Red Hat SummitDieser Inhalt ist in der von Ihnen ausgewählten Sprache nicht verfügbar.
Chapter 15. Config map reference for the Cluster Monitoring Operator
15.1. Cluster Monitoring Operator configuration reference
Parts of OpenShift Container Platform cluster monitoring are configurable. The API is accessible by setting parameters defined in various config maps.
-
To configure monitoring components, edit the object named
ConfigMapin thecluster-monitoring-confignamespace. These configurations are defined by ClusterMonitoringConfiguration.openshift-monitoring -
To configure monitoring components that monitor user-defined projects, edit the object named
ConfigMapin theuser-workload-monitoring-confignamespace. These configurations are defined by UserWorkloadConfiguration.openshift-user-workload-monitoring
The configuration file is always defined under the
config.yaml- Not all configuration parameters for the monitoring stack are exposed. Only the parameters and fields listed in this reference are supported for configuration. For more information about supported configurations, see Maintenance and support for monitoring.
- Configuring cluster monitoring is optional.
- If a configuration does not exist or is empty, default values are used.
-
If the configuration is invalid YAML data, the Cluster Monitoring Operator stops reconciling the resources and reports in the status conditions of the Operator.
Degraded=True
15.2. AdditionalAlertmanagerConfig
15.2.1. Description
The
AdditionalAlertmanagerConfig15.2.2. Required
-
apiVersion
Appears in: PrometheusK8sConfig, PrometheusRestrictedConfig, ThanosRulerConfig
| Property | Type | Description |
|---|---|---|
| apiVersion | string | Defines the API version of Alertmanager. Possible values are |
| bearerToken | *v1.SecretKeySelector | Defines the secret key reference containing the bearer token to use when authenticating to Alertmanager. |
| pathPrefix | string | Defines the path prefix to add in front of the push endpoint path. |
| scheme | string | Defines the URL scheme to use when communicating with Alertmanager instances. Possible values are |
| staticConfigs | []string | A list of statically configured Alertmanager endpoints in the form of |
| timeout | *string | Defines the timeout value used when sending alerts. |
| tlsConfig | Defines the TLS settings to use for Alertmanager connections. |
15.3. AlertmanagerMainConfig
15.3.1. Description
The
AlertmanagerMainConfigopenshift-monitoringAppears in: ClusterMonitoringConfiguration
| Property | Type | Description |
|---|---|---|
| enabled | *bool | A Boolean flag that enables or disables the main Alertmanager instance in the |
| enableUserAlertmanagerConfig | bool | A Boolean flag that enables or disables user-defined namespaces to be selected for |
| logLevel | string | Defines the log level setting for Alertmanager. The possible values are: |
| nodeSelector | map[string]string | Defines the nodes on which the Pods are scheduled. |
| resources | *v1.ResourceRequirements | Defines resource requests and limits for the Alertmanager container. |
| tolerations | []v1.Toleration | Defines tolerations for the pods. |
| topologySpreadConstraints | []v1.TopologySpreadConstraint | Defines a pod’s topology spread constraints. |
| volumeClaimTemplate | *monv1.EmbeddedPersistentVolumeClaim | Defines persistent storage for Alertmanager. Use this setting to configure the persistent volume claim, including storage class, volume size, and name. |
15.4. AlertmanagerUserWorkloadConfig
15.4.1. Description
The
AlertmanagerUserWorkloadConfigAppears in: UserWorkloadConfiguration
| Property | Type | Description |
|---|---|---|
| enabled | bool | A Boolean flag that enables or disables a dedicated instance of Alertmanager for user-defined alerts in the |
| enableAlertmanagerConfig | bool | A Boolean flag to enable or disable user-defined namespaces to be selected for |
| logLevel | string | Defines the log level setting for Alertmanager for user workload monitoring. The possible values are |
| resources | *v1.ResourceRequirements | Defines resource requests and limits for the Alertmanager container. |
| nodeSelector | map[string]string | Defines the nodes on which the pods are scheduled. |
| tolerations | []v1.Toleration | Defines tolerations for the pods. |
| volumeClaimTemplate | *monv1.EmbeddedPersistentVolumeClaim | Defines persistent storage for Alertmanager. Use this setting to configure the persistent volume claim, including storage class, volume size and name. |
15.5. ClusterMonitoringConfiguration
15.5.1. Description
The
ClusterMonitoringConfigurationcluster-monitoring-configopenshift-monitoring| Property | Type | Description |
|---|---|---|
| alertmanagerMain |
| |
| enableUserWorkload | *bool |
|
| k8sPrometheusAdapter |
| |
| kubeStateMetrics |
| |
| prometheusK8s |
| |
| prometheusOperator |
| |
| openshiftStateMetrics |
| |
| telemeterClient |
| |
| thanosQuerier |
|
15.6. DedicatedServiceMonitors
15.6.1. Description
You can use the
DedicatedServiceMonitorsAppears in: K8sPrometheusAdapter
| Property | Type | Description |
|---|---|---|
| enabled | bool | When |
15.7. K8sPrometheusAdapter
15.7.1. Description
The
K8sPrometheusAdapterAppears in: ClusterMonitoringConfiguration
| Property | Type | Description |
|---|---|---|
| audit | *Audit | Defines the audit configuration used by the Prometheus Adapter instance. Possible profile values are: |
| nodeSelector | map[string]string | Defines the nodes on which the pods are scheduled. |
| tolerations | []v1.Toleration | Defines tolerations for the pods. |
| dedicatedServiceMonitors | Defines dedicated service monitors. |
15.8. KubeStateMetricsConfig
15.8.1. Description
The
KubeStateMetricsConfigkube-state-metricsAppears in: ClusterMonitoringConfiguration
| Property | Type | Description |
|---|---|---|
| nodeSelector | map[string]string | Defines the nodes on which the pods are scheduled. |
| tolerations | []v1.Toleration | Defines tolerations for the pods. |
15.9. OpenShiftStateMetricsConfig
15.9.1. Description
The
OpenShiftStateMetricsConfigopenshift-state-metricsAppears in: ClusterMonitoringConfiguration
| Property | Type | Description |
|---|---|---|
| nodeSelector | map[string]string | Defines the nodes on which the pods are scheduled. |
| tolerations | []v1.Toleration | Defines tolerations for the pods. |
15.10. PrometheusK8sConfig
15.10.1. Description
The
PrometheusK8sConfigAppears in: ClusterMonitoringConfiguration
| Property | Type | Description |
|---|---|---|
| additionalAlertmanagerConfigs | Configures additional Alertmanager instances that receive alerts from the Prometheus component. By default, no additional Alertmanager instances are configured. | |
| enforcedBodySizeLimit | string | Enforces a body size limit for Prometheus scraped metrics. If a scraped target’s body response is larger than the limit, the scrape will fail. The following values are valid: an empty value to specify no limit, a numeric value in Prometheus size format (such as |
| externalLabels | map[string]string | Defines labels to be added to any time series or alerts when communicating with external systems such as federation, remote storage, and Alertmanager. By default, no labels are added. |
| logLevel | string | Defines the log level setting for Prometheus. The possible values are: |
| nodeSelector | map[string]string | Defines the nodes on which the pods are scheduled. |
| queryLogFile | string | Specifies the file to which PromQL queries are logged. This setting can be either a filename, in which case the queries are saved to an |
| remoteWrite | Defines the remote write configuration, including URL, authentication, and relabeling settings. | |
| resources | *v1.ResourceRequirements | Defines resource requests and limits for the Prometheus container. |
| retention | string | Defines the duration for which Prometheus retains data. This definition must be specified using the following regular expression pattern: |
| retentionSize | string | Defines the maximum amount of disk space used by data blocks plus the write-ahead log (WAL). Supported values are |
| tolerations | []v1.Toleration | Defines tolerations for the pods. |
| topologySpreadConstraints | []v1.TopologySpreadConstraint | Defines the pod’s topology spread constraints. |
| volumeClaimTemplate | *monv1.EmbeddedPersistentVolumeClaim | Defines persistent storage for Prometheus. Use this setting to configure the persistent volume claim, including storage class, volume size and name. |
15.11. PrometheusOperatorConfig
15.11.1. Description
The
PrometheusOperatorConfigAppears in: ClusterMonitoringConfiguration, UserWorkloadConfiguration
| Property | Type | Description |
|---|---|---|
| logLevel | string | Defines the log level settings for Prometheus Operator. The possible values are |
| nodeSelector | map[string]string | Defines the nodes on which the pods are scheduled. |
| tolerations | []v1.Toleration | Defines tolerations for the pods. |
15.12. PrometheusRestrictedConfig
15.12.1. Description
The
PrometheusRestrictedConfigAppears in: UserWorkloadConfiguration
| Property | Type | Description |
|---|---|---|
| additionalAlertmanagerConfigs | Configures additional Alertmanager instances that receive alerts from the Prometheus component. By default, no additional Alertmanager instances are configured. | |
| enforcedLabelLimit | *uint64 | Specifies a per-scrape limit on the number of labels accepted for a sample. If the number of labels exceeds this limit after metric relabeling, the entire scrape is treated as failed. The default value is |
| enforcedLabelNameLengthLimit | *uint64 | Specifies a per-scrape limit on the length of a label name for a sample. If the length of a label name exceeds this limit after metric relabeling, the entire scrape is treated as failed. The default value is |
| enforcedLabelValueLengthLimit | *uint64 | Specifies a per-scrape limit on the length of a label value for a sample. If the length of a label value exceeds this limit after metric relabeling, the entire scrape is treated as failed. The default value is |
| enforcedSampleLimit | *uint64 | Specifies a global limit on the number of scraped samples that will be accepted. This setting overrides the |
| enforcedTargetLimit | *uint64 | Specifies a global limit on the number of scraped targets. This setting overrides the |
| externalLabels | map[string]string | Defines labels to be added to any time series or alerts when communicating with external systems such as federation, remote storage, and Alertmanager. By default, no labels are added. |
| logLevel | string | Defines the log level setting for Prometheus. The possible values are |
| nodeSelector | map[string]string | Defines the nodes on which the pods are scheduled. |
| queryLogFile | string | Specifies the file to which PromQL queries are logged. This setting can be either a filename, in which case the queries are saved to an |
| remoteWrite | Defines the remote write configuration, including URL, authentication, and relabeling settings. | |
| resources | *v1.ResourceRequirements | Defines resource requests and limits for the Prometheus container. |
| retention | string | Defines the duration for which Prometheus retains data. This definition must be specified using the following regular expression pattern: |
| retentionSize | string | Defines the maximum amount of disk space used by data blocks plus the write-ahead log (WAL). Supported values are |
| tolerations | []v1.Toleration | Defines tolerations for the pods. |
| volumeClaimTemplate | *monv1.EmbeddedPersistentVolumeClaim | Defines persistent storage for Prometheus. Use this setting to configure the storage class and size of a volume. |
15.13. RemoteWriteSpec
15.13.1. Description
The
RemoteWriteSpec15.13.2. Required
-
url
Appears in: PrometheusK8sConfig, PrometheusRestrictedConfig
| Property | Type | Description |
|---|---|---|
| authorization | *monv1.SafeAuthorization | Defines the authorization settings for remote write storage. |
| basicAuth | *monv1.BasicAuth | Defines basic authentication settings for the remote write endpoint URL. |
| bearerTokenFile | string | Defines the file that contains the bearer token for the remote write endpoint. However, because you cannot mount secrets in a pod, in practice you can only reference the token of the service account. |
| headers | map[string]string | Specifies the custom HTTP headers to be sent along with each remote write request. Headers set by Prometheus cannot be overwritten. |
| metadataConfig | *monv1.MetadataConfig | Defines settings for sending series metadata to remote write storage. |
| name | string | Defines the name of the remote write queue. This name is used in metrics and logging to differentiate queues. If specified, this name must be unique. |
| oauth2 | *monv1.OAuth2 | Defines OAuth2 authentication settings for the remote write endpoint. |
| proxyUrl | string | Defines an optional proxy URL. |
| queueConfig | *monv1.QueueConfig | Allows tuning configuration for remote write queue parameters. |
| remoteTimeout | string | Defines the timeout value for requests to the remote write endpoint. |
| sigv4 | *monv1.Sigv4 | Defines AWS Signature Version 4 authentication settings. |
| tlsConfig | *monv1.SafeTLSConfig | Defines TLS authentication settings for the remote write endpoint. |
| url | string | Defines the URL of the remote write endpoint to which samples will be sent. |
| writeRelabelConfigs | []monv1.RelabelConfig | Defines the list of remote write relabel configurations. |
15.14. TelemeterClientConfig
15.14.1. Description
The
TelemeterClientConfigtelemeter-client15.14.2. Required
-
nodeSelector -
tolerations
Appears in: ClusterMonitoringConfiguration
| Property | Type | Description |
|---|---|---|
| nodeSelector | map[string]string | Defines the nodes on which the pods are scheduled. |
| tolerations | []v1.Toleration | Defines tolerations for the pods. |
15.15. ThanosQuerierConfig
15.15.1. Description
The
ThanosQuerierConfigAppears in: ClusterMonitoringConfiguration
| Property | Type | Description |
|---|---|---|
| enableRequestLogging | bool | A Boolean flag that enables or disables request logging. The default value is |
| logLevel | string | Defines the log level setting for Thanos Querier. The possible values are |
| nodeSelector | map[string]string | Defines the nodes on which the pods are scheduled. |
| resources | *v1.ResourceRequirements | Defines resource requests and limits for the Thanos Querier container. |
| tolerations | []v1.Toleration | Defines tolerations for the pods. |
15.16. ThanosRulerConfig
15.16.1. Description
The
ThanosRulerConfigAppears in: UserWorkloadConfiguration
| Property | Type | Description |
|---|---|---|
| additionalAlertmanagerConfigs | Configures how the Thanos Ruler component communicates with additional Alertmanager instances. The default value is | |
| logLevel | string | Defines the log level setting for Thanos Ruler. The possible values are |
| nodeSelector | map[string]string | Defines the nodes on which the Pods are scheduled. |
| resources | *v1.ResourceRequirements | Defines resource requests and limits for the Thanos Ruler container. |
| retention | string | Defines the duration for which Prometheus retains data. This definition must be specified using the following regular expression pattern: |
| tolerations | []v1.Toleration | Defines tolerations for the pods. |
| topologySpreadConstraints | []v1.TopologySpreadConstraint | Defines topology spread constraints for the pods. |
| volumeClaimTemplate | *monv1.EmbeddedPersistentVolumeClaim | Defines persistent storage for Thanos Ruler. Use this setting to configure the storage class and size of a volume. |
15.17. TLSConfig
15.17.1. Description
The
TLSConfig15.17.2. Required
-
insecureSkipVerify
Appears in: AdditionalAlertmanagerConfig
| Property | Type | Description |
|---|---|---|
| ca | *v1.SecretKeySelector | Defines the secret key reference containing the Certificate Authority (CA) to use for the remote host. |
| cert | *v1.SecretKeySelector | Defines the secret key reference containing the public certificate to use for the remote host. |
| key | *v1.SecretKeySelector | Defines the secret key reference containing the private key to use for the remote host. |
| serverName | string | Used to verify the hostname on the returned certificate. |
| insecureSkipVerify | bool | When set to |
15.18. UserWorkloadConfiguration
15.18.1. Description
The
UserWorkloadConfigurationuser-workload-monitoring-configopenshift-user-workload-monitoringUserWorkloadConfigurationenableUserWorkloadtruecluster-monitoring-configopenshift-monitoring| Property | Type | Description |
|---|---|---|
| alertmanager | Defines the settings for the Alertmanager component in user workload monitoring. | |
| prometheus | Defines the settings for the Prometheus component in user workload monitoring. | |
| prometheusOperator | Defines the settings for the Prometheus Operator component in user workload monitoring. | |
| thanosRuler | Defines the settings for the Thanos Ruler component in user workload monitoring. |
'%20d='M201.5%20305.5c-13.8%200-24.9-11.1-24.9-24.6%200-13.8%2011.1-24.9%2024.9-24.9%2013.6%200%2024.6%2011.1%2024.6%2024.9%200%2013.6-11.1%2024.6-24.6%2024.6zM504%20256c0%20137-111%20248-248%20248S8%20393%208%20256%20119%208%20256%208s248%20111%20248%20248zm-132.3-41.2c-9.4%200-17.7%203.9-23.8%2010-22.4-15.5-52.6-25.5-86.1-26.6l17.4-78.3%2055.4%2012.5c0%2013.6%2011.1%2024.6%2024.6%2024.6%2013.8%200%2024.9-11.3%2024.9-24.9s-11.1-24.9-24.9-24.9c-9.7%200-18%205.8-22.1%2013.8l-61.2-13.6c-3-.8-6.1%201.4-6.9%204.4l-19.1%2086.4c-33.2%201.4-63.1%2011.3-85.5%2026.8-6.1-6.4-14.7-10.2-24.1-10.2-34.9%200-46.3%2046.9-14.4%2062.8-1.1%205-1.7%2010.2-1.7%2015.5%200%2052.6%2059.2%2095.2%20132%2095.2%2073.1%200%20132.3-42.6%20132.3-95.2%200-5.3-.6-10.8-1.9-15.8%2031.3-16%2019.8-62.5-14.9-62.5zM302.8%20331c-18.2%2018.2-76.1%2017.9-93.6%200-2.2-2.2-6.1-2.2-8.3%200-2.5%202.5-2.5%206.4%200%208.6%2022.8%2022.8%2087.3%2022.8%20110.2%200%202.5-2.2%202.5-6.1%200-8.6-2.2-2.2-6.1-2.2-8.3%200zm7.7-75c-13.6%200-24.6%2011.1-24.6%2024.9%200%2013.6%2011.1%2024.6%2024.6%2024.6%2013.8%200%2024.9-11.1%2024.9-24.6%200-13.8-11-24.9-24.9-24.9z'/%3e%3c/svg%3e){kind=small}