@@ -89,6 +89,12 @@ type ClusterMonitoringSpec struct {
8989 // The current default value is `DefaultConfig`.
9090 // +optional
9191 AlertmanagerConfig AlertmanagerConfig `json:"alertmanagerConfig,omitempty,omitzero"`
92+ // prometheusK8sConfig provides configuration options for the Prometheus instance
93+ // Prometheus deployment, pod scheduling, resource allocation, retention policies, and external integrations.
94+ // prometheusK8sConfig is optional.
95+ // When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time.
96+ // +optional
97+ PrometheusK8sConfig PrometheusK8sConfig `json:"prometheusK8sConfig,omitempty,omitzero"`
9298 // metricsServerConfig is an optional field that can be used to configure the Kubernetes Metrics Server that runs in the openshift-monitoring namespace.
9399 // Specifically, it can configure how the Metrics Server instance is deployed, pod scheduling, its audit policy and log verbosity.
94100 // When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time.
@@ -416,6 +422,243 @@ type MetricsServerConfig struct {
416422 TopologySpreadConstraints []v1.TopologySpreadConstraint `json:"topologySpreadConstraints,omitempty"`
417423}
418424
425+ // PrometheusK8sConfig provides configuration options for the Prometheus instance
426+ // Use this configuration to control
427+ // Prometheus deployment, pod scheduling, resource allocation, retention policies, and external integrations.
428+ // +kubebuilder:validation:MinProperties=1
429+ type PrometheusK8sConfig struct {
430+ // additionalAlertmanagerConfigs configures additional Alertmanager instances that receive alerts from
431+ // the Prometheus component. By default, no additional Alertmanager instances are configured.
432+ // +optional
433+ // +kubebuilder:validation:MaxItems=10
434+ // +listType=atomic
435+ AdditionalAlertmanagerConfigs []AdditionalAlertmanagerConfig `json:"additionalAlertmanagerConfigs,omitempty"`
436+ // enforcedBodySizeLimit enforces a body size limit for Prometheus scraped metrics. If a scraped
437+ // target's body response is larger than the limit, the scrape will fail.
438+ // The following values are valid:
439+ // an empty value to specify no limit,
440+ // a numeric value in Prometheus size format (such as `64MB`), or
441+ // the string `automatic`, which indicates that the limit will be
442+ // automatically calculated based on cluster capacity.
443+ // The default value is empty, which indicates no limit.
444+ // +optional
445+ // +kubebuilder:validation:MaxLength=50
446+ EnforcedBodySizeLimit * string `json:"enforcedBodySizeLimit,omitempty"`
447+ // externalLabels defines labels to be added to any time series or alerts when
448+ // communicating with external systems such as federation, remote storage,
449+ // and Alertmanager. By default, no labels are added.
450+ // +optional
451+ ExternalLabels ExternalLabels `json:"externalLabels,omitempty,omitzero"`
452+ // logLevel defines the log level setting for Prometheus.
453+ // The possible values are: `error`, `warn`, `info`, and `debug`.
454+ // The default value is `info`.
455+ // +optional
456+ // +kubebuilder:validation:MaxLength=10
457+ LogLevel * string `json:"logLevel,omitempty"`
458+ // nodeSelector defines the nodes on which the Pods are scheduled.
459+ // +optional
460+ // +kubebuilder:validation:MinProperties=1
461+ // +kubebuilder:validation:MaxProperties=10
462+ NodeSelector map [string ]string `json:"nodeSelector,omitempty"`
463+ // queryLogFile specifies the file to which PromQL queries are logged.
464+ // This setting can be either a filename, in which
465+ // case the queries are saved to an `emptyDir` volume
466+ // at `/var/log/prometheus`, or a full path to a location where
467+ // an `emptyDir` volume will be mounted and the queries saved.
468+ // Writing to `/dev/stderr`, `/dev/stdout` or `/dev/null` is supported, but
469+ // writing to any other `/dev/` path is not supported. Relative paths are
470+ // also not supported.
471+ // By default, PromQL queries are not logged.
472+ // +optional
473+ // +kubebuilder:validation:MaxLength=255
474+ QueryLogFile * string `json:"queryLogFile,omitempty"`
475+ // remoteWrite defines the remote write configuration, including URL, authentication,
476+ // and relabeling settings.
477+ // +optional
478+ // +kubebuilder:validation:MaxItems=10
479+ // +listType=atomic
480+ RemoteWrite []RemoteWriteSpec `json:"remoteWrite,omitempty"`
481+ // resources defines resource requests and limits for the Prometheus container.
482+ // +optional
483+ // +kubebuilder:validation:MaxItems=10
484+ // +listType=map
485+ // +listMapKey=name
486+ Resources []ContainerResource `json:"resources,omitempty"`
487+ // retention defines the duration for which Prometheus retains data.
488+ // This definition must be specified using the following regular
489+ // expression pattern: `[0-9]+(ms|s|m|h|d|w|y)` (ms = milliseconds,
490+ // s= seconds,m = minutes, h = hours, d = days, w = weeks, y = years).
491+ // The default value is `15d`.
492+ // +optional
493+ // +kubebuilder:validation:MaxLength=20
494+ Retention * string `json:"retention,omitempty"`
495+ // retentionSize defines the maximum amount of disk space used by data blocks plus the
496+ // write-ahead log (WAL).
497+ // Supported values are `B`, `KB`, `KiB`, `MB`, `MiB`, `GB`, `GiB`, `TB`,
498+ // `TiB`, `PB`, `PiB`, `EB`, and `EiB`.
499+ // By default, no limit is defined.
500+ // +optional
501+ // +kubebuilder:validation:MaxLength=20
502+ RetentionSize * string `json:"retentionSize,omitempty"`
503+ // tolerations defines tolerations for the pods.
504+ // +optional
505+ // +kubebuilder:validation:MaxItems=10
506+ // +kubebuilder:validation:MinItems=1
507+ // +listType=atomic
508+ Tolerations []v1.Toleration `json:"tolerations,omitempty"`
509+ // topologySpreadConstraints defines the pod's topology spread constraints.
510+ // +optional
511+ // +kubebuilder:validation:MaxItems=10
512+ // +kubebuilder:validation:MinItems=1
513+ // +listType=map
514+ // +listMapKey=topologyKey
515+ // +listMapKey=whenUnsatisfiable
516+ TopologySpreadConstraints []v1.TopologySpreadConstraint `json:"topologySpreadConstraints,omitempty"`
517+ // collectionProfile defines the metrics collection profile that Prometheus uses to collect
518+ // metrics from the platform components. Supported values are `full` or
519+ // `minimal`. In the `full` profile (default), Prometheus collects all
520+ // metrics that are exposed by the platform components. In the `minimal`
521+ // profile, Prometheus only collects metrics necessary for the default
522+ // platform alerts, recording rules, telemetry and console dashboards.
523+ // +optional
524+ CollectionProfile CollectionProfile `json:"collectionProfile,omitempty"`
525+ // volumeClaimTemplate defines persistent storage for Prometheus. Use this setting to
526+ // configure the persistent volume claim, including storage class,
527+ // volume size and name.
528+ // +optional
529+ VolumeClaimTemplate * v1.PersistentVolumeClaim `json:"volumeClaimTemplate,omitempty"`
530+ }
531+
532+ // AdditionalAlertmanagerConfig represents configuration for additional Alertmanager instances.
533+ // The `AdditionalAlertmanagerConfig` resource defines settings for how a
534+ // component communicates with additional Alertmanager instances.
535+ type AdditionalAlertmanagerConfig struct {
536+ // apiVersion defines the API version of Alertmanager.
537+ // `v1` is no longer supported, `v2` is set as the default value.
538+ // +required
539+ // +kubebuilder:validation:MaxLength=10
540+ APIVersion * string `json:"apiVersion,omitempty"`
541+ // bearerToken defines the secret key reference containing the bearer token
542+ // to use when authenticating to Alertmanager.
543+ // +optional
544+ BearerToken * v1.SecretKeySelector `json:"bearerToken,omitempty"`
545+ // pathPrefix defines the path prefix to add in front of the push endpoint path.
546+ // +optional
547+ // +kubebuilder:validation:MaxLength=255
548+ PathPrefix * string `json:"pathPrefix,omitempty"`
549+ // scheme defines the URL scheme to use when communicating with Alertmanager
550+ // instances.
551+ // Possible values are `http` or `https`. The default value is `http`.
552+ // +optional
553+ // +kubebuilder:validation:MaxLength=10
554+ Scheme * string `json:"scheme,omitempty"`
555+ // staticConfigs is a list of statically configured Alertmanager endpoints in the form
556+ // of `<hosts>:<port>`.
557+ // +optional
558+ // +kubebuilder:validation:MaxItems=10
559+ // +kubebuilder:validation:items:MaxLength=255
560+ // +listType=set
561+ StaticConfigs []string `json:"staticConfigs,omitempty"`
562+ // timeout defines the timeout value used when sending alerts.
563+ // +optional
564+ // +kubebuilder:validation:MaxLength=20
565+ Timeout * string `json:"timeout,omitempty"`
566+ // tlsConfig defines the TLS settings to use for Alertmanager connections.
567+ // +optional
568+ TLSConfig * TLSConfig `json:"tlsConfig,omitempty"`
569+ }
570+
571+ // ExternalLabels represents labels to be added to time series and alerts.
572+ type ExternalLabels struct {
573+ // labels is a map of label names to label values.
574+ // +required
575+ Labels map [string ]string `json:"labels,omitempty"`
576+ }
577+
578+ // RemoteWriteSpec represents configuration for remote write endpoints.
579+ type RemoteWriteSpec struct {
580+ // url is the URL of the remote write endpoint.
581+ // +required
582+ // +kubebuilder:validation:MaxLength=2048
583+ URL * string `json:"url,omitempty"`
584+ // name is the name of the remote write configuration.
585+ // +optional
586+ // +kubebuilder:validation:MaxLength=63
587+ Name * string `json:"name,omitempty"`
588+ // remoteTimeout is the timeout for requests to the remote write endpoint.
589+ // +optional
590+ // +kubebuilder:validation:MaxLength=20
591+ RemoteTimeout * string `json:"remoteTimeout,omitempty"`
592+ // writeRelabelConfigs is a list of relabeling rules to apply before sending data to the remote endpoint.
593+ // +optional
594+ // +kubebuilder:validation:MaxItems=10
595+ // +listType=atomic
596+ WriteRelabelConfigs []RelabelConfig `json:"writeRelabelConfigs,omitempty"`
597+ }
598+
599+ // RelabelConfig represents a relabeling rule.
600+ type RelabelConfig struct {
601+ // sourceLabels is a list of source label names.
602+ // +optional
603+ // +kubebuilder:validation:MaxItems=10
604+ // +kubebuilder:validation:items:MaxLength=63
605+ // +listType=set
606+ SourceLabels []string `json:"sourceLabels,omitempty"`
607+ // separator is the separator used to join source label values.
608+ // +optional
609+ // +kubebuilder:validation:MaxLength=10
610+ Separator * string `json:"separator,omitempty"`
611+ // regex is the regular expression to match against the concatenated source label values.
612+ // +optional
613+ // +kubebuilder:validation:MaxLength=1000
614+ Regex * string `json:"regex,omitempty"`
615+ // targetLabel is the target label name.
616+ // +optional
617+ // +kubebuilder:validation:MaxLength=63
618+ TargetLabel * string `json:"targetLabel,omitempty"`
619+ // replacement is the replacement value for the target label.
620+ // +optional
621+ // +kubebuilder:validation:MaxLength=255
622+ Replacement * string `json:"replacement,omitempty"`
623+ // action is the action to perform.
624+ // +optional
625+ // +kubebuilder:validation:MaxLength=20
626+ Action * string `json:"action,omitempty"`
627+ }
628+
629+ // TLSConfig represents TLS configuration for Alertmanager connections.
630+ type TLSConfig struct {
631+ // ca is the CA certificate to use for TLS connections.
632+ // +optional
633+ CA * v1.SecretKeySelector `json:"ca,omitempty"`
634+ // cert is the client certificate to use for TLS connections.
635+ // +optional
636+ Cert * v1.SecretKeySelector `json:"cert,omitempty"`
637+ // key is the client key to use for TLS connections.
638+ // +optional
639+ Key * v1.SecretKeySelector `json:"key,omitempty"`
640+ // serverName is the server name to use for TLS connections.
641+ // +optional
642+ // +kubebuilder:validation:MaxLength=253
643+ ServerName * string `json:"serverName,omitempty"`
644+ // insecureSkipVerify determines whether to skip TLS certificate verification.
645+ // +optional
646+ // +kubebuilder:validation:Enum=true;false
647+ InsecureSkipVerify string `json:"insecureSkipVerify,omitempty"`
648+ }
649+
650+ // CollectionProfile defines the metrics collection profile for Prometheus.
651+ // +kubebuilder:validation:Enum=full;minimal
652+ type CollectionProfile string
653+
654+ const (
655+ // CollectionProfileFull means Prometheus collects all metrics that are exposed by the platform components.
656+ CollectionProfileFull CollectionProfile = "full"
657+ // CollectionProfileMinimal means Prometheus only collects metrics necessary for the default
658+ // platform alerts, recording rules, telemetry and console dashboards.
659+ CollectionProfileMinimal CollectionProfile = "minimal"
660+ )
661+
419662// AuditProfile defines the audit log level for the Metrics Server.
420663// +kubebuilder:validation:Enum=None;Metadata;Request;RequestResponse
421664type AuditProfile string
0 commit comments