prometheus-operator/Documentation/api.md at cc47b1e160f16b336c97aac8e23bc938d1ff29f8

mirror of https://github.com/prometheus-operator/prometheus-operator.git synced 2025-04-16 01:06:27 +00:00

Arthur Silva Sens cc47b1e160

* Introduce PrometheusAgent CRD

Operator is able to run with PrometheusAgent resources in the cluster, but doesn't do anything with them yet. This is the first step to implement the Prometheus Agent Operator.

Signed-off-by: Arthur Silva Sens <arthursens2005@gmail.com>

* Re-enable configmap and secret informers

Signed-off-by: Arthur Silva Sens <arthursens2005@gmail.com>
(cherry picked from commit 1a71db03db6b41cd0cee9d0193b6ea3884bb5bae)

* Implement Resolve for Agent operator

Signed-off-by: Arthur Silva Sens <arthursens2005@gmail.com>
(cherry picked from commit 49558165b9178b6c1bda833a48f7bfe1468c942a)

* Operator is able to create Agent Statefulset

Signed-off-by: Arthur Silva Sens <arthursens2005@gmail.com>
(cherry picked from commit 7a3826683c92f917312c866a2bb6401dc54b95f2)

* Agent Operator creates secret from ServiceMonitors

Signed-off-by: Arthur Silva Sens <arthursens2005@gmail.com>
(cherry picked from commit 11232669befb4de9d0765dfadfe5fae00b575f11)

* Agent Operator creates secret from PodMonitors

Signed-off-by: Arthur Silva Sens <arthursens2005@gmail.com>
(cherry picked from commit 5ae551734bac2babc056c86443d15729d43d12b0)

* Agent Operator creates secret from Probes

Signed-off-by: Arthur Silva Sens <arthursens2005@gmail.com>
(cherry picked from commit 9637612fbbe9617335fd6188271ebf2cc74a3693)

* Agent Operator configures remote-write

Signed-off-by: Arthur Silva Sens <arthursens2005@gmail.com>
(cherry picked from commit c4bdf230d527e19f8b77ca5f938b9254ed344f7d)

* Agent Operator configures additionalScrapeConfigs

Signed-off-by: Arthur Silva Sens <arthursens2005@gmail.com>
(cherry picked from commit d9f28db764641e682bf4fe8963310f791979c387)

* Implement UpdateStatus

Signed-off-by: Arthur Silva Sens <arthursens2005@gmail.com>
(cherry picked from commit c546ecaf3e8b73916df44a8f48b279c6988e32f5)

* Add resource handlers

Signed-off-by: Arthur Silva Sens <arthursens2005@gmail.com>
(cherry picked from commit 5b83359445e20f88ea5fff80302fce62d58058b9)

* make format

Signed-off-by: Arthur Silva Sens <arthursens2005@gmail.com>
(cherry picked from commit 6507964ba28f4ebf32ce3203db752444e288c45d)

* Only start agent operator if there is enough permission

Signed-off-by: Arthur Silva Sens <arthursens2005@gmail.com>

* Remove node endpoint syncronization from agent operator

The server operator already handles it

Signed-off-by: ArthurSens <arthursens2005@gmail.com>

* Move PrometheusAgent API from v1 to v1alpha1

Signed-off-by: ArthurSens <arthursens2005@gmail.com>

* pkg/prometheus/agent/statefulset.go: Fix image concatenation

Signed-off-by: ArthurSens <arthursens2005@gmail.com>

* Avoid name colisions between Prometheus Agents and Servers

Signed-off-by: ArthurSens <arthursens2005@gmail.com>

* agent/createOrUpdateConfigurationSecret: Do not handle case where servicemonitor and podmonitor selectors are empty

Signed-off-by: ArthurSens <arthursens2005@gmail.com>

* make format

Signed-off-by: ArthurSens <arthursens2005@gmail.com>

* make --always-make format generate

Signed-off-by: ArthurSens <arthursens2005@gmail.com>

* Remove unused fields from Operator struct

Signed-off-by: Arthur Silva Sens <arthursens2005@gmail.com>

* Add deployment mode as new selector label for agent/server ssts

Signed-off-by: Arthur Silva Sens <arthursens2005@gmail.com>

* WIP: Fix OperatorUpgrade e2e test

Signed-off-by: Arthur Silva Sens <arthursens2005@gmail.com>

* Panic if type casting PrometheusInterface doesn't return Prometheus/Agent

Signed-off-by: Arthur Silva Sens <arthursens2005@gmail.com>

* Detect whether PrometheusAgent CRD is installed or not

If the operator's service account has all permissions on the cluster and
the CRD isn't installed then the PrometheusAgent controller will run
but fail because of the absence of the CRD.

Signed-off-by: Simon Pasquier <spasquie@redhat.com>

* Create dedicated governing service for Prometheus agent

Signed-off-by: Simon Pasquier <spasquie@redhat.com>

---------

Signed-off-by: Arthur Silva Sens <arthursens2005@gmail.com>
Signed-off-by: ArthurSens <arthursens2005@gmail.com>
Signed-off-by: Simon Pasquier <spasquie@redhat.com>
Co-authored-by: Simon Pasquier <spasquie@redhat.com>

2023-03-27 12:30:01 +02:00

455 KiB

Raw Blame History

title

description

draft

images

weight

toc

API reference

Prometheus operator generated API reference docs

false

operator

211

true

This page is automatically generated with gen-crd-api-reference-docs.

Packages:

monitoring.coreos.com/v1
monitoring.coreos.com/v1alpha1
monitoring.coreos.com/v1beta1

monitoring.coreos.com/v1

Resource Types:

Alertmanager
PodMonitor
Probe
Prometheus
PrometheusRule
ServiceMonitor
ThanosRuler

Alertmanager

Alertmanager describes an Alertmanager cluster.

Field Description

apiVersion
string monitoring.coreos.com/v1

kind
string Alertmanager

metadata
Kubernetes meta/v1.ObjectMeta Refer to the Kubernetes API documentation for the fields of the metadata field.

spec
AlertmanagerSpec

Specification of the desired behavior of the Alertmanager cluster. More info: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#spec-and-status

`podMetadata` EmbeddedObjectMetadata	PodMetadata configures Labels and Annotations which are propagated to the alertmanager pods.
`image` string	Image if specified has precedence over baseImage, tag and sha combinations. Specifying the version is still necessary to ensure the Prometheus Operator knows what version of Alertmanager is being configured.
`imagePullPolicy` Kubernetes core/v1.PullPolicy	Image pull policy for the ‘alertmanager’, ‘init-config-reloader’ and ‘config-reloader’ containers. See https://kubernetes.io/docs/concepts/containers/images/#image-pull-policy for more details.
`version` string	Version the cluster should be on.
`tag` string	Tag of Alertmanager container image to be deployed. Defaults to the value of `version`. Version is ignored if Tag is set. Deprecated: use ‘image’ instead. The image tag can be specified as part of the image URL.
`sha` string	SHA of Alertmanager container image to be deployed. Defaults to the value of `version`. Similar to a tag, but the SHA explicitly deploys an immutable container image. Version and Tag are ignored if SHA is set. Deprecated: use ‘image’ instead. The image digest can be specified as part of the image URL.
`baseImage` string	Base image that is used to deploy pods, without tag. Deprecated: use ‘image’ instead
`imagePullSecrets` []Kubernetes core/v1.LocalObjectReference	An optional list of references to secrets in the same namespace to use for pulling prometheus and alertmanager images from registries see http://kubernetes.io/docs/user-guide/images#specifying-imagepullsecrets-on-a-pod
`secrets` []string	Secrets is a list of Secrets in the same namespace as the Alertmanager object, which shall be mounted into the Alertmanager Pods. Each Secret is added to the StatefulSet definition as a volume named `secret-<secret-name>`. The Secrets are mounted into `/etc/alertmanager/secrets/<secret-name>` in the ‘alertmanager’ container.
`configMaps` []string	ConfigMaps is a list of ConfigMaps in the same namespace as the Alertmanager object, which shall be mounted into the Alertmanager Pods. Each ConfigMap is added to the StatefulSet definition as a volume named `configmap-<configmap-name>`. The ConfigMaps are mounted into `/etc/alertmanager/configmaps/<configmap-name>` in the ‘alertmanager’ container.
`configSecret` string	ConfigSecret is the name of a Kubernetes Secret in the same namespace as the Alertmanager object, which contains the configuration for this Alertmanager instance. If empty, it defaults to `alertmanager-<alertmanager-name>`. The Alertmanager configuration should be available under the `alertmanager.yaml` key. Additional keys from the original secret are copied to the generated secret and mounted into the `/etc/alertmanager/config` directory in the `alertmanager` container. If either the secret or the `alertmanager.yaml` key is missing, the operator provisions a minimal Alertmanager configuration with one empty receiver (effectively dropping alert notifications).
`logLevel` string	Log level for Alertmanager to be configured with.
`logFormat` string	Log format for Alertmanager to be configured with.
`replicas` int32	Size is the expected size of the alertmanager cluster. The controller will eventually make the size of the running cluster equal to the expected size.
`retention` GoDuration	Time duration Alertmanager shall retain data for. Default is ‘120h’, and must match the regular expression `[0-9]+(ms\|s\|m\|h)` (milliseconds seconds minutes hours).
`storage` StorageSpec	Storage is the definition of how storage will be used by the Alertmanager instances.
`volumes` []Kubernetes core/v1.Volume	Volumes allows configuration of additional volumes on the output StatefulSet definition. Volumes specified will be appended to other volumes that are generated as a result of StorageSpec objects.
`volumeMounts` []Kubernetes core/v1.VolumeMount	VolumeMounts allows configuration of additional VolumeMounts on the output StatefulSet definition. VolumeMounts specified will be appended to other VolumeMounts in the alertmanager container, that are generated as a result of StorageSpec objects.
`externalUrl` string	The external URL the Alertmanager instances will be available under. This is necessary to generate correct URLs. This is necessary if Alertmanager is not served from root of a DNS name.
`routePrefix` string	The route prefix Alertmanager registers HTTP handlers for. This is useful, if using ExternalURL and a proxy is rewriting HTTP routes of a request, and the actual ExternalURL is still true, but the server serves requests under a different route prefix. For example for use with `kubectl proxy`.
`paused` bool	If set to true all actions on the underlying managed objects are not goint to be performed, except for delete actions.
`nodeSelector` map[string]string	Define which Nodes the Pods are scheduled on.
`resources` Kubernetes core/v1.ResourceRequirements	Define resources requests and limits for single Pods.
`affinity` Kubernetes core/v1.Affinity	If specified, the pod’s scheduling constraints.
`tolerations` []Kubernetes core/v1.Toleration	If specified, the pod’s tolerations.
`topologySpreadConstraints` []Kubernetes core/v1.TopologySpreadConstraint	If specified, the pod’s topology spread constraints.
`securityContext` Kubernetes core/v1.PodSecurityContext	SecurityContext holds pod-level security attributes and common container settings. This defaults to the default PodSecurityContext.
`serviceAccountName` string	ServiceAccountName is the name of the ServiceAccount to use to run the Prometheus Pods.
`listenLocal` bool	ListenLocal makes the Alertmanager server listen on loopback, so that it does not bind against the Pod IP. Note this is only for the Alertmanager UI, not the gossip communication.
`containers` []Kubernetes core/v1.Container	Containers allows injecting additional containers. This is meant to allow adding an authentication proxy to an Alertmanager pod. Containers described here modify an operator generated container if they share the same name and modifications are done via a strategic merge patch. The current container names are: `alertmanager` and `config-reloader`. Overriding containers is entirely outside the scope of what the maintainers will support and by doing so, you accept that this behaviour may break at any time without notice.
`initContainers` []Kubernetes core/v1.Container	InitContainers allows adding initContainers to the pod definition. Those can be used to e.g. fetch secrets for injection into the Alertmanager configuration from external sources. Any errors during the execution of an initContainer will lead to a restart of the Pod. More info: https://kubernetes.io/docs/concepts/workloads/pods/init-containers/ InitContainers described here modify an operator generated init containers if they share the same name and modifications are done via a strategic merge patch. The current init container name is: `init-config-reloader`. Overriding init containers is entirely outside the scope of what the maintainers will support and by doing so, you accept that this behaviour may break at any time without notice.
`priorityClassName` string	Priority class assigned to the Pods
`additionalPeers` []string	AdditionalPeers allows injecting a set of additional Alertmanagers to peer with to form a highly available cluster.
`clusterAdvertiseAddress` string	ClusterAdvertiseAddress is the explicit address to advertise in cluster. Needs to be provided for non RFC1918 1 addresses. [1] RFC1918: https://tools.ietf.org/html/rfc1918
`clusterGossipInterval` GoDuration	Interval between gossip attempts.
`clusterPushpullInterval` GoDuration	Interval between pushpull attempts.
`clusterPeerTimeout` GoDuration	Timeout for cluster peering.
`portName` string	Port name used for the pods and governing service. Defaults to `web`.
`forceEnableClusterMode` bool	ForceEnableClusterMode ensures Alertmanager does not deactivate the cluster mode when running with a single replica. Use case is e.g. spanning an Alertmanager cluster across Kubernetes clusters with a single replica in each.
`alertmanagerConfigSelector` Kubernetes meta/v1.LabelSelector	AlertmanagerConfigs to be selected for to merge and configure Alertmanager with.
`alertmanagerConfigMatcherStrategy` AlertmanagerConfigMatcherStrategy	The AlertmanagerConfigMatcherStrategy defines how AlertmanagerConfig objects match the alerts. In the future more options may be added.
`alertmanagerConfigNamespaceSelector` Kubernetes meta/v1.LabelSelector	Namespaces to be selected for AlertmanagerConfig discovery. If nil, only check own namespace.
`minReadySeconds` uint32	(Optional) Minimum number of seconds for which a newly created pod should be ready without any of its container crashing for it to be considered available. Defaults to 0 (pod will be considered available as soon as it is ready) This is an alpha field from kubernetes 1.22 until 1.24 which requires enabling the StatefulSetMinReadySeconds feature gate.
`hostAliases` []HostAlias	Pods’ hostAliases configuration
`web` AlertmanagerWebSpec	Defines the web command line flags when starting Alertmanager.
`alertmanagerConfiguration` AlertmanagerConfiguration	EXPERIMENTAL: alertmanagerConfiguration specifies the configuration of Alertmanager. If defined, it takes precedence over the `configSecret` field. This field may change in future releases.

status
AlertmanagerStatus

Most recent observed status of the Alertmanager cluster. Read-only. More info: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#spec-and-status

PodMonitor

PodMonitor defines monitoring for a set of pods.

Field Description

apiVersion
string monitoring.coreos.com/v1

kind
string PodMonitor

metadata
Kubernetes meta/v1.ObjectMeta Refer to the Kubernetes API documentation for the fields of the metadata field.

spec
PodMonitorSpec

Specification of desired Pod selection for target discovery by Prometheus.

`jobLabel` string	The label to use to retrieve the job name from.
`podTargetLabels` []string	PodTargetLabels transfers labels on the Kubernetes Pod onto the target.
`podMetricsEndpoints` []PodMetricsEndpoint	A list of endpoints allowed as part of this PodMonitor.
`selector` Kubernetes meta/v1.LabelSelector	Selector to select Pod objects.
`namespaceSelector` NamespaceSelector	Selector to select which namespaces the Endpoints objects are discovered from.
`sampleLimit` uint64	SampleLimit defines per-scrape limit on number of scraped samples that will be accepted.
`targetLimit` uint64	TargetLimit defines a limit on the number of scraped targets that will be accepted.
`labelLimit` uint64	Per-scrape limit on number of labels that will be accepted for a sample. Only valid in Prometheus versions 2.27.0 and newer.
`labelNameLengthLimit` uint64	Per-scrape limit on length of labels name that will be accepted for a sample. Only valid in Prometheus versions 2.27.0 and newer.
`labelValueLengthLimit` uint64	Per-scrape limit on length of labels value that will be accepted for a sample. Only valid in Prometheus versions 2.27.0 and newer.
`attachMetadata` AttachMetadata	Attaches node metadata to discovered targets. Requires Prometheus v2.35.0 and above.

Probe

Probe defines monitoring for a set of static targets or ingresses.

Field Description

apiVersion
string monitoring.coreos.com/v1

kind
string Probe

metadata
Kubernetes meta/v1.ObjectMeta Refer to the Kubernetes API documentation for the fields of the metadata field.

spec
ProbeSpec

Specification of desired Ingress selection for target discovery by Prometheus.

`jobName` string	The job name assigned to scraped metrics by default.
`prober` ProberSpec	Specification for the prober to use for probing targets. The prober.URL parameter is required. Targets cannot be probed if left empty.
`module` string	The module to use for probing specifying how to probe the target. Example module configuring in the blackbox exporter: https://github.com/prometheus/blackbox_exporter/blob/master/example.yml
`targets` ProbeTargets	Targets defines a set of static or dynamically discovered targets to probe.
`interval` Duration	Interval at which targets are probed using the configured prober. If not specified Prometheus’ global scrape interval is used.
`scrapeTimeout` Duration	Timeout for scraping metrics from the Prometheus exporter. If not specified, the Prometheus global scrape interval is used.
`tlsConfig` ProbeTLSConfig	TLS configuration to use when scraping the endpoint.
`bearerTokenSecret` Kubernetes core/v1.SecretKeySelector	Secret to mount to read bearer token for scraping targets. The secret needs to be in the same namespace as the probe and accessible by the Prometheus Operator.
`basicAuth` BasicAuth	BasicAuth allow an endpoint to authenticate over basic authentication. More info: https://prometheus.io/docs/operating/configuration/#endpoint
`oauth2` OAuth2	OAuth2 for the URL. Only valid in Prometheus versions 2.27.0 and newer.
`metricRelabelings` []RelabelConfig	MetricRelabelConfigs to apply to samples before ingestion.
`authorization` SafeAuthorization	Authorization section for this endpoint
`sampleLimit` uint64	SampleLimit defines per-scrape limit on number of scraped samples that will be accepted.
`targetLimit` uint64	TargetLimit defines a limit on the number of scraped targets that will be accepted.
`labelLimit` uint64	Per-scrape limit on number of labels that will be accepted for a sample. Only valid in Prometheus versions 2.27.0 and newer.
`labelNameLengthLimit` uint64	Per-scrape limit on length of labels name that will be accepted for a sample. Only valid in Prometheus versions 2.27.0 and newer.
`labelValueLengthLimit` uint64	Per-scrape limit on length of labels value that will be accepted for a sample. Only valid in Prometheus versions 2.27.0 and newer.

Prometheus

Prometheus defines a Prometheus deployment.

Field Description

apiVersion
string monitoring.coreos.com/v1

kind
string Prometheus

metadata
Kubernetes meta/v1.ObjectMeta Refer to the Kubernetes API documentation for the fields of the metadata field.

spec
PrometheusSpec

Specification of the desired behavior of the Prometheus cluster. More info: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#spec-and-status

`podMetadata` EmbeddedObjectMetadata	PodMetadata configures Labels and Annotations which are propagated to the prometheus pods.
`serviceMonitorSelector` Kubernetes meta/v1.LabelSelector	ServiceMonitors to be selected for target discovery. If `spec.serviceMonitorSelector`, `spec.podMonitorSelector` and `spec.probeSelector` are null, the Prometheus configuration is unmanaged. The Prometheus operator will ensure that the Prometheus configuration’s Secret exists, but it is the responsibility of the user to provide the raw gzipped Prometheus configuration under the `prometheus.yaml.gz` key. This behavior is deprecated and will be removed in the next major version of the custom resource definition. It is recommended to use `spec.additionalScrapeConfigs` instead.
`serviceMonitorNamespaceSelector` Kubernetes meta/v1.LabelSelector	Namespace’s labels to match for ServiceMonitor discovery. If nil, only check own namespace.
`podMonitorSelector` Kubernetes meta/v1.LabelSelector	Experimental PodMonitors to be selected for target discovery. If `spec.serviceMonitorSelector`, `spec.podMonitorSelector` and `spec.probeSelector` are null, the Prometheus configuration is unmanaged. The Prometheus operator will ensure that the Prometheus configuration’s Secret exists, but it is the responsibility of the user to provide the raw gzipped Prometheus configuration under the `prometheus.yaml.gz` key. This behavior is deprecated and will be removed in the next major version of the custom resource definition. It is recommended to use `spec.additionalScrapeConfigs` instead.
`podMonitorNamespaceSelector` Kubernetes meta/v1.LabelSelector	Namespace’s labels to match for PodMonitor discovery. If nil, only check own namespace.
`probeSelector` Kubernetes meta/v1.LabelSelector	Experimental Probes to be selected for target discovery. If `spec.serviceMonitorSelector`, `spec.podMonitorSelector` and `spec.probeSelector` are null, the Prometheus configuration is unmanaged. The Prometheus operator will ensure that the Prometheus configuration’s Secret exists, but it is the responsibility of the user to provide the raw gzipped Prometheus configuration under the `prometheus.yaml.gz` key. This behavior is deprecated and will be removed in the next major version of the custom resource definition. It is recommended to use `spec.additionalScrapeConfigs` instead.
`probeNamespaceSelector` Kubernetes meta/v1.LabelSelector	Experimental Namespaces to be selected for Probe discovery. If nil, only check own namespace.
`version` string	Version of Prometheus to be deployed.
`paused` bool	When a Prometheus deployment is paused, no actions except for deletion will be performed on the underlying objects.
`image` string	Image if specified has precedence over baseImage, tag and sha combinations. Specifying the version is still necessary to ensure the Prometheus Operator knows what version of Prometheus is being configured.
`imagePullPolicy` Kubernetes core/v1.PullPolicy	Image pull policy for the ‘prometheus’, ‘init-config-reloader’ and ‘config-reloader’ containers. See https://kubernetes.io/docs/concepts/containers/images/#image-pull-policy for more details.
`imagePullSecrets` []Kubernetes core/v1.LocalObjectReference	An optional list of references to secrets in the same namespace to use for pulling prometheus and alertmanager images from registries see http://kubernetes.io/docs/user-guide/images#specifying-imagepullsecrets-on-a-pod
`replicas` int32	Number of replicas of each shard to deploy for a Prometheus deployment. Number of replicas multiplied by shards is the total number of Pods created.
`shards` int32	EXPERIMENTAL: Number of shards to distribute targets onto. Number of replicas multiplied by shards is the total number of Pods created. Note that scaling down shards will not reshard data onto remaining instances, it must be manually moved. Increasing shards will not reshard data either but it will continue to be available from the same instances. To query globally use Thanos sidecar and Thanos querier or remote write data to a central location. Sharding is done on the content of the `__address__` target meta-label.
`replicaExternalLabelName` string	Name of Prometheus external label used to denote replica name. Defaults to the value of `prometheus_replica`. External label will not be added when value is set to empty string (`""`).
`prometheusExternalLabelName` string	Name of Prometheus external label used to denote Prometheus instance name. Defaults to the value of `prometheus`. External label will not be added when value is set to empty string (`""`).
`logLevel` string	Log level for Prometheus to be configured with.
`logFormat` string	Log format for Prometheus to be configured with.
`scrapeInterval` Duration	Interval between consecutive scrapes. Default: `30s`
`scrapeTimeout` Duration	Number of seconds to wait for target to respond before erroring.
`externalLabels` map[string]string	The labels to add to any time series or alerts when communicating with external systems (federation, remote storage, Alertmanager).
`enableRemoteWriteReceiver` bool	Enable Prometheus to be used as a receiver for the Prometheus remote write protocol. Defaults to the value of `false`. WARNING: This is not considered an efficient way of ingesting samples. Use it with caution for specific low-volume use cases. It is not suitable for replacing the ingestion via scraping and turning Prometheus into a push-based metrics collection system. For more information see https://prometheus.io/docs/prometheus/latest/querying/api/#remote-write-receiver Only valid in Prometheus versions 2.33.0 and newer.
`enableFeatures` []string	Enable access to Prometheus disabled features. By default, no features are enabled. Enabling disabled features is entirely outside the scope of what the maintainers will support and by doing so, you accept that this behaviour may break at any time without notice. For more information see https://prometheus.io/docs/prometheus/latest/disabled_features/
`externalUrl` string	The external URL the Prometheus instances will be available under. This is necessary to generate correct URLs. This is necessary if Prometheus is not served from root of a DNS name.
`routePrefix` string	The route prefix Prometheus registers HTTP handlers for. This is useful, if using ExternalURL and a proxy is rewriting HTTP routes of a request, and the actual ExternalURL is still true, but the server serves requests under a different route prefix. For example for use with `kubectl proxy`.
`storage` StorageSpec	Storage spec to specify how storage shall be used.
`volumes` []Kubernetes core/v1.Volume	Volumes allows configuration of additional volumes on the output StatefulSet definition. Volumes specified will be appended to other volumes that are generated as a result of StorageSpec objects.
`volumeMounts` []Kubernetes core/v1.VolumeMount	VolumeMounts allows configuration of additional VolumeMounts on the output StatefulSet definition. VolumeMounts specified will be appended to other VolumeMounts in the prometheus container, that are generated as a result of StorageSpec objects.
`web` PrometheusWebSpec	Defines the web command line flags when starting Prometheus.
`resources` Kubernetes core/v1.ResourceRequirements	Define resources requests and limits for single Pods.
`nodeSelector` map[string]string	Define which Nodes the Pods are scheduled on.
`serviceAccountName` string	ServiceAccountName is the name of the ServiceAccount to use to run the Prometheus Pods.
`secrets` []string	Secrets is a list of Secrets in the same namespace as the Prometheus object, which shall be mounted into the Prometheus Pods. Each Secret is added to the StatefulSet definition as a volume named `secret-<secret-name>`. The Secrets are mounted into /etc/prometheus/secrets/ in the ‘prometheus’ container.
`configMaps` []string	ConfigMaps is a list of ConfigMaps in the same namespace as the Prometheus object, which shall be mounted into the Prometheus Pods. Each ConfigMap is added to the StatefulSet definition as a volume named `configmap-<configmap-name>`. The ConfigMaps are mounted into /etc/prometheus/configmaps/ in the ‘prometheus’ container.
`affinity` Kubernetes core/v1.Affinity	If specified, the pod’s scheduling constraints.
`tolerations` []Kubernetes core/v1.Toleration	If specified, the pod’s tolerations.
`topologySpreadConstraints` []Kubernetes core/v1.TopologySpreadConstraint	If specified, the pod’s topology spread constraints.
`remoteWrite` []RemoteWriteSpec	remoteWrite is the list of remote write configurations.
`securityContext` Kubernetes core/v1.PodSecurityContext	SecurityContext holds pod-level security attributes and common container settings. This defaults to the default PodSecurityContext.
`listenLocal` bool	ListenLocal makes the Prometheus server listen on loopback, so that it does not bind against the Pod IP.
`containers` []Kubernetes core/v1.Container	Containers allows injecting additional containers or modifying operator generated containers. This can be used to allow adding an authentication proxy to a Prometheus pod or to change the behavior of an operator generated container. Containers described here modify an operator generated container if they share the same name and modifications are done via a strategic merge patch. The current container names are: `prometheus`, `config-reloader`, and `thanos-sidecar`. Overriding containers is entirely outside the scope of what the maintainers will support and by doing so, you accept that this behaviour may break at any time without notice.
`initContainers` []Kubernetes core/v1.Container	InitContainers allows adding initContainers to the pod definition. Those can be used to e.g. fetch secrets for injection into the Prometheus configuration from external sources. Any errors during the execution of an initContainer will lead to a restart of the Pod. More info: https://kubernetes.io/docs/concepts/workloads/pods/init-containers/ InitContainers described here modify an operator generated init containers if they share the same name and modifications are done via a strategic merge patch. The current init container name is: `init-config-reloader`. Overriding init containers is entirely outside the scope of what the maintainers will support and by doing so, you accept that this behaviour may break at any time without notice.
`additionalScrapeConfigs` Kubernetes core/v1.SecretKeySelector	AdditionalScrapeConfigs allows specifying a key of a Secret containing additional Prometheus scrape configurations. Scrape configurations specified are appended to the configurations generated by the Prometheus Operator. Job configurations specified must have the form as specified in the official Prometheus documentation: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#scrape_config. As scrape configs are appended, the user is responsible to make sure it is valid. Note that using this feature may expose the possibility to break upgrades of Prometheus. It is advised to review Prometheus release notes to ensure that no incompatible scrape configs are going to break Prometheus after the upgrade.
`apiserverConfig` APIServerConfig	APIServerConfig allows specifying a host and auth methods to access apiserver. If left empty, Prometheus is assumed to run inside of the cluster and will discover API servers automatically and use the pod’s CA certificate and bearer token file at /var/run/secrets/kubernetes.io/serviceaccount/.
`priorityClassName` string	Priority class assigned to the Pods
`portName` string	Port name used for the pods and governing service. Defaults to `web`.
`arbitraryFSAccessThroughSMs` ArbitraryFSAccessThroughSMsConfig	ArbitraryFSAccessThroughSMs configures whether configuration based on a service monitor can access arbitrary files on the file system of the Prometheus container e.g. bearer token files.
`overrideHonorLabels` bool	When true, Prometheus resolves label conflicts by renaming the labels in the scraped data to “exported_” for all targets created from service and pod monitors. Otherwise the HonorLabels field of the service or pod monitor applies.
`overrideHonorTimestamps` bool	When true, Prometheus ignores the timestamps for all the targets created from service and pod monitors. Otherwise the HonorTimestamps field of the service or pod monitor applies.
`ignoreNamespaceSelectors` bool	IgnoreNamespaceSelectors if set to true will ignore NamespaceSelector settings from all PodMonitor, ServiceMonitor and Probe objects. They will only discover endpoints within the namespace of the PodMonitor, ServiceMonitor and Probe objects. Defaults to false.
`enforcedNamespaceLabel` string	EnforcedNamespaceLabel If set, a label will be added to all user-metrics (created by `ServiceMonitor`, `PodMonitor` and `Probe` objects) and in all `PrometheusRule` objects (except the ones excluded in `prometheusRulesExcludedFromEnforce`) to alerting & recording rules and the metrics used in their expressions (`expr`). Label name is this field’s value. Label value is the namespace of the created object (mentioned above).
`enforcedSampleLimit` uint64	EnforcedSampleLimit defines global limit on number of scraped samples that will be accepted. This overrides any SampleLimit set per ServiceMonitor or/and PodMonitor. It is meant to be used by admins to enforce the SampleLimit to keep overall number of samples/series under the desired limit. Note that if SampleLimit is lower that value will be taken instead.
`enforcedTargetLimit` uint64	EnforcedTargetLimit defines a global limit on the number of scraped targets. This overrides any TargetLimit set per ServiceMonitor or/and PodMonitor. It is meant to be used by admins to enforce the TargetLimit to keep the overall number of targets under the desired limit. Note that if TargetLimit is lower, that value will be taken instead, except if either value is zero, in which case the non-zero value will be used. If both values are zero, no limit is enforced.
`enforcedLabelLimit` uint64	Per-scrape limit on number of labels that will be accepted for a sample. If more than this number of labels are present post metric-relabeling, the entire scrape will be treated as failed. 0 means no limit. Only valid in Prometheus versions 2.27.0 and newer.
`enforcedLabelNameLengthLimit` uint64	Per-scrape limit on length of labels name that will be accepted for a sample. If a label name is longer than this number post metric-relabeling, the entire scrape will be treated as failed. 0 means no limit. Only valid in Prometheus versions 2.27.0 and newer.
`enforcedLabelValueLengthLimit` uint64	Per-scrape limit on length of labels value that will be accepted for a sample. If a label value is longer than this number post metric-relabeling, the entire scrape will be treated as failed. 0 means no limit. Only valid in Prometheus versions 2.27.0 and newer.
`enforcedBodySizeLimit` ByteSize	EnforcedBodySizeLimit defines the maximum size of uncompressed response body that will be accepted by Prometheus. Targets responding with a body larger than this many bytes will cause the scrape to fail. Example: 100MB. If defined, the limit will apply to all service/pod monitors and probes. This is an experimental feature, this behaviour could change or be removed in the future. Only valid in Prometheus versions 2.28.0 and newer.
`minReadySeconds` uint32	(Optional) Minimum number of seconds for which a newly created pod should be ready without any of its container crashing for it to be considered available. Defaults to 0 (pod will be considered available as soon as it is ready) This is an alpha field from kubernetes 1.22 until 1.24 which requires enabling the StatefulSetMinReadySeconds feature gate.
`hostAliases` []HostAlias	Pods’ hostAliases configuration
`additionalArgs` []Argument	AdditionalArgs allows setting additional arguments for the Prometheus container. It is intended for e.g. activating hidden flags which are not supported by the dedicated configuration options yet. The arguments are passed as-is to the Prometheus container which may cause issues if they are invalid or not supported by the given Prometheus version. In case of an argument conflict (e.g. an argument which is already set by the operator itself) or when providing an invalid argument the reconciliation will fail and an error will be logged.
`walCompression` bool	Enable compression of the write-ahead log using Snappy. This flag is only available in versions of Prometheus >= 2.11.0.
`excludedFromEnforcement` []ObjectReference	List of references to PodMonitor, ServiceMonitor, Probe and PrometheusRule objects to be excluded from enforcing a namespace label of origin. Applies only if enforcedNamespaceLabel set to true.
`hostNetwork` bool	Use the host’s network namespace if true. Make sure to understand the security implications if you want to enable it. When hostNetwork is enabled, this will set dnsPolicy to ClusterFirstWithHostNet automatically.
`podTargetLabels` []string	PodTargetLabels are added to all Pod/ServiceMonitors’ podTargetLabels
`baseImage` string	Base image to use for a Prometheus deployment. Deprecated: use ‘image’ instead
`tag` string	Tag of Prometheus container image to be deployed. Defaults to the value of `version`. Version is ignored if Tag is set. Deprecated: use ‘image’ instead. The image tag can be specified as part of the image URL.
`sha` string	SHA of Prometheus container image to be deployed. Defaults to the value of `version`. Similar to a tag, but the SHA explicitly deploys an immutable container image. Version and Tag are ignored if SHA is set. Deprecated: use ‘image’ instead. The image digest can be specified as part of the image URL.
`retention` Duration	Time duration Prometheus shall retain data for. Default is ‘24h’ if retentionSize is not set, and must match the regular expression `[0-9]+(ms\|s\|m\|h\|d\|w\|y)` (milliseconds seconds minutes hours days weeks years).
`retentionSize` ByteSize	Maximum amount of disk space used by blocks.
`disableCompaction` bool	Disable prometheus compaction.
`rules` Rules	/–rules.*/ command-line arguments.
`prometheusRulesExcludedFromEnforce` []PrometheusRuleExcludeConfig	PrometheusRulesExcludedFromEnforce - list of prometheus rules to be excluded from enforcing of adding namespace labels. Works only if enforcedNamespaceLabel set to true. Make sure both ruleNamespace and ruleName are set for each pair. Deprecated: use excludedFromEnforcement instead.
`query` QuerySpec	QuerySpec defines the query command line flags when starting Prometheus.
`ruleSelector` Kubernetes meta/v1.LabelSelector	A selector to select which PrometheusRules to mount for loading alerting/recording rules from. Until (excluding) Prometheus Operator v0.24.0 Prometheus Operator will migrate any legacy rule ConfigMaps to PrometheusRule custom resources selected by RuleSelector. Make sure it does not match any config maps that you do not want to be migrated.
`ruleNamespaceSelector` Kubernetes meta/v1.LabelSelector	Namespaces to be selected for PrometheusRules discovery. If unspecified, only the same namespace as the Prometheus object is in is used.
`alerting` AlertingSpec	Define details regarding alerting.
`remoteRead` []RemoteReadSpec	remoteRead is the list of remote read configurations.
`additionalAlertRelabelConfigs` Kubernetes core/v1.SecretKeySelector	AdditionalAlertRelabelConfigs allows specifying a key of a Secret containing additional Prometheus alert relabel configurations. Alert relabel configurations specified are appended to the configurations generated by the Prometheus Operator. Alert relabel configurations specified must have the form as specified in the official Prometheus documentation: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#alert_relabel_configs. As alert relabel configs are appended, the user is responsible to make sure it is valid. Note that using this feature may expose the possibility to break upgrades of Prometheus. It is advised to review Prometheus release notes to ensure that no incompatible alert relabel configs are going to break Prometheus after the upgrade.
`additionalAlertManagerConfigs` Kubernetes core/v1.SecretKeySelector	AdditionalAlertManagerConfigs allows specifying a key of a Secret containing additional Prometheus AlertManager configurations. AlertManager configurations specified are appended to the configurations generated by the Prometheus Operator. Job configurations specified must have the form as specified in the official Prometheus documentation: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#alertmanager_config. As AlertManager configs are appended, the user is responsible to make sure it is valid. Note that using this feature may expose the possibility to break upgrades of Prometheus. It is advised to review Prometheus release notes to ensure that no incompatible AlertManager configs are going to break Prometheus after the upgrade.
`thanos` ThanosSpec	Thanos configuration allows configuring various aspects of a Prometheus server in a Thanos environment. This section is experimental, it may change significantly without deprecation notice in any release.
`queryLogFile` string	QueryLogFile specifies the file to which PromQL queries are logged. If the filename has an empty path, e.g. ‘query.log’, prometheus-operator will mount the file into an emptyDir volume at `/var/log/prometheus`. If a full path is provided, e.g. /var/log/prometheus/query.log, you must mount a volume in the specified directory and it must be writable. This is because the prometheus container runs with a read-only root filesystem for security reasons. Alternatively, the location can be set to a stdout location such as `/dev/stdout` to log query information to the default Prometheus log stream. This is only available in versions of Prometheus >= 2.16.0. For more details, see the Prometheus docs (https://prometheus.io/docs/guides/query-log/)
`allowOverlappingBlocks` bool	AllowOverlappingBlocks enables vertical compaction and vertical query merge in Prometheus. This is still experimental in Prometheus so it may change in any upcoming release.
`exemplars` Exemplars	Exemplars related settings that are runtime reloadable. It requires to enable the exemplar storage feature to be effective.
`evaluationInterval` Duration	Interval between consecutive evaluations. Default: `30s`
`enableAdminAPI` bool	Enable access to prometheus web admin API. Defaults to the value of `false`. WARNING: Enabling the admin APIs enables mutating endpoints, to delete data, shutdown Prometheus, and more. Enabling this should be done with care and the user is advised to add additional authentication authorization via a proxy to ensure only clients authorized to perform these actions can do so. For more information see https://prometheus.io/docs/prometheus/latest/querying/api/#tsdb-admin-apis
`tsdb` TSDBSpec	Defines the runtime reloadable configuration of the timeseries database (TSDB).

status
PrometheusStatus

Most recent observed status of the Prometheus cluster. Read-only. More info: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#spec-and-status

PrometheusRule

PrometheusRule defines recording and alerting rules for a Prometheus instance

Field Description

apiVersion
string monitoring.coreos.com/v1

kind
string PrometheusRule

metadata
Kubernetes meta/v1.ObjectMeta Refer to the Kubernetes API documentation for the fields of the metadata field.

spec
PrometheusRuleSpec

Specification of desired alerting rule definitions for Prometheus.

groups
[]RuleGroup

Content of Prometheus rule file

ServiceMonitor

ServiceMonitor defines monitoring for a set of services.

Field Description

apiVersion
string monitoring.coreos.com/v1

kind
string ServiceMonitor

metadata
Kubernetes meta/v1.ObjectMeta Refer to the Kubernetes API documentation for the fields of the metadata field.

spec
ServiceMonitorSpec

Specification of desired Service selection for target discovery by Prometheus.

`jobLabel` string	JobLabel selects the label from the associated Kubernetes service which will be used as the `job` label for all metrics. For example: If in `ServiceMonitor.spec.jobLabel: foo` and in `Service.metadata.labels.foo: bar`, then the `job="bar"` label is added to all metrics. If the value of this field is empty or if the label doesn’t exist for the given Service, the `job` label of the metrics defaults to the name of the Kubernetes Service.
`targetLabels` []string	TargetLabels transfers labels from the Kubernetes `Service` onto the created metrics.
`podTargetLabels` []string	PodTargetLabels transfers labels on the Kubernetes `Pod` onto the created metrics.
`endpoints` []Endpoint	A list of endpoints allowed as part of this ServiceMonitor.
`selector` Kubernetes meta/v1.LabelSelector	Selector to select Endpoints objects.
`namespaceSelector` NamespaceSelector	Selector to select which namespaces the Kubernetes Endpoints objects are discovered from.
`sampleLimit` uint64	SampleLimit defines per-scrape limit on number of scraped samples that will be accepted.
`targetLimit` uint64	TargetLimit defines a limit on the number of scraped targets that will be accepted.
`labelLimit` uint64	Per-scrape limit on number of labels that will be accepted for a sample. Only valid in Prometheus versions 2.27.0 and newer.
`labelNameLengthLimit` uint64	Per-scrape limit on length of labels name that will be accepted for a sample. Only valid in Prometheus versions 2.27.0 and newer.
`labelValueLengthLimit` uint64	Per-scrape limit on length of labels value that will be accepted for a sample. Only valid in Prometheus versions 2.27.0 and newer.
`attachMetadata` AttachMetadata	Attaches node metadata to discovered targets. Requires Prometheus v2.37.0 and above.

ThanosRuler

ThanosRuler defines a ThanosRuler deployment.

Field Description

apiVersion
string monitoring.coreos.com/v1

kind
string ThanosRuler

metadata
Kubernetes meta/v1.ObjectMeta Refer to the Kubernetes API documentation for the fields of the metadata field.

spec
ThanosRulerSpec

Specification of the desired behavior of the ThanosRuler cluster. More info: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#spec-and-status

`version` string	Version of Thanos to be deployed.
`podMetadata` EmbeddedObjectMetadata	PodMetadata contains Labels and Annotations gets propagated to the thanos ruler pods.
`image` string	Thanos container image URL.
`imagePullPolicy` Kubernetes core/v1.PullPolicy	Image pull policy for the ‘thanos’, ‘init-config-reloader’ and ‘config-reloader’ containers. See https://kubernetes.io/docs/concepts/containers/images/#image-pull-policy for more details.
`imagePullSecrets` []Kubernetes core/v1.LocalObjectReference	An optional list of references to secrets in the same namespace to use for pulling thanos images from registries see http://kubernetes.io/docs/user-guide/images#specifying-imagepullsecrets-on-a-pod
`paused` bool	When a ThanosRuler deployment is paused, no actions except for deletion will be performed on the underlying objects.
`replicas` int32	Number of thanos ruler instances to deploy.
`nodeSelector` map[string]string	Define which Nodes the Pods are scheduled on.
`resources` Kubernetes core/v1.ResourceRequirements	Resources defines the resource requirements for single Pods. If not provided, no requests/limits will be set
`affinity` Kubernetes core/v1.Affinity	If specified, the pod’s scheduling constraints.
`tolerations` []Kubernetes core/v1.Toleration	If specified, the pod’s tolerations.
`topologySpreadConstraints` []Kubernetes core/v1.TopologySpreadConstraint	If specified, the pod’s topology spread constraints.
`securityContext` Kubernetes core/v1.PodSecurityContext	SecurityContext holds pod-level security attributes and common container settings. This defaults to the default PodSecurityContext.
`priorityClassName` string	Priority class assigned to the Pods
`serviceAccountName` string	ServiceAccountName is the name of the ServiceAccount to use to run the Thanos Ruler Pods.
`storage` StorageSpec	Storage spec to specify how storage shall be used.
`volumes` []Kubernetes core/v1.Volume	Volumes allows configuration of additional volumes on the output StatefulSet definition. Volumes specified will be appended to other volumes that are generated as a result of StorageSpec objects.
`objectStorageConfig` Kubernetes core/v1.SecretKeySelector	ObjectStorageConfig configures object storage in Thanos. Alternative to ObjectStorageConfigFile, and lower order priority.
`objectStorageConfigFile` string	ObjectStorageConfigFile specifies the path of the object storage configuration file. When used alongside with ObjectStorageConfig, ObjectStorageConfigFile takes precedence.
`listenLocal` bool	ListenLocal makes the Thanos ruler listen on loopback, so that it does not bind against the Pod IP.
`queryEndpoints` []string	QueryEndpoints defines Thanos querier endpoints from which to query metrics. Maps to the –query flag of thanos ruler.
`queryConfig` Kubernetes core/v1.SecretKeySelector	Define configuration for connecting to thanos query instances. If this is defined, the QueryEndpoints field will be ignored. Maps to the `query.config` CLI argument. Only available with thanos v0.11.0 and higher.
`alertmanagersUrl` []string	Define URLs to send alerts to Alertmanager. For Thanos v0.10.0 and higher, AlertManagersConfig should be used instead. Note: this field will be ignored if AlertManagersConfig is specified. Maps to the `alertmanagers.url` arg.
`alertmanagersConfig` Kubernetes core/v1.SecretKeySelector	Define configuration for connecting to alertmanager. Only available with thanos v0.10.0 and higher. Maps to the `alertmanagers.config` arg.
`ruleSelector` Kubernetes meta/v1.LabelSelector	A label selector to select which PrometheusRules to mount for alerting and recording.
`ruleNamespaceSelector` Kubernetes meta/v1.LabelSelector	Namespaces to be selected for Rules discovery. If unspecified, only the same namespace as the ThanosRuler object is in is used.
`enforcedNamespaceLabel` string	EnforcedNamespaceLabel enforces adding a namespace label of origin for each alert and metric that is user created. The label value will always be the namespace of the object that is being created.
`excludedFromEnforcement` []ObjectReference	List of references to PrometheusRule objects to be excluded from enforcing a namespace label of origin. Applies only if enforcedNamespaceLabel set to true.
`prometheusRulesExcludedFromEnforce` []PrometheusRuleExcludeConfig	PrometheusRulesExcludedFromEnforce - list of Prometheus rules to be excluded from enforcing of adding namespace labels. Works only if enforcedNamespaceLabel set to true. Make sure both ruleNamespace and ruleName are set for each pair Deprecated: use excludedFromEnforcement instead.
`logLevel` string	Log level for ThanosRuler to be configured with.
`logFormat` string	Log format for ThanosRuler to be configured with.
`portName` string	Port name used for the pods and governing service. Defaults to `web`.
`evaluationInterval` Duration	Interval between consecutive evaluations.
`retention` Duration	Time duration ThanosRuler shall retain data for. Default is ‘24h’, and must match the regular expression `[0-9]+(ms\|s\|m\|h\|d\|w\|y)` (milliseconds seconds minutes hours days weeks years).
`containers` []Kubernetes core/v1.Container	Containers allows injecting additional containers or modifying operator generated containers. This can be used to allow adding an authentication proxy to a ThanosRuler pod or to change the behavior of an operator generated container. Containers described here modify an operator generated container if they share the same name and modifications are done via a strategic merge patch. The current container names are: `thanos-ruler` and `config-reloader`. Overriding containers is entirely outside the scope of what the maintainers will support and by doing so, you accept that this behaviour may break at any time without notice.
`initContainers` []Kubernetes core/v1.Container	InitContainers allows adding initContainers to the pod definition. Those can be used to e.g. fetch secrets for injection into the ThanosRuler configuration from external sources. Any errors during the execution of an initContainer will lead to a restart of the Pod. More info: https://kubernetes.io/docs/concepts/workloads/pods/init-containers/ Using initContainers for any use case other then secret fetching is entirely outside the scope of what the maintainers will support and by doing so, you accept that this behaviour may break at any time without notice.
`tracingConfig` Kubernetes core/v1.SecretKeySelector	TracingConfig configures tracing in Thanos. This is an experimental feature, it may change in any upcoming release in a breaking way.
`tracingConfigFile` string	TracingConfig specifies the path of the tracing configuration file. When used alongside with TracingConfig, TracingConfigFile takes precedence.
`labels` map[string]string	Labels configure the external label pairs to ThanosRuler. A default replica label `thanos_ruler_replica` will be always added as a label with the value of the pod’s name and it will be dropped in the alerts.
`alertDropLabels` []string	AlertDropLabels configure the label names which should be dropped in ThanosRuler alerts. The replica label `thanos_ruler_replica` will always be dropped in alerts.
`externalPrefix` string	The external URL the Thanos Ruler instances will be available under. This is necessary to generate correct URLs. This is necessary if Thanos Ruler is not served from root of a DNS name.
`routePrefix` string	The route prefix ThanosRuler registers HTTP handlers for. This allows thanos UI to be served on a sub-path.
`grpcServerTlsConfig` TLSConfig	GRPCServerTLSConfig configures the gRPC server from which Thanos Querier reads recorded rule data. Note: Currently only the CAFile, CertFile, and KeyFile fields are supported. Maps to the ‘–grpc-server-tls-*’ CLI args.
`alertQueryUrl` string	The external Query URL the Thanos Ruler will set in the ‘Source’ field of all alerts. Maps to the ‘–alert.query-url’ CLI arg.
`minReadySeconds` uint32	(Optional) Minimum number of seconds for which a newly created pod should be ready without any of its container crashing for it to be considered available. Defaults to 0 (pod will be considered available as soon as it is ready) This is an alpha field from kubernetes 1.22 until 1.24 which requires enabling the StatefulSetMinReadySeconds feature gate.
`alertRelabelConfigs` Kubernetes core/v1.SecretKeySelector	AlertRelabelConfigs configures alert relabeling in ThanosRuler. Alert relabel configurations must have the form as specified in the official Prometheus documentation: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#alert_relabel_configs Alternative to AlertRelabelConfigFile, and lower order priority.
`alertRelabelConfigFile` string	AlertRelabelConfigFile specifies the path of the alert relabeling configuration file. When used alongside with AlertRelabelConfigs, alertRelabelConfigFile takes precedence.
`hostAliases` []HostAlias	Pods’ hostAliases configuration
`additionalArgs` []Argument	AdditionalArgs allows setting additional arguments for the ThanosRuler container. It is intended for e.g. activating hidden flags which are not supported by the dedicated configuration options yet. The arguments are passed as-is to the ThanosRuler container which may cause issues if they are invalid or not supported by the given ThanosRuler version. In case of an argument conflict (e.g. an argument which is already set by the operator itself) or when providing an invalid argument the reconciliation will fail and an error will be logged.

status
ThanosRulerStatus

Most recent observed status of the ThanosRuler cluster. Read-only. Not included when requesting from the apiserver, only from the ThanosRuler Operator API itself. More info: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#spec-and-status

APIServerConfig

(Appears on:CommonPrometheusFields)

APIServerConfig defines a host and auth methods to access apiserver. More info: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#kubernetes_sd_config

Field	Description
`host` string	Host of apiserver. A valid string consisting of a hostname or IP followed by an optional port number
`basicAuth` BasicAuth	BasicAuth allow an endpoint to authenticate over basic authentication
`bearerToken` string	Bearer token for accessing apiserver.
`bearerTokenFile` string	File to read bearer token for accessing apiserver.
`tlsConfig` TLSConfig	TLS Config to use for accessing apiserver.
`authorization` Authorization	Authorization section for accessing apiserver

AlertingSpec

(Appears on:PrometheusSpec)

AlertingSpec defines parameters for alerting configuration of Prometheus servers.

Field	Description
`alertmanagers` []AlertmanagerEndpoints	AlertmanagerEndpoints Prometheus should fire alerts against.

AlertmanagerConfigMatcherStrategy

(Appears on:AlertmanagerSpec)

AlertmanagerConfigMatcherStrategy defines the strategy used by AlertmanagerConfig objects to match alerts.

Field	Description
`type` string	If set to `OnNamespace`, the operator injects a label matcher matching the namespace of the AlertmanagerConfig object for all its routes and inhibition rules. `None` will not add any additional matchers other than the ones specified in the AlertmanagerConfig. Default is `OnNamespace`.

AlertmanagerConfiguration

(Appears on:AlertmanagerSpec)

AlertmanagerConfiguration defines the Alertmanager configuration.

Field	Description
`name` string	The name of the AlertmanagerConfig resource which is used to generate the Alertmanager configuration. It must be defined in the same namespace as the Alertmanager object. The operator will not enforce a `namespace` label for routes and inhibition rules.
`global` AlertmanagerGlobalConfig	(Optional) Defines the global parameters of the Alertmanager configuration.
`templates` []SecretOrConfigMap	(Optional) Custom notification templates.

AlertmanagerEndpoints

(Appears on:AlertingSpec)

AlertmanagerEndpoints defines a selection of a single Endpoints object containing alertmanager IPs to fire alerts against.

Field	Description
`namespace` string	Namespace of Endpoints object.
`name` string	Name of Endpoints object in Namespace.
`port` k8s.io/apimachinery/pkg/util/intstr.IntOrString	Port the Alertmanager API is exposed on.
`scheme` string	Scheme to use when firing alerts.
`pathPrefix` string	Prefix for the HTTP path alerts are pushed to.
`tlsConfig` TLSConfig	TLS Config to use for alertmanager connection.
`basicAuth` BasicAuth	BasicAuth allow an endpoint to authenticate over basic authentication
`bearerTokenFile` string	BearerTokenFile to read from filesystem to use when authenticating to Alertmanager.
`authorization` SafeAuthorization	Authorization section for this alertmanager endpoint
`apiVersion` string	Version of the Alertmanager API that Prometheus uses to send alerts. It can be “v1” or “v2”.
`timeout` Duration	Timeout is a per-target Alertmanager timeout when pushing alerts.
`enableHttp2` bool	Whether to enable HTTP2.

AlertmanagerGlobalConfig

(Appears on:AlertmanagerConfiguration)

AlertmanagerGlobalConfig configures parameters that are valid in all other configuration contexts. See https://prometheus.io/docs/alerting/latest/configuration/#configuration-file

Field	Description
`resolveTimeout` Duration	ResolveTimeout is the default value used by alertmanager if the alert does not include EndsAt, after this time passes it can declare the alert as resolved if it has not been updated. This has no impact on alerts from Prometheus, as they always include EndsAt.
`httpConfig` HTTPConfig	HTTP client configuration.
`slackApiUrl` Kubernetes core/v1.SecretKeySelector	The default Slack API URL.
`opsGenieApiUrl` Kubernetes core/v1.SecretKeySelector	The default OpsGenie API URL.
`opsGenieApiKey` Kubernetes core/v1.SecretKeySelector	The default OpsGenie API Key.

AlertmanagerSpec

(Appears on:Alertmanager)

AlertmanagerSpec is a specification of the desired behavior of the Alertmanager cluster. More info: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#spec-and-status

Field	Description
`podMetadata` EmbeddedObjectMetadata	PodMetadata configures Labels and Annotations which are propagated to the alertmanager pods.
`image` string	Image if specified has precedence over baseImage, tag and sha combinations. Specifying the version is still necessary to ensure the Prometheus Operator knows what version of Alertmanager is being configured.
`imagePullPolicy` Kubernetes core/v1.PullPolicy	Image pull policy for the ‘alertmanager’, ‘init-config-reloader’ and ‘config-reloader’ containers. See https://kubernetes.io/docs/concepts/containers/images/#image-pull-policy for more details.
`version` string	Version the cluster should be on.
`tag` string	Tag of Alertmanager container image to be deployed. Defaults to the value of `version`. Version is ignored if Tag is set. Deprecated: use ‘image’ instead. The image tag can be specified as part of the image URL.
`sha` string	SHA of Alertmanager container image to be deployed. Defaults to the value of `version`. Similar to a tag, but the SHA explicitly deploys an immutable container image. Version and Tag are ignored if SHA is set. Deprecated: use ‘image’ instead. The image digest can be specified as part of the image URL.
`baseImage` string	Base image that is used to deploy pods, without tag. Deprecated: use ‘image’ instead
`imagePullSecrets` []Kubernetes core/v1.LocalObjectReference	An optional list of references to secrets in the same namespace to use for pulling prometheus and alertmanager images from registries see http://kubernetes.io/docs/user-guide/images#specifying-imagepullsecrets-on-a-pod
`secrets` []string	Secrets is a list of Secrets in the same namespace as the Alertmanager object, which shall be mounted into the Alertmanager Pods. Each Secret is added to the StatefulSet definition as a volume named `secret-<secret-name>`. The Secrets are mounted into `/etc/alertmanager/secrets/<secret-name>` in the ‘alertmanager’ container.
`configMaps` []string	ConfigMaps is a list of ConfigMaps in the same namespace as the Alertmanager object, which shall be mounted into the Alertmanager Pods. Each ConfigMap is added to the StatefulSet definition as a volume named `configmap-<configmap-name>`. The ConfigMaps are mounted into `/etc/alertmanager/configmaps/<configmap-name>` in the ‘alertmanager’ container.
`configSecret` string	ConfigSecret is the name of a Kubernetes Secret in the same namespace as the Alertmanager object, which contains the configuration for this Alertmanager instance. If empty, it defaults to `alertmanager-<alertmanager-name>`. The Alertmanager configuration should be available under the `alertmanager.yaml` key. Additional keys from the original secret are copied to the generated secret and mounted into the `/etc/alertmanager/config` directory in the `alertmanager` container. If either the secret or the `alertmanager.yaml` key is missing, the operator provisions a minimal Alertmanager configuration with one empty receiver (effectively dropping alert notifications).
`logLevel` string	Log level for Alertmanager to be configured with.
`logFormat` string	Log format for Alertmanager to be configured with.
`replicas` int32	Size is the expected size of the alertmanager cluster. The controller will eventually make the size of the running cluster equal to the expected size.
`retention` GoDuration	Time duration Alertmanager shall retain data for. Default is ‘120h’, and must match the regular expression `[0-9]+(ms\|s\|m\|h)` (milliseconds seconds minutes hours).
`storage` StorageSpec	Storage is the definition of how storage will be used by the Alertmanager instances.
`volumes` []Kubernetes core/v1.Volume	Volumes allows configuration of additional volumes on the output StatefulSet definition. Volumes specified will be appended to other volumes that are generated as a result of StorageSpec objects.
`volumeMounts` []Kubernetes core/v1.VolumeMount	VolumeMounts allows configuration of additional VolumeMounts on the output StatefulSet definition. VolumeMounts specified will be appended to other VolumeMounts in the alertmanager container, that are generated as a result of StorageSpec objects.
`externalUrl` string	The external URL the Alertmanager instances will be available under. This is necessary to generate correct URLs. This is necessary if Alertmanager is not served from root of a DNS name.
`routePrefix` string	The route prefix Alertmanager registers HTTP handlers for. This is useful, if using ExternalURL and a proxy is rewriting HTTP routes of a request, and the actual ExternalURL is still true, but the server serves requests under a different route prefix. For example for use with `kubectl proxy`.
`paused` bool	If set to true all actions on the underlying managed objects are not goint to be performed, except for delete actions.
`nodeSelector` map[string]string	Define which Nodes the Pods are scheduled on.
`resources` Kubernetes core/v1.ResourceRequirements	Define resources requests and limits for single Pods.
`affinity` Kubernetes core/v1.Affinity	If specified, the pod’s scheduling constraints.
`tolerations` []Kubernetes core/v1.Toleration	If specified, the pod’s tolerations.
`topologySpreadConstraints` []Kubernetes core/v1.TopologySpreadConstraint	If specified, the pod’s topology spread constraints.
`securityContext` Kubernetes core/v1.PodSecurityContext	SecurityContext holds pod-level security attributes and common container settings. This defaults to the default PodSecurityContext.
`serviceAccountName` string	ServiceAccountName is the name of the ServiceAccount to use to run the Prometheus Pods.
`listenLocal` bool	ListenLocal makes the Alertmanager server listen on loopback, so that it does not bind against the Pod IP. Note this is only for the Alertmanager UI, not the gossip communication.
`containers` []Kubernetes core/v1.Container	Containers allows injecting additional containers. This is meant to allow adding an authentication proxy to an Alertmanager pod. Containers described here modify an operator generated container if they share the same name and modifications are done via a strategic merge patch. The current container names are: `alertmanager` and `config-reloader`. Overriding containers is entirely outside the scope of what the maintainers will support and by doing so, you accept that this behaviour may break at any time without notice.
`initContainers` []Kubernetes core/v1.Container	InitContainers allows adding initContainers to the pod definition. Those can be used to e.g. fetch secrets for injection into the Alertmanager configuration from external sources. Any errors during the execution of an initContainer will lead to a restart of the Pod. More info: https://kubernetes.io/docs/concepts/workloads/pods/init-containers/ InitContainers described here modify an operator generated init containers if they share the same name and modifications are done via a strategic merge patch. The current init container name is: `init-config-reloader`. Overriding init containers is entirely outside the scope of what the maintainers will support and by doing so, you accept that this behaviour may break at any time without notice.
`priorityClassName` string	Priority class assigned to the Pods
`additionalPeers` []string	AdditionalPeers allows injecting a set of additional Alertmanagers to peer with to form a highly available cluster.
`clusterAdvertiseAddress` string	ClusterAdvertiseAddress is the explicit address to advertise in cluster. Needs to be provided for non RFC1918 1 addresses. [1] RFC1918: https://tools.ietf.org/html/rfc1918
`clusterGossipInterval` GoDuration	Interval between gossip attempts.
`clusterPushpullInterval` GoDuration	Interval between pushpull attempts.
`clusterPeerTimeout` GoDuration	Timeout for cluster peering.
`portName` string	Port name used for the pods and governing service. Defaults to `web`.
`forceEnableClusterMode` bool	ForceEnableClusterMode ensures Alertmanager does not deactivate the cluster mode when running with a single replica. Use case is e.g. spanning an Alertmanager cluster across Kubernetes clusters with a single replica in each.
`alertmanagerConfigSelector` Kubernetes meta/v1.LabelSelector	AlertmanagerConfigs to be selected for to merge and configure Alertmanager with.
`alertmanagerConfigMatcherStrategy` AlertmanagerConfigMatcherStrategy	The AlertmanagerConfigMatcherStrategy defines how AlertmanagerConfig objects match the alerts. In the future more options may be added.
`alertmanagerConfigNamespaceSelector` Kubernetes meta/v1.LabelSelector	Namespaces to be selected for AlertmanagerConfig discovery. If nil, only check own namespace.
`minReadySeconds` uint32	(Optional) Minimum number of seconds for which a newly created pod should be ready without any of its container crashing for it to be considered available. Defaults to 0 (pod will be considered available as soon as it is ready) This is an alpha field from kubernetes 1.22 until 1.24 which requires enabling the StatefulSetMinReadySeconds feature gate.
`hostAliases` []HostAlias	Pods’ hostAliases configuration
`web` AlertmanagerWebSpec	Defines the web command line flags when starting Alertmanager.
`alertmanagerConfiguration` AlertmanagerConfiguration	EXPERIMENTAL: alertmanagerConfiguration specifies the configuration of Alertmanager. If defined, it takes precedence over the `configSecret` field. This field may change in future releases.

AlertmanagerStatus

(Appears on:Alertmanager)

AlertmanagerStatus is the most recent observed status of the Alertmanager cluster. Read-only. More info: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#spec-and-status

Field	Description
`paused` bool	Represents whether any actions on the underlying managed objects are being performed. Only delete actions will be performed.
`replicas` int32	Total number of non-terminated pods targeted by this Alertmanager object (their labels match the selector).
`updatedReplicas` int32	Total number of non-terminated pods targeted by this Alertmanager object that have the desired version spec.
`availableReplicas` int32	Total number of available pods (ready for at least minReadySeconds) targeted by this Alertmanager cluster.
`unavailableReplicas` int32	Total number of unavailable pods targeted by this Alertmanager object.
`conditions` []Condition	(Optional) The current state of the Alertmanager object.

AlertmanagerWebSpec

(Appears on:AlertmanagerSpec)

AlertmanagerWebSpec defines the web command line flags when starting Alertmanager.

Field	Description
`tlsConfig` WebTLSConfig	Defines the TLS parameters for HTTPS.
`httpConfig` WebHTTPConfig	Defines HTTP parameters for web server.

ArbitraryFSAccessThroughSMsConfig

(Appears on:CommonPrometheusFields)

ArbitraryFSAccessThroughSMsConfig enables users to configure, whether a service monitor selected by the Prometheus instance is allowed to use arbitrary files on the file system of the Prometheus container. This is the case when e.g. a service monitor specifies a BearerTokenFile in an endpoint. A malicious user could create a service monitor selecting arbitrary secret files in the Prometheus container. Those secrets would then be sent with a scrape request by Prometheus to a malicious target. Denying the above would prevent the attack, users can instead use the BearerTokenSecret field.

Field	Description
`deny` bool

Argument

(Appears on:CommonPrometheusFields, ThanosRulerSpec, ThanosSpec)

Argument as part of the AdditionalArgs list.

Field	Description
`name` string	Name of the argument, e.g. “scrape.discovery-reload-interval”.
`value` string	Argument value, e.g. 30s. Can be empty for name-only arguments (e.g. –storage.tsdb.no-lockfile)

AttachMetadata

(Appears on:PodMonitorSpec, ServiceMonitorSpec)

Field	Description
`node` bool	When set to true, Prometheus must have permissions to get Nodes.

Authorization

(Appears on:APIServerConfig, RemoteReadSpec, RemoteWriteSpec)

Authorization contains optional Authorization header configuration. This section is only understood by versions of Prometheus >= 2.26.0.

Field	Description
`type` string	Set the authentication type. Defaults to Bearer, Basic will cause an error
`credentials` Kubernetes core/v1.SecretKeySelector	The secret’s key that contains the credentials of the request
`credentialsFile` string	File to read a secret from, mutually exclusive with Credentials (from SafeAuthorization)

AuthorizationValidationError

AuthorizationValidationError is returned by Authorization.Validate() on semantically invalid configurations.

Field	Description
`err` string

BasicAuth

(Appears on:APIServerConfig, AlertmanagerEndpoints, Endpoint, HTTPConfig, PodMetricsEndpoint, ProbeSpec, RemoteReadSpec, RemoteWriteSpec, HTTPConfig, HTTPConfig)

BasicAuth allow an endpoint to authenticate over basic authentication More info: https://prometheus.io/docs/operating/configuration/#endpoints

Field	Description
`username` Kubernetes core/v1.SecretKeySelector	The secret in the service monitor namespace that contains the username for authentication.
`password` Kubernetes core/v1.SecretKeySelector	The secret in the service monitor namespace that contains the password for authentication.

ByteSize (`string` alias)

(Appears on:CommonPrometheusFields, PrometheusSpec)

ByteSize is a valid memory size type based on powers-of-2, so 1KB is 1024B. Supported units: B, KB, KiB, MB, MiB, GB, GiB, TB, TiB, PB, PiB, EB, EiB Ex: 512MB.

CommonPrometheusFields

(Appears on:PrometheusSpec, PrometheusAgentSpec)

CommonPrometheusFields are the options available to both the Prometheus server and agent.

Field	Description
`podMetadata` EmbeddedObjectMetadata	PodMetadata configures Labels and Annotations which are propagated to the prometheus pods.
`serviceMonitorSelector` Kubernetes meta/v1.LabelSelector	ServiceMonitors to be selected for target discovery. If `spec.serviceMonitorSelector`, `spec.podMonitorSelector` and `spec.probeSelector` are null, the Prometheus configuration is unmanaged. The Prometheus operator will ensure that the Prometheus configuration’s Secret exists, but it is the responsibility of the user to provide the raw gzipped Prometheus configuration under the `prometheus.yaml.gz` key. This behavior is deprecated and will be removed in the next major version of the custom resource definition. It is recommended to use `spec.additionalScrapeConfigs` instead.
`serviceMonitorNamespaceSelector` Kubernetes meta/v1.LabelSelector	Namespace’s labels to match for ServiceMonitor discovery. If nil, only check own namespace.
`podMonitorSelector` Kubernetes meta/v1.LabelSelector	Experimental PodMonitors to be selected for target discovery. If `spec.serviceMonitorSelector`, `spec.podMonitorSelector` and `spec.probeSelector` are null, the Prometheus configuration is unmanaged. The Prometheus operator will ensure that the Prometheus configuration’s Secret exists, but it is the responsibility of the user to provide the raw gzipped Prometheus configuration under the `prometheus.yaml.gz` key. This behavior is deprecated and will be removed in the next major version of the custom resource definition. It is recommended to use `spec.additionalScrapeConfigs` instead.
`podMonitorNamespaceSelector` Kubernetes meta/v1.LabelSelector	Namespace’s labels to match for PodMonitor discovery. If nil, only check own namespace.
`probeSelector` Kubernetes meta/v1.LabelSelector	Experimental Probes to be selected for target discovery. If `spec.serviceMonitorSelector`, `spec.podMonitorSelector` and `spec.probeSelector` are null, the Prometheus configuration is unmanaged. The Prometheus operator will ensure that the Prometheus configuration’s Secret exists, but it is the responsibility of the user to provide the raw gzipped Prometheus configuration under the `prometheus.yaml.gz` key. This behavior is deprecated and will be removed in the next major version of the custom resource definition. It is recommended to use `spec.additionalScrapeConfigs` instead.
`probeNamespaceSelector` Kubernetes meta/v1.LabelSelector	Experimental Namespaces to be selected for Probe discovery. If nil, only check own namespace.
`version` string	Version of Prometheus to be deployed.
`paused` bool	When a Prometheus deployment is paused, no actions except for deletion will be performed on the underlying objects.
`image` string	Image if specified has precedence over baseImage, tag and sha combinations. Specifying the version is still necessary to ensure the Prometheus Operator knows what version of Prometheus is being configured.
`imagePullPolicy` Kubernetes core/v1.PullPolicy	Image pull policy for the ‘prometheus’, ‘init-config-reloader’ and ‘config-reloader’ containers. See https://kubernetes.io/docs/concepts/containers/images/#image-pull-policy for more details.
`imagePullSecrets` []Kubernetes core/v1.LocalObjectReference	An optional list of references to secrets in the same namespace to use for pulling prometheus and alertmanager images from registries see http://kubernetes.io/docs/user-guide/images#specifying-imagepullsecrets-on-a-pod
`replicas` int32	Number of replicas of each shard to deploy for a Prometheus deployment. Number of replicas multiplied by shards is the total number of Pods created.
`shards` int32	EXPERIMENTAL: Number of shards to distribute targets onto. Number of replicas multiplied by shards is the total number of Pods created. Note that scaling down shards will not reshard data onto remaining instances, it must be manually moved. Increasing shards will not reshard data either but it will continue to be available from the same instances. To query globally use Thanos sidecar and Thanos querier or remote write data to a central location. Sharding is done on the content of the `__address__` target meta-label.
`replicaExternalLabelName` string	Name of Prometheus external label used to denote replica name. Defaults to the value of `prometheus_replica`. External label will not be added when value is set to empty string (`""`).
`prometheusExternalLabelName` string	Name of Prometheus external label used to denote Prometheus instance name. Defaults to the value of `prometheus`. External label will not be added when value is set to empty string (`""`).
`logLevel` string	Log level for Prometheus to be configured with.
`logFormat` string	Log format for Prometheus to be configured with.
`scrapeInterval` Duration	Interval between consecutive scrapes. Default: `30s`
`scrapeTimeout` Duration	Number of seconds to wait for target to respond before erroring.
`externalLabels` map[string]string	The labels to add to any time series or alerts when communicating with external systems (federation, remote storage, Alertmanager).
`enableRemoteWriteReceiver` bool	Enable Prometheus to be used as a receiver for the Prometheus remote write protocol. Defaults to the value of `false`. WARNING: This is not considered an efficient way of ingesting samples. Use it with caution for specific low-volume use cases. It is not suitable for replacing the ingestion via scraping and turning Prometheus into a push-based metrics collection system. For more information see https://prometheus.io/docs/prometheus/latest/querying/api/#remote-write-receiver Only valid in Prometheus versions 2.33.0 and newer.
`enableFeatures` []string	Enable access to Prometheus disabled features. By default, no features are enabled. Enabling disabled features is entirely outside the scope of what the maintainers will support and by doing so, you accept that this behaviour may break at any time without notice. For more information see https://prometheus.io/docs/prometheus/latest/disabled_features/
`externalUrl` string	The external URL the Prometheus instances will be available under. This is necessary to generate correct URLs. This is necessary if Prometheus is not served from root of a DNS name.
`routePrefix` string	The route prefix Prometheus registers HTTP handlers for. This is useful, if using ExternalURL and a proxy is rewriting HTTP routes of a request, and the actual ExternalURL is still true, but the server serves requests under a different route prefix. For example for use with `kubectl proxy`.
`storage` StorageSpec	Storage spec to specify how storage shall be used.
`volumes` []Kubernetes core/v1.Volume	Volumes allows configuration of additional volumes on the output StatefulSet definition. Volumes specified will be appended to other volumes that are generated as a result of StorageSpec objects.
`volumeMounts` []Kubernetes core/v1.VolumeMount	VolumeMounts allows configuration of additional VolumeMounts on the output StatefulSet definition. VolumeMounts specified will be appended to other VolumeMounts in the prometheus container, that are generated as a result of StorageSpec objects.
`web` PrometheusWebSpec	Defines the web command line flags when starting Prometheus.
`resources` Kubernetes core/v1.ResourceRequirements	Define resources requests and limits for single Pods.
`nodeSelector` map[string]string	Define which Nodes the Pods are scheduled on.
`serviceAccountName` string	ServiceAccountName is the name of the ServiceAccount to use to run the Prometheus Pods.
`secrets` []string	Secrets is a list of Secrets in the same namespace as the Prometheus object, which shall be mounted into the Prometheus Pods. Each Secret is added to the StatefulSet definition as a volume named `secret-<secret-name>`. The Secrets are mounted into /etc/prometheus/secrets/ in the ‘prometheus’ container.
`configMaps` []string	ConfigMaps is a list of ConfigMaps in the same namespace as the Prometheus object, which shall be mounted into the Prometheus Pods. Each ConfigMap is added to the StatefulSet definition as a volume named `configmap-<configmap-name>`. The ConfigMaps are mounted into /etc/prometheus/configmaps/ in the ‘prometheus’ container.
`affinity` Kubernetes core/v1.Affinity	If specified, the pod’s scheduling constraints.
`tolerations` []Kubernetes core/v1.Toleration	If specified, the pod’s tolerations.
`topologySpreadConstraints` []Kubernetes core/v1.TopologySpreadConstraint	If specified, the pod’s topology spread constraints.
`remoteWrite` []RemoteWriteSpec	remoteWrite is the list of remote write configurations.
`securityContext` Kubernetes core/v1.PodSecurityContext	SecurityContext holds pod-level security attributes and common container settings. This defaults to the default PodSecurityContext.
`listenLocal` bool	ListenLocal makes the Prometheus server listen on loopback, so that it does not bind against the Pod IP.
`containers` []Kubernetes core/v1.Container	Containers allows injecting additional containers or modifying operator generated containers. This can be used to allow adding an authentication proxy to a Prometheus pod or to change the behavior of an operator generated container. Containers described here modify an operator generated container if they share the same name and modifications are done via a strategic merge patch. The current container names are: `prometheus`, `config-reloader`, and `thanos-sidecar`. Overriding containers is entirely outside the scope of what the maintainers will support and by doing so, you accept that this behaviour may break at any time without notice.
`initContainers` []Kubernetes core/v1.Container	InitContainers allows adding initContainers to the pod definition. Those can be used to e.g. fetch secrets for injection into the Prometheus configuration from external sources. Any errors during the execution of an initContainer will lead to a restart of the Pod. More info: https://kubernetes.io/docs/concepts/workloads/pods/init-containers/ InitContainers described here modify an operator generated init containers if they share the same name and modifications are done via a strategic merge patch. The current init container name is: `init-config-reloader`. Overriding init containers is entirely outside the scope of what the maintainers will support and by doing so, you accept that this behaviour may break at any time without notice.
`additionalScrapeConfigs` Kubernetes core/v1.SecretKeySelector	AdditionalScrapeConfigs allows specifying a key of a Secret containing additional Prometheus scrape configurations. Scrape configurations specified are appended to the configurations generated by the Prometheus Operator. Job configurations specified must have the form as specified in the official Prometheus documentation: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#scrape_config. As scrape configs are appended, the user is responsible to make sure it is valid. Note that using this feature may expose the possibility to break upgrades of Prometheus. It is advised to review Prometheus release notes to ensure that no incompatible scrape configs are going to break Prometheus after the upgrade.
`apiserverConfig` APIServerConfig	APIServerConfig allows specifying a host and auth methods to access apiserver. If left empty, Prometheus is assumed to run inside of the cluster and will discover API servers automatically and use the pod’s CA certificate and bearer token file at /var/run/secrets/kubernetes.io/serviceaccount/.
`priorityClassName` string	Priority class assigned to the Pods
`portName` string	Port name used for the pods and governing service. Defaults to `web`.
`arbitraryFSAccessThroughSMs` ArbitraryFSAccessThroughSMsConfig	ArbitraryFSAccessThroughSMs configures whether configuration based on a service monitor can access arbitrary files on the file system of the Prometheus container e.g. bearer token files.
`overrideHonorLabels` bool	When true, Prometheus resolves label conflicts by renaming the labels in the scraped data to “exported_” for all targets created from service and pod monitors. Otherwise the HonorLabels field of the service or pod monitor applies.
`overrideHonorTimestamps` bool	When true, Prometheus ignores the timestamps for all the targets created from service and pod monitors. Otherwise the HonorTimestamps field of the service or pod monitor applies.
`ignoreNamespaceSelectors` bool	IgnoreNamespaceSelectors if set to true will ignore NamespaceSelector settings from all PodMonitor, ServiceMonitor and Probe objects. They will only discover endpoints within the namespace of the PodMonitor, ServiceMonitor and Probe objects. Defaults to false.
`enforcedNamespaceLabel` string	EnforcedNamespaceLabel If set, a label will be added to all user-metrics (created by `ServiceMonitor`, `PodMonitor` and `Probe` objects) and in all `PrometheusRule` objects (except the ones excluded in `prometheusRulesExcludedFromEnforce`) to alerting & recording rules and the metrics used in their expressions (`expr`). Label name is this field’s value. Label value is the namespace of the created object (mentioned above).
`enforcedSampleLimit` uint64	EnforcedSampleLimit defines global limit on number of scraped samples that will be accepted. This overrides any SampleLimit set per ServiceMonitor or/and PodMonitor. It is meant to be used by admins to enforce the SampleLimit to keep overall number of samples/series under the desired limit. Note that if SampleLimit is lower that value will be taken instead.
`enforcedTargetLimit` uint64	EnforcedTargetLimit defines a global limit on the number of scraped targets. This overrides any TargetLimit set per ServiceMonitor or/and PodMonitor. It is meant to be used by admins to enforce the TargetLimit to keep the overall number of targets under the desired limit. Note that if TargetLimit is lower, that value will be taken instead, except if either value is zero, in which case the non-zero value will be used. If both values are zero, no limit is enforced.
`enforcedLabelLimit` uint64	Per-scrape limit on number of labels that will be accepted for a sample. If more than this number of labels are present post metric-relabeling, the entire scrape will be treated as failed. 0 means no limit. Only valid in Prometheus versions 2.27.0 and newer.
`enforcedLabelNameLengthLimit` uint64	Per-scrape limit on length of labels name that will be accepted for a sample. If a label name is longer than this number post metric-relabeling, the entire scrape will be treated as failed. 0 means no limit. Only valid in Prometheus versions 2.27.0 and newer.
`enforcedLabelValueLengthLimit` uint64	Per-scrape limit on length of labels value that will be accepted for a sample. If a label value is longer than this number post metric-relabeling, the entire scrape will be treated as failed. 0 means no limit. Only valid in Prometheus versions 2.27.0 and newer.
`enforcedBodySizeLimit` ByteSize	EnforcedBodySizeLimit defines the maximum size of uncompressed response body that will be accepted by Prometheus. Targets responding with a body larger than this many bytes will cause the scrape to fail. Example: 100MB. If defined, the limit will apply to all service/pod monitors and probes. This is an experimental feature, this behaviour could change or be removed in the future. Only valid in Prometheus versions 2.28.0 and newer.
`minReadySeconds` uint32	(Optional) Minimum number of seconds for which a newly created pod should be ready without any of its container crashing for it to be considered available. Defaults to 0 (pod will be considered available as soon as it is ready) This is an alpha field from kubernetes 1.22 until 1.24 which requires enabling the StatefulSetMinReadySeconds feature gate.
`hostAliases` []HostAlias	Pods’ hostAliases configuration
`additionalArgs` []Argument	AdditionalArgs allows setting additional arguments for the Prometheus container. It is intended for e.g. activating hidden flags which are not supported by the dedicated configuration options yet. The arguments are passed as-is to the Prometheus container which may cause issues if they are invalid or not supported by the given Prometheus version. In case of an argument conflict (e.g. an argument which is already set by the operator itself) or when providing an invalid argument the reconciliation will fail and an error will be logged.
`walCompression` bool	Enable compression of the write-ahead log using Snappy. This flag is only available in versions of Prometheus >= 2.11.0.
`excludedFromEnforcement` []ObjectReference	List of references to PodMonitor, ServiceMonitor, Probe and PrometheusRule objects to be excluded from enforcing a namespace label of origin. Applies only if enforcedNamespaceLabel set to true.
`hostNetwork` bool	Use the host’s network namespace if true. Make sure to understand the security implications if you want to enable it. When hostNetwork is enabled, this will set dnsPolicy to ClusterFirstWithHostNet automatically.
`podTargetLabels` []string	PodTargetLabels are added to all Pod/ServiceMonitors’ podTargetLabels

Condition

(Appears on:AlertmanagerStatus, PrometheusStatus)

Condition represents the state of the resources associated with the Prometheus or Alertmanager resource.

Field	Description
`type` ConditionType	Type of the condition being reported.
`status` ConditionStatus	Status of the condition.
`lastTransitionTime` Kubernetes meta/v1.Time	lastTransitionTime is the time of the last update to the current status property.
`reason` string	(Optional) Reason for the condition’s last transition.
`message` string	(Optional) Human-readable message indicating details for the condition’s last transition.
`observedGeneration` int64	ObservedGeneration represents the .metadata.generation that the condition was set based upon. For instance, if `.metadata.generation` is currently 12, but the `.status.conditions[].observedGeneration` is 9, the condition is out of date with respect to the current state of the instance.

ConditionStatus (`string` alias)

(Appears on:Condition)

Value	Description
"Degraded"
"False"
"True"
"Unknown"

ConditionType (`string` alias)

(Appears on:Condition)

Value	Description
"Available"	Available indicates whether enough pods are ready to provide the service. The possible status values for this condition type are: - True: all pods are running and ready, the service is fully available. - Degraded: some pods aren’t ready, the service is partially available. - False: no pods are running, the service is totally unavailable. - Unknown: the operator couldn’t determine the condition status.
"Reconciled"	Reconciled indicates whether the operator has reconciled the state of the underlying resources with the object’s spec. The possible status values for this condition type are: - True: the reconciliation was successful. - False: the reconciliation failed. - Unknown: the operator couldn’t determine the condition status.

Value

Description

"Available"

Available indicates whether enough pods are ready to provide the service. The possible status values for this condition type are: - True: all pods are running and ready, the service is fully available. - Degraded: some pods aren’t ready, the service is partially available. - False: no pods are running, the service is totally unavailable. - Unknown: the operator couldn’t determine the condition status.

"Reconciled"

Reconciled indicates whether the operator has reconciled the state of the underlying resources with the object’s spec. The possible status values for this condition type are: - True: the reconciliation was successful. - False: the reconciliation failed. - Unknown: the operator couldn’t determine the condition status.

Duration (`string` alias)

(Appears on:AlertmanagerEndpoints, AlertmanagerGlobalConfig, CommonPrometheusFields, Endpoint, MetadataConfig, PodMetricsEndpoint, ProbeSpec, PrometheusSpec, QuerySpec, RemoteReadSpec, RemoteWriteSpec, Rule, RuleGroup, TSDBSpec, ThanosRulerSpec, ThanosSpec)

Duration is a valid time duration that can be parsed by Prometheus model.ParseDuration() function. Supported units: y, w, d, h, m, s, ms Examples: 30s, 1m, 1h20m15s, 15d

EmbeddedObjectMetadata

(Appears on:AlertmanagerSpec, CommonPrometheusFields, EmbeddedPersistentVolumeClaim, ThanosRulerSpec)

EmbeddedObjectMetadata contains a subset of the fields included in k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta Only fields which are relevant to embedded resources are included.

Field	Description
`name` string	(Optional) Name must be unique within a namespace. Is required when creating resources, although some resources may allow a client to request the generation of an appropriate name automatically. Name is primarily intended for creation idempotence and configuration definition. Cannot be updated. More info: http://kubernetes.io/docs/user-guide/identifiers#names
`labels` map[string]string	(Optional) Map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and services. More info: http://kubernetes.io/docs/user-guide/labels
`annotations` map[string]string	(Optional) Annotations is an unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. More info: http://kubernetes.io/docs/user-guide/annotations

EmbeddedPersistentVolumeClaim

(Appears on:StorageSpec)

EmbeddedPersistentVolumeClaim is an embedded version of k8s.io/api/core/v1.PersistentVolumeClaim. It contains TypeMeta and a reduced ObjectMeta.

Field Description

metadata
EmbeddedObjectMetadata

EmbeddedMetadata contains metadata relevant to an EmbeddedResource.

spec
Kubernetes core/v1.PersistentVolumeClaimSpec

(Optional)

Spec defines the desired characteristics of a volume requested by a pod author. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims

`accessModes` []Kubernetes core/v1.PersistentVolumeAccessMode	(Optional) accessModes contains the desired access modes the volume should have. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1
`selector` Kubernetes meta/v1.LabelSelector	(Optional) selector is a label query over volumes to consider for binding.
`resources` Kubernetes core/v1.ResourceRequirements	(Optional) resources represents the minimum resources the volume should have. If RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements that are lower than previous value but must still be higher than capacity recorded in the status field of the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources
`volumeName` string	(Optional) volumeName is the binding reference to the PersistentVolume backing this claim.
`storageClassName` string	(Optional) storageClassName is the name of the StorageClass required by the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1
`volumeMode` Kubernetes core/v1.PersistentVolumeMode	(Optional) volumeMode defines what type of volume is required by the claim. Value of Filesystem is implied when not included in claim spec.
`dataSource` Kubernetes core/v1.TypedLocalObjectReference	(Optional) dataSource field can be used to specify either: * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot) * An existing PVC (PersistentVolumeClaim) If the provisioner or an external controller can support the specified data source, it will create a new volume based on the contents of the specified data source. When the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef, and dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified. If the namespace is specified, then dataSourceRef will not be copied to dataSource.
`dataSourceRef` Kubernetes core/v1.TypedObjectReference	(Optional) dataSourceRef specifies the object from which to populate the volume with data, if a non-empty volume is desired. This may be any object from a non-empty API group (non core object) or a PersistentVolumeClaim object. When this field is specified, volume binding will only succeed if the type of the specified object matches some installed volume populator or dynamic provisioner. This field will replace the functionality of the dataSource field and as such if both fields are non-empty, they must have the same value. For backwards compatibility, when namespace isn’t specified in dataSourceRef, both fields (dataSource and dataSourceRef) will be set to the same value automatically if one of them is empty and the other is non-empty. When namespace is specified in dataSourceRef, dataSource isn’t set to the same value and must be empty. There are three important differences between dataSource and dataSourceRef: * While dataSource only allows two specific types of objects, dataSourceRef allows any non-core object, as well as PersistentVolumeClaim objects. * While dataSource ignores disallowed values (dropping them), dataSourceRef preserves all values, and generates an error if a disallowed value is specified. * While dataSource only allows local objects, dataSourceRef allows objects in any namespaces. (Beta) Using this field requires the AnyVolumeDataSource feature gate to be enabled. (Alpha) Using the namespace field of dataSourceRef requires the CrossNamespaceVolumeDataSource feature gate to be enabled.

status
Kubernetes core/v1.PersistentVolumeClaimStatus

(Optional)

Status represents the current information/status of a persistent volume claim. Read-only. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims

Endpoint

(Appears on:ServiceMonitorSpec)

Endpoint defines a scrapeable endpoint serving Prometheus metrics.

Field	Description
`port` string	Name of the service port this endpoint refers to. Mutually exclusive with targetPort.
`targetPort` k8s.io/apimachinery/pkg/util/intstr.IntOrString	Name or number of the target port of the Pod behind the Service, the port must be specified with container port property. Mutually exclusive with port.
`path` string	HTTP path to scrape for metrics. If empty, Prometheus uses the default value (e.g. `/metrics`).
`scheme` string	HTTP scheme to use for scraping.
`params` map[string][]string	Optional HTTP URL parameters
`interval` Duration	Interval at which metrics should be scraped If not specified Prometheus’ global scrape interval is used.
`scrapeTimeout` Duration	Timeout after which the scrape is ended If not specified, the Prometheus global scrape timeout is used unless it is less than `Interval` in which the latter is used.
`tlsConfig` TLSConfig	TLS configuration to use when scraping the endpoint
`bearerTokenFile` string	File to read bearer token for scraping targets.
`bearerTokenSecret` Kubernetes core/v1.SecretKeySelector	Secret to mount to read bearer token for scraping targets. The secret needs to be in the same namespace as the service monitor and accessible by the Prometheus Operator.
`authorization` SafeAuthorization	Authorization section for this endpoint
`honorLabels` bool	HonorLabels chooses the metric’s labels on collisions with target labels.
`honorTimestamps` bool	HonorTimestamps controls whether Prometheus respects the timestamps present in scraped data.
`basicAuth` BasicAuth	BasicAuth allow an endpoint to authenticate over basic authentication More info: https://prometheus.io/docs/operating/configuration/#endpoints
`oauth2` OAuth2	OAuth2 for the URL. Only valid in Prometheus versions 2.27.0 and newer.
`metricRelabelings` []RelabelConfig	MetricRelabelConfigs to apply to samples before ingestion.
`relabelings` []RelabelConfig	RelabelConfigs to apply to samples before scraping. Prometheus Operator automatically adds relabelings for a few standard Kubernetes fields. The original scrape job’s name is available via the `__tmp_prometheus_job_name` label. More info: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#relabel_config
`proxyUrl` string	ProxyURL eg http://proxyserver:2195 Directs scrapes to proxy through this endpoint.
`followRedirects` bool	FollowRedirects configures whether scrape requests follow HTTP 3xx redirects.
`enableHttp2` bool	Whether to enable HTTP2.
`filterRunning` bool	Drop pods that are not running. (Failed, Succeeded). Enabled by default. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#pod-phase

Exemplars

(Appears on:PrometheusSpec)

Field	Description
`maxSize` int64	Maximum number of exemplars stored in memory for all series. If not set, Prometheus uses its default value. A value of zero or less than zero disables the storage.

GoDuration (`string` alias)

(Appears on:AlertmanagerSpec)

GoDuration is a valid time duration that can be parsed by Go’s time.ParseDuration() function. Supported units: h, m, s, ms Examples: 45ms, 30s, 1m, 1h20m15s

HTTPConfig

(Appears on:AlertmanagerGlobalConfig)

HTTPConfig defines a client HTTP configuration. See https://prometheus.io/docs/alerting/latest/configuration/#http_config

Field	Description
`authorization` SafeAuthorization	(Optional) Authorization header configuration for the client. This is mutually exclusive with BasicAuth and is only available starting from Alertmanager v0.22+.
`basicAuth` BasicAuth	(Optional) BasicAuth for the client. This is mutually exclusive with Authorization. If both are defined, BasicAuth takes precedence.
`oauth2` OAuth2	(Optional) OAuth2 client credentials used to fetch a token for the targets.
`bearerTokenSecret` Kubernetes core/v1.SecretKeySelector	(Optional) The secret’s key that contains the bearer token to be used by the client for authentication. The secret needs to be in the same namespace as the Alertmanager object and accessible by the Prometheus Operator.
`tlsConfig` SafeTLSConfig	(Optional) TLS configuration for the client.
`proxyURL` string	(Optional) Optional proxy URL.
`followRedirects` bool	(Optional) FollowRedirects specifies whether the client should follow HTTP 3xx redirects.

HostAlias

(Appears on:AlertmanagerSpec, CommonPrometheusFields, ThanosRulerSpec)

HostAlias holds the mapping between IP and hostnames that will be injected as an entry in the pod’s hosts file.

Field	Description
`ip` string	IP address of the host file entry.
`hostnames` []string	Hostnames for the above IP address.

LabelName (`string` alias)

(Appears on:RelabelConfig)

LabelName is a valid Prometheus label name which may only contain ASCII letters, numbers, as well as underscores.

MetadataConfig

(Appears on:RemoteWriteSpec)

MetadataConfig configures the sending of series metadata to the remote storage.

Field	Description
`send` bool	Whether metric metadata is sent to the remote storage or not.
`sendInterval` Duration	How frequently metric metadata is sent to the remote storage.

NamespaceSelector

(Appears on:PodMonitorSpec, ProbeTargetIngress, ServiceMonitorSpec)

NamespaceSelector is a selector for selecting either all namespaces or a list of namespaces. If any is true, it takes precedence over matchNames. If matchNames is empty and any is false, it means that the objects are selected from the current namespace.

Field	Description
`any` bool	Boolean describing whether all namespaces are selected in contrast to a list restricting them.
`matchNames` []string	List of namespace names to select from.

OAuth2

(Appears on:Endpoint, HTTPConfig, PodMetricsEndpoint, ProbeSpec, RemoteReadSpec, RemoteWriteSpec, HTTPConfig, HTTPConfig)

OAuth2 allows an endpoint to authenticate with OAuth2. More info: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#oauth2

Field	Description
`clientId` SecretOrConfigMap	The secret or configmap containing the OAuth2 client id
`clientSecret` Kubernetes core/v1.SecretKeySelector	The secret containing the OAuth2 client secret
`tokenUrl` string	The URL to fetch the token from
`scopes` []string	OAuth2 scopes used for the token request
`endpointParams` map[string]string	Parameters to append to the token URL

OAuth2ValidationError

Field	Description
`err` string

ObjectReference

(Appears on:CommonPrometheusFields, ThanosRulerSpec)

ObjectReference references a PodMonitor, ServiceMonitor, Probe or PrometheusRule object.

Field	Description
`group` string	(Optional) Group of the referent. When not specified, it defaults to `monitoring.coreos.com`
`resource` string	Resource of the referent.
`namespace` string	Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/
`name` string	(Optional) Name of the referent. When not set, all resources are matched.

PodMetricsEndpoint

(Appears on:PodMonitorSpec)

PodMetricsEndpoint defines a scrapeable endpoint of a Kubernetes Pod serving Prometheus metrics.

Field	Description
`port` string	Name of the pod port this endpoint refers to. Mutually exclusive with targetPort.
`targetPort` k8s.io/apimachinery/pkg/util/intstr.IntOrString	Deprecated: Use ‘port’ instead.
`path` string	HTTP path to scrape for metrics. If empty, Prometheus uses the default value (e.g. `/metrics`).
`scheme` string	HTTP scheme to use for scraping.
`params` map[string][]string	Optional HTTP URL parameters
`interval` Duration	Interval at which metrics should be scraped If not specified Prometheus’ global scrape interval is used.
`scrapeTimeout` Duration	Timeout after which the scrape is ended If not specified, the Prometheus global scrape interval is used.
`tlsConfig` PodMetricsEndpointTLSConfig	TLS configuration to use when scraping the endpoint.
`bearerTokenSecret` Kubernetes core/v1.SecretKeySelector	Secret to mount to read bearer token for scraping targets. The secret needs to be in the same namespace as the pod monitor and accessible by the Prometheus Operator.
`honorLabels` bool	HonorLabels chooses the metric’s labels on collisions with target labels.
`honorTimestamps` bool	HonorTimestamps controls whether Prometheus respects the timestamps present in scraped data.
`basicAuth` BasicAuth	BasicAuth allow an endpoint to authenticate over basic authentication. More info: https://prometheus.io/docs/operating/configuration/#endpoint
`oauth2` OAuth2	OAuth2 for the URL. Only valid in Prometheus versions 2.27.0 and newer.
`authorization` SafeAuthorization	Authorization section for this endpoint
`metricRelabelings` []RelabelConfig	MetricRelabelConfigs to apply to samples before ingestion.
`relabelings` []RelabelConfig	RelabelConfigs to apply to samples before scraping. Prometheus Operator automatically adds relabelings for a few standard Kubernetes fields. The original scrape job’s name is available via the `__tmp_prometheus_job_name` label. More info: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#relabel_config
`proxyUrl` string	ProxyURL eg http://proxyserver:2195 Directs scrapes to proxy through this endpoint.
`followRedirects` bool	FollowRedirects configures whether scrape requests follow HTTP 3xx redirects.
`enableHttp2` bool	Whether to enable HTTP2.
`filterRunning` bool	Drop pods that are not running. (Failed, Succeeded). Enabled by default. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#pod-phase

PodMetricsEndpointTLSConfig

(Appears on:PodMetricsEndpoint)

PodMetricsEndpointTLSConfig specifies TLS configuration parameters.

Field	Description
`ca` SecretOrConfigMap	Certificate authority used when verifying server certificates.
`cert` SecretOrConfigMap	Client certificate to present when doing client-authentication.
`keySecret` Kubernetes core/v1.SecretKeySelector	Secret containing the client key file for the targets.
`serverName` string	Used to verify the hostname for the targets.
`insecureSkipVerify` bool	Disable target certificate validation.

PodMonitorSpec

(Appears on:PodMonitor)

PodMonitorSpec contains specification parameters for a PodMonitor.

Field	Description
`jobLabel` string	The label to use to retrieve the job name from.
`podTargetLabels` []string	PodTargetLabels transfers labels on the Kubernetes Pod onto the target.
`podMetricsEndpoints` []PodMetricsEndpoint	A list of endpoints allowed as part of this PodMonitor.
`selector` Kubernetes meta/v1.LabelSelector	Selector to select Pod objects.
`namespaceSelector` NamespaceSelector	Selector to select which namespaces the Endpoints objects are discovered from.
`sampleLimit` uint64	SampleLimit defines per-scrape limit on number of scraped samples that will be accepted.
`targetLimit` uint64	TargetLimit defines a limit on the number of scraped targets that will be accepted.
`labelLimit` uint64	Per-scrape limit on number of labels that will be accepted for a sample. Only valid in Prometheus versions 2.27.0 and newer.
`labelNameLengthLimit` uint64	Per-scrape limit on length of labels name that will be accepted for a sample. Only valid in Prometheus versions 2.27.0 and newer.
`labelValueLengthLimit` uint64	Per-scrape limit on length of labels value that will be accepted for a sample. Only valid in Prometheus versions 2.27.0 and newer.
`attachMetadata` AttachMetadata	Attaches node metadata to discovered targets. Requires Prometheus v2.35.0 and above.

ProbeSpec

(Appears on:Probe)

ProbeSpec contains specification parameters for a Probe.

Field	Description
`jobName` string	The job name assigned to scraped metrics by default.
`prober` ProberSpec	Specification for the prober to use for probing targets. The prober.URL parameter is required. Targets cannot be probed if left empty.
`module` string	The module to use for probing specifying how to probe the target. Example module configuring in the blackbox exporter: https://github.com/prometheus/blackbox_exporter/blob/master/example.yml
`targets` ProbeTargets	Targets defines a set of static or dynamically discovered targets to probe.
`interval` Duration	Interval at which targets are probed using the configured prober. If not specified Prometheus’ global scrape interval is used.
`scrapeTimeout` Duration	Timeout for scraping metrics from the Prometheus exporter. If not specified, the Prometheus global scrape interval is used.
`tlsConfig` ProbeTLSConfig	TLS configuration to use when scraping the endpoint.
`bearerTokenSecret` Kubernetes core/v1.SecretKeySelector	Secret to mount to read bearer token for scraping targets. The secret needs to be in the same namespace as the probe and accessible by the Prometheus Operator.
`basicAuth` BasicAuth	BasicAuth allow an endpoint to authenticate over basic authentication. More info: https://prometheus.io/docs/operating/configuration/#endpoint
`oauth2` OAuth2	OAuth2 for the URL. Only valid in Prometheus versions 2.27.0 and newer.
`metricRelabelings` []RelabelConfig	MetricRelabelConfigs to apply to samples before ingestion.
`authorization` SafeAuthorization	Authorization section for this endpoint
`sampleLimit` uint64	SampleLimit defines per-scrape limit on number of scraped samples that will be accepted.
`targetLimit` uint64	TargetLimit defines a limit on the number of scraped targets that will be accepted.
`labelLimit` uint64	Per-scrape limit on number of labels that will be accepted for a sample. Only valid in Prometheus versions 2.27.0 and newer.
`labelNameLengthLimit` uint64	Per-scrape limit on length of labels name that will be accepted for a sample. Only valid in Prometheus versions 2.27.0 and newer.
`labelValueLengthLimit` uint64	Per-scrape limit on length of labels value that will be accepted for a sample. Only valid in Prometheus versions 2.27.0 and newer.

ProbeTLSConfig

(Appears on:ProbeSpec)

ProbeTLSConfig specifies TLS configuration parameters for the prober.

Field	Description
`ca` SecretOrConfigMap	Certificate authority used when verifying server certificates.
`cert` SecretOrConfigMap	Client certificate to present when doing client-authentication.
`keySecret` Kubernetes core/v1.SecretKeySelector	Secret containing the client key file for the targets.
`serverName` string	Used to verify the hostname for the targets.
`insecureSkipVerify` bool	Disable target certificate validation.

ProbeTargetIngress

(Appears on:ProbeTargets)

ProbeTargetIngress defines the set of Ingress objects considered for probing. The operator configures a target for each host/path combination of each ingress object.

Field	Description
`selector` Kubernetes meta/v1.LabelSelector	Selector to select the Ingress objects.
`namespaceSelector` NamespaceSelector	From which namespaces to select Ingress objects.
`relabelingConfigs` []RelabelConfig	RelabelConfigs to apply to the label set of the target before it gets scraped. The original ingress address is available via the `__tmp_prometheus_ingress_address` label. It can be used to customize the probed URL. The original scrape job’s name is available via the `__tmp_prometheus_job_name` label. More info: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#relabel_config

ProbeTargetStaticConfig

(Appears on:ProbeTargets)

ProbeTargetStaticConfig defines the set of static targets considered for probing.

Field	Description
`static` []string	The list of hosts to probe.
`labels` map[string]string	Labels assigned to all metrics scraped from the targets.
`relabelingConfigs` []RelabelConfig	RelabelConfigs to apply to the label set of the targets before it gets scraped. More info: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#relabel_config

ProbeTargets

(Appears on:ProbeSpec)

ProbeTargets defines how to discover the probed targets. One of the staticConfig or ingress must be defined. If both are defined, staticConfig takes precedence.

Field	Description
`staticConfig` ProbeTargetStaticConfig	staticConfig defines the static list of targets to probe and the relabeling configuration. If `ingress` is also defined, `staticConfig` takes precedence. More info: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#static_config.
`ingress` ProbeTargetIngress	ingress defines the Ingress objects to probe and the relabeling configuration. If `staticConfig` is also defined, `staticConfig` takes precedence.

ProbeTargetsValidationError

ProbeTargetsValidationError is returned by ProbeTargets.Validate() on semantically invalid configurations.

Field	Description
`err` string

ProberSpec

(Appears on:ProbeSpec)

ProberSpec contains specification parameters for the Prober used for probing.

Field	Description
`url` string	Mandatory URL of the prober.
`scheme` string	HTTP scheme to use for scraping. Defaults to `http`.
`path` string	Path to collect metrics from. Defaults to `/probe`.
`proxyUrl` string	Optional ProxyURL.

PrometheusRuleExcludeConfig

(Appears on:PrometheusSpec, ThanosRulerSpec)

PrometheusRuleExcludeConfig enables users to configure excluded PrometheusRule names and their namespaces to be ignored while enforcing namespace label for alerts and metrics.

Field	Description
`ruleNamespace` string	RuleNamespace - namespace of excluded rule
`ruleName` string	RuleNamespace - name of excluded rule

PrometheusRuleSpec

(Appears on:PrometheusRule)

PrometheusRuleSpec contains specification parameters for a Rule.

Field	Description
`groups` []RuleGroup	Content of Prometheus rule file

PrometheusSpec

(Appears on:Prometheus)

PrometheusSpec is a specification of the desired behavior of the Prometheus cluster. More info: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#spec-and-status

Field	Description
`podMetadata` EmbeddedObjectMetadata	PodMetadata configures Labels and Annotations which are propagated to the prometheus pods.
`serviceMonitorSelector` Kubernetes meta/v1.LabelSelector	ServiceMonitors to be selected for target discovery. If `spec.serviceMonitorSelector`, `spec.podMonitorSelector` and `spec.probeSelector` are null, the Prometheus configuration is unmanaged. The Prometheus operator will ensure that the Prometheus configuration’s Secret exists, but it is the responsibility of the user to provide the raw gzipped Prometheus configuration under the `prometheus.yaml.gz` key. This behavior is deprecated and will be removed in the next major version of the custom resource definition. It is recommended to use `spec.additionalScrapeConfigs` instead.
`serviceMonitorNamespaceSelector` Kubernetes meta/v1.LabelSelector	Namespace’s labels to match for ServiceMonitor discovery. If nil, only check own namespace.
`podMonitorSelector` Kubernetes meta/v1.LabelSelector	Experimental PodMonitors to be selected for target discovery. If `spec.serviceMonitorSelector`, `spec.podMonitorSelector` and `spec.probeSelector` are null, the Prometheus configuration is unmanaged. The Prometheus operator will ensure that the Prometheus configuration’s Secret exists, but it is the responsibility of the user to provide the raw gzipped Prometheus configuration under the `prometheus.yaml.gz` key. This behavior is deprecated and will be removed in the next major version of the custom resource definition. It is recommended to use `spec.additionalScrapeConfigs` instead.
`podMonitorNamespaceSelector` Kubernetes meta/v1.LabelSelector	Namespace’s labels to match for PodMonitor discovery. If nil, only check own namespace.
`probeSelector` Kubernetes meta/v1.LabelSelector	Experimental Probes to be selected for target discovery. If `spec.serviceMonitorSelector`, `spec.podMonitorSelector` and `spec.probeSelector` are null, the Prometheus configuration is unmanaged. The Prometheus operator will ensure that the Prometheus configuration’s Secret exists, but it is the responsibility of the user to provide the raw gzipped Prometheus configuration under the `prometheus.yaml.gz` key. This behavior is deprecated and will be removed in the next major version of the custom resource definition. It is recommended to use `spec.additionalScrapeConfigs` instead.
`probeNamespaceSelector` Kubernetes meta/v1.LabelSelector	Experimental Namespaces to be selected for Probe discovery. If nil, only check own namespace.
`version` string	Version of Prometheus to be deployed.
`paused` bool	When a Prometheus deployment is paused, no actions except for deletion will be performed on the underlying objects.
`image` string	Image if specified has precedence over baseImage, tag and sha combinations. Specifying the version is still necessary to ensure the Prometheus Operator knows what version of Prometheus is being configured.
`imagePullPolicy` Kubernetes core/v1.PullPolicy	Image pull policy for the ‘prometheus’, ‘init-config-reloader’ and ‘config-reloader’ containers. See https://kubernetes.io/docs/concepts/containers/images/#image-pull-policy for more details.
`imagePullSecrets` []Kubernetes core/v1.LocalObjectReference	An optional list of references to secrets in the same namespace to use for pulling prometheus and alertmanager images from registries see http://kubernetes.io/docs/user-guide/images#specifying-imagepullsecrets-on-a-pod
`replicas` int32	Number of replicas of each shard to deploy for a Prometheus deployment. Number of replicas multiplied by shards is the total number of Pods created.
`shards` int32	EXPERIMENTAL: Number of shards to distribute targets onto. Number of replicas multiplied by shards is the total number of Pods created. Note that scaling down shards will not reshard data onto remaining instances, it must be manually moved. Increasing shards will not reshard data either but it will continue to be available from the same instances. To query globally use Thanos sidecar and Thanos querier or remote write data to a central location. Sharding is done on the content of the `__address__` target meta-label.
`replicaExternalLabelName` string	Name of Prometheus external label used to denote replica name. Defaults to the value of `prometheus_replica`. External label will not be added when value is set to empty string (`""`).
`prometheusExternalLabelName` string	Name of Prometheus external label used to denote Prometheus instance name. Defaults to the value of `prometheus`. External label will not be added when value is set to empty string (`""`).
`logLevel` string	Log level for Prometheus to be configured with.
`logFormat` string	Log format for Prometheus to be configured with.
`scrapeInterval` Duration	Interval between consecutive scrapes. Default: `30s`
`scrapeTimeout` Duration	Number of seconds to wait for target to respond before erroring.
`externalLabels` map[string]string	The labels to add to any time series or alerts when communicating with external systems (federation, remote storage, Alertmanager).
`enableRemoteWriteReceiver` bool	Enable Prometheus to be used as a receiver for the Prometheus remote write protocol. Defaults to the value of `false`. WARNING: This is not considered an efficient way of ingesting samples. Use it with caution for specific low-volume use cases. It is not suitable for replacing the ingestion via scraping and turning Prometheus into a push-based metrics collection system. For more information see https://prometheus.io/docs/prometheus/latest/querying/api/#remote-write-receiver Only valid in Prometheus versions 2.33.0 and newer.
`enableFeatures` []string	Enable access to Prometheus disabled features. By default, no features are enabled. Enabling disabled features is entirely outside the scope of what the maintainers will support and by doing so, you accept that this behaviour may break at any time without notice. For more information see https://prometheus.io/docs/prometheus/latest/disabled_features/
`externalUrl` string	The external URL the Prometheus instances will be available under. This is necessary to generate correct URLs. This is necessary if Prometheus is not served from root of a DNS name.
`routePrefix` string	The route prefix Prometheus registers HTTP handlers for. This is useful, if using ExternalURL and a proxy is rewriting HTTP routes of a request, and the actual ExternalURL is still true, but the server serves requests under a different route prefix. For example for use with `kubectl proxy`.
`storage` StorageSpec	Storage spec to specify how storage shall be used.
`volumes` []Kubernetes core/v1.Volume	Volumes allows configuration of additional volumes on the output StatefulSet definition. Volumes specified will be appended to other volumes that are generated as a result of StorageSpec objects.
`volumeMounts` []Kubernetes core/v1.VolumeMount	VolumeMounts allows configuration of additional VolumeMounts on the output StatefulSet definition. VolumeMounts specified will be appended to other VolumeMounts in the prometheus container, that are generated as a result of StorageSpec objects.
`web` PrometheusWebSpec	Defines the web command line flags when starting Prometheus.
`resources` Kubernetes core/v1.ResourceRequirements	Define resources requests and limits for single Pods.
`nodeSelector` map[string]string	Define which Nodes the Pods are scheduled on.
`serviceAccountName` string	ServiceAccountName is the name of the ServiceAccount to use to run the Prometheus Pods.
`secrets` []string	Secrets is a list of Secrets in the same namespace as the Prometheus object, which shall be mounted into the Prometheus Pods. Each Secret is added to the StatefulSet definition as a volume named `secret-<secret-name>`. The Secrets are mounted into /etc/prometheus/secrets/ in the ‘prometheus’ container.
`configMaps` []string	ConfigMaps is a list of ConfigMaps in the same namespace as the Prometheus object, which shall be mounted into the Prometheus Pods. Each ConfigMap is added to the StatefulSet definition as a volume named `configmap-<configmap-name>`. The ConfigMaps are mounted into /etc/prometheus/configmaps/ in the ‘prometheus’ container.
`affinity` Kubernetes core/v1.Affinity	If specified, the pod’s scheduling constraints.
`tolerations` []Kubernetes core/v1.Toleration	If specified, the pod’s tolerations.
`topologySpreadConstraints` []Kubernetes core/v1.TopologySpreadConstraint	If specified, the pod’s topology spread constraints.
`remoteWrite` []RemoteWriteSpec	remoteWrite is the list of remote write configurations.
`securityContext` Kubernetes core/v1.PodSecurityContext	SecurityContext holds pod-level security attributes and common container settings. This defaults to the default PodSecurityContext.
`listenLocal` bool	ListenLocal makes the Prometheus server listen on loopback, so that it does not bind against the Pod IP.
`containers` []Kubernetes core/v1.Container	Containers allows injecting additional containers or modifying operator generated containers. This can be used to allow adding an authentication proxy to a Prometheus pod or to change the behavior of an operator generated container. Containers described here modify an operator generated container if they share the same name and modifications are done via a strategic merge patch. The current container names are: `prometheus`, `config-reloader`, and `thanos-sidecar`. Overriding containers is entirely outside the scope of what the maintainers will support and by doing so, you accept that this behaviour may break at any time without notice.
`initContainers` []Kubernetes core/v1.Container	InitContainers allows adding initContainers to the pod definition. Those can be used to e.g. fetch secrets for injection into the Prometheus configuration from external sources. Any errors during the execution of an initContainer will lead to a restart of the Pod. More info: https://kubernetes.io/docs/concepts/workloads/pods/init-containers/ InitContainers described here modify an operator generated init containers if they share the same name and modifications are done via a strategic merge patch. The current init container name is: `init-config-reloader`. Overriding init containers is entirely outside the scope of what the maintainers will support and by doing so, you accept that this behaviour may break at any time without notice.
`additionalScrapeConfigs` Kubernetes core/v1.SecretKeySelector	AdditionalScrapeConfigs allows specifying a key of a Secret containing additional Prometheus scrape configurations. Scrape configurations specified are appended to the configurations generated by the Prometheus Operator. Job configurations specified must have the form as specified in the official Prometheus documentation: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#scrape_config. As scrape configs are appended, the user is responsible to make sure it is valid. Note that using this feature may expose the possibility to break upgrades of Prometheus. It is advised to review Prometheus release notes to ensure that no incompatible scrape configs are going to break Prometheus after the upgrade.
`apiserverConfig` APIServerConfig	APIServerConfig allows specifying a host and auth methods to access apiserver. If left empty, Prometheus is assumed to run inside of the cluster and will discover API servers automatically and use the pod’s CA certificate and bearer token file at /var/run/secrets/kubernetes.io/serviceaccount/.
`priorityClassName` string	Priority class assigned to the Pods
`portName` string	Port name used for the pods and governing service. Defaults to `web`.
`arbitraryFSAccessThroughSMs` ArbitraryFSAccessThroughSMsConfig	ArbitraryFSAccessThroughSMs configures whether configuration based on a service monitor can access arbitrary files on the file system of the Prometheus container e.g. bearer token files.
`overrideHonorLabels` bool	When true, Prometheus resolves label conflicts by renaming the labels in the scraped data to “exported_” for all targets created from service and pod monitors. Otherwise the HonorLabels field of the service or pod monitor applies.
`overrideHonorTimestamps` bool	When true, Prometheus ignores the timestamps for all the targets created from service and pod monitors. Otherwise the HonorTimestamps field of the service or pod monitor applies.
`ignoreNamespaceSelectors` bool	IgnoreNamespaceSelectors if set to true will ignore NamespaceSelector settings from all PodMonitor, ServiceMonitor and Probe objects. They will only discover endpoints within the namespace of the PodMonitor, ServiceMonitor and Probe objects. Defaults to false.
`enforcedNamespaceLabel` string	EnforcedNamespaceLabel If set, a label will be added to all user-metrics (created by `ServiceMonitor`, `PodMonitor` and `Probe` objects) and in all `PrometheusRule` objects (except the ones excluded in `prometheusRulesExcludedFromEnforce`) to alerting & recording rules and the metrics used in their expressions (`expr`). Label name is this field’s value. Label value is the namespace of the created object (mentioned above).
`enforcedSampleLimit` uint64	EnforcedSampleLimit defines global limit on number of scraped samples that will be accepted. This overrides any SampleLimit set per ServiceMonitor or/and PodMonitor. It is meant to be used by admins to enforce the SampleLimit to keep overall number of samples/series under the desired limit. Note that if SampleLimit is lower that value will be taken instead.
`enforcedTargetLimit` uint64	EnforcedTargetLimit defines a global limit on the number of scraped targets. This overrides any TargetLimit set per ServiceMonitor or/and PodMonitor. It is meant to be used by admins to enforce the TargetLimit to keep the overall number of targets under the desired limit. Note that if TargetLimit is lower, that value will be taken instead, except if either value is zero, in which case the non-zero value will be used. If both values are zero, no limit is enforced.
`enforcedLabelLimit` uint64	Per-scrape limit on number of labels that will be accepted for a sample. If more than this number of labels are present post metric-relabeling, the entire scrape will be treated as failed. 0 means no limit. Only valid in Prometheus versions 2.27.0 and newer.
`enforcedLabelNameLengthLimit` uint64	Per-scrape limit on length of labels name that will be accepted for a sample. If a label name is longer than this number post metric-relabeling, the entire scrape will be treated as failed. 0 means no limit. Only valid in Prometheus versions 2.27.0 and newer.
`enforcedLabelValueLengthLimit` uint64	Per-scrape limit on length of labels value that will be accepted for a sample. If a label value is longer than this number post metric-relabeling, the entire scrape will be treated as failed. 0 means no limit. Only valid in Prometheus versions 2.27.0 and newer.
`enforcedBodySizeLimit` ByteSize	EnforcedBodySizeLimit defines the maximum size of uncompressed response body that will be accepted by Prometheus. Targets responding with a body larger than this many bytes will cause the scrape to fail. Example: 100MB. If defined, the limit will apply to all service/pod monitors and probes. This is an experimental feature, this behaviour could change or be removed in the future. Only valid in Prometheus versions 2.28.0 and newer.
`minReadySeconds` uint32	(Optional) Minimum number of seconds for which a newly created pod should be ready without any of its container crashing for it to be considered available. Defaults to 0 (pod will be considered available as soon as it is ready) This is an alpha field from kubernetes 1.22 until 1.24 which requires enabling the StatefulSetMinReadySeconds feature gate.
`hostAliases` []HostAlias	Pods’ hostAliases configuration
`additionalArgs` []Argument	AdditionalArgs allows setting additional arguments for the Prometheus container. It is intended for e.g. activating hidden flags which are not supported by the dedicated configuration options yet. The arguments are passed as-is to the Prometheus container which may cause issues if they are invalid or not supported by the given Prometheus version. In case of an argument conflict (e.g. an argument which is already set by the operator itself) or when providing an invalid argument the reconciliation will fail and an error will be logged.
`walCompression` bool	Enable compression of the write-ahead log using Snappy. This flag is only available in versions of Prometheus >= 2.11.0.
`excludedFromEnforcement` []ObjectReference	List of references to PodMonitor, ServiceMonitor, Probe and PrometheusRule objects to be excluded from enforcing a namespace label of origin. Applies only if enforcedNamespaceLabel set to true.
`hostNetwork` bool	Use the host’s network namespace if true. Make sure to understand the security implications if you want to enable it. When hostNetwork is enabled, this will set dnsPolicy to ClusterFirstWithHostNet automatically.
`podTargetLabels` []string	PodTargetLabels are added to all Pod/ServiceMonitors’ podTargetLabels
`baseImage` string	Base image to use for a Prometheus deployment. Deprecated: use ‘image’ instead
`tag` string	Tag of Prometheus container image to be deployed. Defaults to the value of `version`. Version is ignored if Tag is set. Deprecated: use ‘image’ instead. The image tag can be specified as part of the image URL.
`sha` string	SHA of Prometheus container image to be deployed. Defaults to the value of `version`. Similar to a tag, but the SHA explicitly deploys an immutable container image. Version and Tag are ignored if SHA is set. Deprecated: use ‘image’ instead. The image digest can be specified as part of the image URL.
`retention` Duration	Time duration Prometheus shall retain data for. Default is ‘24h’ if retentionSize is not set, and must match the regular expression `[0-9]+(ms\|s\|m\|h\|d\|w\|y)` (milliseconds seconds minutes hours days weeks years).
`retentionSize` ByteSize	Maximum amount of disk space used by blocks.
`disableCompaction` bool	Disable prometheus compaction.
`rules` Rules	/–rules.*/ command-line arguments.
`prometheusRulesExcludedFromEnforce` []PrometheusRuleExcludeConfig	PrometheusRulesExcludedFromEnforce - list of prometheus rules to be excluded from enforcing of adding namespace labels. Works only if enforcedNamespaceLabel set to true. Make sure both ruleNamespace and ruleName are set for each pair. Deprecated: use excludedFromEnforcement instead.
`query` QuerySpec	QuerySpec defines the query command line flags when starting Prometheus.
`ruleSelector` Kubernetes meta/v1.LabelSelector	A selector to select which PrometheusRules to mount for loading alerting/recording rules from. Until (excluding) Prometheus Operator v0.24.0 Prometheus Operator will migrate any legacy rule ConfigMaps to PrometheusRule custom resources selected by RuleSelector. Make sure it does not match any config maps that you do not want to be migrated.
`ruleNamespaceSelector` Kubernetes meta/v1.LabelSelector	Namespaces to be selected for PrometheusRules discovery. If unspecified, only the same namespace as the Prometheus object is in is used.
`alerting` AlertingSpec	Define details regarding alerting.
`remoteRead` []RemoteReadSpec	remoteRead is the list of remote read configurations.
`additionalAlertRelabelConfigs` Kubernetes core/v1.SecretKeySelector	AdditionalAlertRelabelConfigs allows specifying a key of a Secret containing additional Prometheus alert relabel configurations. Alert relabel configurations specified are appended to the configurations generated by the Prometheus Operator. Alert relabel configurations specified must have the form as specified in the official Prometheus documentation: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#alert_relabel_configs. As alert relabel configs are appended, the user is responsible to make sure it is valid. Note that using this feature may expose the possibility to break upgrades of Prometheus. It is advised to review Prometheus release notes to ensure that no incompatible alert relabel configs are going to break Prometheus after the upgrade.
`additionalAlertManagerConfigs` Kubernetes core/v1.SecretKeySelector	AdditionalAlertManagerConfigs allows specifying a key of a Secret containing additional Prometheus AlertManager configurations. AlertManager configurations specified are appended to the configurations generated by the Prometheus Operator. Job configurations specified must have the form as specified in the official Prometheus documentation: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#alertmanager_config. As AlertManager configs are appended, the user is responsible to make sure it is valid. Note that using this feature may expose the possibility to break upgrades of Prometheus. It is advised to review Prometheus release notes to ensure that no incompatible AlertManager configs are going to break Prometheus after the upgrade.
`thanos` ThanosSpec	Thanos configuration allows configuring various aspects of a Prometheus server in a Thanos environment. This section is experimental, it may change significantly without deprecation notice in any release.
`queryLogFile` string	QueryLogFile specifies the file to which PromQL queries are logged. If the filename has an empty path, e.g. ‘query.log’, prometheus-operator will mount the file into an emptyDir volume at `/var/log/prometheus`. If a full path is provided, e.g. /var/log/prometheus/query.log, you must mount a volume in the specified directory and it must be writable. This is because the prometheus container runs with a read-only root filesystem for security reasons. Alternatively, the location can be set to a stdout location such as `/dev/stdout` to log query information to the default Prometheus log stream. This is only available in versions of Prometheus >= 2.16.0. For more details, see the Prometheus docs (https://prometheus.io/docs/guides/query-log/)
`allowOverlappingBlocks` bool	AllowOverlappingBlocks enables vertical compaction and vertical query merge in Prometheus. This is still experimental in Prometheus so it may change in any upcoming release.
`exemplars` Exemplars	Exemplars related settings that are runtime reloadable. It requires to enable the exemplar storage feature to be effective.
`evaluationInterval` Duration	Interval between consecutive evaluations. Default: `30s`
`enableAdminAPI` bool	Enable access to prometheus web admin API. Defaults to the value of `false`. WARNING: Enabling the admin APIs enables mutating endpoints, to delete data, shutdown Prometheus, and more. Enabling this should be done with care and the user is advised to add additional authentication authorization via a proxy to ensure only clients authorized to perform these actions can do so. For more information see https://prometheus.io/docs/prometheus/latest/querying/api/#tsdb-admin-apis
`tsdb` TSDBSpec	Defines the runtime reloadable configuration of the timeseries database (TSDB).

PrometheusStatus

(Appears on:Prometheus, PrometheusAgent)

PrometheusStatus is the most recent observed status of the Prometheus cluster. More info: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#spec-and-status

Field	Description
`paused` bool	Represents whether any actions on the underlying managed objects are being performed. Only delete actions will be performed.
`replicas` int32	Total number of non-terminated pods targeted by this Prometheus deployment (their labels match the selector).
`updatedReplicas` int32	Total number of non-terminated pods targeted by this Prometheus deployment that have the desired version spec.
`availableReplicas` int32	Total number of available pods (ready for at least minReadySeconds) targeted by this Prometheus deployment.
`unavailableReplicas` int32	Total number of unavailable pods targeted by this Prometheus deployment.
`conditions` []Condition	(Optional) The current state of the Prometheus deployment.
`shardStatuses` []ShardStatus	(Optional) The list has one entry per shard. Each entry provides a summary of the shard status.

PrometheusWebSpec

(Appears on:CommonPrometheusFields)

PrometheusWebSpec defines the web command line flags when starting Prometheus.

Field	Description
`tlsConfig` WebTLSConfig	Defines the TLS parameters for HTTPS.
`httpConfig` WebHTTPConfig	Defines HTTP parameters for web server.
`pageTitle` string	The prometheus web page title
`maxConnections` int32	Defines the maximum number of simultaneous connections A zero value means that Prometheus doesn’t accept any incoming connection.

QuerySpec

(Appears on:PrometheusSpec)

QuerySpec defines the query command line flags when starting Prometheus.

Field	Description
`lookbackDelta` string	The delta difference allowed for retrieving metrics during expression evaluations.
`maxConcurrency` int32	Number of concurrent queries that can be run at once.
`maxSamples` int32	Maximum number of samples a single query can load into memory. Note that queries will fail if they would load more samples than this into memory, so this also limits the number of samples a query can return.
`timeout` Duration	Maximum time a query may take before being aborted.

QueueConfig

(Appears on:RemoteWriteSpec)

QueueConfig allows the tuning of remote write’s queue_config parameters. This object is referenced in the RemoteWriteSpec object.

Field	Description
`capacity` int	Capacity is the number of samples to buffer per shard before we start dropping them.
`minShards` int	MinShards is the minimum number of shards, i.e. amount of concurrency.
`maxShards` int	MaxShards is the maximum number of shards, i.e. amount of concurrency.
`maxSamplesPerSend` int	MaxSamplesPerSend is the maximum number of samples per send.
`batchSendDeadline` string	BatchSendDeadline is the maximum time a sample will wait in buffer.
`maxRetries` int	MaxRetries is the maximum number of times to retry a batch on recoverable errors.
`minBackoff` string	MinBackoff is the initial retry delay. Gets doubled for every retry.
`maxBackoff` string	MaxBackoff is the maximum retry delay.
`retryOnRateLimit` bool	Retry upon receiving a 429 status code from the remote-write storage. This is experimental feature and might change in the future.

RelabelConfig

(Appears on:Endpoint, PodMetricsEndpoint, ProbeSpec, ProbeTargetIngress, ProbeTargetStaticConfig, RemoteWriteSpec)

RelabelConfig allows dynamic rewriting of the label set, being applied to samples before ingestion. It defines <metric_relabel_configs>-section of Prometheus configuration. More info: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#metric_relabel_configs

Field	Description
`sourceLabels` []LabelName	The source labels select values from existing labels. Their content is concatenated using the configured separator and matched against the configured regular expression for the replace, keep, and drop actions.
`separator` string	Separator placed between concatenated source label values. default is ‘;’.
`targetLabel` string	Label to which the resulting value is written in a replace action. It is mandatory for replace actions. Regex capture groups are available.
`regex` string	Regular expression against which the extracted value is matched. Default is ‘(.*)’
`modulus` uint64	Modulus to take of the hash of the source label values.
`replacement` string	Replacement value against which a regex replace is performed if the regular expression matches. Regex capture groups are available. Default is ‘$1’
`action` string	Action to perform based on regex matching. Default is ‘replace’. uppercase and lowercase actions require Prometheus >= 2.36.

RemoteReadSpec

(Appears on:PrometheusSpec)

RemoteReadSpec defines the configuration for Prometheus to read back samples from a remote endpoint.

Field	Description
`url` string	The URL of the endpoint to query from.
`name` string	The name of the remote read queue, it must be unique if specified. The name is used in metrics and logging in order to differentiate read configurations. Only valid in Prometheus versions 2.15.0 and newer.
`requiredMatchers` map[string]string	An optional list of equality matchers which have to be present in a selector to query the remote read endpoint.
`remoteTimeout` Duration	Timeout for requests to the remote read endpoint.
`headers` map[string]string	Custom HTTP headers to be sent along with each remote read request. Be aware that headers that are set by Prometheus itself can’t be overwritten. Only valid in Prometheus versions 2.26.0 and newer.
`readRecent` bool	Whether reads should be made for queries for time ranges that the local storage should have complete data for.
`basicAuth` BasicAuth	BasicAuth for the URL.
`oauth2` OAuth2	OAuth2 for the URL. Only valid in Prometheus versions 2.27.0 and newer.
`bearerToken` string	Bearer token for remote read.
`bearerTokenFile` string	File to read bearer token for remote read.
`authorization` Authorization	Authorization section for remote read
`tlsConfig` TLSConfig	TLS Config to use for remote read.
`proxyUrl` string	Optional ProxyURL.
`filterExternalLabels` bool	Whether to use the external labels as selectors for the remote read endpoint. Requires Prometheus v2.34.0 and above.

RemoteWriteSpec

(Appears on:CommonPrometheusFields)

RemoteWriteSpec defines the configuration to write samples from Prometheus to a remote endpoint.

Field	Description
`url` string	The URL of the endpoint to send samples to.
`name` string	The name of the remote write queue, it must be unique if specified. The name is used in metrics and logging in order to differentiate queues. Only valid in Prometheus versions 2.15.0 and newer.
`sendExemplars` bool	Enables sending of exemplars over remote write. Note that exemplar-storage itself must be enabled using the enableFeature option for exemplars to be scraped in the first place. Only valid in Prometheus versions 2.27.0 and newer.
`remoteTimeout` Duration	Timeout for requests to the remote write endpoint.
`headers` map[string]string	Custom HTTP headers to be sent along with each remote write request. Be aware that headers that are set by Prometheus itself can’t be overwritten. Only valid in Prometheus versions 2.25.0 and newer.
`writeRelabelConfigs` []RelabelConfig	The list of remote write relabel configurations.
`oauth2` OAuth2	OAuth2 for the URL. Only valid in Prometheus versions 2.27.0 and newer.
`basicAuth` BasicAuth	BasicAuth for the URL.
`bearerToken` string	Bearer token for remote write.
`bearerTokenFile` string	File to read bearer token for remote write.
`authorization` Authorization	Authorization section for remote write
`sigv4` Sigv4	Sigv4 allows to configures AWS’s Signature Verification 4
`tlsConfig` TLSConfig	TLS Config to use for remote write.
`proxyUrl` string	Optional ProxyURL.
`queueConfig` QueueConfig	QueueConfig allows tuning of the remote write queue parameters.
`metadataConfig` MetadataConfig	MetadataConfig configures the sending of series metadata to the remote storage.

Rule

(Appears on:RuleGroup)

Rule describes an alerting or recording rule See Prometheus documentation: alerting or recording rule

Field	Description
`record` string	Name of the time series to output to. Must be a valid metric name. Only one of `record` and `alert` must be set.
`alert` string	Name of the alert. Must be a valid label value. Only one of `record` and `alert` must be set.
`expr` k8s.io/apimachinery/pkg/util/intstr.IntOrString	PromQL expression to evaluate.
`for` Duration	Alerts are considered firing once they have been returned for this long.
`labels` map[string]string	Labels to add or overwrite.
`annotations` map[string]string	Annotations to add to each alert. Only valid for alerting rules.

RuleGroup

(Appears on:PrometheusRuleSpec)

RuleGroup is a list of sequentially evaluated recording and alerting rules.

Field	Description
`name` string	Name of the rule group.
`interval` Duration	Interval determines how often rules in the group are evaluated.
`rules` []Rule	List of alerting and recording rules.
`partial_response_strategy` string	PartialResponseStrategy is only used by ThanosRuler and will be ignored by Prometheus instances. More info: https://github.com/thanos-io/thanos/blob/main/docs/components/rule.md#partial-response

Rules

(Appears on:PrometheusSpec)

/–rules.*/ command-line arguments

Field	Description
`alert` RulesAlert

RulesAlert

(Appears on:Rules)

/–rules.alert.*/ command-line arguments

Field	Description
`forOutageTolerance` string	Max time to tolerate prometheus outage for restoring ‘for’ state of alert.
`forGracePeriod` string	Minimum duration between alert and restored ‘for’ state. This is maintained only for alerts with configured ‘for’ time greater than grace period.
`resendDelay` string	Minimum amount of time to wait before resending an alert to Alertmanager.

SafeAuthorization

(Appears on:AlertmanagerEndpoints, Authorization, Endpoint, HTTPConfig, PodMetricsEndpoint, ProbeSpec, HTTPConfig, HTTPConfig)

SafeAuthorization specifies a subset of the Authorization struct, that is safe for use in Endpoints (no CredentialsFile field)

Field	Description
`type` string	Set the authentication type. Defaults to Bearer, Basic will cause an error
`credentials` Kubernetes core/v1.SecretKeySelector	The secret’s key that contains the credentials of the request

SafeTLSConfig

(Appears on:HTTPConfig, PodMetricsEndpointTLSConfig, ProbeTLSConfig, TLSConfig, EmailConfig, HTTPConfig, EmailConfig, HTTPConfig)

SafeTLSConfig specifies safe TLS configuration parameters.

Field	Description
`ca` SecretOrConfigMap	Certificate authority used when verifying server certificates.
`cert` SecretOrConfigMap	Client certificate to present when doing client-authentication.
`keySecret` Kubernetes core/v1.SecretKeySelector	Secret containing the client key file for the targets.
`serverName` string	Used to verify the hostname for the targets.
`insecureSkipVerify` bool	Disable target certificate validation.

SecretOrConfigMap

(Appears on:AlertmanagerConfiguration, OAuth2, SafeTLSConfig, WebTLSConfig)

SecretOrConfigMap allows to specify data as a Secret or ConfigMap. Fields are mutually exclusive.

Field	Description
`secret` Kubernetes core/v1.SecretKeySelector	Secret containing data to use for the targets.
`configMap` Kubernetes core/v1.ConfigMapKeySelector	ConfigMap containing data to use for the targets.

SecretOrConfigMapValidationError

SecretOrConfigMapValidationError is returned by SecretOrConfigMap.Validate() on semantically invalid configurations.

Field	Description
`err` string

ServiceMonitorSpec

(Appears on:ServiceMonitor)

ServiceMonitorSpec contains specification parameters for a ServiceMonitor.

Field	Description
`jobLabel` string	JobLabel selects the label from the associated Kubernetes service which will be used as the `job` label for all metrics. For example: If in `ServiceMonitor.spec.jobLabel: foo` and in `Service.metadata.labels.foo: bar`, then the `job="bar"` label is added to all metrics. If the value of this field is empty or if the label doesn’t exist for the given Service, the `job` label of the metrics defaults to the name of the Kubernetes Service.
`targetLabels` []string	TargetLabels transfers labels from the Kubernetes `Service` onto the created metrics.
`podTargetLabels` []string	PodTargetLabels transfers labels on the Kubernetes `Pod` onto the created metrics.
`endpoints` []Endpoint	A list of endpoints allowed as part of this ServiceMonitor.
`selector` Kubernetes meta/v1.LabelSelector	Selector to select Endpoints objects.
`namespaceSelector` NamespaceSelector	Selector to select which namespaces the Kubernetes Endpoints objects are discovered from.
`sampleLimit` uint64	SampleLimit defines per-scrape limit on number of scraped samples that will be accepted.
`targetLimit` uint64	TargetLimit defines a limit on the number of scraped targets that will be accepted.
`labelLimit` uint64	Per-scrape limit on number of labels that will be accepted for a sample. Only valid in Prometheus versions 2.27.0 and newer.
`labelNameLengthLimit` uint64	Per-scrape limit on length of labels name that will be accepted for a sample. Only valid in Prometheus versions 2.27.0 and newer.
`labelValueLengthLimit` uint64	Per-scrape limit on length of labels value that will be accepted for a sample. Only valid in Prometheus versions 2.27.0 and newer.
`attachMetadata` AttachMetadata	Attaches node metadata to discovered targets. Requires Prometheus v2.37.0 and above.

ShardStatus

(Appears on:PrometheusStatus)

Field	Description
`shardID` string	Identifier of the shard.
`replicas` int32	Total number of pods targeted by this shard.
`updatedReplicas` int32	Total number of non-terminated pods targeted by this shard that have the desired spec.
`availableReplicas` int32	Total number of available pods (ready for at least minReadySeconds) targeted by this shard.
`unavailableReplicas` int32	Total number of unavailable pods targeted by this shard.

Sigv4

(Appears on:RemoteWriteSpec, SNSConfig, SNSConfig)

Sigv4 optionally configures AWS’s Signature Verification 4 signing process to sign requests. Cannot be set at the same time as basic_auth or authorization.

Field	Description
`region` string	Region is the AWS region. If blank, the region from the default credentials chain used.
`accessKey` Kubernetes core/v1.SecretKeySelector	AccessKey is the AWS API key. If blank, the environment variable `AWS_ACCESS_KEY_ID` is used.
`secretKey` Kubernetes core/v1.SecretKeySelector	SecretKey is the AWS API secret. If blank, the environment variable `AWS_SECRET_ACCESS_KEY` is used.
`profile` string	Profile is the named AWS profile used to authenticate.
`roleArn` string	RoleArn is the named AWS profile used to authenticate.

StorageSpec

(Appears on:AlertmanagerSpec, CommonPrometheusFields, ThanosRulerSpec)

StorageSpec defines the configured storage for a group Prometheus servers. If no storage option is specified, then by default an EmptyDir will be used. If multiple storage options are specified, priority will be given as follows: EmptyDir, Ephemeral, and lastly VolumeClaimTemplate.

Field	Description
`disableMountSubPath` bool	Deprecated: subPath usage will be disabled by default in a future release, this option will become unnecessary. DisableMountSubPath allows to remove any subPath usage in volume mounts.
`emptyDir` Kubernetes core/v1.EmptyDirVolumeSource	EmptyDirVolumeSource to be used by the StatefulSet. If specified, used in place of any volumeClaimTemplate. More info: https://kubernetes.io/docs/concepts/storage/volumes/#emptydir
`ephemeral` Kubernetes core/v1.EphemeralVolumeSource	EphemeralVolumeSource to be used by the StatefulSet. This is a beta field in k8s 1.21, for lower versions, starting with k8s 1.19, it requires enabling the GenericEphemeralVolume feature gate. More info: https://kubernetes.io/docs/concepts/storage/ephemeral-volumes/#generic-ephemeral-volumes
`volumeClaimTemplate` EmbeddedPersistentVolumeClaim	A PVC spec to be used by the StatefulSet. The easiest way to use a volume that cannot be automatically provisioned (for whatever reason) is to use a label selector alongside manually created PersistentVolumes.

TLSConfig

(Appears on:APIServerConfig, AlertmanagerEndpoints, Endpoint, RemoteReadSpec, RemoteWriteSpec, ThanosRulerSpec, ThanosSpec)

TLSConfig extends the safe TLS configuration with file parameters.

Field	Description
`ca` SecretOrConfigMap	Certificate authority used when verifying server certificates.
`cert` SecretOrConfigMap	Client certificate to present when doing client-authentication.
`keySecret` Kubernetes core/v1.SecretKeySelector	Secret containing the client key file for the targets.
`serverName` string	Used to verify the hostname for the targets.
`insecureSkipVerify` bool	Disable target certificate validation.
`caFile` string	Path to the CA cert in the Prometheus container to use for the targets.
`certFile` string	Path to the client cert file in the Prometheus container for the targets.
`keyFile` string	Path to the client key file in the Prometheus container for the targets.

TLSConfigValidationError

TLSConfigValidationError is returned by TLSConfig.Validate() on semantically invalid tls configurations.

Field	Description
`err` string

TSDBSpec

(Appears on:PrometheusSpec)

Field	Description
`outOfOrderTimeWindow` Duration	Configures how old an out-of-order/out-of-bounds sample can be w.r.t. the TSDB max time. An out-of-order/out-of-bounds sample is ingested into the TSDB as long as the timestamp of the sample is >= (TSDB.MaxTime - outOfOrderTimeWindow). Out of order ingestion is an experimental feature and requires Prometheus >= v2.39.0.

ThanosRulerSpec

(Appears on:ThanosRuler)

ThanosRulerSpec is a specification of the desired behavior of the ThanosRuler. More info: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#spec-and-status

Field	Description
`version` string	Version of Thanos to be deployed.
`podMetadata` EmbeddedObjectMetadata	PodMetadata contains Labels and Annotations gets propagated to the thanos ruler pods.
`image` string	Thanos container image URL.
`imagePullPolicy` Kubernetes core/v1.PullPolicy	Image pull policy for the ‘thanos’, ‘init-config-reloader’ and ‘config-reloader’ containers. See https://kubernetes.io/docs/concepts/containers/images/#image-pull-policy for more details.
`imagePullSecrets` []Kubernetes core/v1.LocalObjectReference	An optional list of references to secrets in the same namespace to use for pulling thanos images from registries see http://kubernetes.io/docs/user-guide/images#specifying-imagepullsecrets-on-a-pod
`paused` bool	When a ThanosRuler deployment is paused, no actions except for deletion will be performed on the underlying objects.
`replicas` int32	Number of thanos ruler instances to deploy.
`nodeSelector` map[string]string	Define which Nodes the Pods are scheduled on.
`resources` Kubernetes core/v1.ResourceRequirements	Resources defines the resource requirements for single Pods. If not provided, no requests/limits will be set
`affinity` Kubernetes core/v1.Affinity	If specified, the pod’s scheduling constraints.
`tolerations` []Kubernetes core/v1.Toleration	If specified, the pod’s tolerations.
`topologySpreadConstraints` []Kubernetes core/v1.TopologySpreadConstraint	If specified, the pod’s topology spread constraints.
`securityContext` Kubernetes core/v1.PodSecurityContext	SecurityContext holds pod-level security attributes and common container settings. This defaults to the default PodSecurityContext.
`priorityClassName` string	Priority class assigned to the Pods
`serviceAccountName` string	ServiceAccountName is the name of the ServiceAccount to use to run the Thanos Ruler Pods.
`storage` StorageSpec	Storage spec to specify how storage shall be used.
`volumes` []Kubernetes core/v1.Volume	Volumes allows configuration of additional volumes on the output StatefulSet definition. Volumes specified will be appended to other volumes that are generated as a result of StorageSpec objects.
`objectStorageConfig` Kubernetes core/v1.SecretKeySelector	ObjectStorageConfig configures object storage in Thanos. Alternative to ObjectStorageConfigFile, and lower order priority.
`objectStorageConfigFile` string	ObjectStorageConfigFile specifies the path of the object storage configuration file. When used alongside with ObjectStorageConfig, ObjectStorageConfigFile takes precedence.
`listenLocal` bool	ListenLocal makes the Thanos ruler listen on loopback, so that it does not bind against the Pod IP.
`queryEndpoints` []string	QueryEndpoints defines Thanos querier endpoints from which to query metrics. Maps to the –query flag of thanos ruler.
`queryConfig` Kubernetes core/v1.SecretKeySelector	Define configuration for connecting to thanos query instances. If this is defined, the QueryEndpoints field will be ignored. Maps to the `query.config` CLI argument. Only available with thanos v0.11.0 and higher.
`alertmanagersUrl` []string	Define URLs to send alerts to Alertmanager. For Thanos v0.10.0 and higher, AlertManagersConfig should be used instead. Note: this field will be ignored if AlertManagersConfig is specified. Maps to the `alertmanagers.url` arg.
`alertmanagersConfig` Kubernetes core/v1.SecretKeySelector	Define configuration for connecting to alertmanager. Only available with thanos v0.10.0 and higher. Maps to the `alertmanagers.config` arg.
`ruleSelector` Kubernetes meta/v1.LabelSelector	A label selector to select which PrometheusRules to mount for alerting and recording.
`ruleNamespaceSelector` Kubernetes meta/v1.LabelSelector	Namespaces to be selected for Rules discovery. If unspecified, only the same namespace as the ThanosRuler object is in is used.
`enforcedNamespaceLabel` string	EnforcedNamespaceLabel enforces adding a namespace label of origin for each alert and metric that is user created. The label value will always be the namespace of the object that is being created.
`excludedFromEnforcement` []ObjectReference	List of references to PrometheusRule objects to be excluded from enforcing a namespace label of origin. Applies only if enforcedNamespaceLabel set to true.
`prometheusRulesExcludedFromEnforce` []PrometheusRuleExcludeConfig	PrometheusRulesExcludedFromEnforce - list of Prometheus rules to be excluded from enforcing of adding namespace labels. Works only if enforcedNamespaceLabel set to true. Make sure both ruleNamespace and ruleName are set for each pair Deprecated: use excludedFromEnforcement instead.
`logLevel` string	Log level for ThanosRuler to be configured with.
`logFormat` string	Log format for ThanosRuler to be configured with.
`portName` string	Port name used for the pods and governing service. Defaults to `web`.
`evaluationInterval` Duration	Interval between consecutive evaluations.
`retention` Duration	Time duration ThanosRuler shall retain data for. Default is ‘24h’, and must match the regular expression `[0-9]+(ms\|s\|m\|h\|d\|w\|y)` (milliseconds seconds minutes hours days weeks years).
`containers` []Kubernetes core/v1.Container	Containers allows injecting additional containers or modifying operator generated containers. This can be used to allow adding an authentication proxy to a ThanosRuler pod or to change the behavior of an operator generated container. Containers described here modify an operator generated container if they share the same name and modifications are done via a strategic merge patch. The current container names are: `thanos-ruler` and `config-reloader`. Overriding containers is entirely outside the scope of what the maintainers will support and by doing so, you accept that this behaviour may break at any time without notice.
`initContainers` []Kubernetes core/v1.Container	InitContainers allows adding initContainers to the pod definition. Those can be used to e.g. fetch secrets for injection into the ThanosRuler configuration from external sources. Any errors during the execution of an initContainer will lead to a restart of the Pod. More info: https://kubernetes.io/docs/concepts/workloads/pods/init-containers/ Using initContainers for any use case other then secret fetching is entirely outside the scope of what the maintainers will support and by doing so, you accept that this behaviour may break at any time without notice.
`tracingConfig` Kubernetes core/v1.SecretKeySelector	TracingConfig configures tracing in Thanos. This is an experimental feature, it may change in any upcoming release in a breaking way.
`tracingConfigFile` string	TracingConfig specifies the path of the tracing configuration file. When used alongside with TracingConfig, TracingConfigFile takes precedence.
`labels` map[string]string	Labels configure the external label pairs to ThanosRuler. A default replica label `thanos_ruler_replica` will be always added as a label with the value of the pod’s name and it will be dropped in the alerts.
`alertDropLabels` []string	AlertDropLabels configure the label names which should be dropped in ThanosRuler alerts. The replica label `thanos_ruler_replica` will always be dropped in alerts.
`externalPrefix` string	The external URL the Thanos Ruler instances will be available under. This is necessary to generate correct URLs. This is necessary if Thanos Ruler is not served from root of a DNS name.
`routePrefix` string	The route prefix ThanosRuler registers HTTP handlers for. This allows thanos UI to be served on a sub-path.
`grpcServerTlsConfig` TLSConfig	GRPCServerTLSConfig configures the gRPC server from which Thanos Querier reads recorded rule data. Note: Currently only the CAFile, CertFile, and KeyFile fields are supported. Maps to the ‘–grpc-server-tls-*’ CLI args.
`alertQueryUrl` string	The external Query URL the Thanos Ruler will set in the ‘Source’ field of all alerts. Maps to the ‘–alert.query-url’ CLI arg.
`minReadySeconds` uint32	(Optional) Minimum number of seconds for which a newly created pod should be ready without any of its container crashing for it to be considered available. Defaults to 0 (pod will be considered available as soon as it is ready) This is an alpha field from kubernetes 1.22 until 1.24 which requires enabling the StatefulSetMinReadySeconds feature gate.
`alertRelabelConfigs` Kubernetes core/v1.SecretKeySelector	AlertRelabelConfigs configures alert relabeling in ThanosRuler. Alert relabel configurations must have the form as specified in the official Prometheus documentation: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#alert_relabel_configs Alternative to AlertRelabelConfigFile, and lower order priority.
`alertRelabelConfigFile` string	AlertRelabelConfigFile specifies the path of the alert relabeling configuration file. When used alongside with AlertRelabelConfigs, alertRelabelConfigFile takes precedence.
`hostAliases` []HostAlias	Pods’ hostAliases configuration
`additionalArgs` []Argument	AdditionalArgs allows setting additional arguments for the ThanosRuler container. It is intended for e.g. activating hidden flags which are not supported by the dedicated configuration options yet. The arguments are passed as-is to the ThanosRuler container which may cause issues if they are invalid or not supported by the given ThanosRuler version. In case of an argument conflict (e.g. an argument which is already set by the operator itself) or when providing an invalid argument the reconciliation will fail and an error will be logged.

ThanosRulerStatus

(Appears on:ThanosRuler)

ThanosRulerStatus is the most recent observed status of the ThanosRuler. Read-only. Not included when requesting from the apiserver, only from the Prometheus Operator API itself. More info: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#spec-and-status

Field	Description
`paused` bool	Represents whether any actions on the underlying managed objects are being performed. Only delete actions will be performed.
`replicas` int32	Total number of non-terminated pods targeted by this ThanosRuler deployment (their labels match the selector).
`updatedReplicas` int32	Total number of non-terminated pods targeted by this ThanosRuler deployment that have the desired version spec.
`availableReplicas` int32	Total number of available pods (ready for at least minReadySeconds) targeted by this ThanosRuler deployment.
`unavailableReplicas` int32	Total number of unavailable pods targeted by this ThanosRuler deployment.

ThanosSpec

(Appears on:PrometheusSpec)

ThanosSpec defines parameters for a Prometheus server within a Thanos deployment.

Field	Description
`image` string	Image if specified has precedence over baseImage, tag and sha combinations. Specifying the version is still necessary to ensure the Prometheus Operator knows what version of Thanos is being configured.
`version` string	Version describes the version of Thanos to use.
`tag` string	Tag of Thanos sidecar container image to be deployed. Defaults to the value of `version`. Version is ignored if Tag is set. Deprecated: use ‘image’ instead. The image tag can be specified as part of the image URL.
`sha` string	SHA of Thanos container image to be deployed. Defaults to the value of `version`. Similar to a tag, but the SHA explicitly deploys an immutable container image. Version and Tag are ignored if SHA is set. Deprecated: use ‘image’ instead. The image digest can be specified as part of the image URL.
`baseImage` string	Thanos base image if other than default. Deprecated: use ‘image’ instead
`resources` Kubernetes core/v1.ResourceRequirements	Resources defines the resource requirements for the Thanos sidecar. If not provided, no requests/limits will be set
`objectStorageConfig` Kubernetes core/v1.SecretKeySelector	ObjectStorageConfig configures object storage in Thanos. Alternative to ObjectStorageConfigFile, and lower order priority.
`objectStorageConfigFile` string	ObjectStorageConfigFile specifies the path of the object storage configuration file. When used alongside with ObjectStorageConfig, ObjectStorageConfigFile takes precedence.
`listenLocal` bool	If true, the Thanos sidecar listens on the loopback interface for the HTTP and gRPC endpoints. It takes precedence over `grpcListenLocal` and `httpListenLocal`. Deprecated: use `grpcListenLocal` and `httpListenLocal` instead.
`grpcListenLocal` bool	If true, the Thanos sidecar listens on the loopback interface for the gRPC endpoints. It has no effect if `listenLocal` is true.
`httpListenLocal` bool	If true, the Thanos sidecar listens on the loopback interface for the HTTP endpoints. It has no effect if `listenLocal` is true.
`tracingConfig` Kubernetes core/v1.SecretKeySelector	TracingConfig configures tracing in Thanos. This is an experimental feature, it may change in any upcoming release in a breaking way.
`tracingConfigFile` string	TracingConfig specifies the path of the tracing configuration file. When used alongside with TracingConfig, TracingConfigFile takes precedence.
`grpcServerTlsConfig` TLSConfig	GRPCServerTLSConfig configures the TLS parameters for the gRPC server providing the StoreAPI. Note: Currently only the CAFile, CertFile, and KeyFile fields are supported. Maps to the ‘–grpc-server-tls-*’ CLI args.
`logLevel` string	LogLevel for Thanos sidecar to be configured with.
`logFormat` string	LogFormat for Thanos sidecar to be configured with.
`minTime` string	MinTime for Thanos sidecar to be configured with. Option can be a constant time in RFC3339 format or time duration relative to current time, such as -1d or 2h45m. Valid duration units are ms, s, m, h, d, w, y.
`blockSize` Duration	BlockDuration controls the size of TSDB blocks produced by Prometheus. Default is 2h to match the upstream Prometheus defaults. WARNING: Changing the block duration can impact the performance and efficiency of the entire Prometheus/Thanos stack due to how it interacts with memory and Thanos compactors. It is recommended to keep this value set to a multiple of 120 times your longest scrape or rule interval. For example, 30s * 120 = 1h.
`readyTimeout` Duration	ReadyTimeout is the maximum time Thanos sidecar will wait for Prometheus to start. Eg 10m
`getConfigInterval` Duration	How often to retrieve the Prometheus configuration.
`getConfigTimeout` Duration	Maximum time to wait when retrieving the Prometheus configuration.
`volumeMounts` []Kubernetes core/v1.VolumeMount	VolumeMounts allows configuration of additional VolumeMounts on the output StatefulSet definition. VolumeMounts specified will be appended to other VolumeMounts in the thanos-sidecar container.
`additionalArgs` []Argument	AdditionalArgs allows setting additional arguments for the Thanos container. The arguments are passed as-is to the Thanos container which may cause issues if they are invalid or not supported the given Thanos version. In case of an argument conflict (e.g. an argument which is already set by the operator itself) or when providing an invalid argument the reconciliation will fail and an error will be logged.

WebConfigFileFields

(Appears on:AlertmanagerWebSpec, PrometheusWebSpec)

WebConfigFileFields defines the file content for –web.config.file flag.

Field	Description
`tlsConfig` WebTLSConfig	Defines the TLS parameters for HTTPS.
`httpConfig` WebHTTPConfig	Defines HTTP parameters for web server.

WebHTTPConfig

(Appears on:WebConfigFileFields)

WebHTTPConfig defines HTTP parameters for web server.

Field	Description
`http2` bool	Enable HTTP/2 support. Note that HTTP/2 is only supported with TLS. When TLSConfig is not configured, HTTP/2 will be disabled. Whenever the value of the field changes, a rolling update will be triggered.
`headers` WebHTTPHeaders	List of headers that can be added to HTTP responses.

WebHTTPHeaders

(Appears on:WebHTTPConfig)

WebHTTPHeaders defines the list of headers that can be added to HTTP responses.

Field	Description
`contentSecurityPolicy` string	Set the Content-Security-Policy header to HTTP responses. Unset if blank.
`xFrameOptions` string	Set the X-Frame-Options header to HTTP responses. Unset if blank. Accepted values are deny and sameorigin. https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-Frame-Options
`xContentTypeOptions` string	Set the X-Content-Type-Options header to HTTP responses. Unset if blank. Accepted value is nosniff. https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-Content-Type-Options
`xXSSProtection` string	Set the X-XSS-Protection header to all responses. Unset if blank. https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-XSS-Protection
`strictTransportSecurity` string	Set the Strict-Transport-Security header to HTTP responses. Unset if blank. Please make sure that you use this with care as this header might force browsers to load Prometheus and the other applications hosted on the same domain and subdomains over HTTPS. https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Strict-Transport-Security

WebTLSConfig

(Appears on:WebConfigFileFields)

WebTLSConfig defines the TLS parameters for HTTPS.

Field	Description
`keySecret` Kubernetes core/v1.SecretKeySelector	Secret containing the TLS key for the server.
`cert` SecretOrConfigMap	Contains the TLS certificate for the server.
`clientAuthType` string	Server policy for client authentication. Maps to ClientAuth Policies. For more detail on clientAuth options: https://golang.org/pkg/crypto/tls/#ClientAuthType
`client_ca` SecretOrConfigMap	Contains the CA certificate for client certificate authentication to the server.
`minVersion` string	Minimum TLS version that is acceptable. Defaults to TLS12.
`maxVersion` string	Maximum TLS version that is acceptable. Defaults to TLS13.
`cipherSuites` []string	List of supported cipher suites for TLS versions up to TLS 1.2. If empty, Go default cipher suites are used. Available cipher suites are documented in the go documentation: https://golang.org/pkg/crypto/tls/#pkg-constants
`preferServerCipherSuites` bool	Controls whether the server selects the client’s most preferred cipher suite, or the server’s most preferred cipher suite. If true then the server’s preference, as expressed in the order of elements in cipherSuites, is used.
`curvePreferences` []string	Elliptic curves that will be used in an ECDHE handshake, in preference order. Available curves are documented in the go documentation: https://golang.org/pkg/crypto/tls/#CurveID

WebTLSConfigError

WebTLSConfigError is returned by WebTLSConfig.Validate() on semantically invalid configurations.

Field	Description
`err` string

monitoring.coreos.com/v1alpha1

Resource Types:

AlertmanagerConfig
PrometheusAgent

AlertmanagerConfig

AlertmanagerConfig defines a namespaced AlertmanagerConfig to be aggregated across multiple namespaces configuring one Alertmanager cluster.

Field Description

apiVersion
string monitoring.coreos.com/v1alpha1

kind
string AlertmanagerConfig

metadata
Kubernetes meta/v1.ObjectMeta Refer to the Kubernetes API documentation for the fields of the metadata field.

spec
AlertmanagerConfigSpec

`route` Route	(Optional) The Alertmanager route definition for alerts matching the resource’s namespace. If present, it will be added to the generated Alertmanager configuration as a first-level route.
`receivers` []Receiver	(Optional) List of receivers.
`inhibitRules` []InhibitRule	(Optional) List of inhibition rules. The rules will only apply to alerts matching the resource’s namespace.
`muteTimeIntervals` []MuteTimeInterval	(Optional) List of MuteTimeInterval specifying when the routes should be muted.

PrometheusAgent

PrometheusAgent defines a Prometheus agent deployment.

Field Description

apiVersion
string monitoring.coreos.com/v1alpha1

kind
string PrometheusAgent

metadata
Kubernetes meta/v1.ObjectMeta Refer to the Kubernetes API documentation for the fields of the metadata field.

spec
PrometheusAgentSpec

Specification of the desired behavior of the Prometheus agent. More info: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#spec-and-status

`podMetadata` EmbeddedObjectMetadata	PodMetadata configures Labels and Annotations which are propagated to the prometheus pods.
`serviceMonitorSelector` Kubernetes meta/v1.LabelSelector	ServiceMonitors to be selected for target discovery. If `spec.serviceMonitorSelector`, `spec.podMonitorSelector` and `spec.probeSelector` are null, the Prometheus configuration is unmanaged. The Prometheus operator will ensure that the Prometheus configuration’s Secret exists, but it is the responsibility of the user to provide the raw gzipped Prometheus configuration under the `prometheus.yaml.gz` key. This behavior is deprecated and will be removed in the next major version of the custom resource definition. It is recommended to use `spec.additionalScrapeConfigs` instead.
`serviceMonitorNamespaceSelector` Kubernetes meta/v1.LabelSelector	Namespace’s labels to match for ServiceMonitor discovery. If nil, only check own namespace.
`podMonitorSelector` Kubernetes meta/v1.LabelSelector	Experimental PodMonitors to be selected for target discovery. If `spec.serviceMonitorSelector`, `spec.podMonitorSelector` and `spec.probeSelector` are null, the Prometheus configuration is unmanaged. The Prometheus operator will ensure that the Prometheus configuration’s Secret exists, but it is the responsibility of the user to provide the raw gzipped Prometheus configuration under the `prometheus.yaml.gz` key. This behavior is deprecated and will be removed in the next major version of the custom resource definition. It is recommended to use `spec.additionalScrapeConfigs` instead.
`podMonitorNamespaceSelector` Kubernetes meta/v1.LabelSelector	Namespace’s labels to match for PodMonitor discovery. If nil, only check own namespace.
`probeSelector` Kubernetes meta/v1.LabelSelector	Experimental Probes to be selected for target discovery. If `spec.serviceMonitorSelector`, `spec.podMonitorSelector` and `spec.probeSelector` are null, the Prometheus configuration is unmanaged. The Prometheus operator will ensure that the Prometheus configuration’s Secret exists, but it is the responsibility of the user to provide the raw gzipped Prometheus configuration under the `prometheus.yaml.gz` key. This behavior is deprecated and will be removed in the next major version of the custom resource definition. It is recommended to use `spec.additionalScrapeConfigs` instead.
`probeNamespaceSelector` Kubernetes meta/v1.LabelSelector	Experimental Namespaces to be selected for Probe discovery. If nil, only check own namespace.
`version` string	Version of Prometheus to be deployed.
`paused` bool	When a Prometheus deployment is paused, no actions except for deletion will be performed on the underlying objects.
`image` string	Image if specified has precedence over baseImage, tag and sha combinations. Specifying the version is still necessary to ensure the Prometheus Operator knows what version of Prometheus is being configured.
`imagePullPolicy` Kubernetes core/v1.PullPolicy	Image pull policy for the ‘prometheus’, ‘init-config-reloader’ and ‘config-reloader’ containers. See https://kubernetes.io/docs/concepts/containers/images/#image-pull-policy for more details.
`imagePullSecrets` []Kubernetes core/v1.LocalObjectReference	An optional list of references to secrets in the same namespace to use for pulling prometheus and alertmanager images from registries see http://kubernetes.io/docs/user-guide/images#specifying-imagepullsecrets-on-a-pod
`replicas` int32	Number of replicas of each shard to deploy for a Prometheus deployment. Number of replicas multiplied by shards is the total number of Pods created.
`shards` int32	EXPERIMENTAL: Number of shards to distribute targets onto. Number of replicas multiplied by shards is the total number of Pods created. Note that scaling down shards will not reshard data onto remaining instances, it must be manually moved. Increasing shards will not reshard data either but it will continue to be available from the same instances. To query globally use Thanos sidecar and Thanos querier or remote write data to a central location. Sharding is done on the content of the `__address__` target meta-label.
`replicaExternalLabelName` string	Name of Prometheus external label used to denote replica name. Defaults to the value of `prometheus_replica`. External label will not be added when value is set to empty string (`""`).
`prometheusExternalLabelName` string	Name of Prometheus external label used to denote Prometheus instance name. Defaults to the value of `prometheus`. External label will not be added when value is set to empty string (`""`).
`logLevel` string	Log level for Prometheus to be configured with.
`logFormat` string	Log format for Prometheus to be configured with.
`scrapeInterval` Duration	Interval between consecutive scrapes. Default: `30s`
`scrapeTimeout` Duration	Number of seconds to wait for target to respond before erroring.
`externalLabels` map[string]string	The labels to add to any time series or alerts when communicating with external systems (federation, remote storage, Alertmanager).
`enableRemoteWriteReceiver` bool	Enable Prometheus to be used as a receiver for the Prometheus remote write protocol. Defaults to the value of `false`. WARNING: This is not considered an efficient way of ingesting samples. Use it with caution for specific low-volume use cases. It is not suitable for replacing the ingestion via scraping and turning Prometheus into a push-based metrics collection system. For more information see https://prometheus.io/docs/prometheus/latest/querying/api/#remote-write-receiver Only valid in Prometheus versions 2.33.0 and newer.
`enableFeatures` []string	Enable access to Prometheus disabled features. By default, no features are enabled. Enabling disabled features is entirely outside the scope of what the maintainers will support and by doing so, you accept that this behaviour may break at any time without notice. For more information see https://prometheus.io/docs/prometheus/latest/disabled_features/
`externalUrl` string	The external URL the Prometheus instances will be available under. This is necessary to generate correct URLs. This is necessary if Prometheus is not served from root of a DNS name.
`routePrefix` string	The route prefix Prometheus registers HTTP handlers for. This is useful, if using ExternalURL and a proxy is rewriting HTTP routes of a request, and the actual ExternalURL is still true, but the server serves requests under a different route prefix. For example for use with `kubectl proxy`.
`storage` StorageSpec	Storage spec to specify how storage shall be used.
`volumes` []Kubernetes core/v1.Volume	Volumes allows configuration of additional volumes on the output StatefulSet definition. Volumes specified will be appended to other volumes that are generated as a result of StorageSpec objects.
`volumeMounts` []Kubernetes core/v1.VolumeMount	VolumeMounts allows configuration of additional VolumeMounts on the output StatefulSet definition. VolumeMounts specified will be appended to other VolumeMounts in the prometheus container, that are generated as a result of StorageSpec objects.
`web` PrometheusWebSpec	Defines the web command line flags when starting Prometheus.
`resources` Kubernetes core/v1.ResourceRequirements	Define resources requests and limits for single Pods.
`nodeSelector` map[string]string	Define which Nodes the Pods are scheduled on.
`serviceAccountName` string	ServiceAccountName is the name of the ServiceAccount to use to run the Prometheus Pods.
`secrets` []string	Secrets is a list of Secrets in the same namespace as the Prometheus object, which shall be mounted into the Prometheus Pods. Each Secret is added to the StatefulSet definition as a volume named `secret-<secret-name>`. The Secrets are mounted into /etc/prometheus/secrets/ in the ‘prometheus’ container.
`configMaps` []string	ConfigMaps is a list of ConfigMaps in the same namespace as the Prometheus object, which shall be mounted into the Prometheus Pods. Each ConfigMap is added to the StatefulSet definition as a volume named `configmap-<configmap-name>`. The ConfigMaps are mounted into /etc/prometheus/configmaps/ in the ‘prometheus’ container.
`affinity` Kubernetes core/v1.Affinity	If specified, the pod’s scheduling constraints.
`tolerations` []Kubernetes core/v1.Toleration	If specified, the pod’s tolerations.
`topologySpreadConstraints` []Kubernetes core/v1.TopologySpreadConstraint	If specified, the pod’s topology spread constraints.
`remoteWrite` []RemoteWriteSpec	remoteWrite is the list of remote write configurations.
`securityContext` Kubernetes core/v1.PodSecurityContext	SecurityContext holds pod-level security attributes and common container settings. This defaults to the default PodSecurityContext.
`listenLocal` bool	ListenLocal makes the Prometheus server listen on loopback, so that it does not bind against the Pod IP.
`containers` []Kubernetes core/v1.Container	Containers allows injecting additional containers or modifying operator generated containers. This can be used to allow adding an authentication proxy to a Prometheus pod or to change the behavior of an operator generated container. Containers described here modify an operator generated container if they share the same name and modifications are done via a strategic merge patch. The current container names are: `prometheus`, `config-reloader`, and `thanos-sidecar`. Overriding containers is entirely outside the scope of what the maintainers will support and by doing so, you accept that this behaviour may break at any time without notice.
`initContainers` []Kubernetes core/v1.Container	InitContainers allows adding initContainers to the pod definition. Those can be used to e.g. fetch secrets for injection into the Prometheus configuration from external sources. Any errors during the execution of an initContainer will lead to a restart of the Pod. More info: https://kubernetes.io/docs/concepts/workloads/pods/init-containers/ InitContainers described here modify an operator generated init containers if they share the same name and modifications are done via a strategic merge patch. The current init container name is: `init-config-reloader`. Overriding init containers is entirely outside the scope of what the maintainers will support and by doing so, you accept that this behaviour may break at any time without notice.
`additionalScrapeConfigs` Kubernetes core/v1.SecretKeySelector	AdditionalScrapeConfigs allows specifying a key of a Secret containing additional Prometheus scrape configurations. Scrape configurations specified are appended to the configurations generated by the Prometheus Operator. Job configurations specified must have the form as specified in the official Prometheus documentation: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#scrape_config. As scrape configs are appended, the user is responsible to make sure it is valid. Note that using this feature may expose the possibility to break upgrades of Prometheus. It is advised to review Prometheus release notes to ensure that no incompatible scrape configs are going to break Prometheus after the upgrade.
`apiserverConfig` APIServerConfig	APIServerConfig allows specifying a host and auth methods to access apiserver. If left empty, Prometheus is assumed to run inside of the cluster and will discover API servers automatically and use the pod’s CA certificate and bearer token file at /var/run/secrets/kubernetes.io/serviceaccount/.
`priorityClassName` string	Priority class assigned to the Pods
`portName` string	Port name used for the pods and governing service. Defaults to `web`.
`arbitraryFSAccessThroughSMs` ArbitraryFSAccessThroughSMsConfig	ArbitraryFSAccessThroughSMs configures whether configuration based on a service monitor can access arbitrary files on the file system of the Prometheus container e.g. bearer token files.
`overrideHonorLabels` bool	When true, Prometheus resolves label conflicts by renaming the labels in the scraped data to “exported_” for all targets created from service and pod monitors. Otherwise the HonorLabels field of the service or pod monitor applies.
`overrideHonorTimestamps` bool	When true, Prometheus ignores the timestamps for all the targets created from service and pod monitors. Otherwise the HonorTimestamps field of the service or pod monitor applies.
`ignoreNamespaceSelectors` bool	IgnoreNamespaceSelectors if set to true will ignore NamespaceSelector settings from all PodMonitor, ServiceMonitor and Probe objects. They will only discover endpoints within the namespace of the PodMonitor, ServiceMonitor and Probe objects. Defaults to false.
`enforcedNamespaceLabel` string	EnforcedNamespaceLabel If set, a label will be added to all user-metrics (created by `ServiceMonitor`, `PodMonitor` and `Probe` objects) and in all `PrometheusRule` objects (except the ones excluded in `prometheusRulesExcludedFromEnforce`) to alerting & recording rules and the metrics used in their expressions (`expr`). Label name is this field’s value. Label value is the namespace of the created object (mentioned above).
`enforcedSampleLimit` uint64	EnforcedSampleLimit defines global limit on number of scraped samples that will be accepted. This overrides any SampleLimit set per ServiceMonitor or/and PodMonitor. It is meant to be used by admins to enforce the SampleLimit to keep overall number of samples/series under the desired limit. Note that if SampleLimit is lower that value will be taken instead.
`enforcedTargetLimit` uint64	EnforcedTargetLimit defines a global limit on the number of scraped targets. This overrides any TargetLimit set per ServiceMonitor or/and PodMonitor. It is meant to be used by admins to enforce the TargetLimit to keep the overall number of targets under the desired limit. Note that if TargetLimit is lower, that value will be taken instead, except if either value is zero, in which case the non-zero value will be used. If both values are zero, no limit is enforced.
`enforcedLabelLimit` uint64	Per-scrape limit on number of labels that will be accepted for a sample. If more than this number of labels are present post metric-relabeling, the entire scrape will be treated as failed. 0 means no limit. Only valid in Prometheus versions 2.27.0 and newer.
`enforcedLabelNameLengthLimit` uint64	Per-scrape limit on length of labels name that will be accepted for a sample. If a label name is longer than this number post metric-relabeling, the entire scrape will be treated as failed. 0 means no limit. Only valid in Prometheus versions 2.27.0 and newer.
`enforcedLabelValueLengthLimit` uint64	Per-scrape limit on length of labels value that will be accepted for a sample. If a label value is longer than this number post metric-relabeling, the entire scrape will be treated as failed. 0 means no limit. Only valid in Prometheus versions 2.27.0 and newer.
`enforcedBodySizeLimit` ByteSize	EnforcedBodySizeLimit defines the maximum size of uncompressed response body that will be accepted by Prometheus. Targets responding with a body larger than this many bytes will cause the scrape to fail. Example: 100MB. If defined, the limit will apply to all service/pod monitors and probes. This is an experimental feature, this behaviour could change or be removed in the future. Only valid in Prometheus versions 2.28.0 and newer.
`minReadySeconds` uint32	(Optional) Minimum number of seconds for which a newly created pod should be ready without any of its container crashing for it to be considered available. Defaults to 0 (pod will be considered available as soon as it is ready) This is an alpha field from kubernetes 1.22 until 1.24 which requires enabling the StatefulSetMinReadySeconds feature gate.
`hostAliases` []HostAlias	Pods’ hostAliases configuration
`additionalArgs` []Argument	AdditionalArgs allows setting additional arguments for the Prometheus container. It is intended for e.g. activating hidden flags which are not supported by the dedicated configuration options yet. The arguments are passed as-is to the Prometheus container which may cause issues if they are invalid or not supported by the given Prometheus version. In case of an argument conflict (e.g. an argument which is already set by the operator itself) or when providing an invalid argument the reconciliation will fail and an error will be logged.
`walCompression` bool	Enable compression of the write-ahead log using Snappy. This flag is only available in versions of Prometheus >= 2.11.0.
`excludedFromEnforcement` []ObjectReference	List of references to PodMonitor, ServiceMonitor, Probe and PrometheusRule objects to be excluded from enforcing a namespace label of origin. Applies only if enforcedNamespaceLabel set to true.
`hostNetwork` bool	Use the host’s network namespace if true. Make sure to understand the security implications if you want to enable it. When hostNetwork is enabled, this will set dnsPolicy to ClusterFirstWithHostNet automatically.
`podTargetLabels` []string	PodTargetLabels are added to all Pod/ServiceMonitors’ podTargetLabels

status
PrometheusStatus

Most recent observed status of the Prometheus cluster. Read-only. More info: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#spec-and-status

AlertmanagerConfigSpec

(Appears on:AlertmanagerConfig)

AlertmanagerConfigSpec is a specification of the desired behavior of the Alertmanager configuration. By definition, the Alertmanager configuration only applies to alerts for which the namespace label is equal to the namespace of the AlertmanagerConfig resource.

Field	Description
`route` Route	(Optional) The Alertmanager route definition for alerts matching the resource’s namespace. If present, it will be added to the generated Alertmanager configuration as a first-level route.
`receivers` []Receiver	(Optional) List of receivers.
`inhibitRules` []InhibitRule	(Optional) List of inhibition rules. The rules will only apply to alerts matching the resource’s namespace.
`muteTimeIntervals` []MuteTimeInterval	(Optional) List of MuteTimeInterval specifying when the routes should be muted.

DayOfMonthRange

(Appears on:TimeInterval)

DayOfMonthRange is an inclusive range of days of the month beginning at 1

Field	Description
`start` int	Start of the inclusive range
`end` int	End of the inclusive range

EmailConfig

(Appears on:Receiver)

EmailConfig configures notifications via Email.

Field	Description
`sendResolved` bool	(Optional) Whether or not to notify about resolved alerts.
`to` string	(Optional) The email address to send notifications to.
`from` string	(Optional) The sender address.
`hello` string	(Optional) The hostname to identify to the SMTP server.
`smarthost` string	(Optional) The SMTP host and port through which emails are sent. E.g. example.com:25
`authUsername` string	(Optional) The username to use for authentication.
`authPassword` Kubernetes core/v1.SecretKeySelector	The secret’s key that contains the password to use for authentication. The secret needs to be in the same namespace as the AlertmanagerConfig object and accessible by the Prometheus Operator.
`authSecret` Kubernetes core/v1.SecretKeySelector	The secret’s key that contains the CRAM-MD5 secret. The secret needs to be in the same namespace as the AlertmanagerConfig object and accessible by the Prometheus Operator.
`authIdentity` string	(Optional) The identity to use for authentication.
`headers` []KeyValue	Further headers email header key/value pairs. Overrides any headers previously set by the notification implementation.
`html` string	(Optional) The HTML body of the email notification.
`text` string	(Optional) The text body of the email notification.
`requireTLS` bool	(Optional) The SMTP TLS requirement. Note that Go does not support unencrypted connections to remote SMTP endpoints.
`tlsConfig` SafeTLSConfig	(Optional) TLS configuration

HTTPConfig

(Appears on:OpsGenieConfig, PagerDutyConfig, PushoverConfig, SNSConfig, SlackConfig, TelegramConfig, VictorOpsConfig, WeChatConfig, WebhookConfig)

HTTPConfig defines a client HTTP configuration. See https://prometheus.io/docs/alerting/latest/configuration/#http_config

Field	Description
`authorization` SafeAuthorization	(Optional) Authorization header configuration for the client. This is mutually exclusive with BasicAuth and is only available starting from Alertmanager v0.22+.
`basicAuth` BasicAuth	(Optional) BasicAuth for the client. This is mutually exclusive with Authorization. If both are defined, BasicAuth takes precedence.
`oauth2` OAuth2	(Optional) OAuth2 client credentials used to fetch a token for the targets.
`bearerTokenSecret` Kubernetes core/v1.SecretKeySelector	(Optional) The secret’s key that contains the bearer token to be used by the client for authentication. The secret needs to be in the same namespace as the AlertmanagerConfig object and accessible by the Prometheus Operator.
`tlsConfig` SafeTLSConfig	(Optional) TLS configuration for the client.
`proxyURL` string	(Optional) Optional proxy URL.
`followRedirects` bool	(Optional) FollowRedirects specifies whether the client should follow HTTP 3xx redirects.

InhibitRule

(Appears on:AlertmanagerConfigSpec)

InhibitRule defines an inhibition rule that allows to mute alerts when other alerts are already firing. See https://prometheus.io/docs/alerting/latest/configuration/#inhibit_rule

Field	Description
`targetMatch` []Matcher	Matchers that have to be fulfilled in the alerts to be muted. The operator enforces that the alert matches the resource’s namespace.
`sourceMatch` []Matcher	Matchers for which one or more alerts have to exist for the inhibition to take effect. The operator enforces that the alert matches the resource’s namespace.
`equal` []string	Labels that must have an equal value in the source and target alert for the inhibition to take effect.

KeyValue

(Appears on:EmailConfig, OpsGenieConfig, PagerDutyConfig, VictorOpsConfig)

KeyValue defines a (key, value) tuple.

Field	Description
`key` string	Key of the tuple.
`value` string	Value of the tuple.

MatchType (`string` alias)

(Appears on:Matcher)

MatchType is a comparison operator on a Matcher

Value	Description
"="
"!="
"!~"
"=~"

Matcher

(Appears on:InhibitRule, Route)

Matcher defines how to match on alert’s labels.

Field	Description
`name` string	Label to match.
`value` string	(Optional) Label value to match.
`matchType` MatchType	(Optional) Match operation available with AlertManager >= v0.22.0 and takes precedence over Regex (deprecated) if non-empty.
`regex` bool	(Optional) Whether to match on equality (false) or regular-expression (true). Deprecated as of AlertManager >= v0.22.0 where a user should use MatchType instead.

Month (`string` alias)

Month of the year

Value	Description
"april"
"august"
"december"
"february"
"january"
"july"
"june"
"march"
"may"
"november"
"october"
"september"

MonthRange (`string` alias)

(Appears on:TimeInterval)

MonthRange is an inclusive range of months of the year beginning in January Months can be specified by name (e.g ‘January’) by numerical month (e.g ‘1’) or as an inclusive range (e.g ‘January:March’, ‘1:3’, ‘1:March’)

MuteTimeInterval

(Appears on:AlertmanagerConfigSpec)

MuteTimeInterval specifies the periods in time when notifications will be muted

Field	Description
`name` string	Name of the time interval
`timeIntervals` []TimeInterval	TimeIntervals is a list of TimeInterval

OpsGenieConfig

(Appears on:Receiver)

OpsGenieConfig configures notifications via OpsGenie. See https://prometheus.io/docs/alerting/latest/configuration/#opsgenie_config

Field	Description
`sendResolved` bool	(Optional) Whether or not to notify about resolved alerts.
`apiKey` Kubernetes core/v1.SecretKeySelector	(Optional) The secret’s key that contains the OpsGenie API key. The secret needs to be in the same namespace as the AlertmanagerConfig object and accessible by the Prometheus Operator.
`apiURL` string	(Optional) The URL to send OpsGenie API requests to.
`message` string	(Optional) Alert text limited to 130 characters.
`description` string	(Optional) Description of the incident.
`source` string	(Optional) Backlink to the sender of the notification.
`tags` string	(Optional) Comma separated list of tags attached to the notifications.
`note` string	(Optional) Additional alert note.
`priority` string	(Optional) Priority level of alert. Possible values are P1, P2, P3, P4, and P5.
`updateAlerts` bool	(Optional) Whether to update message and description of the alert in OpsGenie if it already exists By default, the alert is never updated in OpsGenie, the new message only appears in activity log.
`details` []KeyValue	(Optional) A set of arbitrary key/value pairs that provide further detail about the incident.
`responders` []OpsGenieConfigResponder	(Optional) List of responders responsible for notifications.
`httpConfig` HTTPConfig	(Optional) HTTP client configuration.
`entity` string	(Optional) Optional field that can be used to specify which domain alert is related to.
`actions` string	(Optional) Comma separated list of actions that will be available for the alert.

OpsGenieConfigResponder

(Appears on:OpsGenieConfig)

OpsGenieConfigResponder defines a responder to an incident. One of id, name or username has to be defined.

Field	Description
`id` string	(Optional) ID of the responder.
`name` string	(Optional) Name of the responder.
`username` string	(Optional) Username of the responder.
`type` string	Type of responder.

PagerDutyConfig

(Appears on:Receiver)

PagerDutyConfig configures notifications via PagerDuty. See https://prometheus.io/docs/alerting/latest/configuration/#pagerduty_config

Field	Description
`sendResolved` bool	(Optional) Whether or not to notify about resolved alerts.
`routingKey` Kubernetes core/v1.SecretKeySelector	(Optional) The secret’s key that contains the PagerDuty integration key (when using Events API v2). Either this field or `serviceKey` needs to be defined. The secret needs to be in the same namespace as the AlertmanagerConfig object and accessible by the Prometheus Operator.
`serviceKey` Kubernetes core/v1.SecretKeySelector	(Optional) The secret’s key that contains the PagerDuty service key (when using integration type “Prometheus”). Either this field or `routingKey` needs to be defined. The secret needs to be in the same namespace as the AlertmanagerConfig object and accessible by the Prometheus Operator.
`url` string	(Optional) The URL to send requests to.
`client` string	(Optional) Client identification.
`clientURL` string	(Optional) Backlink to the sender of notification.
`description` string	(Optional) Description of the incident.
`severity` string	(Optional) Severity of the incident.
`class` string	(Optional) The class/type of the event.
`group` string	(Optional) A cluster or grouping of sources.
`component` string	(Optional) The part or component of the affected system that is broken.
`details` []KeyValue	(Optional) Arbitrary key/value pairs that provide further detail about the incident.
`pagerDutyImageConfigs` []PagerDutyImageConfig	(Optional) A list of image details to attach that provide further detail about an incident.
`pagerDutyLinkConfigs` []PagerDutyLinkConfig	(Optional) A list of link details to attach that provide further detail about an incident.
`httpConfig` HTTPConfig	(Optional) HTTP client configuration.

PagerDutyImageConfig

(Appears on:PagerDutyConfig)

PagerDutyImageConfig attaches images to an incident

Field	Description
`src` string	(Optional) Src of the image being attached to the incident
`href` string	(Optional) Optional URL; makes the image a clickable link.
`alt` string	(Optional) Alt is the optional alternative text for the image.

PagerDutyLinkConfig

(Appears on:PagerDutyConfig)

PagerDutyLinkConfig attaches text links to an incident

Field	Description
`href` string	(Optional) Href is the URL of the link to be attached
`alt` string	(Optional) Text that describes the purpose of the link, and can be used as the link’s text.

ParsedRange

ParsedRange is an integer representation of a range

Field	Description
`start` int	Start is the beginning of the range
`end` int	End of the range

PrometheusAgentSpec

(Appears on:PrometheusAgent)

PrometheusAgentSpec is a specification of the desired behavior of the Prometheus agent. More info: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#spec-and-status

Field	Description
`podMetadata` EmbeddedObjectMetadata	PodMetadata configures Labels and Annotations which are propagated to the prometheus pods.
`serviceMonitorSelector` Kubernetes meta/v1.LabelSelector	ServiceMonitors to be selected for target discovery. If `spec.serviceMonitorSelector`, `spec.podMonitorSelector` and `spec.probeSelector` are null, the Prometheus configuration is unmanaged. The Prometheus operator will ensure that the Prometheus configuration’s Secret exists, but it is the responsibility of the user to provide the raw gzipped Prometheus configuration under the `prometheus.yaml.gz` key. This behavior is deprecated and will be removed in the next major version of the custom resource definition. It is recommended to use `spec.additionalScrapeConfigs` instead.
`serviceMonitorNamespaceSelector` Kubernetes meta/v1.LabelSelector	Namespace’s labels to match for ServiceMonitor discovery. If nil, only check own namespace.
`podMonitorSelector` Kubernetes meta/v1.LabelSelector	Experimental PodMonitors to be selected for target discovery. If `spec.serviceMonitorSelector`, `spec.podMonitorSelector` and `spec.probeSelector` are null, the Prometheus configuration is unmanaged. The Prometheus operator will ensure that the Prometheus configuration’s Secret exists, but it is the responsibility of the user to provide the raw gzipped Prometheus configuration under the `prometheus.yaml.gz` key. This behavior is deprecated and will be removed in the next major version of the custom resource definition. It is recommended to use `spec.additionalScrapeConfigs` instead.
`podMonitorNamespaceSelector` Kubernetes meta/v1.LabelSelector	Namespace’s labels to match for PodMonitor discovery. If nil, only check own namespace.
`probeSelector` Kubernetes meta/v1.LabelSelector	Experimental Probes to be selected for target discovery. If `spec.serviceMonitorSelector`, `spec.podMonitorSelector` and `spec.probeSelector` are null, the Prometheus configuration is unmanaged. The Prometheus operator will ensure that the Prometheus configuration’s Secret exists, but it is the responsibility of the user to provide the raw gzipped Prometheus configuration under the `prometheus.yaml.gz` key. This behavior is deprecated and will be removed in the next major version of the custom resource definition. It is recommended to use `spec.additionalScrapeConfigs` instead.
`probeNamespaceSelector` Kubernetes meta/v1.LabelSelector	Experimental Namespaces to be selected for Probe discovery. If nil, only check own namespace.
`version` string	Version of Prometheus to be deployed.
`paused` bool	When a Prometheus deployment is paused, no actions except for deletion will be performed on the underlying objects.
`image` string	Image if specified has precedence over baseImage, tag and sha combinations. Specifying the version is still necessary to ensure the Prometheus Operator knows what version of Prometheus is being configured.
`imagePullPolicy` Kubernetes core/v1.PullPolicy	Image pull policy for the ‘prometheus’, ‘init-config-reloader’ and ‘config-reloader’ containers. See https://kubernetes.io/docs/concepts/containers/images/#image-pull-policy for more details.
`imagePullSecrets` []Kubernetes core/v1.LocalObjectReference	An optional list of references to secrets in the same namespace to use for pulling prometheus and alertmanager images from registries see http://kubernetes.io/docs/user-guide/images#specifying-imagepullsecrets-on-a-pod
`replicas` int32	Number of replicas of each shard to deploy for a Prometheus deployment. Number of replicas multiplied by shards is the total number of Pods created.
`shards` int32	EXPERIMENTAL: Number of shards to distribute targets onto. Number of replicas multiplied by shards is the total number of Pods created. Note that scaling down shards will not reshard data onto remaining instances, it must be manually moved. Increasing shards will not reshard data either but it will continue to be available from the same instances. To query globally use Thanos sidecar and Thanos querier or remote write data to a central location. Sharding is done on the content of the `__address__` target meta-label.
`replicaExternalLabelName` string	Name of Prometheus external label used to denote replica name. Defaults to the value of `prometheus_replica`. External label will not be added when value is set to empty string (`""`).
`prometheusExternalLabelName` string	Name of Prometheus external label used to denote Prometheus instance name. Defaults to the value of `prometheus`. External label will not be added when value is set to empty string (`""`).
`logLevel` string	Log level for Prometheus to be configured with.
`logFormat` string	Log format for Prometheus to be configured with.
`scrapeInterval` Duration	Interval between consecutive scrapes. Default: `30s`
`scrapeTimeout` Duration	Number of seconds to wait for target to respond before erroring.
`externalLabels` map[string]string	The labels to add to any time series or alerts when communicating with external systems (federation, remote storage, Alertmanager).
`enableRemoteWriteReceiver` bool	Enable Prometheus to be used as a receiver for the Prometheus remote write protocol. Defaults to the value of `false`. WARNING: This is not considered an efficient way of ingesting samples. Use it with caution for specific low-volume use cases. It is not suitable for replacing the ingestion via scraping and turning Prometheus into a push-based metrics collection system. For more information see https://prometheus.io/docs/prometheus/latest/querying/api/#remote-write-receiver Only valid in Prometheus versions 2.33.0 and newer.
`enableFeatures` []string	Enable access to Prometheus disabled features. By default, no features are enabled. Enabling disabled features is entirely outside the scope of what the maintainers will support and by doing so, you accept that this behaviour may break at any time without notice. For more information see https://prometheus.io/docs/prometheus/latest/disabled_features/
`externalUrl` string	The external URL the Prometheus instances will be available under. This is necessary to generate correct URLs. This is necessary if Prometheus is not served from root of a DNS name.
`routePrefix` string	The route prefix Prometheus registers HTTP handlers for. This is useful, if using ExternalURL and a proxy is rewriting HTTP routes of a request, and the actual ExternalURL is still true, but the server serves requests under a different route prefix. For example for use with `kubectl proxy`.
`storage` StorageSpec	Storage spec to specify how storage shall be used.
`volumes` []Kubernetes core/v1.Volume	Volumes allows configuration of additional volumes on the output StatefulSet definition. Volumes specified will be appended to other volumes that are generated as a result of StorageSpec objects.
`volumeMounts` []Kubernetes core/v1.VolumeMount	VolumeMounts allows configuration of additional VolumeMounts on the output StatefulSet definition. VolumeMounts specified will be appended to other VolumeMounts in the prometheus container, that are generated as a result of StorageSpec objects.
`web` PrometheusWebSpec	Defines the web command line flags when starting Prometheus.
`resources` Kubernetes core/v1.ResourceRequirements	Define resources requests and limits for single Pods.
`nodeSelector` map[string]string	Define which Nodes the Pods are scheduled on.
`serviceAccountName` string	ServiceAccountName is the name of the ServiceAccount to use to run the Prometheus Pods.
`secrets` []string	Secrets is a list of Secrets in the same namespace as the Prometheus object, which shall be mounted into the Prometheus Pods. Each Secret is added to the StatefulSet definition as a volume named `secret-<secret-name>`. The Secrets are mounted into /etc/prometheus/secrets/ in the ‘prometheus’ container.
`configMaps` []string	ConfigMaps is a list of ConfigMaps in the same namespace as the Prometheus object, which shall be mounted into the Prometheus Pods. Each ConfigMap is added to the StatefulSet definition as a volume named `configmap-<configmap-name>`. The ConfigMaps are mounted into /etc/prometheus/configmaps/ in the ‘prometheus’ container.
`affinity` Kubernetes core/v1.Affinity	If specified, the pod’s scheduling constraints.
`tolerations` []Kubernetes core/v1.Toleration	If specified, the pod’s tolerations.
`topologySpreadConstraints` []Kubernetes core/v1.TopologySpreadConstraint	If specified, the pod’s topology spread constraints.
`remoteWrite` []RemoteWriteSpec	remoteWrite is the list of remote write configurations.
`securityContext` Kubernetes core/v1.PodSecurityContext	SecurityContext holds pod-level security attributes and common container settings. This defaults to the default PodSecurityContext.
`listenLocal` bool	ListenLocal makes the Prometheus server listen on loopback, so that it does not bind against the Pod IP.
`containers` []Kubernetes core/v1.Container	Containers allows injecting additional containers or modifying operator generated containers. This can be used to allow adding an authentication proxy to a Prometheus pod or to change the behavior of an operator generated container. Containers described here modify an operator generated container if they share the same name and modifications are done via a strategic merge patch. The current container names are: `prometheus`, `config-reloader`, and `thanos-sidecar`. Overriding containers is entirely outside the scope of what the maintainers will support and by doing so, you accept that this behaviour may break at any time without notice.
`initContainers` []Kubernetes core/v1.Container	InitContainers allows adding initContainers to the pod definition. Those can be used to e.g. fetch secrets for injection into the Prometheus configuration from external sources. Any errors during the execution of an initContainer will lead to a restart of the Pod. More info: https://kubernetes.io/docs/concepts/workloads/pods/init-containers/ InitContainers described here modify an operator generated init containers if they share the same name and modifications are done via a strategic merge patch. The current init container name is: `init-config-reloader`. Overriding init containers is entirely outside the scope of what the maintainers will support and by doing so, you accept that this behaviour may break at any time without notice.
`additionalScrapeConfigs` Kubernetes core/v1.SecretKeySelector	AdditionalScrapeConfigs allows specifying a key of a Secret containing additional Prometheus scrape configurations. Scrape configurations specified are appended to the configurations generated by the Prometheus Operator. Job configurations specified must have the form as specified in the official Prometheus documentation: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#scrape_config. As scrape configs are appended, the user is responsible to make sure it is valid. Note that using this feature may expose the possibility to break upgrades of Prometheus. It is advised to review Prometheus release notes to ensure that no incompatible scrape configs are going to break Prometheus after the upgrade.
`apiserverConfig` APIServerConfig	APIServerConfig allows specifying a host and auth methods to access apiserver. If left empty, Prometheus is assumed to run inside of the cluster and will discover API servers automatically and use the pod’s CA certificate and bearer token file at /var/run/secrets/kubernetes.io/serviceaccount/.
`priorityClassName` string	Priority class assigned to the Pods
`portName` string	Port name used for the pods and governing service. Defaults to `web`.
`arbitraryFSAccessThroughSMs` ArbitraryFSAccessThroughSMsConfig	ArbitraryFSAccessThroughSMs configures whether configuration based on a service monitor can access arbitrary files on the file system of the Prometheus container e.g. bearer token files.
`overrideHonorLabels` bool	When true, Prometheus resolves label conflicts by renaming the labels in the scraped data to “exported_” for all targets created from service and pod monitors. Otherwise the HonorLabels field of the service or pod monitor applies.
`overrideHonorTimestamps` bool	When true, Prometheus ignores the timestamps for all the targets created from service and pod monitors. Otherwise the HonorTimestamps field of the service or pod monitor applies.
`ignoreNamespaceSelectors` bool	IgnoreNamespaceSelectors if set to true will ignore NamespaceSelector settings from all PodMonitor, ServiceMonitor and Probe objects. They will only discover endpoints within the namespace of the PodMonitor, ServiceMonitor and Probe objects. Defaults to false.
`enforcedNamespaceLabel` string	EnforcedNamespaceLabel If set, a label will be added to all user-metrics (created by `ServiceMonitor`, `PodMonitor` and `Probe` objects) and in all `PrometheusRule` objects (except the ones excluded in `prometheusRulesExcludedFromEnforce`) to alerting & recording rules and the metrics used in their expressions (`expr`). Label name is this field’s value. Label value is the namespace of the created object (mentioned above).
`enforcedSampleLimit` uint64	EnforcedSampleLimit defines global limit on number of scraped samples that will be accepted. This overrides any SampleLimit set per ServiceMonitor or/and PodMonitor. It is meant to be used by admins to enforce the SampleLimit to keep overall number of samples/series under the desired limit. Note that if SampleLimit is lower that value will be taken instead.
`enforcedTargetLimit` uint64	EnforcedTargetLimit defines a global limit on the number of scraped targets. This overrides any TargetLimit set per ServiceMonitor or/and PodMonitor. It is meant to be used by admins to enforce the TargetLimit to keep the overall number of targets under the desired limit. Note that if TargetLimit is lower, that value will be taken instead, except if either value is zero, in which case the non-zero value will be used. If both values are zero, no limit is enforced.
`enforcedLabelLimit` uint64	Per-scrape limit on number of labels that will be accepted for a sample. If more than this number of labels are present post metric-relabeling, the entire scrape will be treated as failed. 0 means no limit. Only valid in Prometheus versions 2.27.0 and newer.
`enforcedLabelNameLengthLimit` uint64	Per-scrape limit on length of labels name that will be accepted for a sample. If a label name is longer than this number post metric-relabeling, the entire scrape will be treated as failed. 0 means no limit. Only valid in Prometheus versions 2.27.0 and newer.
`enforcedLabelValueLengthLimit` uint64	Per-scrape limit on length of labels value that will be accepted for a sample. If a label value is longer than this number post metric-relabeling, the entire scrape will be treated as failed. 0 means no limit. Only valid in Prometheus versions 2.27.0 and newer.
`enforcedBodySizeLimit` ByteSize	EnforcedBodySizeLimit defines the maximum size of uncompressed response body that will be accepted by Prometheus. Targets responding with a body larger than this many bytes will cause the scrape to fail. Example: 100MB. If defined, the limit will apply to all service/pod monitors and probes. This is an experimental feature, this behaviour could change or be removed in the future. Only valid in Prometheus versions 2.28.0 and newer.
`minReadySeconds` uint32	(Optional) Minimum number of seconds for which a newly created pod should be ready without any of its container crashing for it to be considered available. Defaults to 0 (pod will be considered available as soon as it is ready) This is an alpha field from kubernetes 1.22 until 1.24 which requires enabling the StatefulSetMinReadySeconds feature gate.
`hostAliases` []HostAlias	Pods’ hostAliases configuration
`additionalArgs` []Argument	AdditionalArgs allows setting additional arguments for the Prometheus container. It is intended for e.g. activating hidden flags which are not supported by the dedicated configuration options yet. The arguments are passed as-is to the Prometheus container which may cause issues if they are invalid or not supported by the given Prometheus version. In case of an argument conflict (e.g. an argument which is already set by the operator itself) or when providing an invalid argument the reconciliation will fail and an error will be logged.
`walCompression` bool	Enable compression of the write-ahead log using Snappy. This flag is only available in versions of Prometheus >= 2.11.0.
`excludedFromEnforcement` []ObjectReference	List of references to PodMonitor, ServiceMonitor, Probe and PrometheusRule objects to be excluded from enforcing a namespace label of origin. Applies only if enforcedNamespaceLabel set to true.
`hostNetwork` bool	Use the host’s network namespace if true. Make sure to understand the security implications if you want to enable it. When hostNetwork is enabled, this will set dnsPolicy to ClusterFirstWithHostNet automatically.
`podTargetLabels` []string	PodTargetLabels are added to all Pod/ServiceMonitors’ podTargetLabels

PushoverConfig

(Appears on:Receiver)

PushoverConfig configures notifications via Pushover. See https://prometheus.io/docs/alerting/latest/configuration/#pushover_config

Field	Description
`sendResolved` bool	(Optional) Whether or not to notify about resolved alerts.
`userKey` Kubernetes core/v1.SecretKeySelector	The secret’s key that contains the recipient user’s user key. The secret needs to be in the same namespace as the AlertmanagerConfig object and accessible by the Prometheus Operator.
`token` Kubernetes core/v1.SecretKeySelector	The secret’s key that contains the registered application’s API token, see https://pushover.net/apps. The secret needs to be in the same namespace as the AlertmanagerConfig object and accessible by the Prometheus Operator.
`title` string	(Optional) Notification title.
`message` string	(Optional) Notification message.
`url` string	(Optional) A supplementary URL shown alongside the message.
`urlTitle` string	(Optional) A title for supplementary URL, otherwise just the URL is shown
`sound` string	(Optional) The name of one of the sounds supported by device clients to override the user’s default sound choice
`priority` string	(Optional) Priority, see https://pushover.net/api#priority
`retry` string	(Optional) How often the Pushover servers will send the same notification to the user. Must be at least 30 seconds.
`expire` string	(Optional) How long your notification will continue to be retried for, unless the user acknowledges the notification.
`html` bool	(Optional) Whether notification message is HTML or plain text.
`httpConfig` HTTPConfig	(Optional) HTTP client configuration.

Receiver

(Appears on:AlertmanagerConfigSpec)

Receiver defines one or more notification integrations.

Field	Description
`name` string	Name of the receiver. Must be unique across all items from the list.
`opsgenieConfigs` []OpsGenieConfig	List of OpsGenie configurations.
`pagerdutyConfigs` []PagerDutyConfig	List of PagerDuty configurations.
`slackConfigs` []SlackConfig	List of Slack configurations.
`webhookConfigs` []WebhookConfig	List of webhook configurations.
`wechatConfigs` []WeChatConfig	List of WeChat configurations.
`emailConfigs` []EmailConfig	List of Email configurations.
`victoropsConfigs` []VictorOpsConfig	List of VictorOps configurations.
`pushoverConfigs` []PushoverConfig	List of Pushover configurations.
`snsConfigs` []SNSConfig	List of SNS configurations
`telegramConfigs` []TelegramConfig	List of Telegram configurations.

Route

(Appears on:AlertmanagerConfigSpec)

Route defines a node in the routing tree.

Field	Description
`receiver` string	(Optional) Name of the receiver for this route. If not empty, it should be listed in the `receivers` field.
`groupBy` []string	(Optional) List of labels to group by. Labels must not be repeated (unique list). Special label “…” (aggregate by all possible labels), if provided, must be the only element in the list.
`groupWait` string	(Optional) How long to wait before sending the initial notification. Must match the regular expression`^(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?$` Example: “30s”
`groupInterval` string	(Optional) How long to wait before sending an updated notification. Must match the regular expression`^(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?$` Example: “5m”
`repeatInterval` string	(Optional) How long to wait before repeating the last notification. Must match the regular expression`^(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?$` Example: “4h”
`matchers` []Matcher	(Optional) List of matchers that the alert’s labels should match. For the first level route, the operator removes any existing equality and regexp matcher on the `namespace` label and adds a `namespace: <object namespace>` matcher.
`continue` bool	(Optional) Boolean indicating whether an alert should continue matching subsequent sibling nodes. It will always be overridden to true for the first-level route by the Prometheus operator.
`routes` []k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/v1.JSON	Child routes.
`muteTimeIntervals` []string	(Optional) Note: this comment applies to the field definition above but appears below otherwise it gets included in the generated manifest. CRD schema doesn’t support self-referential types for now (see https://github.com/kubernetes/kubernetes/issues/62872). We have to use an alternative type to circumvent the limitation. The downside is that the Kube API can’t validate the data beyond the fact that it is a valid JSON representation. MuteTimeIntervals is a list of MuteTimeInterval names that will mute this route when matched,
`activeTimeIntervals` []string	(Optional) ActiveTimeIntervals is a list of MuteTimeInterval names when this route should be active.

SNSConfig

(Appears on:Receiver)

SNSConfig configures notifications via AWS SNS. See https://prometheus.io/docs/alerting/latest/configuration/#sns_configs

Field	Description
`sendResolved` bool	(Optional) Whether or not to notify about resolved alerts.
`apiURL` string	(Optional) The SNS API URL i.e. https://sns.us-east-2.amazonaws.com. If not specified, the SNS API URL from the SNS SDK will be used.
`sigv4` Sigv4	(Optional) Configures AWS’s Signature Verification 4 signing process to sign requests.
`topicARN` string	(Optional) SNS topic ARN, i.e. arn:aws:sns:us-east-2:698519295917:My-Topic If you don’t specify this value, you must specify a value for the PhoneNumber or TargetARN.
`subject` string	(Optional) Subject line when the message is delivered to email endpoints.
`phoneNumber` string	(Optional) Phone number if message is delivered via SMS in E.164 format. If you don’t specify this value, you must specify a value for the TopicARN or TargetARN.
`targetARN` string	(Optional) The mobile platform endpoint ARN if message is delivered via mobile notifications. If you don’t specify this value, you must specify a value for the topic_arn or PhoneNumber.
`message` string	(Optional) The message content of the SNS notification.
`attributes` map[string]string	(Optional) SNS message attributes.
`httpConfig` HTTPConfig	(Optional) HTTP client configuration.

SlackAction

(Appears on:SlackConfig)

SlackAction configures a single Slack action that is sent with each notification. See https://api.slack.com/docs/message-attachments#action_fields and https://api.slack.com/docs/message-buttons for more information.

Field	Description
`type` string
`text` string
`url` string	(Optional)
`style` string	(Optional)
`name` string	(Optional)
`value` string	(Optional)
`confirm` SlackConfirmationField	(Optional)

SlackConfig

(Appears on:Receiver)

SlackConfig configures notifications via Slack. See https://prometheus.io/docs/alerting/latest/configuration/#slack_config

Field	Description
`sendResolved` bool	(Optional) Whether or not to notify about resolved alerts.
`apiURL` Kubernetes core/v1.SecretKeySelector	(Optional) The secret’s key that contains the Slack webhook URL. The secret needs to be in the same namespace as the AlertmanagerConfig object and accessible by the Prometheus Operator.
`channel` string	(Optional) The channel or user to send notifications to.
`username` string	(Optional)
`color` string	(Optional)
`title` string	(Optional)
`titleLink` string	(Optional)
`pretext` string	(Optional)
`text` string	(Optional)
`fields` []SlackField	(Optional) A list of Slack fields that are sent with each notification.
`shortFields` bool	(Optional)
`footer` string	(Optional)
`fallback` string	(Optional)
`callbackId` string	(Optional)
`iconEmoji` string	(Optional)
`iconURL` string	(Optional)
`imageURL` string	(Optional)
`thumbURL` string	(Optional)
`linkNames` bool	(Optional)
`mrkdwnIn` []string	(Optional)
`actions` []SlackAction	(Optional) A list of Slack actions that are sent with each notification.
`httpConfig` HTTPConfig	(Optional) HTTP client configuration.

SlackConfirmationField

(Appears on:SlackAction)

SlackConfirmationField protect users from destructive actions or particularly distinguished decisions by asking them to confirm their button click one more time. See https://api.slack.com/docs/interactive-message-field-guide#confirmation_fields for more information.

Field	Description
`text` string
`title` string	(Optional)
`okText` string	(Optional)
`dismissText` string	(Optional)

SlackField

(Appears on:SlackConfig)

SlackField configures a single Slack field that is sent with each notification. Each field must contain a title, value, and optionally, a boolean value to indicate if the field is short enough to be displayed next to other fields designated as short. See https://api.slack.com/docs/message-attachments#fields for more information.

Field	Description
`title` string
`value` string
`short` bool	(Optional)

TelegramConfig

(Appears on:Receiver)

TelegramConfig configures notifications via Telegram. See https://prometheus.io/docs/alerting/latest/configuration/#telegram_config

Field	Description
`sendResolved` bool	(Optional) Whether to notify about resolved alerts.
`apiURL` string	(Optional) The Telegram API URL i.e. https://api.telegram.org. If not specified, default API URL will be used.
`botToken` Kubernetes core/v1.SecretKeySelector	Telegram bot token The secret needs to be in the same namespace as the AlertmanagerConfig object and accessible by the Prometheus Operator.
`chatID` int64	The Telegram chat ID.
`message` string	(Optional) Message template
`disableNotifications` bool	(Optional) Disable telegram notifications
`parseMode` string	(Optional) Parse mode for telegram message
`httpConfig` HTTPConfig	(Optional) HTTP client configuration.

Time (`string` alias)

(Appears on:TimeRange)

Time defines a time in 24hr format

TimeInterval

(Appears on:MuteTimeInterval)

TimeInterval describes intervals of time

Field	Description
`times` []TimeRange	(Optional) Times is a list of TimeRange
`weekdays` []WeekdayRange	(Optional) Weekdays is a list of WeekdayRange
`daysOfMonth` []DayOfMonthRange	(Optional) DaysOfMonth is a list of DayOfMonthRange
`months` []MonthRange	(Optional) Months is a list of MonthRange
`years` []YearRange	(Optional) Years is a list of YearRange

TimeRange

(Appears on:TimeInterval)

TimeRange defines a start and end time in 24hr format

Field	Description
`startTime` Time	StartTime is the start time in 24hr format.
`endTime` Time	EndTime is the end time in 24hr format.

VictorOpsConfig

(Appears on:Receiver)

VictorOpsConfig configures notifications via VictorOps. See https://prometheus.io/docs/alerting/latest/configuration/#victorops_config

Field	Description
`sendResolved` bool	(Optional) Whether or not to notify about resolved alerts.
`apiKey` Kubernetes core/v1.SecretKeySelector	(Optional) The secret’s key that contains the API key to use when talking to the VictorOps API. The secret needs to be in the same namespace as the AlertmanagerConfig object and accessible by the Prometheus Operator.
`apiUrl` string	(Optional) The VictorOps API URL.
`routingKey` string	(Optional) A key used to map the alert to a team.
`messageType` string	(Optional) Describes the behavior of the alert (CRITICAL, WARNING, INFO).
`entityDisplayName` string	(Optional) Contains summary of the alerted problem.
`stateMessage` string	(Optional) Contains long explanation of the alerted problem.
`monitoringTool` string	(Optional) The monitoring tool the state message is from.
`customFields` []KeyValue	(Optional) Additional custom fields for notification.
`httpConfig` HTTPConfig	(Optional) The HTTP client’s configuration.

WeChatConfig

(Appears on:Receiver)

WeChatConfig configures notifications via WeChat. See https://prometheus.io/docs/alerting/latest/configuration/#wechat_config

Field	Description
`sendResolved` bool	(Optional) Whether or not to notify about resolved alerts.
`apiSecret` Kubernetes core/v1.SecretKeySelector	(Optional) The secret’s key that contains the WeChat API key. The secret needs to be in the same namespace as the AlertmanagerConfig object and accessible by the Prometheus Operator.
`apiURL` string	(Optional) The WeChat API URL.
`corpID` string	(Optional) The corp id for authentication.
`agentID` string	(Optional)
`toUser` string	(Optional)
`toParty` string	(Optional)
`toTag` string	(Optional)
`message` string	API request data as defined by the WeChat API.
`messageType` string	(Optional)
`httpConfig` HTTPConfig	(Optional) HTTP client configuration.

WebhookConfig

(Appears on:Receiver)

WebhookConfig configures notifications via a generic receiver supporting the webhook payload. See https://prometheus.io/docs/alerting/latest/configuration/#webhook_config

Field	Description
`sendResolved` bool	(Optional) Whether or not to notify about resolved alerts.
`url` string	(Optional) The URL to send HTTP POST requests to. `urlSecret` takes precedence over `url`. One of `urlSecret` and `url` should be defined.
`urlSecret` Kubernetes core/v1.SecretKeySelector	(Optional) The secret’s key that contains the webhook URL to send HTTP requests to. `urlSecret` takes precedence over `url`. One of `urlSecret` and `url` should be defined. The secret needs to be in the same namespace as the AlertmanagerConfig object and accessible by the Prometheus Operator.
`httpConfig` HTTPConfig	(Optional) HTTP client configuration.
`maxAlerts` int32	(Optional) Maximum number of alerts to be sent per webhook message. When 0, all alerts are included.

Weekday (`string` alias)

Weekday is day of the week

Value	Description
"friday"
"monday"
"saturday"
"sunday"
"thursday"
"tuesday"
"wednesday"

WeekdayRange (`string` alias)

(Appears on:TimeInterval)

WeekdayRange is an inclusive range of days of the week beginning on Sunday Days can be specified by name (e.g ‘Sunday’) or as an inclusive range (e.g ‘Monday:Friday’)

YearRange (`string` alias)

(Appears on:TimeInterval)

YearRange is an inclusive range of years

monitoring.coreos.com/v1beta1

Resource Types:

AlertmanagerConfig

AlertmanagerConfig

AlertmanagerConfig defines a namespaced AlertmanagerConfig to be aggregated across multiple namespaces configuring one Alertmanager cluster.

Field Description

apiVersion
string monitoring.coreos.com/v1beta1

kind
string AlertmanagerConfig

metadata
Kubernetes meta/v1.ObjectMeta Refer to the Kubernetes API documentation for the fields of the metadata field.

spec
AlertmanagerConfigSpec

`route` Route	(Optional) The Alertmanager route definition for alerts matching the resource’s namespace. If present, it will be added to the generated Alertmanager configuration as a first-level route.
`receivers` []Receiver	(Optional) List of receivers.
`inhibitRules` []InhibitRule	(Optional) List of inhibition rules. The rules will only apply to alerts matching the resource’s namespace.
`timeIntervals` []TimeInterval	(Optional) List of TimeInterval specifying when the routes should be muted or active.

AlertmanagerConfigSpec

(Appears on:AlertmanagerConfig)

Field	Description
`route` Route	(Optional) The Alertmanager route definition for alerts matching the resource’s namespace. If present, it will be added to the generated Alertmanager configuration as a first-level route.
`receivers` []Receiver	(Optional) List of receivers.
`inhibitRules` []InhibitRule	(Optional) List of inhibition rules. The rules will only apply to alerts matching the resource’s namespace.
`timeIntervals` []TimeInterval	(Optional) List of TimeInterval specifying when the routes should be muted or active.

DayOfMonthRange

(Appears on:TimePeriod)

DayOfMonthRange is an inclusive range of days of the month beginning at 1

Field	Description
`start` int	Start of the inclusive range
`end` int	End of the inclusive range

EmailConfig

(Appears on:Receiver)

EmailConfig configures notifications via Email.

Field	Description
`sendResolved` bool	(Optional) Whether or not to notify about resolved alerts.
`to` string	(Optional) The email address to send notifications to.
`from` string	(Optional) The sender address.
`hello` string	(Optional) The hostname to identify to the SMTP server.
`smarthost` string	(Optional) The SMTP host and port through which emails are sent. E.g. example.com:25
`authUsername` string	(Optional) The username to use for authentication.
`authPassword` SecretKeySelector	The secret’s key that contains the password to use for authentication. The secret needs to be in the same namespace as the AlertmanagerConfig object and accessible by the Prometheus Operator.
`authSecret` SecretKeySelector	The secret’s key that contains the CRAM-MD5 secret. The secret needs to be in the same namespace as the AlertmanagerConfig object and accessible by the Prometheus Operator.
`authIdentity` string	(Optional) The identity to use for authentication.
`headers` []KeyValue	Further headers email header key/value pairs. Overrides any headers previously set by the notification implementation.
`html` string	(Optional) The HTML body of the email notification.
`text` string	(Optional) The text body of the email notification.
`requireTLS` bool	(Optional) The SMTP TLS requirement. Note that Go does not support unencrypted connections to remote SMTP endpoints.
`tlsConfig` SafeTLSConfig	(Optional) TLS configuration

HTTPConfig

(Appears on:OpsGenieConfig, PagerDutyConfig, PushoverConfig, SNSConfig, SlackConfig, TelegramConfig, VictorOpsConfig, WeChatConfig, WebhookConfig)

HTTPConfig defines a client HTTP configuration. See https://prometheus.io/docs/alerting/latest/configuration/#http_config

Field	Description
`authorization` SafeAuthorization	(Optional) Authorization header configuration for the client. This is mutually exclusive with BasicAuth and is only available starting from Alertmanager v0.22+.
`basicAuth` BasicAuth	(Optional) BasicAuth for the client. This is mutually exclusive with Authorization. If both are defined, BasicAuth takes precedence.
`oauth2` OAuth2	(Optional) OAuth2 client credentials used to fetch a token for the targets.
`bearerTokenSecret` SecretKeySelector	(Optional) The secret’s key that contains the bearer token to be used by the client for authentication. The secret needs to be in the same namespace as the AlertmanagerConfig object and accessible by the Prometheus Operator.
`tlsConfig` SafeTLSConfig	(Optional) TLS configuration for the client.
`proxyURL` string	(Optional) Optional proxy URL.
`followRedirects` bool	(Optional) FollowRedirects specifies whether the client should follow HTTP 3xx redirects.

InhibitRule

(Appears on:AlertmanagerConfigSpec)

InhibitRule defines an inhibition rule that allows to mute alerts when other alerts are already firing. See https://prometheus.io/docs/alerting/latest/configuration/#inhibit_rule

Field	Description
`targetMatch` []Matcher	Matchers that have to be fulfilled in the alerts to be muted. The operator enforces that the alert matches the resource’s namespace.
`sourceMatch` []Matcher	Matchers for which one or more alerts have to exist for the inhibition to take effect. The operator enforces that the alert matches the resource’s namespace.
`equal` []string	Labels that must have an equal value in the source and target alert for the inhibition to take effect.

KeyValue

(Appears on:EmailConfig, OpsGenieConfig, PagerDutyConfig, VictorOpsConfig)

KeyValue defines a (key, value) tuple.

Field	Description
`key` string	Key of the tuple.
`value` string	Value of the tuple.

MatchType (`string` alias)

(Appears on:Matcher)

MatchType is a comparison operator on a Matcher

Value	Description
"="
"!="
"!~"
"=~"

Matcher

(Appears on:InhibitRule, Route)

Matcher defines how to match on alert’s labels.

Field	Description
`name` string	Label to match.
`value` string	(Optional) Label value to match.
`matchType` MatchType	Match operator, one of `=` (equal to), `!=` (not equal to), `=~` (regex match) or `!~` (not regex match). Negative operators (`!=` and `!~`) require Alertmanager >= v0.22.0.

Month (`string` alias)

Month of the year

Value	Description
"april"
"august"
"december"
"february"
"january"
"july"
"june"
"march"
"may"
"november"
"october"
"september"

MonthRange (`string` alias)

(Appears on:TimePeriod)

OpsGenieConfig

(Appears on:Receiver)

OpsGenieConfig configures notifications via OpsGenie. See https://prometheus.io/docs/alerting/latest/configuration/#opsgenie_config

Field	Description
`sendResolved` bool	(Optional) Whether or not to notify about resolved alerts.
`apiKey` SecretKeySelector	(Optional) The secret’s key that contains the OpsGenie API key. The secret needs to be in the same namespace as the AlertmanagerConfig object and accessible by the Prometheus Operator.
`apiURL` string	(Optional) The URL to send OpsGenie API requests to.
`message` string	(Optional) Alert text limited to 130 characters.
`description` string	(Optional) Description of the incident.
`source` string	(Optional) Backlink to the sender of the notification.
`tags` string	(Optional) Comma separated list of tags attached to the notifications.
`note` string	(Optional) Additional alert note.
`priority` string	(Optional) Priority level of alert. Possible values are P1, P2, P3, P4, and P5.
`details` []KeyValue	(Optional) A set of arbitrary key/value pairs that provide further detail about the incident.
`responders` []OpsGenieConfigResponder	(Optional) List of responders responsible for notifications.
`httpConfig` HTTPConfig	(Optional) HTTP client configuration.
`entity` string	(Optional) Optional field that can be used to specify which domain alert is related to.
`actions` string	(Optional) Comma separated list of actions that will be available for the alert.

OpsGenieConfigResponder

(Appears on:OpsGenieConfig)

OpsGenieConfigResponder defines a responder to an incident. One of id, name or username has to be defined.

Field	Description
`id` string	(Optional) ID of the responder.
`name` string	(Optional) Name of the responder.
`username` string	(Optional) Username of the responder.
`type` string	Type of responder.

PagerDutyConfig

(Appears on:Receiver)

PagerDutyConfig configures notifications via PagerDuty. See https://prometheus.io/docs/alerting/latest/configuration/#pagerduty_config

Field	Description
`sendResolved` bool	(Optional) Whether or not to notify about resolved alerts.
`routingKey` SecretKeySelector	(Optional) The secret’s key that contains the PagerDuty integration key (when using Events API v2). Either this field or `serviceKey` needs to be defined. The secret needs to be in the same namespace as the AlertmanagerConfig object and accessible by the Prometheus Operator.
`serviceKey` SecretKeySelector	(Optional) The secret’s key that contains the PagerDuty service key (when using integration type “Prometheus”). Either this field or `routingKey` needs to be defined. The secret needs to be in the same namespace as the AlertmanagerConfig object and accessible by the Prometheus Operator.
`url` string	(Optional) The URL to send requests to.
`client` string	(Optional) Client identification.
`clientURL` string	(Optional) Backlink to the sender of notification.
`description` string	(Optional) Description of the incident.
`severity` string	(Optional) Severity of the incident.
`class` string	(Optional) The class/type of the event.
`group` string	(Optional) A cluster or grouping of sources.
`component` string	(Optional) The part or component of the affected system that is broken.
`details` []KeyValue	(Optional) Arbitrary key/value pairs that provide further detail about the incident.
`pagerDutyImageConfigs` []PagerDutyImageConfig	(Optional) A list of image details to attach that provide further detail about an incident.
`pagerDutyLinkConfigs` []PagerDutyLinkConfig	(Optional) A list of link details to attach that provide further detail about an incident.
`httpConfig` HTTPConfig	(Optional) HTTP client configuration.

PagerDutyImageConfig

(Appears on:PagerDutyConfig)

PagerDutyImageConfig attaches images to an incident

Field	Description
`src` string	(Optional) Src of the image being attached to the incident
`href` string	(Optional) Optional URL; makes the image a clickable link.
`alt` string	(Optional) Alt is the optional alternative text for the image.

PagerDutyLinkConfig

(Appears on:PagerDutyConfig)

PagerDutyLinkConfig attaches text links to an incident

Field	Description
`href` string	(Optional) Href is the URL of the link to be attached
`alt` string	(Optional) Text that describes the purpose of the link, and can be used as the link’s text.

ParsedRange

ParsedRange is an integer representation of a range

Field	Description
`start` int	Start is the beginning of the range
`end` int	End of the range

PushoverConfig

(Appears on:Receiver)

PushoverConfig configures notifications via Pushover. See https://prometheus.io/docs/alerting/latest/configuration/#pushover_config

Field	Description
`sendResolved` bool	(Optional) Whether or not to notify about resolved alerts.
`userKey` SecretKeySelector	The secret’s key that contains the recipient user’s user key. The secret needs to be in the same namespace as the AlertmanagerConfig object and accessible by the Prometheus Operator.
`token` SecretKeySelector	The secret’s key that contains the registered application’s API token, see https://pushover.net/apps. The secret needs to be in the same namespace as the AlertmanagerConfig object and accessible by the Prometheus Operator.
`title` string	(Optional) Notification title.
`message` string	(Optional) Notification message.
`url` string	(Optional) A supplementary URL shown alongside the message.
`urlTitle` string	(Optional) A title for supplementary URL, otherwise just the URL is shown
`sound` string	(Optional) The name of one of the sounds supported by device clients to override the user’s default sound choice
`priority` string	(Optional) Priority, see https://pushover.net/api#priority
`retry` string	(Optional) How often the Pushover servers will send the same notification to the user. Must be at least 30 seconds.
`expire` string	(Optional) How long your notification will continue to be retried for, unless the user acknowledges the notification.
`html` bool	(Optional) Whether notification message is HTML or plain text.
`httpConfig` HTTPConfig	(Optional) HTTP client configuration.

Receiver

(Appears on:AlertmanagerConfigSpec)

Receiver defines one or more notification integrations.

Field	Description
`name` string	Name of the receiver. Must be unique across all items from the list.
`opsgenieConfigs` []OpsGenieConfig	List of OpsGenie configurations.
`pagerdutyConfigs` []PagerDutyConfig	List of PagerDuty configurations.
`slackConfigs` []SlackConfig	List of Slack configurations.
`webhookConfigs` []WebhookConfig	List of webhook configurations.
`wechatConfigs` []WeChatConfig	List of WeChat configurations.
`emailConfigs` []EmailConfig	List of Email configurations.
`victoropsConfigs` []VictorOpsConfig	List of VictorOps configurations.
`pushoverConfigs` []PushoverConfig	List of Pushover configurations.
`snsConfigs` []SNSConfig	List of SNS configurations
`telegramConfigs` []TelegramConfig	List of Telegram configurations.

Route

(Appears on:AlertmanagerConfigSpec)

Route defines a node in the routing tree.

Field	Description
`receiver` string	(Optional) Name of the receiver for this route. If not empty, it should be listed in the `receivers` field.
`groupBy` []string	(Optional) List of labels to group by. Labels must not be repeated (unique list). Special label “…” (aggregate by all possible labels), if provided, must be the only element in the list.
`groupWait` string	(Optional) How long to wait before sending the initial notification. Must match the regular expression`^(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?$` Example: “30s”
`groupInterval` string	(Optional) How long to wait before sending an updated notification. Must match the regular expression`^(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?$` Example: “5m”
`repeatInterval` string	(Optional) How long to wait before repeating the last notification. Must match the regular expression`^(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?$` Example: “4h”
`matchers` []Matcher	(Optional) List of matchers that the alert’s labels should match. For the first level route, the operator removes any existing equality and regexp matcher on the `namespace` label and adds a `namespace: <object namespace>` matcher.
`continue` bool	(Optional) Boolean indicating whether an alert should continue matching subsequent sibling nodes. It will always be overridden to true for the first-level route by the Prometheus operator.
`routes` []k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/v1.JSON	Child routes.
`muteTimeIntervals` []string	(Optional) Note: this comment applies to the field definition above but appears below otherwise it gets included in the generated manifest. CRD schema doesn’t support self-referential types for now (see https://github.com/kubernetes/kubernetes/issues/62872). We have to use an alternative type to circumvent the limitation. The downside is that the Kube API can’t validate the data beyond the fact that it is a valid JSON representation. MuteTimeIntervals is a list of TimeInterval names that will mute this route when matched.
`activeTimeIntervals` []string	(Optional) ActiveTimeIntervals is a list of TimeInterval names when this route should be active.

SNSConfig

(Appears on:Receiver)

SNSConfig configures notifications via AWS SNS. See https://prometheus.io/docs/alerting/latest/configuration/#sns_configs

Field	Description
`sendResolved` bool	(Optional) Whether or not to notify about resolved alerts.
`apiURL` string	(Optional) The SNS API URL i.e. https://sns.us-east-2.amazonaws.com. If not specified, the SNS API URL from the SNS SDK will be used.
`sigv4` Sigv4	(Optional) Configures AWS’s Signature Verification 4 signing process to sign requests.
`topicARN` string	(Optional) SNS topic ARN, i.e. arn:aws:sns:us-east-2:698519295917:My-Topic If you don’t specify this value, you must specify a value for the PhoneNumber or TargetARN.
`subject` string	(Optional) Subject line when the message is delivered to email endpoints.
`phoneNumber` string	(Optional) Phone number if message is delivered via SMS in E.164 format. If you don’t specify this value, you must specify a value for the TopicARN or TargetARN.
`targetARN` string	(Optional) The mobile platform endpoint ARN if message is delivered via mobile notifications. If you don’t specify this value, you must specify a value for the topic_arn or PhoneNumber.
`message` string	(Optional) The message content of the SNS notification.
`attributes` map[string]string	(Optional) SNS message attributes.
`httpConfig` HTTPConfig	(Optional) HTTP client configuration.

SecretKeySelector

(Appears on:EmailConfig, HTTPConfig, OpsGenieConfig, PagerDutyConfig, PushoverConfig, SlackConfig, TelegramConfig, VictorOpsConfig, WeChatConfig, WebhookConfig)

SecretKeySelector selects a key of a Secret.

Field	Description
`name` string	The name of the secret in the object’s namespace to select from.
`key` string	The key of the secret to select from. Must be a valid secret key.

SlackAction

(Appears on:SlackConfig)

Field	Description
`type` string
`text` string
`url` string	(Optional)
`style` string	(Optional)
`name` string	(Optional)
`value` string	(Optional)
`confirm` SlackConfirmationField	(Optional)

SlackConfig

(Appears on:Receiver)

SlackConfig configures notifications via Slack. See https://prometheus.io/docs/alerting/latest/configuration/#slack_config

Field	Description
`sendResolved` bool	(Optional) Whether or not to notify about resolved alerts.
`apiURL` SecretKeySelector	(Optional) The secret’s key that contains the Slack webhook URL. The secret needs to be in the same namespace as the AlertmanagerConfig object and accessible by the Prometheus Operator.
`channel` string	(Optional) The channel or user to send notifications to.
`username` string	(Optional)
`color` string	(Optional)
`title` string	(Optional)
`titleLink` string	(Optional)
`pretext` string	(Optional)
`text` string	(Optional)
`fields` []SlackField	(Optional) A list of Slack fields that are sent with each notification.
`shortFields` bool	(Optional)
`footer` string	(Optional)
`fallback` string	(Optional)
`callbackId` string	(Optional)
`iconEmoji` string	(Optional)
`iconURL` string	(Optional)
`imageURL` string	(Optional)
`thumbURL` string	(Optional)
`linkNames` bool	(Optional)
`mrkdwnIn` []string	(Optional)
`actions` []SlackAction	(Optional) A list of Slack actions that are sent with each notification.
`httpConfig` HTTPConfig	(Optional) HTTP client configuration.

SlackConfirmationField

(Appears on:SlackAction)

Field	Description
`text` string
`title` string	(Optional)
`okText` string	(Optional)
`dismissText` string	(Optional)

SlackField

(Appears on:SlackConfig)

Field	Description
`title` string
`value` string
`short` bool	(Optional)

TelegramConfig

(Appears on:Receiver)

TelegramConfig configures notifications via Telegram. See https://prometheus.io/docs/alerting/latest/configuration/#telegram_config

Field	Description
`sendResolved` bool	(Optional) Whether to notify about resolved alerts.
`apiURL` string	(Optional) The Telegram API URL i.e. https://api.telegram.org. If not specified, default API URL will be used.
`botToken` SecretKeySelector	Telegram bot token The secret needs to be in the same namespace as the AlertmanagerConfig object and accessible by the Prometheus Operator.
`chatID` int64	The Telegram chat ID.
`message` string	(Optional) Message template
`disableNotifications` bool	(Optional) Disable telegram notifications
`parseMode` string	(Optional) Parse mode for telegram message
`httpConfig` HTTPConfig	(Optional) HTTP client configuration.

Time (`string` alias)

(Appears on:TimeRange)

Time defines a time in 24hr format

TimeInterval

(Appears on:AlertmanagerConfigSpec)

TimeInterval specifies the periods in time when notifications will be muted or active.

Field	Description
`name` string	Name of the time interval.
`timeIntervals` []TimePeriod	TimeIntervals is a list of TimePeriod.

TimePeriod

(Appears on:TimeInterval)

TimePeriod describes periods of time.

Field	Description
`times` []TimeRange	(Optional) Times is a list of TimeRange
`weekdays` []WeekdayRange	(Optional) Weekdays is a list of WeekdayRange
`daysOfMonth` []DayOfMonthRange	(Optional) DaysOfMonth is a list of DayOfMonthRange
`months` []MonthRange	(Optional) Months is a list of MonthRange
`years` []YearRange	(Optional) Years is a list of YearRange

TimeRange

(Appears on:TimePeriod)

TimeRange defines a start and end time in 24hr format

Field	Description
`startTime` Time	StartTime is the start time in 24hr format.
`endTime` Time	EndTime is the end time in 24hr format.

VictorOpsConfig

(Appears on:Receiver)

VictorOpsConfig configures notifications via VictorOps. See https://prometheus.io/docs/alerting/latest/configuration/#victorops_config

Field	Description
`sendResolved` bool	(Optional) Whether or not to notify about resolved alerts.
`apiKey` SecretKeySelector	(Optional) The secret’s key that contains the API key to use when talking to the VictorOps API. The secret needs to be in the same namespace as the AlertmanagerConfig object and accessible by the Prometheus Operator.
`apiUrl` string	(Optional) The VictorOps API URL.
`routingKey` string	(Optional) A key used to map the alert to a team.
`messageType` string	(Optional) Describes the behavior of the alert (CRITICAL, WARNING, INFO).
`entityDisplayName` string	(Optional) Contains summary of the alerted problem.
`stateMessage` string	(Optional) Contains long explanation of the alerted problem.
`monitoringTool` string	(Optional) The monitoring tool the state message is from.
`customFields` []KeyValue	(Optional) Additional custom fields for notification.
`httpConfig` HTTPConfig	(Optional) The HTTP client’s configuration.

WeChatConfig

(Appears on:Receiver)

WeChatConfig configures notifications via WeChat. See https://prometheus.io/docs/alerting/latest/configuration/#wechat_config

Field	Description
`sendResolved` bool	(Optional) Whether or not to notify about resolved alerts.
`apiSecret` SecretKeySelector	(Optional) The secret’s key that contains the WeChat API key. The secret needs to be in the same namespace as the AlertmanagerConfig object and accessible by the Prometheus Operator.
`apiURL` string	(Optional) The WeChat API URL.
`corpID` string	(Optional) The corp id for authentication.
`agentID` string	(Optional)
`toUser` string	(Optional)
`toParty` string	(Optional)
`toTag` string	(Optional)
`message` string	API request data as defined by the WeChat API.
`messageType` string	(Optional)
`httpConfig` HTTPConfig	(Optional) HTTP client configuration.

WebhookConfig

(Appears on:Receiver)

WebhookConfig configures notifications via a generic receiver supporting the webhook payload. See https://prometheus.io/docs/alerting/latest/configuration/#webhook_config

Field	Description
`sendResolved` bool	(Optional) Whether or not to notify about resolved alerts.
`url` string	(Optional) The URL to send HTTP POST requests to. `urlSecret` takes precedence over `url`. One of `urlSecret` and `url` should be defined.
`urlSecret` SecretKeySelector	(Optional) The secret’s key that contains the webhook URL to send HTTP requests to. `urlSecret` takes precedence over `url`. One of `urlSecret` and `url` should be defined. The secret needs to be in the same namespace as the AlertmanagerConfig object and accessible by the Prometheus Operator.
`httpConfig` HTTPConfig	(Optional) HTTP client configuration.
`maxAlerts` int32	(Optional) Maximum number of alerts to be sent per webhook message. When 0, all alerts are included.

Weekday (`string` alias)

Weekday is day of the week

Value	Description
"friday"
"monday"
"saturday"
"sunday"
"thursday"
"tuesday"
"wednesday"

WeekdayRange (`string` alias)

(Appears on:TimePeriod)

WeekdayRange is an inclusive range of days of the week beginning on Sunday Days can be specified by name (e.g ‘Sunday’) or as an inclusive range (e.g ‘Monday:Friday’)

YearRange (`string` alias)

(Appears on:TimePeriod)

YearRange is an inclusive range of years

455 KiB Raw Blame History Unescape Escape

monitoring.coreos.com/v1

Alertmanager

PodMonitor

Probe

Prometheus

PrometheusRule

ServiceMonitor

ThanosRuler

APIServerConfig

AlertingSpec

AlertmanagerConfigMatcherStrategy

AlertmanagerConfiguration

AlertmanagerEndpoints

AlertmanagerGlobalConfig

AlertmanagerSpec

AlertmanagerStatus

AlertmanagerWebSpec

ArbitraryFSAccessThroughSMsConfig

Argument

AttachMetadata

Authorization

AuthorizationValidationError

BasicAuth

ByteSize (string alias)

CommonPrometheusFields

Condition

ConditionStatus (string alias)

ConditionType (string alias)

Duration (string alias)

EmbeddedObjectMetadata

EmbeddedPersistentVolumeClaim

Endpoint

Exemplars

GoDuration (string alias)

HTTPConfig

HostAlias

LabelName (string alias)

MetadataConfig

NamespaceSelector

OAuth2

OAuth2ValidationError

ObjectReference

PodMetricsEndpoint

PodMetricsEndpointTLSConfig

PodMonitorSpec

ProbeSpec

ProbeTLSConfig

ProbeTargetIngress

ProbeTargetStaticConfig

ProbeTargets

ProbeTargetsValidationError

ProberSpec

PrometheusRuleExcludeConfig

PrometheusRuleSpec

PrometheusSpec

PrometheusStatus

PrometheusWebSpec

QuerySpec

QueueConfig

RelabelConfig

RemoteReadSpec

RemoteWriteSpec

Rule

RuleGroup

Rules

RulesAlert

SafeAuthorization

SafeTLSConfig

SecretOrConfigMap

SecretOrConfigMapValidationError

ServiceMonitorSpec

ShardStatus

Sigv4

StorageSpec

TLSConfig

TLSConfigValidationError

TSDBSpec

ThanosRulerSpec

ThanosRulerStatus

455 KiB

Raw Blame History

ByteSize (`string` alias)

ConditionStatus (`string` alias)

ConditionType (`string` alias)

Duration (`string` alias)

GoDuration (`string` alias)

LabelName (`string` alias)

MatchType (`string` alias)

Month (`string` alias)

MonthRange (`string` alias)

Time (`string` alias)

Weekday (`string` alias)

WeekdayRange (`string` alias)

YearRange (`string` alias)

MatchType (`string` alias)

Month (`string` alias)

MonthRange (`string` alias)