Update prometheus chart to 15.10.1 (Prometheus 2.34.0)
Required to run on Kubernetes 1.22+.
Change-Id: I87f808c1b6b34c844fdc257fdbdf87813c543315
diff --git a/charts/prometheus/VERSION b/charts/prometheus/VERSION
index 4044f90..08aeefc 100644
--- a/charts/prometheus/VERSION
+++ b/charts/prometheus/VERSION
@@ -1 +1 @@
-12.0.0
+15.10.1
diff --git a/charts/prometheus/prometheus.yaml b/charts/prometheus/prometheus.yaml
index e21af18..6c6d6e6 100644
--- a/charts/prometheus/prometheus.yaml
+++ b/charts/prometheus/prometheus.yaml
@@ -50,12 +50,16 @@
##
image:
repository: quay.io/prometheus/alertmanager
- tag: v0.21.0
+ tag: v0.23.0
pullPolicy: IfNotPresent
## alertmanager priorityClassName
##
priorityClassName: ""
+ ## Custom HTTP headers for Readiness Probe
+ ##
+ ## Useful for providing HTTP Basic Auth to healthchecks
+ probeHeaders: []
## Additional alertmanager container arguments
##
@@ -87,6 +91,13 @@
# secretName: alertmanager-secret-files
# readOnly: true
+ ## Additional alertmanager Configmap mounts
+ extraConfigmapMounts: []
+ # - name: template-files
+ # mountPath: /etc/config/templates.d
+ # configMap: alertmanager-template-files
+ # readOnly: true
+
## ConfigMap override where fullname is {{.Release.Name}}-{{.Values.alertmanager.configMapOverrideName}}
## Defining configMapOverrideName will cause templates/alertmanager-configmap.yaml
## to NOT generate a ConfigMap resource
@@ -109,6 +120,10 @@
##
enabled: false
+ # For Kubernetes >= 1.18 you should specify the ingress-controller via the field ingressClassName
+ # See https://kubernetes.io/blog/2020/04/02/improvements-to-the-ingress-api-in-kubernetes-1.18/#specifying-the-class-of-an-ingress
+ ingressClassName: nginx
+
## alertmanager Ingress annotations
##
annotations: {}
@@ -125,6 +140,10 @@
hosts: []
# - alertmanager.domain.com
# - domain.com/alertmanager
+ path: /
+
+ # pathType is only for k8s >= 1.18
+ pathType: Prefix
## Extra paths to prepend to every host configuration. This is useful when working with annotation based services.
extraPaths: []
@@ -226,6 +245,16 @@
##
subPath: ""
+ ## Persistent Volume Claim Selector
+ ## Useful if Persistent Volumes have been provisioned in advance
+ ## Ref: https://kubernetes.io/docs/concepts/storage/persistent-volumes/#selector
+ ##
+ # selector:
+ # matchLabels:
+ # release: "stable"
+ # matchExpressions:
+ # - { key: environment, operator: In, values: [ dev ] }
+
emptyDir:
## alertmanager emptyDir volume size limit
##
@@ -299,6 +328,18 @@
cpu: 10m
memory: 32Mi
+ # Custom DNS configuration to be added to alertmanager pods
+ dnsConfig: {}
+ # nameservers:
+ # - 1.2.3.4
+ # searches:
+ # - ns1.svc.cluster-domain.example
+ # - my.dns.search.suffix
+ # options:
+ # - name: ndots
+ # value: "2"
+ # - name: edns0
+
## Security context to be added to alertmanager pods
##
securityContext:
@@ -307,6 +348,9 @@
runAsGroup: 65534
fsGroup: 65534
+ ## Security context to be added to alertmanager container
+ containerSecurityContext: {}
+
service:
annotations: {}
labels: {}
@@ -328,6 +372,10 @@
sessionAffinity: None
type: ClusterIP
+ ## List of initial peers
+ ## Ref: https://github.com/prometheus/alertmanager/blob/main/README.md#high-availability
+ clusterPeers: []
+
## Monitors ConfigMap changes and POSTs to a URL
## Ref: https://github.com/jimmidyson/configmap-reload
##
@@ -343,8 +391,11 @@
##
image:
repository: jimmidyson/configmap-reload
- tag: v0.4.0
+ tag: v0.5.0
pullPolicy: IfNotPresent
+
+ # containerPort: 9533
+
## Additional configmap-reload container arguments
##
extraArgs: {}
@@ -359,6 +410,10 @@
# subPath: ""
# configMap: prometheus-alerts
# readOnly: true
+
+ ## Security context to be added to configmap-reload container
+ containerSecurityContext: {}
+
## configmap-reload resource requests and limits
## Ref: http://kubernetes.io/docs/user-guide/compute-resources/
##
@@ -374,8 +429,11 @@
##
image:
repository: jimmidyson/configmap-reload
- tag: v0.4.0
+ tag: v0.5.0
pullPolicy: IfNotPresent
+
+ # containerPort: 9533
+
## Additional configmap-reload container arguments
##
extraArgs: {}
@@ -390,6 +448,10 @@
# subPath: ""
# configMap: prometheus-alerts
# readOnly: true
+
+ ## Security context to be added to configmap-reload container
+ containerSecurityContext: {}
+
## configmap-reload resource requests and limits
## Ref: http://kubernetes.io/docs/user-guide/compute-resources/
##
@@ -401,7 +463,7 @@
enabled: false
## kube-state-metrics sub-chart configurable values
-## Please see https://github.com/helm/charts/tree/master/stable/kube-state-metrics
+## Please see https://github.com/prometheus-community/helm-charts/tree/main/charts/kube-state-metrics
##
# kube-state-metrics:
@@ -418,6 +480,10 @@
##
hostPID: true
+ ## If true, node-exporter pods mounts host / at /host/root
+ ##
+ hostRootfs: true
+
## node-exporter container name
##
name: node-exporter
@@ -426,7 +492,7 @@
##
image:
repository: quay.io/prometheus/node-exporter
- tag: v1.0.1
+ tag: v1.3.0
pullPolicy: IfNotPresent
## Specify if a Pod Security Policy for node-exporter must be created
@@ -516,10 +582,28 @@
# cpu: 100m
# memory: 30Mi
+ container:
+ securityContext:
+ allowPrivilegeEscalation: false
+ # Custom DNS configuration to be added to node-exporter pods
+ dnsConfig: {}
+ # nameservers:
+ # - 1.2.3.4
+ # searches:
+ # - ns1.svc.cluster-domain.example
+ # - my.dns.search.suffix
+ # options:
+ # - name: ndots
+ # value: "2"
+ # - name: edns0
+
## Security context to be added to node-exporter pods
##
- securityContext: {}
- # runAsUser: 0
+ securityContext:
+ fsGroup: 65534
+ runAsGroup: 65534
+ runAsNonRoot: true
+ runAsUser: 65534
service:
annotations:
@@ -528,7 +612,7 @@
# Exposed as a headless service:
# https://kubernetes.io/docs/concepts/services-networking/service/#headless-services
- clusterIP: None
+ clusterIP: ""
## List of IP addresses at which the node-exporter service is available
## Ref: https://kubernetes.io/docs/user-guide/services/#external-ips
@@ -560,6 +644,13 @@
# - yournamespace
name: server
+
+ # sidecarContainers - add more containers to prometheus server
+ # Key/Value where Key is the sidecar `- name: <Key>`
+ # Example:
+ # sidecarContainers:
+ # webserver:
+ # image: nginx
sidecarContainers:
#@ for instance in data.values.gerritServers.other:
#@ if instance.healthcheck:
@@ -581,11 +672,23 @@
#@ end
#@ end
+ # sidecarTemplateValues - context to be used in template for sidecarContainers
+ # Example:
+ # sidecarTemplateValues: *your-custom-globals
+ # sidecarContainers:
+ # webserver: |-
+ # {{ include "webserver-container-template" . }}
+ # Template for `webserver-container-template` might looks like this:
+ # image: "{{ .Values.server.sidecarTemplateValues.repository }}:{{ .Values.server.sidecarTemplateValues.tag }}"
+ # ...
+ #
+ sidecarTemplateValues: {}
+
## Prometheus server container image
##
image:
repository: quay.io/prometheus/prometheus
- tag: v2.22.1
+ tag: v2.34.0
pullPolicy: IfNotPresent
## prometheus server priorityClassName
@@ -624,6 +727,11 @@
## key: username
env: []
+ # List of flags to override default parameters, e.g:
+ # - --enable-feature=agent
+ # - --storage.agent.retention.max-time=30m
+ defaultFlagsOverride: []
+
extraFlags:
- web.enable-lifecycle
## web.enable-admin-api flag controls access to the administrative HTTP API which includes functionality such as
@@ -639,6 +747,10 @@
## Path to a configuration file on prometheus server container FS
configPath: /etc/config/prometheus.yml
+ ### The data directory used by prometheus to set --storage.tsdb.path
+ ### When empty server.persistentVolume.mountPath is used instead
+ storagePath: ""
+
global:
## How frequently to scrape targets by default
##
@@ -656,6 +768,11 @@
##
remoteRead: []
+ ## Custom HTTP headers for Liveness/Readiness/Startup Probe
+ ##
+ ## Useful for providing HTTP Basic Auth to healthchecks
+ probeHeaders: []
+
## Additional Prometheus server container arguments
##
extraArgs: {}
@@ -707,10 +824,13 @@
##
enabled: #@ not data.values.istio.enabled
+ # For Kubernetes >= 1.18 you should specify the ingress-controller via the field ingressClassName
+ # See https://kubernetes.io/blog/2020/04/02/improvements-to-the-ingress-api-in-kubernetes-1.18/#specifying-the-class-of-an-ingress
+ ingressClassName: nginx
+
## Prometheus server Ingress annotations
##
annotations:
- kubernetes.io/ingress.class: nginx
nginx.ingress.kubernetes.io/auth-type: basic
nginx.ingress.kubernetes.io/auth-secret: prometheus-basic-auth
nginx.ingress.kubernetes.io/auth-realm: 'Authentication Required'
@@ -728,6 +848,11 @@
# - prometheus.domain.com
# - domain.com/prometheus
+ path: /
+
+ # pathType is only for k8s >= 1.18
+ pathType: Prefix
+
## Extra paths to prepend to every host configuration. This is useful when working with annotation based services.
extraPaths: []
# - path: /*
@@ -834,6 +959,16 @@
##
subPath: ""
+ ## Persistent Volume Claim Selector
+ ## Useful if Persistent Volumes have been provisioned in advance
+ ## Ref: https://kubernetes.io/docs/concepts/storage/persistent-volumes/#selector
+ ##
+ # selector:
+ # matchLabels:
+ # release: "stable"
+ # matchExpressions:
+ # - { key: environment, operator: In, values: [ dev ] }
+
emptyDir:
## Prometheus server emptyDir volume size limit
##
@@ -900,16 +1035,23 @@
## Prometheus server readiness and liveness probe initial delay and timeout
## Ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-startup-probes/
##
+ tcpSocketProbeEnabled: false
+ probeScheme: HTTP
readinessProbeInitialDelay: 30
readinessProbePeriodSeconds: 5
- readinessProbeTimeout: 30
+ readinessProbeTimeout: 4
readinessProbeFailureThreshold: 3
readinessProbeSuccessThreshold: 1
livenessProbeInitialDelay: 30
livenessProbePeriodSeconds: 15
- livenessProbeTimeout: 30
+ livenessProbeTimeout: 10
livenessProbeFailureThreshold: 3
livenessProbeSuccessThreshold: 1
+ startupProbe:
+ enabled: false
+ periodSeconds: 5
+ failureThreshold: 30
+ timeoutSeconds: 10
## Prometheus server resource requests and limits
## Ref: http://kubernetes.io/docs/user-guide/compute-resources/
@@ -922,6 +1064,17 @@
cpu: 500m
memory: 512Mi
+ # Required for use in managed kubernetes clusters (such as AWS EKS) with custom CNI (such as calico),
+ # because control-plane managed by AWS cannot communicate with pods' IP CIDR and admission webhooks are not working
+ ##
+ hostNetwork: false
+
+ # When hostNetwork is enabled, you probably want to set this to ClusterFirstWithHostNet
+ dnsPolicy: ClusterFirst
+
+ # Use hostPort
+ # hostPort: 9090
+
## Vertical Pod Autoscaler config
## Ref: https://github.com/kubernetes/autoscaler/tree/master/vertical-pod-autoscaler
verticalAutoscaler:
@@ -931,6 +1084,17 @@
# containerPolicies:
# - containerName: 'prometheus-server'
+ # Custom DNS configuration to be added to prometheus server pods
+ dnsConfig: {}
+ # nameservers:
+ # - 1.2.3.4
+ # searches:
+ # - ns1.svc.cluster-domain.example
+ # - my.dns.search.suffix
+ # options:
+ # - name: ndots
+ # value: "2"
+ # - name: edns0
## Security context to be added to server pods
##
securityContext:
@@ -939,7 +1103,14 @@
runAsGroup: 65534
fsGroup: 65534
+ ## Security context to be added to server container
+ containerSecurityContext: {}
+
service:
+ ## If false, no Service will be created for the Prometheus server
+ ##
+ enabled: true
+
annotations: {}
labels: {}
clusterIP: ""
@@ -975,6 +1146,25 @@
##
retention: "15d"
+ ## Array of extra Kubernetes manifests, in form of YAML object,
+ ## if you want to deploy
+ extraObjects: []
+ # - apiVersion: v1
+ # kind: ConfigMap
+ # metadata:
+ # name: '{{ template "prometheus.name" . }}-extra-config'
+
+ ## Array of extra Kubernetes manifest, in form of template string,
+ ## if you want to deploy
+ extraTemplates: []
+ # - |
+ # apiVersion: v1
+ # kind: ConfigMap
+ # metadata:
+ # name: extra-config
+ # labels:
+ # {{- include "prometheus.server.labels" . | nindent 4 }}
+
pushgateway:
## If false, pushgateway will not be installed
##
@@ -993,7 +1183,7 @@
##
image:
repository: prom/pushgateway
- tag: v1.3.0
+ tag: v1.4.2
pullPolicy: IfNotPresent
## pushgateway priorityClassName
@@ -1014,6 +1204,10 @@
##
enabled: false
+ # For Kubernetes >= 1.18 you should specify the ingress-controller via the field ingressClassName
+ # See https://kubernetes.io/blog/2020/04/02/improvements-to-the-ingress-api-in-kubernetes-1.18/#specifying-the-class-of-an-ingress
+ ingressClassName: nginx
+
## pushgateway Ingress annotations
##
annotations: {}
@@ -1027,6 +1221,11 @@
# - pushgateway.domain.com
# - domain.com/pushgateway
+ path: /
+
+ # pathType is only for k8s >= 1.18
+ pathType: Prefix
+
## Extra paths to prepend to every host configuration. This is useful when working with annotation based services.
extraPaths: []
# - path: /*
@@ -1101,12 +1300,36 @@
# cpu: 10m
# memory: 32Mi
+ ## Vertical Pod Autoscaler config
+ ## Ref: https://github.com/kubernetes/autoscaler/tree/master/vertical-pod-autoscaler
+ verticalAutoscaler:
+ ## If true a VPA object will be created for the controller
+ enabled: false
+ # updateMode: "Auto"
+ # containerPolicies:
+ # - containerName: 'prometheus-pushgateway'
+
+ # Custom DNS configuration to be added to push-gateway pods
+ dnsConfig: {}
+ # nameservers:
+ # - 1.2.3.4
+ # searches:
+ # - ns1.svc.cluster-domain.example
+ # - my.dns.search.suffix
+ # options:
+ # - name: ndots
+ # value: "2"
+ # - name: edns0
+
## Security context to be added to push-gateway pods
##
securityContext:
runAsUser: 65534
runAsNonRoot: true
+ ## Security context to be added to push-gateway container
+ containerSecurityContext: {}
+
service:
annotations:
prometheus.io/probe: pushgateway
@@ -1199,6 +1422,9 @@
receiver: gerrit-admin
repeat_interval: 3h
+## Prometheus server ConfigMap entries for rule files (allow prometheus labels interpolation)
+ruleFiles: {}
+
## Prometheus server ConfigMap entries
##
serverFiles:
