# yaml-language-server: $schema=values.schema.json # Default values for prometheus. # This is a YAML-formatted file. # Declare variables to be passed into your templates. rbac: create: false ## Define serviceAccount names for components. Defaults to component's fully qualified name. ## serviceAccounts: server: create: false name: "vault" ## Opt out of automounting Kubernetes API credentials. ## It will be overriden by server.automountServiceAccountToken value, if set. automountServiceAccountToken: true ## Monitors ConfigMap changes and POSTs to a URL ## Ref: https://github.com/prometheus-operator/prometheus-operator/tree/main/cmd/prometheus-config-reloader ## configmapReload: prometheus: ## If false, the configmap-reload container will not be deployed ## enabled: false server: ## Prometheus server container name ## name: server ## Opt out of automounting Kubernetes API credentials. ## If set it will override serviceAccounts.server.automountServiceAccountToken value for ServiceAccount. automountServiceAccountToken: true ## Prometheus server container image ## image: repository: harbor.avroid.tech/quay-proxy/prometheus/prometheus ## External URL which can access prometheus ## Maybe same with Ingress host name baseURL: "cloud-k8s-prometheus.avroid.tech" ## Additional server container environment variables ## ## You specify this manually like you would a raw deployment manifest. ## This means you can bind in environment variables from secrets. ## ## e.g. static environment variable: ## - name: DEMO_GREETING ## value: "Hello from the environment" ## ## e.g. secret environment variable: ## - name: USERNAME ## valueFrom: ## secretKeyRef: ## name: mysecret ## key: username env: - name: CONSUL_SECRET valueFrom: secretKeyRef: name: prometheus-secret key: consul.secret ## Additional Prometheus server Secret mounts # Defines additional mounts with secrets. Secrets must be manually created in the namespace. extraSecretMounts: - name: consul-secret mountPath: /etc/secrets subPath: "consul-secret" secretName: prometheus-secret readOnly: true ingress: ## If true, Prometheus server Ingress will be created ## enabled: true # For Kubernetes >= 1.18 you should specify the ingress-controller via the field ingressClassName # See https://kubernetes.io/blog/2020/04/02/improvements-to-the-ingress-api-in-kubernetes-1.18/#specifying-the-class-of-an-ingress ingressClassName: nginx ## Prometheus server Ingress annotations ## annotations: kubernetes.io/ingress.class: nginx ## Prometheus server Ingress hostnames with optional path (passed through tpl) ## Must be provided if Ingress is enabled ## hosts: - cloud-k8s-prometheus.avroid.tech path: / # pathType is only for k8s >= 1.18 pathType: Prefix ## Node labels for Prometheus server pod assignment ## Ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/ ## nodeSelector: node-role.kubernetes.io/worker: "" persistentVolume: ## If true, Prometheus server will create/use a Persistent Volume Claim ## If false, use emptyDir ## enabled: false emptyDir: ## Prometheus server emptyDir volume size limit ## sizeLimit: "1Gi" ## Annotations to be added to Prometheus server pods ## podAnnotations: vault.security.banzaicloud.io/vault-addr: "https://vault.avroid.tech" vault.security.banzaicloud.io/vault-role: "cloud-prod" vault.security.banzaicloud.io/vault-skip-verify: "false" vault.security.banzaicloud.io/vault-path: "avroid-office" vault.security.banzaicloud.io/run-as-non-root: "true" vault.security.banzaicloud.io/run-as-user: "65534" vault.security.banzaicloud.io/run-as-group: "65534" ## Use a StatefulSet if replicaCount needs to be greater than 1 (see below) ## replicaCount: 1 ## Annotations to be added to deployment ## deploymentAnnotations: vault.security.banzaicloud.io/vault-addr: "https://vault.avroid.tech" vault.security.banzaicloud.io/vault-role: "cloud-prod" vault.security.banzaicloud.io/vault-skip-verify: "false" vault.security.banzaicloud.io/vault-path: "avroid-office" vault.security.banzaicloud.io/run-as-non-root: "true" vault.security.banzaicloud.io/run-as-user: "65534" vault.security.banzaicloud.io/run-as-group: "65534" ## Prometheus server resource requests and limits ## Ref: http://kubernetes.io/docs/user-guide/compute-resources/ ## resources: requests: cpu: 500m memory: 512Mi limits: cpu: 750m memory: 768Mi ## Prometheus' data retention size. Supported units: B, KB, MB, GB, TB, PB, EB. ## retentionSize: "512MB" ## Prometheus server ConfigMap entries ## serverFiles: prometheus.yml: rule_files: - /etc/config/recording_rules.yml - /etc/config/alerting_rules.yml ## Below two files are DEPRECATED will be removed from this default values file - /etc/config/rules - /etc/config/alerts scrape_configs: - job_name: prometheus static_configs: - targets: - localhost:9090 - job_name: postgres_exporter consul_sd_configs: - server: consul.avroid.tech scheme: https datacenter: "avroid-office" tags: [ k8s_postgres_exporter ] services: [ monitoring_k8s_postgres_exporter ] authorization: credentials_file: /etc/secrets/consul-secret/consul_secret relabel_configs: - source_labels: [ __meta_consul_service_metadata_metrics_path ] target_label: __metrics_path__ - source_labels: [ __meta_consul_service_metadata_job_name ] target_label: job - source_labels: [ __meta_consul_service_metadata_auth_module ] target_label: __param_auth_module - source_labels: [ __meta_consul_service_metadata_ssl_mode ] target_label: __param_sslmode - source_labels: [ __address__,__meta_consul_service_metadata_db_name ] separator: "/" target_label: __param_target - source_labels: [ __meta_consul_node ] target_label: instance regex: "([^:]+).*" replacement: '${1}' - target_label: __address__ replacement: cloud-postgres-exporter-prometheus-postgres-exporter:9187 - job_name: redis_exporter consul_sd_configs: - server: consul.avroid.tech scheme: https datacenter: "avroid-office" tags: [ k8s_redis_exporter ] services: [ monitoring_k8s_redis_exporter ] authorization: credentials: /etc/secrets/consul-secret/consul_secret relabel_configs: - source_labels: [ __meta_consul_service_metadata_metrics_path ] target_label: __metrics_path__ - source_labels: [ __meta_consul_service_metadata_job_name ] target_label: job - source_labels: [ __address__ ] target_label: __param_target - source_labels: [ __meta_consul_node ] target_label: instance regex: "([^:]+).*" replacement: '${1}' - target_label: __address__ replacement: cloud-redis-exporter-prometheus-redis-exporter:9121 - job_name: patroni_exporter consul_sd_configs: - server: consul.avroid.tech scheme: https datacenter: "avroid-office" tags: [ k8s_patroni_exporter ] services: [ monitoring_k8s_patroni_exporter ] authorization: credentials: /etc/secrets/consul-secret/consul_secret relabel_configs: - source_labels: [ __meta_consul_service_metadata_metrics_path ] target_label: __metrics_path__ - source_labels: [ __meta_consul_service_metadata_job_name ] target_label: job - source_labels: [ __address__ ] target_label: __param_target - source_labels: [ __meta_consul_node ] target_label: instance regex: "([^:]+).*" replacement: '${1}' # Configuration of subcharts defined in Chart.yaml ## alertmanager sub-chart configurable values ## Please see https://github.com/prometheus-community/helm-charts/tree/main/charts/alertmanager ## alertmanager: ## If false, alertmanager will not be installed ## enabled: false ## kube-state-metrics sub-chart configurable values ## Please see https://github.com/prometheus-community/helm-charts/tree/main/charts/kube-state-metrics ## kube-state-metrics: ## If false, kube-state-metrics sub-chart will not be installed ## enabled: false ## prometheus-node-exporter sub-chart configurable values ## Please see https://github.com/prometheus-community/helm-charts/tree/main/charts/prometheus-node-exporter ## prometheus-node-exporter: ## If false, node-exporter will not be installed ## enabled: false ## prometheus-pushgateway sub-chart configurable values ## Please see https://github.com/prometheus-community/helm-charts/tree/main/charts/prometheus-pushgateway ## prometheus-pushgateway: ## If false, pushgateway will not be installed ## enabled: false