,6 +25680,34 @@ This defaults to the default PodSecurityContext.</p>
</tr>
<tr>
<td>
<code>dnsPolicy</code><br/>
<em>
<a href="#monitoring.coreos.com/v1.DNSPolicy">
DNSPolicy
</a>
</em>
</td>
<td>
<em>(Optional)</em>
<p>Defines the DNS policy for the pods.</p>
</td>
</tr>
<tr>
<td>
<code>dnsConfig</code><br/>
<em>
<a href="#monitoring.coreos.com/v1.PodDNSConfig">
PodDNSConfig
</a>
</em>
</td>
<td>
<em>(Optional)</em>
<p>Defines the DNS configuration for the pods.</p>
</td>
</tr>
<tr>
<td>
<code>listenLocal</code><br/>
<em>
bool

216
bundle.yaml generated
View file

@ -13494,6 +13494,60 @@ spec:
- name
type: object
type: array
dnsConfig:
description: Defines the DNS configuration for the pods.
properties:
nameservers:
description: |-
A list of DNS name server IP addresses.
This will be appended to the base nameservers generated from DNSPolicy.
items:
minLength: 1
type: string
type: array
x-kubernetes-list-type: set
options:
description: |-
A list of DNS resolver options.
This will be merged with the base options generated from DNSPolicy.
Resolution options given in Options
will override those that appear in the base DNSPolicy.
items:
description: PodDNSConfigOption defines DNS resolver options
of a pod.
properties:
name:
description: Name is required and must be unique.
minLength: 1
type: string
value:
description: Value is optional.
type: string
required:
- name
type: object
type: array
x-kubernetes-list-map-keys:
- name
x-kubernetes-list-type: map
searches:
description: |-
A list of DNS search domains for host-name lookup.
This will be appended to the base search paths generated from DNSPolicy.
items:
minLength: 1
type: string
type: array
x-kubernetes-list-type: set
type: object
dnsPolicy:
description: Defines the DNS policy for the pods.
enum:
- ClusterFirstWithHostNet
- ClusterFirst
- Default
- None
type: string
enableFeatures:
description: |-
Enable access to Alertmanager feature flags. By default, no features are enabled.
@ -23675,6 +23729,60 @@ spec:
- name
type: object
type: array
dnsConfig:
description: Defines the DNS configuration for the pods.
properties:
nameservers:
description: |-
A list of DNS name server IP addresses.
This will be appended to the base nameservers generated from DNSPolicy.
items:
minLength: 1
type: string
type: array
x-kubernetes-list-type: set
options:
description: |-
A list of DNS resolver options.
This will be merged with the base options generated from DNSPolicy.
Resolution options given in Options
will override those that appear in the base DNSPolicy.
items:
description: PodDNSConfigOption defines DNS resolver options
of a pod.
properties:
name:
description: Name is required and must be unique.
minLength: 1
type: string
value:
description: Value is optional.
type: string
required:
- name
type: object
type: array
x-kubernetes-list-map-keys:
- name
x-kubernetes-list-type: map
searches:
description: |-
A list of DNS search domains for host-name lookup.
This will be appended to the base search paths generated from DNSPolicy.
items:
minLength: 1
type: string
type: array
x-kubernetes-list-type: set
type: object
dnsPolicy:
description: Defines the DNS policy for the pods.
enum:
- ClusterFirstWithHostNet
- ClusterFirst
- Default
- None
type: string
enableFeatures:
description: |-
Enable access to Prometheus feature flags. By default, no features are enabled.
@ -34874,6 +34982,60 @@ spec:
disableCompaction:
description: When true, the Prometheus compaction is disabled.
type: boolean
dnsConfig:
description: Defines the DNS configuration for the pods.
properties:
nameservers:
description: |-
A list of DNS name server IP addresses.
This will be appended to the base nameservers generated from DNSPolicy.
items:
minLength: 1
type: string
type: array
x-kubernetes-list-type: set
options:
description: |-
A list of DNS resolver options.
This will be merged with the base options generated from DNSPolicy.
Resolution options given in Options
will override those that appear in the base DNSPolicy.
items:
description: PodDNSConfigOption defines DNS resolver options
of a pod.
properties:
name:
description: Name is required and must be unique.
minLength: 1
type: string
value:
description: Value is optional.
type: string
required:
- name
type: object
type: array
x-kubernetes-list-map-keys:
- name
x-kubernetes-list-type: map
searches:
description: |-
A list of DNS search domains for host-name lookup.
This will be appended to the base search paths generated from DNSPolicy.
items:
minLength: 1
type: string
type: array
x-kubernetes-list-type: set
type: object
dnsPolicy:
description: Defines the DNS policy for the pods.
enum:
- ClusterFirstWithHostNet
- ClusterFirst
- Default
- None
type: string
enableAdminAPI:
description: |-
Enables access to the Prometheus web admin API.
@ -59333,6 +59495,60 @@ spec:
- name
type: object
type: array
dnsConfig:
description: Defines the DNS configuration for the pods.
properties:
nameservers:
description: |-
A list of DNS name server IP addresses.
This will be appended to the base nameservers generated from DNSPolicy.
items:
minLength: 1
type: string
type: array
x-kubernetes-list-type: set
options:
description: |-
A list of DNS resolver options.
This will be merged with the base options generated from DNSPolicy.
Resolution options given in Options
will override those that appear in the base DNSPolicy.
items:
description: PodDNSConfigOption defines DNS resolver options
of a pod.
properties:
name:
description: Name is required and must be unique.
minLength: 1
type: string
value:
description: Value is optional.
type: string
required:
- name
type: object
type: array
x-kubernetes-list-map-keys:
- name
x-kubernetes-list-type: map
searches:
description: |-
A list of DNS search domains for host-name lookup.
This will be appended to the base search paths generated from DNSPolicy.
items:
minLength: 1
type: string
type: array
x-kubernetes-list-type: set
type: object
dnsPolicy:
description: Defines the DNS policy for the pods.
enum:
- ClusterFirstWithHostNet
- ClusterFirst
- Default
- None
type: string
enforcedNamespaceLabel:
description: |-
EnforcedNamespaceLabel enforces adding a namespace label of origin for each alert

54
example/prometheus-operator-crd-full/monitoring.coreos.com_alertmanagers.yaml generated
View file

@ -3533,6 +3533,60 @@ spec:
- name
type: object
type: array
dnsConfig:
description: Defines the DNS configuration for the pods.
properties:
nameservers:
description: |-
A list of DNS name server IP addresses.
This will be appended to the base nameservers generated from DNSPolicy.
items:
minLength: 1
type: string
type: array
x-kubernetes-list-type: set
options:
description: |-
A list of DNS resolver options.
This will be merged with the base options generated from DNSPolicy.
Resolution options given in Options
will override those that appear in the base DNSPolicy.
items:
description: PodDNSConfigOption defines DNS resolver options
of a pod.
properties:
name:
description: Name is required and must be unique.
minLength: 1
type: string
value:
description: Value is optional.
type: string
required:
- name
type: object
type: array
x-kubernetes-list-map-keys:
- name
x-kubernetes-list-type: map
searches:
description: |-
A list of DNS search domains for host-name lookup.
This will be appended to the base search paths generated from DNSPolicy.
items:
minLength: 1
type: string
type: array
x-kubernetes-list-type: set
type: object
dnsPolicy:
description: Defines the DNS policy for the pods.
enum:
- ClusterFirstWithHostNet
- ClusterFirst
- Default
- None
type: string
enableFeatures:
description: |-
Enable access to Alertmanager feature flags. By default, no features are enabled.

54
example/prometheus-operator-crd-full/monitoring.coreos.com_prometheusagents.yaml generated
View file

@ -2842,6 +2842,60 @@ spec:
- name
type: object
type: array
dnsConfig:
description: Defines the DNS configuration for the pods.
properties:
nameservers:
description: |-
A list of DNS name server IP addresses.
This will be appended to the base nameservers generated from DNSPolicy.
items:
minLength: 1
type: string
type: array
x-kubernetes-list-type: set
options:
description: |-
A list of DNS resolver options.
This will be merged with the base options generated from DNSPolicy.
Resolution options given in Options
will override those that appear in the base DNSPolicy.
items:
description: PodDNSConfigOption defines DNS resolver options
of a pod.
properties:
name:
description: Name is required and must be unique.
minLength: 1
type: string
value:
description: Value is optional.
type: string
required:
- name
type: object
type: array
x-kubernetes-list-map-keys:
- name
x-kubernetes-list-type: map
searches:
description: |-
A list of DNS search domains for host-name lookup.
This will be appended to the base search paths generated from DNSPolicy.
items:
minLength: 1
type: string
type: array
x-kubernetes-list-type: set
type: object
dnsPolicy:
description: Defines the DNS policy for the pods.
enum:
- ClusterFirstWithHostNet
- ClusterFirst
- Default
- None
type: string
enableFeatures:
description: |-
Enable access to Prometheus feature flags. By default, no features are enabled.

54
example/prometheus-operator-crd-full/monitoring.coreos.com_prometheuses.yaml generated
View file

@ -3524,6 +3524,60 @@ spec:
disableCompaction:
description: When true, the Prometheus compaction is disabled.
type: boolean
dnsConfig:
description: Defines the DNS configuration for the pods.
properties:
nameservers:
description: |-
A list of DNS name server IP addresses.
This will be appended to the base nameservers generated from DNSPolicy.
items:
minLength: 1
type: string
type: array
x-kubernetes-list-type: set
options:
description: |-
A list of DNS resolver options.
This will be merged with the base options generated from DNSPolicy.
Resolution options given in Options
will override those that appear in the base DNSPolicy.
items:
description: PodDNSConfigOption defines DNS resolver options
of a pod.
properties:
name:
description: Name is required and must be unique.
minLength: 1
type: string
value:
description: Value is optional.
type: string
required:
- name
type: object
type: array
x-kubernetes-list-map-keys:
- name
x-kubernetes-list-type: map
searches:
description: |-
A list of DNS search domains for host-name lookup.
This will be appended to the base search paths generated from DNSPolicy.
items:
minLength: 1
type: string
type: array
x-kubernetes-list-type: set
type: object
dnsPolicy:
description: Defines the DNS policy for the pods.
enum:
- ClusterFirstWithHostNet
- ClusterFirst
- Default
- None
type: string
enableAdminAPI:
description: |-
Enables access to the Prometheus web admin API.

54
example/prometheus-operator-crd-full/monitoring.coreos.com_thanosrulers.yaml generated
View file

@ -2527,6 +2527,60 @@ spec:
- name
type: object
type: array
dnsConfig:
description: Defines the DNS configuration for the pods.
properties:
nameservers:
description: |-
A list of DNS name server IP addresses.
This will be appended to the base nameservers generated from DNSPolicy.
items:
minLength: 1
type: string
type: array
x-kubernetes-list-type: set
options:
description: |-
A list of DNS resolver options.
This will be merged with the base options generated from DNSPolicy.
Resolution options given in Options
will override those that appear in the base DNSPolicy.
items:
description: PodDNSConfigOption defines DNS resolver options
of a pod.
properties:
name:
description: Name is required and must be unique.
minLength: 1
type: string
value:
description: Value is optional.
type: string
required:
- name
type: object
type: array
x-kubernetes-list-map-keys:
- name
x-kubernetes-list-type: map
searches:
description: |-
A list of DNS search domains for host-name lookup.
This will be appended to the base search paths generated from DNSPolicy.
items:
minLength: 1
type: string
type: array
x-kubernetes-list-type: set
type: object
dnsPolicy:
description: Defines the DNS policy for the pods.
enum:
- ClusterFirstWithHostNet
- ClusterFirst
- Default
- None
type: string
enforcedNamespaceLabel:
description: |-
EnforcedNamespaceLabel enforces adding a namespace label of origin for each alert

54
example/prometheus-operator-crd/monitoring.coreos.com_alertmanagers.yaml generated
View file

@ -3534,6 +3534,60 @@ spec:
- name
type: object
type: array
dnsConfig:
description: Defines the DNS configuration for the pods.
properties:
nameservers:
description: |-
A list of DNS name server IP addresses.
This will be appended to the base nameservers generated from DNSPolicy.
items:
minLength: 1
type: string
type: array
x-kubernetes-list-type: set
options:
description: |-
A list of DNS resolver options.
This will be merged with the base options generated from DNSPolicy.
Resolution options given in Options
will override those that appear in the base DNSPolicy.
items:
description: PodDNSConfigOption defines DNS resolver options
of a pod.
properties:
name:
description: Name is required and must be unique.
minLength: 1
type: string
value:
description: Value is optional.
type: string
required:
- name
type: object
type: array
x-kubernetes-list-map-keys:
- name
x-kubernetes-list-type: map
searches:
description: |-
A list of DNS search domains for host-name lookup.
This will be appended to the base search paths generated from DNSPolicy.
items:
minLength: 1
type: string
type: array
x-kubernetes-list-type: set
type: object
dnsPolicy:
description: Defines the DNS policy for the pods.
enum:
- ClusterFirstWithHostNet
- ClusterFirst
- Default
- None
type: string
enableFeatures:
description: |-
Enable access to Alertmanager feature flags. By default, no features are enabled.

54
example/prometheus-operator-crd/monitoring.coreos.com_prometheusagents.yaml generated
View file

@ -2843,6 +2843,60 @@ spec:
- name
type: object
type: array
dnsConfig:
description: Defines the DNS configuration for the pods.
properties:
nameservers:
description: |-
A list of DNS name server IP addresses.
This will be appended to the base nameservers generated from DNSPolicy.
items:
minLength: 1
type: string
type: array
x-kubernetes-list-type: set
options:
description: |-
A list of DNS resolver options.
This will be merged with the base options generated from DNSPolicy.
Resolution options given in Options
will override those that appear in the base DNSPolicy.
items:
description: PodDNSConfigOption defines DNS resolver options
of a pod.
properties:
name:
description: Name is required and must be unique.
minLength: 1
type: string
value:
description: Value is optional.
type: string
required:
- name
type: object
type: array
x-kubernetes-list-map-keys:
- name
x-kubernetes-list-type: map
searches:
description: |-
A list of DNS search domains for host-name lookup.
This will be appended to the base search paths generated from DNSPolicy.
items:
minLength: 1
type: string
type: array
x-kubernetes-list-type: set
type: object
dnsPolicy:
description: Defines the DNS policy for the pods.
enum:
- ClusterFirstWithHostNet
- ClusterFirst
- Default
- None
type: string
enableFeatures:
description: |-
Enable access to Prometheus feature flags. By default, no features are enabled.

54
example/prometheus-operator-crd/monitoring.coreos.com_prometheuses.yaml generated
View file

@ -3525,6 +3525,60 @@ spec:
disableCompaction:
description: When true, the Prometheus compaction is disabled.
type: boolean
dnsConfig:
description: Defines the DNS configuration for the pods.
properties:
nameservers:
description: |-
A list of DNS name server IP addresses.
This will be appended to the base nameservers generated from DNSPolicy.
items:
minLength: 1
type: string
type: array
x-kubernetes-list-type: set
options:
description: |-
A list of DNS resolver options.
This will be merged with the base options generated from DNSPolicy.
Resolution options given in Options
will override those that appear in the base DNSPolicy.
items:
description: PodDNSConfigOption defines DNS resolver options
of a pod.
properties:
name:
description: Name is required and must be unique.
minLength: 1
type: string
value:
description: Value is optional.
type: string
required:
- name
type: object
type: array
x-kubernetes-list-map-keys:
- name
x-kubernetes-list-type: map
searches:
description: |-
A list of DNS search domains for host-name lookup.
This will be appended to the base search paths generated from DNSPolicy.
items:
minLength: 1
type: string
type: array
x-kubernetes-list-type: set
type: object
dnsPolicy:
description: Defines the DNS policy for the pods.
enum:
- ClusterFirstWithHostNet
- ClusterFirst
- Default
- None
type: string
enableAdminAPI:
description: |-
Enables access to the Prometheus web admin API.

54
example/prometheus-operator-crd/monitoring.coreos.com_thanosrulers.yaml generated
View file

@ -2528,6 +2528,60 @@ spec:
- name
type: object
type: array
dnsConfig:
description: Defines the DNS configuration for the pods.
properties:
nameservers:
description: |-
A list of DNS name server IP addresses.
This will be appended to the base nameservers generated from DNSPolicy.
items:
minLength: 1
type: string
type: array
x-kubernetes-list-type: set
options:
description: |-
A list of DNS resolver options.
This will be merged with the base options generated from DNSPolicy.
Resolution options given in Options
will override those that appear in the base DNSPolicy.
items:
description: PodDNSConfigOption defines DNS resolver options
of a pod.
properties:
name:
description: Name is required and must be unique.
minLength: 1
type: string
value:
description: Value is optional.
type: string
required:
- name
type: object
type: array
x-kubernetes-list-map-keys:
- name
x-kubernetes-list-type: map
searches:
description: |-
A list of DNS search domains for host-name lookup.
This will be appended to the base search paths generated from DNSPolicy.
items:
minLength: 1
type: string
type: array
x-kubernetes-list-type: set
type: object
dnsPolicy:
description: Defines the DNS policy for the pods.
enum:
- ClusterFirstWithHostNet
- ClusterFirst
- Default
- None
type: string
enforcedNamespaceLabel:
description: |-
EnforcedNamespaceLabel enforces adding a namespace label of origin for each alert

60
jsonnet/prometheus-operator/alertmanagers-crd.json
View file

@ -3136,6 +3136,66 @@
},
"type": "array"
},
"dnsConfig": {
"description": "Defines the DNS configuration for the pods.",
"properties": {
"nameservers": {
"description": "A list of DNS name server IP addresses.\nThis will be appended to the base nameservers generated from DNSPolicy.",
"items": {
"minLength": 1,
"type": "string"
},
"type": "array",
"x-kubernetes-list-type": "set"
},
"options": {
"description": "A list of DNS resolver options.\nThis will be merged with the base options generated from DNSPolicy.\nResolution options given in Options\nwill override those that appear in the base DNSPolicy.",
"items": {
"description": "PodDNSConfigOption defines DNS resolver options of a pod.",
"properties": {
"name": {
"description": "Name is required and must be unique.",
"minLength": 1,
"type": "string"
},
"value": {
"description": "Value is optional.",
"type": "string"
}
},
"required": [
"name"
],
"type": "object"
},
"type": "array",
"x-kubernetes-list-map-keys": [
"name"
],
"x-kubernetes-list-type": "map"
},
"searches": {
"description": "A list of DNS search domains for host-name lookup.\nThis will be appended to the base search paths generated from DNSPolicy.",
"items": {
"minLength": 1,
"type": "string"
},
"type": "array",
"x-kubernetes-list-type": "set"
}
},
"type": "object"
},
"dnsPolicy": {
"description": "Defines the DNS policy for the pods.",
"enum": [
"ClusterFirstWithHostNet",
"ClusterFirst",
"Default",
"None"
],
"type": "string"
},
"enableFeatures": {
"description": "Enable access to Alertmanager feature flags. By default, no features are enabled.\nEnabling features which are disabled by default is entirely outside the\nscope of what the maintainers will support and by doing so, you accept\nthat this behaviour may break at any time without notice.\n\nIt requires Alertmanager >= 0.27.0.",
"items": {

60
jsonnet/prometheus-operator/prometheusagents-crd.json
View file

@ -2459,6 +2459,66 @@
},
"type": "array"
},
"dnsConfig": {
"description": "Defines the DNS configuration for the pods.",
"properties": {
"nameservers": {
"description": "A list of DNS name server IP addresses.\nThis will be appended to the base nameservers generated from DNSPolicy.",
"items": {
"minLength": 1,
"type": "string"
},
"type": "array",
"x-kubernetes-list-type": "set"
},
"options": {
"description": "A list of DNS resolver options.\nThis will be merged with the base options generated from DNSPolicy.\nResolution options given in Options\nwill override those that appear in the base DNSPolicy.",
"items": {
"description": "PodDNSConfigOption defines DNS resolver options of a pod.",
"properties": {
"name": {
"description": "Name is required and must be unique.",
"minLength": 1,
"type": "string"
},
"value": {
"description": "Value is optional.",
"type": "string"
}
},
"required": [
"name"
],
"type": "object"
},
"type": "array",
"x-kubernetes-list-map-keys": [
"name"
],
"x-kubernetes-list-type": "map"
},
"searches": {
"description": "A list of DNS search domains for host-name lookup.\nThis will be appended to the base search paths generated from DNSPolicy.",
"items": {
"minLength": 1,
"type": "string"
},
"type": "array",
"x-kubernetes-list-type": "set"
}
},
"type": "object"
},
"dnsPolicy": {
"description": "Defines the DNS policy for the pods.",
"enum": [
"ClusterFirstWithHostNet",
"ClusterFirst",
"Default",
"None"
],
"type": "string"
},
"enableFeatures": {
"description": "Enable access to Prometheus feature flags. By default, no features are enabled.\n\nEnabling features which are disabled by default is entirely outside the\nscope of what the maintainers will support and by doing so, you accept\nthat this behaviour may break at any time without notice.\n\nFor more information see https://prometheus.io/docs/prometheus/latest/feature_flags/",
"items": {

60
jsonnet/prometheus-operator/prometheuses-crd.json
View file

@ -3047,6 +3047,66 @@
"description": "When true, the Prometheus compaction is disabled.",
"type": "boolean"
},
"dnsConfig": {
"description": "Defines the DNS configuration for the pods.",
"properties": {
"nameservers": {
"description": "A list of DNS name server IP addresses.\nThis will be appended to the base nameservers generated from DNSPolicy.",
"items": {
"minLength": 1,
"type": "string"
},
"type": "array",
"x-kubernetes-list-type": "set"
},
"options": {
"description": "A list of DNS resolver options.\nThis will be merged with the base options generated from DNSPolicy.\nResolution options given in Options\nwill override those that appear in the base DNSPolicy.",
"items": {
"description": "PodDNSConfigOption defines DNS resolver options of a pod.",
"properties": {
"name": {
"description": "Name is required and must be unique.",
"minLength": 1,
"type": "string"
},
"value": {
"description": "Value is optional.",
"type": "string"
}
},
"required": [
"name"
],
"type": "object"
},
"type": "array",
"x-kubernetes-list-map-keys": [
"name"
],
"x-kubernetes-list-type": "map"
},
"searches": {
"description": "A list of DNS search domains for host-name lookup.\nThis will be appended to the base search paths generated from DNSPolicy.",
"items": {
"minLength": 1,
"type": "string"
},
"type": "array",
"x-kubernetes-list-type": "set"
}
},
"type": "object"
},
"dnsPolicy": {
"description": "Defines the DNS policy for the pods.",
"enum": [
"ClusterFirstWithHostNet",
"ClusterFirst",
"Default",
"None"
],
"type": "string"
},
"enableAdminAPI": {
"description": "Enables access to the Prometheus web admin API.\n\nWARNING: Enabling the admin APIs enables mutating endpoints, to delete data,\nshutdown Prometheus, and more. Enabling this should be done with care and the\nuser is advised to add additional authentication authorization via a proxy to\nensure only clients authorized to perform these actions can do so.\n\nFor more information:\nhttps://prometheus.io/docs/prometheus/latest/querying/api/#tsdb-admin-apis",
"type": "boolean"

60
jsonnet/prometheus-operator/thanosrulers-crd.json
View file

@ -2196,6 +2196,66 @@
},
"type": "array"
},
"dnsConfig": {
"description": "Defines the DNS configuration for the pods.",
"properties": {
"nameservers": {
"description": "A list of DNS name server IP addresses.\nThis will be appended to the base nameservers generated from DNSPolicy.",
"items": {
"minLength": 1,
"type": "string"
},
"type": "array",
"x-kubernetes-list-type": "set"
},
"options": {
"description": "A list of DNS resolver options.\nThis will be merged with the base options generated from DNSPolicy.\nResolution options given in Options\nwill override those that appear in the base DNSPolicy.",
"items": {
"description": "PodDNSConfigOption defines DNS resolver options of a pod.",
"properties": {
"name": {
"description": "Name is required and must be unique.",
"minLength": 1,
"type": "string"
},
"value": {
"description": "Value is optional.",
"type": "string"
}
},
"required": [
"name"
],
"type": "object"
},
"type": "array",
"x-kubernetes-list-map-keys": [
"name"
],
"x-kubernetes-list-type": "map"
},
"searches": {
"description": "A list of DNS search domains for host-name lookup.\nThis will be appended to the base search paths generated from DNSPolicy.",
"items": {
"minLength": 1,
"type": "string"
},
"type": "array",
"x-kubernetes-list-type": "set"
}
},
"type": "object"
},
"dnsPolicy": {
"description": "Defines the DNS policy for the pods.",
"enum": [
"ClusterFirstWithHostNet",
"ClusterFirst",
"Default",
"None"
],
"type": "string"
},
"enforcedNamespaceLabel": {
"description": "EnforcedNamespaceLabel enforces adding a namespace label of origin for each alert\nand metric that is user created. The label value will always be the namespace of the object that is\nbeing created.",
"type": "string"

13
pkg/alertmanager/statefulset.go
View file

@ -342,6 +342,17 @@ func makeStatefulSetSpec(logger *slog.Logger, a *monitoringv1.Alertmanager, conf
}
}
// Handle DNSPolicy
var dnsPolicy v1.DNSPolicy
if a.Spec.DNSPolicy != nil {
dnsPolicy = k8sutil.ConvertDNSPolicy(a.Spec.DNSPolicy)
} else {
dnsPolicy = v1.DNSClusterFirst
}
// Handle DNSConfig
dnsConfig := k8sutil.ConvertToK8sDNSConfig(a.Spec.DNSConfig)
podAnnotations := map[string]string{}
podLabels := map[string]string{
"app.kubernetes.io/version": version.String(),
@ -781,6 +792,8 @@ func makeStatefulSetSpec(logger *slog.Logger, a *monitoringv1.Alertmanager, conf
Affinity: a.Spec.Affinity,
TopologySpreadConstraints: a.Spec.TopologySpreadConstraints,
HostAliases: operator.MakeHostAliases(a.Spec.HostAliases),
DNSPolicy: dnsPolicy,
DNSConfig: dnsConfig,
},
},
}, nil

33
pkg/alertmanager/statefulset_test.go
View file

@ -29,8 +29,10 @@ import (
v1 "k8s.io/api/core/v1"
metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
"k8s.io/apimachinery/pkg/util/intstr"
"k8s.io/utils/ptr"
monitoringv1 "github.com/prometheus-operator/prometheus-operator/pkg/apis/monitoring/v1"
"github.com/prometheus-operator/prometheus-operator/pkg/k8sutil"
"github.com/prometheus-operator/prometheus-operator/pkg/operator"
)
@ -1279,3 +1281,34 @@ func TestEnableFeatures(t *testing.T) {
})
}
}
func TestStatefulSetDNSPolicyAndDNSConfig(t *testing.T) {
k8sDNSPolicy := v1.DNSClusterFirst
k8sDNSConfig := monitoringv1.PodDNSConfig{
Nameservers: []string{"8.8.8.8"},
Searches: []string{"custom.search"},
Options: []monitoringv1.PodDNSConfigOption{
{
Name: "ndots",
Value: ptr.To("5"),
},
},
}
monitoringDNSPolicyPtr := ptr.To(monitoringv1.DNSPolicy(k8sDNSPolicy))
convertedDNSConfig := k8sutil.ConvertToK8sDNSConfig(&k8sDNSConfig)
sset, err := makeStatefulSet(nil, &monitoringv1.Alertmanager{
ObjectMeta: metav1.ObjectMeta{},
Spec: monitoringv1.AlertmanagerSpec{
DNSPolicy: monitoringDNSPolicyPtr,
DNSConfig: &k8sDNSConfig,
},
}, defaultTestConfig, "", &operator.ShardedSecret{})
require.NoError(t, err)
require.Equal(t, k8sDNSPolicy, sset.Spec.Template.Spec.DNSPolicy, "expected dns policy to match")
require.Equal(t, *convertedDNSConfig, *sset.Spec.Template.Spec.DNSConfig, "expected dns configuration to match")
}

8
pkg/apis/monitoring/v1/alertmanager_types.go
View file

@ -177,6 +177,14 @@ type AlertmanagerSpec struct {
// SecurityContext holds pod-level security attributes and common container settings.
// This defaults to the default PodSecurityContext.
SecurityContext *v1.PodSecurityContext `json:"securityContext,omitempty"`
// Defines the DNS policy for the pods.
//
// +optional
DNSPolicy *DNSPolicy `json:"dnsPolicy,omitempty"`
// Defines the DNS configuration for the pods.
//
// +optional
DNSConfig *PodDNSConfig `json:"dnsConfig,omitempty"`
// ServiceAccountName is the name of the ServiceAccount to use to run the
// Prometheus Pods.
ServiceAccountName string `json:"serviceAccountName,omitempty"`

56
pkg/apis/monitoring/v1/dns_types.go Normal file
View file

@ -0,0 +1,56 @@
// Copyright 2024 The prometheus-operator Authors
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
package v1
// PodDNSConfig defines the DNS parameters of a pod in addition to
// those generated from DNSPolicy.
type PodDNSConfig struct {
// A list of DNS name server IP addresses.
// This will be appended to the base nameservers generated from DNSPolicy.
// +kubebuilder:validation:Optional
// +listType:=set
// +kubebuilder:validation:items:MinLength:=1
Nameservers []string `json:"nameservers,omitempty"`
// A list of DNS search domains for host-name lookup.
// This will be appended to the base search paths generated from DNSPolicy.
// +kubebuilder:validation:Optional
// +listType:=set
// +kubebuilder:validation:items:MinLength:=1
Searches []string `json:"searches,omitempty"`
// A list of DNS resolver options.
// This will be merged with the base options generated from DNSPolicy.
// Resolution options given in Options
// will override those that appear in the base DNSPolicy.
// +kubebuilder:validation:Optional
// +listType=map
// +listMapKey=name
Options []PodDNSConfigOption `json:"options,omitempty"`
}
// PodDNSConfigOption defines DNS resolver options of a pod.
type PodDNSConfigOption struct {
// Name is required and must be unique.
// +kubebuilder:validation:MinLength=1
Name string `json:"name"`
// Value is optional.
// +kubebuilder:validation:Optional
Value *string `json:"value,omitempty"`
}
// DNSPolicy specifies the DNS policy for the pod.
// +kubebuilder:validation:Enum=ClusterFirstWithHostNet;ClusterFirst;Default;None
type DNSPolicy string

8
pkg/apis/monitoring/v1/prometheus_types.go
View file

@ -402,6 +402,14 @@ type CommonPrometheusFields struct {
// +optional
SecurityContext *v1.PodSecurityContext `json:"securityContext,omitempty"`
// Defines the DNS policy for the pods.
//
// +optional
DNSPolicy *DNSPolicy `json:"dnsPolicy,omitempty"`
// Defines the DNS configuration for the pods.
//
// +optional
DNSConfig *PodDNSConfig `json:"dnsConfig,omitempty"`
// When true, the Prometheus server listens on the loopback address
// instead of the Pod IP's address.
ListenLocal bool `json:"listenLocal,omitempty"`

9
pkg/apis/monitoring/v1/thanos_types.go
View file

@ -110,6 +110,15 @@ type ThanosRulerSpec struct {
// SecurityContext holds pod-level security attributes and common container settings.
// This defaults to the default PodSecurityContext.
SecurityContext *v1.PodSecurityContext `json:"securityContext,omitempty"`
// Defines the DNS policy for the pods.
//
// +optional
DNSPolicy *DNSPolicy `json:"dnsPolicy,omitempty"`
// Defines the DNS configuration for the pods.
//
// +optional
DNSConfig *PodDNSConfig `json:"dnsConfig,omitempty"`
// Priority class assigned to the Pods
PriorityClassName string `json:"priorityClassName,omitempty"`
// ServiceAccountName is the name of the ServiceAccount to use to run the

82
pkg/apis/monitoring/v1/zz_generated.deepcopy.go generated
View file

@ -356,6 +356,16 @@ func (in *AlertmanagerSpec) DeepCopyInto(out *AlertmanagerSpec) {
*out = new(corev1.PodSecurityContext)
(*in).DeepCopyInto(*out)
}
if in.DNSPolicy != nil {
in, out := &in.DNSPolicy, &out.DNSPolicy
*out = new(DNSPolicy)
**out = **in
}
if in.DNSConfig != nil {
in, out := &in.DNSConfig, &out.DNSConfig
*out = new(PodDNSConfig)
(*in).DeepCopyInto(*out)
}
if in.Containers != nil {
in, out := &in.Containers, &out.Containers
*out = make([]corev1.Container, len(*in))
@ -835,6 +845,16 @@ func (in *CommonPrometheusFields) DeepCopyInto(out *CommonPrometheusFields) {
*out = new(corev1.PodSecurityContext)
(*in).DeepCopyInto(*out)
}
if in.DNSPolicy != nil {
in, out := &in.DNSPolicy, &out.DNSPolicy
*out = new(DNSPolicy)
**out = **in
}
if in.DNSConfig != nil {
in, out := &in.DNSConfig, &out.DNSConfig
*out = new(PodDNSConfig)
(*in).DeepCopyInto(*out)
}
if in.Containers != nil {
in, out := &in.Containers, &out.Containers
*out = make([]corev1.Container, len(*in))
@ -1501,6 +1521,58 @@ func (in *ObjectReference) DeepCopy() *ObjectReference {
return out
}
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (in *PodDNSConfig) DeepCopyInto(out *PodDNSConfig) {
*out = *in
if in.Nameservers != nil {
in, out := &in.Nameservers, &out.Nameservers
*out = make([]string, len(*in))
copy(*out, *in)
}
if in.Searches != nil {
in, out := &in.Searches, &out.Searches
*out = make([]string, len(*in))
copy(*out, *in)
}
if in.Options != nil {
in, out := &in.Options, &out.Options
*out = make([]PodDNSConfigOption, len(*in))
for i := range *in {
(*in)[i].DeepCopyInto(&(*out)[i])
}
}
}
// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PodDNSConfig.
func (in *PodDNSConfig) DeepCopy() *PodDNSConfig {
if in == nil {
return nil
}
out := new(PodDNSConfig)
in.DeepCopyInto(out)
return out
}
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (in *PodDNSConfigOption) DeepCopyInto(out *PodDNSConfigOption) {
*out = *in
if in.Value != nil {
in, out := &in.Value, &out.Value
*out = new(string)
**out = **in
}
}
// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PodDNSConfigOption.
func (in *PodDNSConfigOption) DeepCopy() *PodDNSConfigOption {
if in == nil {
return nil
}
out := new(PodDNSConfigOption)
in.DeepCopyInto(out)
return out
}
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (in *PodMetricsEndpoint) DeepCopyInto(out *PodMetricsEndpoint) {
*out = *in
@ -3141,6 +3213,16 @@ func (in *ThanosRulerSpec) DeepCopyInto(out *ThanosRulerSpec) {
*out = new(corev1.PodSecurityContext)
(*in).DeepCopyInto(*out)
}
if in.DNSPolicy != nil {
in, out := &in.DNSPolicy, &out.DNSPolicy
*out = new(DNSPolicy)
**out = **in
}
if in.DNSConfig != nil {
in, out := &in.DNSConfig, &out.DNSConfig
*out = new(PodDNSConfig)
(*in).DeepCopyInto(*out)
}
if in.Storage != nil {
in, out := &in.Storage, &out.Storage
*out = new(StorageSpec)

18
pkg/client/applyconfiguration/monitoring/v1/alertmanagerspec.go
View file

@ -52,6 +52,8 @@ type AlertmanagerSpecApplyConfiguration struct {
Tolerations []corev1.Toleration `json:"tolerations,omitempty"`
TopologySpreadConstraints []corev1.TopologySpreadConstraint `json:"topologySpreadConstraints,omitempty"`
SecurityContext *corev1.PodSecurityContext `json:"securityContext,omitempty"`
DNSPolicy *monitoringv1.DNSPolicy `json:"dnsPolicy,omitempty"`
DNSConfig *PodDNSConfigApplyConfiguration `json:"dnsConfig,omitempty"`
ServiceAccountName *string `json:"serviceAccountName,omitempty"`
ListenLocal *bool `json:"listenLocal,omitempty"`
Containers []corev1.Container `json:"containers,omitempty"`
@ -318,6 +320,22 @@ func (b *AlertmanagerSpecApplyConfiguration) WithSecurityContext(value corev1.Po
return b
}
// WithDNSPolicy sets the DNSPolicy field in the declarative configuration to the given value
// and returns the receiver, so that objects can be built by chaining "With" function invocations.
// If called multiple times, the DNSPolicy field is set to the value of the last call.
func (b *AlertmanagerSpecApplyConfiguration) WithDNSPolicy(value monitoringv1.DNSPolicy) *AlertmanagerSpecApplyConfiguration {
b.DNSPolicy = &value
return b
}
// WithDNSConfig sets the DNSConfig field in the declarative configuration to the given value
// and returns the receiver, so that objects can be built by chaining "With" function invocations.
// If called multiple times, the DNSConfig field is set to the value of the last call.
func (b *AlertmanagerSpecApplyConfiguration) WithDNSConfig(value *PodDNSConfigApplyConfiguration) *AlertmanagerSpecApplyConfiguration {
b.DNSConfig = value
return b
}
// WithServiceAccountName sets the ServiceAccountName field in the declarative configuration to the given value
// and returns the receiver, so that objects can be built by chaining "With" function invocations.
// If called multiple times, the ServiceAccountName field is set to the value of the last call.

18
pkg/client/applyconfiguration/monitoring/v1/commonprometheusfields.go
View file

@ -71,6 +71,8 @@ type CommonPrometheusFieldsApplyConfiguration struct {
RemoteWrite []RemoteWriteSpecApplyConfiguration `json:"remoteWrite,omitempty"`
OTLP *OTLPConfigApplyConfiguration `json:"otlp,omitempty"`
SecurityContext *corev1.PodSecurityContext `json:"securityContext,omitempty"`
DNSPolicy *monitoringv1.DNSPolicy `json:"dnsPolicy,omitempty"`
DNSConfig *PodDNSConfigApplyConfiguration `json:"dnsConfig,omitempty"`
ListenLocal *bool `json:"listenLocal,omitempty"`
Containers []corev1.Container `json:"containers,omitempty"`
InitContainers []corev1.Container `json:"initContainers,omitempty"`
@ -516,6 +518,22 @@ func (b *CommonPrometheusFieldsApplyConfiguration) WithSecurityContext(value cor
return b
}
// WithDNSPolicy sets the DNSPolicy field in the declarative configuration to the given value
// and returns the receiver, so that objects can be built by chaining "With" function invocations.
// If called multiple times, the DNSPolicy field is set to the value of the last call.
func (b *CommonPrometheusFieldsApplyConfiguration) WithDNSPolicy(value monitoringv1.DNSPolicy) *CommonPrometheusFieldsApplyConfiguration {
b.DNSPolicy = &value
return b
}
// WithDNSConfig sets the DNSConfig field in the declarative configuration to the given value
// and returns the receiver, so that objects can be built by chaining "With" function invocations.
// If called multiple times, the DNSConfig field is set to the value of the last call.
func (b *CommonPrometheusFieldsApplyConfiguration) WithDNSConfig(value *PodDNSConfigApplyConfiguration) *CommonPrometheusFieldsApplyConfiguration {
b.DNSConfig = value
return b
}
// WithListenLocal sets the ListenLocal field in the declarative configuration to the given value
// and returns the receiver, so that objects can be built by chaining "With" function invocations.
// If called multiple times, the ListenLocal field is set to the value of the last call.

64
pkg/client/applyconfiguration/monitoring/v1/poddnsconfig.go Normal file
View file

@ -0,0 +1,64 @@
// Copyright The prometheus-operator Authors
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
// Code generated by applyconfiguration-gen. DO NOT EDIT.
package v1
// PodDNSConfigApplyConfiguration represents a declarative configuration of the PodDNSConfig type for use
// with apply.
type PodDNSConfigApplyConfiguration struct {
Nameservers []string `json:"nameservers,omitempty"`
Searches []string `json:"searches,omitempty"`
Options []PodDNSConfigOptionApplyConfiguration `json:"options,omitempty"`
}
// PodDNSConfigApplyConfiguration constructs a declarative configuration of the PodDNSConfig type for use with
// apply.
func PodDNSConfig() *PodDNSConfigApplyConfiguration {
return &PodDNSConfigApplyConfiguration{}
}
// WithNameservers adds the given value to the Nameservers field in the declarative configuration
// and returns the receiver, so that objects can be build by chaining "With" function invocations.
// If called multiple times, values provided by each call will be appended to the Nameservers field.
func (b *PodDNSConfigApplyConfiguration) WithNameservers(values ...string) *PodDNSConfigApplyConfiguration {
for i := range values {
b.Nameservers = append(b.Nameservers, values[i])
}
return b
}
// WithSearches adds the given value to the Searches field in the declarative configuration
// and returns the receiver, so that objects can be build by chaining "With" function invocations.
// If called multiple times, values provided by each call will be appended to the Searches field.
func (b *PodDNSConfigApplyConfiguration) WithSearches(values ...string) *PodDNSConfigApplyConfiguration {
for i := range values {
b.Searches = append(b.Searches, values[i])
}
return b
}
// WithOptions adds the given value to the Options field in the declarative configuration
// and returns the receiver, so that objects can be build by chaining "With" function invocations.
// If called multiple times, values provided by each call will be appended to the Options field.
func (b *PodDNSConfigApplyConfiguration) WithOptions(values ...*PodDNSConfigOptionApplyConfiguration) *PodDNSConfigApplyConfiguration {
for i := range values {
if values[i] == nil {
panic("nil value passed to WithOptions")
}
b.Options = append(b.Options, *values[i])
}
return b
}

46
pkg/client/applyconfiguration/monitoring/v1/poddnsconfigoption.go Normal file
View file

@ -0,0 +1,46 @@
// Copyright The prometheus-operator Authors
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
// Code generated by applyconfiguration-gen. DO NOT EDIT.
package v1
// PodDNSConfigOptionApplyConfiguration represents a declarative configuration of the PodDNSConfigOption type for use
// with apply.
type PodDNSConfigOptionApplyConfiguration struct {
Name *string `json:"name,omitempty"`
Value *string `json:"value,omitempty"`
}
// PodDNSConfigOptionApplyConfiguration constructs a declarative configuration of the PodDNSConfigOption type for use with
// apply.
func PodDNSConfigOption() *PodDNSConfigOptionApplyConfiguration {
return &PodDNSConfigOptionApplyConfiguration{}
}
// WithName sets the Name field in the declarative configuration to the given value
// and returns the receiver, so that objects can be built by chaining "With" function invocations.
// If called multiple times, the Name field is set to the value of the last call.
func (b *PodDNSConfigOptionApplyConfiguration) WithName(value string) *PodDNSConfigOptionApplyConfiguration {
b.Name = &value
return b
}
// WithValue sets the Value field in the declarative configuration to the given value
// and returns the receiver, so that objects can be built by chaining "With" function invocations.
// If called multiple times, the Value field is set to the value of the last call.
func (b *PodDNSConfigOptionApplyConfiguration) WithValue(value string) *PodDNSConfigOptionApplyConfiguration {
b.Value = &value
return b
}

16
pkg/client/applyconfiguration/monitoring/v1/prometheusspec.go
View file

@ -455,6 +455,22 @@ func (b *PrometheusSpecApplyConfiguration) WithSecurityContext(value corev1.PodS
return b
}
// WithDNSPolicy sets the DNSPolicy field in the declarative configuration to the given value
// and returns the receiver, so that objects can be built by chaining "With" function invocations.
// If called multiple times, the DNSPolicy field is set to the value of the last call.
func (b *PrometheusSpecApplyConfiguration) WithDNSPolicy(value monitoringv1.DNSPolicy) *PrometheusSpecApplyConfiguration {
b.DNSPolicy = &value
return b
}
// WithDNSConfig sets the DNSConfig field in the declarative configuration to the given value
// and returns the receiver, so that objects can be built by chaining "With" function invocations.
// If called multiple times, the DNSConfig field is set to the value of the last call.
func (b *PrometheusSpecApplyConfiguration) WithDNSConfig(value *PodDNSConfigApplyConfiguration) *PrometheusSpecApplyConfiguration {
b.DNSConfig = value
return b
}
// WithListenLocal sets the ListenLocal field in the declarative configuration to the given value
// and returns the receiver, so that objects can be built by chaining "With" function invocations.
// If called multiple times, the ListenLocal field is set to the value of the last call.

18
pkg/client/applyconfiguration/monitoring/v1/thanosrulerspec.go
View file

@ -38,6 +38,8 @@ type ThanosRulerSpecApplyConfiguration struct {
Tolerations []corev1.Toleration `json:"tolerations,omitempty"`
TopologySpreadConstraints []corev1.TopologySpreadConstraint `json:"topologySpreadConstraints,omitempty"`
SecurityContext *corev1.PodSecurityContext `json:"securityContext,omitempty"`
DNSPolicy *monitoringv1.DNSPolicy `json:"dnsPolicy,omitempty"`
DNSConfig *PodDNSConfigApplyConfiguration `json:"dnsConfig,omitempty"`
PriorityClassName *string `json:"priorityClassName,omitempty"`
ServiceAccountName *string `json:"serviceAccountName,omitempty"`
Storage *StorageSpecApplyConfiguration `json:"storage,omitempty"`
@ -200,6 +202,22 @@ func (b *ThanosRulerSpecApplyConfiguration) WithSecurityContext(value corev1.Pod
return b
}
// WithDNSPolicy sets the DNSPolicy field in the declarative configuration to the given value
// and returns the receiver, so that objects can be built by chaining "With" function invocations.
// If called multiple times, the DNSPolicy field is set to the value of the last call.
func (b *ThanosRulerSpecApplyConfiguration) WithDNSPolicy(value monitoringv1.DNSPolicy) *ThanosRulerSpecApplyConfiguration {
b.DNSPolicy = &value
return b
}
// WithDNSConfig sets the DNSConfig field in the declarative configuration to the given value
// and returns the receiver, so that objects can be built by chaining "With" function invocations.
// If called multiple times, the DNSConfig field is set to the value of the last call.
func (b *ThanosRulerSpecApplyConfiguration) WithDNSConfig(value *PodDNSConfigApplyConfiguration) *ThanosRulerSpecApplyConfiguration {
b.DNSConfig = value
return b
}
// WithPriorityClassName sets the PriorityClassName field in the declarative configuration to the given value
// and returns the receiver, so that objects can be built by chaining "With" function invocations.
// If called multiple times, the PriorityClassName field is set to the value of the last call.

16
pkg/client/applyconfiguration/monitoring/v1alpha1/prometheusagentspec.go
View file

@ -443,6 +443,22 @@ func (b *PrometheusAgentSpecApplyConfiguration) WithSecurityContext(value corev1
return b
}
// WithDNSPolicy sets the DNSPolicy field in the declarative configuration to the given value
// and returns the receiver, so that objects can be built by chaining "With" function invocations.
// If called multiple times, the DNSPolicy field is set to the value of the last call.
func (b *PrometheusAgentSpecApplyConfiguration) WithDNSPolicy(value monitoringv1.DNSPolicy) *PrometheusAgentSpecApplyConfiguration {
b.DNSPolicy = &value
return b
}
// WithDNSConfig sets the DNSConfig field in the declarative configuration to the given value
// and returns the receiver, so that objects can be built by chaining "With" function invocations.
// If called multiple times, the DNSConfig field is set to the value of the last call.
func (b *PrometheusAgentSpecApplyConfiguration) WithDNSConfig(value *v1.PodDNSConfigApplyConfiguration) *PrometheusAgentSpecApplyConfiguration {
b.DNSConfig = value
return b
}
// WithListenLocal sets the ListenLocal field in the declarative configuration to the given value
// and returns the receiver, so that objects can be built by chaining "With" function invocations.
// If called multiple times, the ListenLocal field is set to the value of the last call.

4
pkg/client/applyconfiguration/utils.go
View file

@ -104,6 +104,10 @@ func ForKind(kind schema.GroupVersionKind) interface{} {
return &monitoringv1.ObjectReferenceApplyConfiguration{}
case v1.SchemeGroupVersion.WithKind("OTLPConfig"):
return &monitoringv1.OTLPConfigApplyConfiguration{}
case v1.SchemeGroupVersion.WithKind("PodDNSConfig"):
return &monitoringv1.PodDNSConfigApplyConfiguration{}
case v1.SchemeGroupVersion.WithKind("PodDNSConfigOption"):
return &monitoringv1.PodDNSConfigOptionApplyConfiguration{}
case v1.SchemeGroupVersion.WithKind("PodMetricsEndpoint"):
return &monitoringv1.PodMetricsEndpointApplyConfiguration{}
case v1.SchemeGroupVersion.WithKind("PodMonitor"):

29
pkg/k8sutil/k8sutil.go
View file

@ -538,3 +538,32 @@ func mergeMapsByPrefix(from map[string]string, to map[string]string, prefix stri
return to
}
// ConvertToK8sDNSConfig converts a monitoringv1.PodDNSConfig to a corev1.PodDNSConfig.
func ConvertToK8sDNSConfig(config *monitoringv1.PodDNSConfig) *v1.PodDNSConfig {
if config == nil {
return nil
}
k8sConfig := &v1.PodDNSConfig{
Nameservers: config.Nameservers,
Searches: config.Searches,
}
for _, opt := range config.Options {
k8sConfig.Options = append(k8sConfig.Options, v1.PodDNSConfigOption{
Name: opt.Name,
Value: opt.Value,
})
}
return k8sConfig
}
// ConvertDNSPolicy converts a monitoringv1.DNSPolicy to a corev1.DNSPolicy.
func ConvertDNSPolicy(dnsPolicy *monitoringv1.DNSPolicy) v1.DNSPolicy {
if dnsPolicy == nil {
return v1.DNSClusterFirst
}
return v1.DNSPolicy(*dnsPolicy)
}

38
pkg/k8sutil/k8sutil_test.go
View file

@ -26,6 +26,8 @@ import (
metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
"k8s.io/apimachinery/pkg/util/validation"
"k8s.io/client-go/kubernetes/fake"
monitoringv1 "github.com/prometheus-operator/prometheus-operator/pkg/apis/monitoring/v1"
)
func TestUniqueVolumeName(t *testing.T) {
@ -520,3 +522,39 @@ func TestCreateOrUpdateImmutableFields(t *testing.T) {
service.Spec.IPFamilyPolicy, modifiedSvc.Spec.IPFamilyPolicy)
})
}
func TestConvertToK8sDNSConfig(t *testing.T) {
monitoringDNSConfig := &monitoringv1.PodDNSConfig{
Nameservers: []string{"8.8.8.8", "8.8.4.4"},
Searches: []string{"custom.search"},
Options: []monitoringv1.PodDNSConfigOption{
{
Name: "ndots",
Value: ptrTo("5"),
},
{
Name: "timeout",
Value: ptrTo("1"),
},
},
}
k8sDNSConfig := ConvertToK8sDNSConfig(monitoringDNSConfig)
// Verify the conversion matches the original content
require.Equal(t, monitoringDNSConfig.Nameservers, k8sDNSConfig.Nameservers, "expected nameservers to match")
require.Equal(t, monitoringDNSConfig.Searches, k8sDNSConfig.Searches, "expected searches to match")
// Check if DNSConfig options match
require.Equal(t, len(monitoringDNSConfig.Options), len(k8sDNSConfig.Options), "expected options length to match")
for i, option := range monitoringDNSConfig.Options {
k8sOption := k8sDNSConfig.Options[i]
require.Equal(t, option.Name, k8sOption.Name, "expected option names to match")
require.Equal(t, option.Value, k8sOption.Value, "expected option values to match")
}
}
// ptrTo is a helper function to get a pointer to a string value.
func ptrTo(val string) *string {
return &val
}

48
pkg/prometheus/agent/statefulset.go
View file

@ -281,6 +281,34 @@ func makeStatefulSetSpec(
return nil, fmt.Errorf("failed to merge containers spec: %w", err)
}
spec := v1.PodSpec{
ShareProcessNamespace: prompkg.ShareProcessNamespace(p),
Containers: containers,
InitContainers: initContainers,
SecurityContext: cpf.SecurityContext,
ServiceAccountName: cpf.ServiceAccountName,
AutomountServiceAccountToken: ptr.To(ptr.Deref(cpf.AutomountServiceAccountToken, true)),
NodeSelector: cpf.NodeSelector,
PriorityClassName: cpf.PriorityClassName,
TerminationGracePeriodSeconds: ptr.To(int64(600)),
Volumes: volumes,
Tolerations: cpf.Tolerations,
Affinity: cpf.Affinity,
TopologySpreadConstraints: prompkg.MakeK8sTopologySpreadConstraint(finalSelectorLabels, cpf.TopologySpreadConstraints),
HostAliases: operator.MakeHostAliases(cpf.HostAliases),
HostNetwork: cpf.HostNetwork,
}
// Set DNSPolicy if not nil
if cpf.DNSPolicy != nil {
spec.DNSPolicy = k8sutil.ConvertDNSPolicy(cpf.DNSPolicy)
}
// Set DNSConfig if not nil
if cpf.DNSConfig != nil {
spec.DNSConfig = k8sutil.ConvertToK8sDNSConfig(cpf.DNSConfig)
}
// PodManagementPolicy is set to Parallel to mitigate issues in kubernetes: https://github.com/kubernetes/kubernetes/issues/60164
// This is also mentioned as one of limitations of StatefulSets: https://kubernetes.io/docs/concepts/workloads/controllers/statefulset/#limitations
return &appsv1.StatefulSetSpec{
@ -299,25 +327,7 @@ func makeStatefulSetSpec(
Labels: finalLabels,
Annotations: podAnnotations,
},
Spec: v1.PodSpec{
ShareProcessNamespace: prompkg.ShareProcessNamespace(p),
Containers: containers,
InitContainers: initContainers,
SecurityContext: cpf.SecurityContext,
ServiceAccountName: cpf.ServiceAccountName,
AutomountServiceAccountToken: ptr.To(ptr.Deref(cpf.AutomountServiceAccountToken, true)),
NodeSelector: cpf.NodeSelector,
PriorityClassName: cpf.PriorityClassName,
// Prometheus may take quite long to shut down to checkpoint existing data.
// Allow up to 10 minutes for clean termination.
TerminationGracePeriodSeconds: ptr.To(int64(600)),
Volumes: volumes,
Tolerations: cpf.Tolerations,
Affinity: cpf.Affinity,
TopologySpreadConstraints: prompkg.MakeK8sTopologySpreadConstraint(finalSelectorLabels, cpf.TopologySpreadConstraints),
HostAliases: operator.MakeHostAliases(cpf.HostAliases),
HostNetwork: cpf.HostNetwork,
},
Spec: spec,
},
}, nil
}

45
pkg/prometheus/agent/statefulset_test.go
View file

@ -219,3 +219,48 @@ func TestAutomountServiceAccountToken(t *testing.T) {
})
}
}
func TestStatefulSetDNSPolicyAndDNSConfig(t *testing.T) {
// Monitoring DNS settings
monitoringDNSPolicy := v1.DNSClusterFirst
monitoringDNSConfig := &monitoringv1.PodDNSConfig{
Nameservers: []string{"8.8.8.8", "8.8.4.4"},
Searches: []string{"custom.search"},
Options: []monitoringv1.PodDNSConfigOption{
{
Name: "ndots",
Value: ptr.To("5"),
},
},
}
monitoringDNSPolicyPtr := ptr.To(monitoringv1.DNSPolicy(monitoringDNSPolicy))
// Create the PrometheusAgent object with DNS settings
prometheusAgent := monitoringv1alpha1.PrometheusAgent{
Spec: monitoringv1alpha1.PrometheusAgentSpec{
CommonPrometheusFields: monitoringv1.CommonPrometheusFields{
DNSPolicy: monitoringDNSPolicyPtr,
DNSConfig: monitoringDNSConfig,
},
},
}
// Generate the StatefulSet
sset, err := makeStatefulSetFromPrometheus(prometheusAgent)
require.NoError(t, err)
// Validate the DNS Policy
require.Equal(t, v1.DNSClusterFirst, sset.Spec.Template.Spec.DNSPolicy, "expected DNS policy to match")
// Validate the DNS Config
require.NotNil(t, sset.Spec.Template.Spec.DNSConfig, "expected DNS config to be set")
require.Equal(t, monitoringDNSConfig.Nameservers, sset.Spec.Template.Spec.DNSConfig.Nameservers, "expected nameservers to match")
require.Equal(t, monitoringDNSConfig.Searches, sset.Spec.Template.Spec.DNSConfig.Searches, "expected searches to match")
require.Equal(t, len(monitoringDNSConfig.Options), len(sset.Spec.Template.Spec.DNSConfig.Options), "expected options length to match")
for i, option := range monitoringDNSConfig.Options {
k8sOption := sset.Spec.Template.Spec.DNSConfig.Options[i]
require.Equal(t, option.Name, k8sOption.Name, "expected option names to match")
require.Equal(t, option.Value, k8sOption.Value, "expected option values to match")
}
}

2
pkg/prometheus/server/statefulset.go
View file

@ -399,6 +399,8 @@ func makeStatefulSetSpec(
TopologySpreadConstraints: prompkg.MakeK8sTopologySpreadConstraint(finalSelectorLabels, cpf.TopologySpreadConstraints),
HostAliases: operator.MakeHostAliases(cpf.HostAliases),
HostNetwork: cpf.HostNetwork,
DNSPolicy: k8sutil.ConvertDNSPolicy(cpf.DNSPolicy),
DNSConfig: k8sutil.ConvertToK8sDNSConfig(cpf.DNSConfig),
},
},
}, nil

83
pkg/prometheus/server/statefulset_test.go
View file

@ -2829,3 +2829,86 @@ func TestAutomountServiceAccountToken(t *testing.T) {
})
}
}
func TestDNSPolicyAndDNSConfig(t *testing.T) {
tests := []struct {
name string
dnsPolicy v1.DNSPolicy
dnsConfig *v1.PodDNSConfig
expectedDNSPolicy v1.DNSPolicy
expectedDNSConfig *v1.PodDNSConfig
}{
{
name: "Default DNSPolicy and DNSConfig",
dnsPolicy: v1.DNSClusterFirst,
dnsConfig: nil,
expectedDNSPolicy: v1.DNSClusterFirst,
expectedDNSConfig: nil,
},
{
name: "Custom DNSPolicy",
dnsPolicy: v1.DNSDefault,
dnsConfig: nil,
expectedDNSPolicy: v1.DNSDefault,
expectedDNSConfig: nil,
},
{
name: "Custom DNSConfig",
dnsPolicy: v1.DNSClusterFirst,
dnsConfig: &v1.PodDNSConfig{
Nameservers: []string{"8.8.8.8", "8.8.4.4"},
Searches: []string{"custom.svc.cluster.local"},
},
expectedDNSPolicy: v1.DNSClusterFirst,
expectedDNSConfig: &v1.PodDNSConfig{
Nameservers: []string{"8.8.8.8", "8.8.4.4"},
Searches: []string{"custom.svc.cluster.local"},
},
},
{
name: "Custom DNS Policy with Search Domains",
dnsPolicy: v1.DNSDefault,
dnsConfig: &v1.PodDNSConfig{
Searches: []string{"kitsos.com", "kitsos.org"},
},
expectedDNSPolicy: v1.DNSDefault,
expectedDNSConfig: &v1.PodDNSConfig{
Searches: []string{"kitsos.com", "kitsos.org"},
},
},
}
for _, test := range tests {
t.Run(test.name, func(t *testing.T) {
monitoringDNSPolicyPtr := ptr.To(monitoringv1.DNSPolicy(test.dnsPolicy))
var monitoringDNSConfig *monitoringv1.PodDNSConfig
if test.dnsConfig != nil {
monitoringDNSConfig = &monitoringv1.PodDNSConfig{
Nameservers: test.dnsConfig.Nameservers,
Searches: test.dnsConfig.Searches,
}
}
sset, err := makeStatefulSetFromPrometheus(monitoringv1.Prometheus{
ObjectMeta: metav1.ObjectMeta{},
Spec: monitoringv1.PrometheusSpec{
CommonPrometheusFields: monitoringv1.CommonPrometheusFields{
DNSPolicy: monitoringDNSPolicyPtr,
DNSConfig: monitoringDNSConfig,
},
},
})
require.NoError(t, err)
require.Equal(t, test.expectedDNSPolicy, sset.Spec.Template.Spec.DNSPolicy, "expected DNSPolicy to match, want %v, got %v", test.expectedDNSPolicy, sset.Spec.Template.Spec.DNSPolicy)
if test.expectedDNSConfig != nil {
require.NotNil(t, sset.Spec.Template.Spec.DNSConfig, "expected DNSConfig to be set")
require.Equal(t, test.expectedDNSConfig.Nameservers, sset.Spec.Template.Spec.DNSConfig.Nameservers, "expected DNSConfig Nameservers to match, want %v, got %v", test.expectedDNSConfig.Nameservers, sset.Spec.Template.Spec.DNSConfig.Nameservers)
require.Equal(t, test.expectedDNSConfig.Searches, sset.Spec.Template.Spec.DNSConfig.Searches, "expected DNSConfig Searches to match, want %v, got %v", test.expectedDNSConfig.Searches, sset.Spec.Template.Spec.DNSConfig.Searches)
} else {
require.Nil(t, sset.Spec.Template.Spec.DNSConfig, "expected DNSConfig to be nil")
}
})
}
}

13
pkg/thanos/statefulset.go
View file

@ -358,6 +358,17 @@ func makeStatefulSetSpec(tr *monitoringv1.ThanosRuler, config Config, ruleConfig
)
}
// Handle DNSPolicy
var dnsPolicy v1.DNSPolicy
if tr.Spec.DNSPolicy != nil {
dnsPolicy = k8sutil.ConvertDNSPolicy(tr.Spec.DNSPolicy)
} else {
dnsPolicy = v1.DNSClusterFirst
}
// Handle DNSConfig
dnsConfig := k8sutil.ConvertToK8sDNSConfig(tr.Spec.DNSConfig)
podAnnotations := map[string]string{}
podLabels := map[string]string{}
if tr.Spec.PodMetadata != nil {
@ -472,6 +483,8 @@ func makeStatefulSetSpec(tr *monitoringv1.ThanosRuler, config Config, ruleConfig
Affinity: tr.Spec.Affinity,
TopologySpreadConstraints: tr.Spec.TopologySpreadConstraints,
HostAliases: operator.MakeHostAliases(tr.Spec.HostAliases),
DNSPolicy: dnsPolicy,
DNSConfig: dnsConfig,
},
},
}, nil

35
pkg/thanos/statefulset_test.go
View file

@ -24,8 +24,10 @@ import (
appsv1 "k8s.io/api/apps/v1"
v1 "k8s.io/api/core/v1"
metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
"k8s.io/utils/ptr"
monitoringv1 "github.com/prometheus-operator/prometheus-operator/pkg/apis/monitoring/v1"
"github.com/prometheus-operator/prometheus-operator/pkg/k8sutil"
"github.com/prometheus-operator/prometheus-operator/pkg/operator"
)
@ -981,3 +983,36 @@ func TestThanosVersion(t *testing.T) {
})
}
}
func TestStatefulSetDNSPolicyAndDNSConfig(t *testing.T) {
k8sDNSPolicy := v1.DNSClusterFirst
monitoringDNSConfig := monitoringv1.PodDNSConfig{
Nameservers: []string{"8.8.8.8"},
Searches: []string{"custom.search"},
Options: []monitoringv1.PodDNSConfigOption{
{
Name: "ndots",
Value: ptr.To("5"),
},
},
}
k8sDNSConfig := k8sutil.ConvertToK8sDNSConfig(&monitoringDNSConfig)
monitoringDNSPolicyPtr := ptr.To(monitoringv1.DNSPolicy(k8sDNSPolicy))
sset, err := makeStatefulSet(&monitoringv1.ThanosRuler{
ObjectMeta: metav1.ObjectMeta{},
Spec: monitoringv1.ThanosRulerSpec{
QueryEndpoints: emptyQueryEndpoints,
DNSPolicy: monitoringDNSPolicyPtr,
DNSConfig: &monitoringDNSConfig,
},
}, defaultTestConfig, nil, "", &operator.ShardedSecret{})
require.NoError(t, err)
require.Equal(t, k8sDNSPolicy, sset.Spec.Template.Spec.DNSPolicy, "expected DNS policy to match")
require.Equal(t, k8sDNSConfig, sset.Spec.Template.Spec.DNSConfig, "expected DNS configuration to match")
}

74
test/e2e/alertmanager_test.go
View file

@ -2395,6 +2395,80 @@ func testAlertmanagerCRDValidation(t *testing.T) {
},
expectedError: true,
},
{
name: "valid-dns-policy-and-config",
alertmanagerSpec: monitoringv1.AlertmanagerSpec{
Replicas: &replicas,
DNSPolicy: ptr.To(monitoringv1.DNSPolicy("ClusterFirst")),
DNSConfig: &monitoringv1.PodDNSConfig{
Nameservers: []string{"8.8.8.8"},
Options: []monitoringv1.PodDNSConfigOption{
{
Name: "ndots",
Value: ptr.To("5"),
},
},
},
},
expectedError: false,
},
{
name: "invalid-dns-policy",
alertmanagerSpec: monitoringv1.AlertmanagerSpec{
Replicas: &replicas,
DNSPolicy: ptr.To(monitoringv1.DNSPolicy("InvalidPolicy")),
},
expectedError: true,
},
{
name: "valid-dns-config",
alertmanagerSpec: monitoringv1.AlertmanagerSpec{
Replicas: &replicas,
DNSPolicy: ptr.To(monitoringv1.DNSPolicy("ClusterFirst")),
DNSConfig: &monitoringv1.PodDNSConfig{
Nameservers: []string{"8.8.4.4"},
Searches: []string{"svc.cluster.local"},
Options: []monitoringv1.PodDNSConfigOption{
{
Name: "ndots",
Value: ptr.To("5"),
},
{
Name: "timeout",
Value: ptr.To("2"),
},
},
},
},
expectedError: false,
},
{
name: "invalid-dns-config-nameservers",
alertmanagerSpec: monitoringv1.AlertmanagerSpec{
Replicas: &replicas,
DNSPolicy: ptr.To(monitoringv1.DNSPolicy("ClusterFirst")),
DNSConfig: &monitoringv1.PodDNSConfig{
Nameservers: []string{""}, // Empty string violates MinLength constraint
},
},
expectedError: true,
},
{
name: "invalid-dns-config-options",
alertmanagerSpec: monitoringv1.AlertmanagerSpec{
Replicas: &replicas,
DNSPolicy: ptr.To(monitoringv1.DNSPolicy("ClusterFirst")),
DNSConfig: &monitoringv1.PodDNSConfig{
Options: []monitoringv1.PodDNSConfigOption{
{
Name: "", // Empty string violates MinLength constraint
Value: ptr.To("some-value"),
},
},
},
},
expectedError: true,
},
}
for _, test := range tests {

43
test/e2e/prometheus_test.go
View file

@ -4643,6 +4643,49 @@ func testPrometheusCRDValidation(t *testing.T) {
},
expectedError: true,
},
{
name: "valid-dns-policy-and-config",
prometheusSpec: monitoringv1.PrometheusSpec{
CommonPrometheusFields: monitoringv1.CommonPrometheusFields{
Replicas: &replicas,
Version: operator.DefaultPrometheusVersion,
ServiceAccountName: "prometheus",
Resources: v1.ResourceRequirements{
Requests: v1.ResourceList{
v1.ResourceMemory: resource.MustParse("400Mi"),
},
},
DNSPolicy: ptr.To(monitoringv1.DNSPolicy("ClusterFirst")),
DNSConfig: &monitoringv1.PodDNSConfig{
Nameservers: []string{"8.8.8.8"},
Options: []monitoringv1.PodDNSConfigOption{
{
Name: "ndots",
Value: ptr.To("5"),
},
},
},
},
},
expectedError: false,
},
{
name: "invalid-dns-policy",
prometheusSpec: monitoringv1.PrometheusSpec{
CommonPrometheusFields: monitoringv1.CommonPrometheusFields{
Replicas: &replicas,
Version: operator.DefaultPrometheusVersion,
ServiceAccountName: "prometheus",
Resources: v1.ResourceRequirements{
Requests: v1.ResourceList{
v1.ResourceMemory: resource.MustParse("400Mi"),
},
},
DNSPolicy: ptr.To(monitoringv1.DNSPolicy("InvalidPolicy")),
},
},
expectedError: true,
},
//
// Alertmanagers-Endpoints tests
{