Red Hat Summit Red Hat SummitSupportKonsoleEntwicklerDemo startenKontakt

Dieser Inhalt ist in der von Ihnen ausgewählten Sprache nicht verfügbar.

Chapter 8. Config map reference for the Cluster Monitoring Operator

8.1. Cluster Monitoring Operator configuration reference
Link kopieren

Parts of OpenShift Container Platform cluster monitoring are configurable. The API is accessible by setting parameters defined in various config maps.

  • To configure monitoring components, edit the 
    ConfigMap
    object named 
    cluster-monitoring-config
    in the 
    openshift-monitoring
    namespace. These configurations are defined by ClusterMonitoringConfiguration.
  • To configure monitoring components that monitor user-defined projects, edit the 
    ConfigMap
    object named 
    user-workload-monitoring-config
    in the 
    openshift-user-workload-monitoring
    namespace. These configurations are defined by UserWorkloadConfiguration.

The configuration file is always defined under the 

config.yaml
key in the config map data.

Important
  • Not all configuration parameters for the monitoring stack are exposed. Only the parameters and fields listed in this reference are supported for configuration. For more information about supported configurations, see
  • Maintenance and support for monitoring
  • Configuring cluster monitoring is optional.
  • If a configuration does not exist or is empty, default values are used.
  • If the configuration is invalid YAML data, the Cluster Monitoring Operator stops reconciling the resources and reports 
    Degraded=True
    in the status conditions of the Operator.

8.2. AdditionalAlertmanagerConfig
Link kopieren

8.2.1. Description
Link kopieren

The 

AdditionalAlertmanagerConfig
resource defines settings for how a component communicates with additional Alertmanager instances.

8.2.2. Required
Link kopieren

  • apiVersion

Appears in: PrometheusK8sConfig, PrometheusRestrictedConfig, ThanosRulerConfig

Expand
PropertyTypeDescription

apiVersion

string

Defines the API version of Alertmanager. Possible values are 

v1
or 
v2
. The default is 
v2
.

bearerToken

*v1.SecretKeySelector

Defines the secret key reference containing the bearer token to use when authenticating to Alertmanager.

pathPrefix

string

Defines the path prefix to add in front of the push endpoint path.

scheme

string

Defines the URL scheme to use when communicating with Alertmanager instances. Possible values are 

http
or 
https
. The default value is 
http
.

staticConfigs

[]string

A list of statically configured Alertmanager endpoints in the form of 

<hosts>:<port>
.

timeout

*string

Defines the timeout value used when sending alerts.

tlsConfig

TLSConfig

Defines the TLS settings to use for Alertmanager connections.

8.3. AlertmanagerMainConfig
Link kopieren

8.3.1. Description
Link kopieren

The 

AlertmanagerMainConfig
resource defines settings for the Alertmanager component in the 
openshift-monitoring
namespace.

Appears in: ClusterMonitoringConfiguration

Expand
PropertyTypeDescription

enabled

*bool

A Boolean flag that enables or disables the main Alertmanager instance in the 

openshift-monitoring
namespace. The default value is 
true
.

enableUserAlertmanagerConfig

bool

A Boolean flag that enables or disables user-defined namespaces to be selected for 

AlertmanagerConfig
lookups. This setting only applies if the user workload monitoring instance of Alertmanager is not enabled. The default value is 
false
.

logLevel

string

Defines the log level setting for Alertmanager. The possible values are: 

error
, 
warn
, 
info
, 
debug
. The default value is 
info
.

nodeSelector

map[string]string

Defines the nodes on which the Pods are scheduled.

resources

*v1.ResourceRequirements

Defines resource requests and limits for the Alertmanager container.

secrets

[]string

Defines a list of secrets to be mounted into Alertmanager. The secrets must reside within the same namespace as the Alertmanager object. They are added as volumes named 

secret-<secret-name>
and mounted at 
/etc/alertmanager/secrets/<secret-name>
in the 
alertmanager
container of the Alertmanager pods.

tolerations

[]v1.Toleration

Defines tolerations for the pods.

topologySpreadConstraints

[]v1.TopologySpreadConstraint

Defines a pod’s topology spread constraints.

volumeClaimTemplate

*monv1.EmbeddedPersistentVolumeClaim

Defines persistent storage for Alertmanager. Use this setting to configure the persistent volume claim, including storage class, volume size, and name.

8.4. AlertmanagerUserWorkloadConfig
Link kopieren

8.4.1. Description
Link kopieren

The 

AlertmanagerUserWorkloadConfig
resource defines the settings for the Alertmanager instance used for user-defined projects.

Appears in: UserWorkloadConfiguration

Expand
PropertyTypeDescription

enabled

bool

A Boolean flag that enables or disables a dedicated instance of Alertmanager for user-defined alerts in the 

openshift-user-workload-monitoring
namespace. The default value is 
false
.

enableAlertmanagerConfig

bool

A Boolean flag to enable or disable user-defined namespaces to be selected for 

AlertmanagerConfig
lookup. The default value is 
false
.

logLevel

string

Defines the log level setting for Alertmanager for user workload monitoring. The possible values are 

error
, 
warn
, 
info
, and 
debug
. The default value is 
info
.

resources

*v1.ResourceRequirements

Defines resource requests and limits for the Alertmanager container.

secrets

[]string

Defines a list of secrets to be mounted into Alertmanager. The secrets must be located within the same namespace as the Alertmanager object. They are added as volumes named 

secret-<secret-name>
and mounted at 
/etc/alertmanager/secrets/<secret-name>
in the 
alertmanager
container of the Alertmanager pods.

nodeSelector

map[string]string

Defines the nodes on which the pods are scheduled.

tolerations

[]v1.Toleration

Defines tolerations for the pods.

topologySpreadConstraints

[]v1.TopologySpreadConstraint

Defines a pod’s topology spread constraints.

volumeClaimTemplate

*monv1.EmbeddedPersistentVolumeClaim

Defines persistent storage for Alertmanager. Use this setting to configure the persistent volume claim, including storage class, volume size and name.

8.5. ClusterMonitoringConfiguration
Link kopieren

8.5.1. Description
Link kopieren

The 

ClusterMonitoringConfiguration
resource defines settings that customize the default platform monitoring stack through the 
cluster-monitoring-config
config map in the 
openshift-monitoring
namespace.

Expand
PropertyTypeDescription

alertmanagerMain

*AlertmanagerMainConfig 

AlertmanagerMainConfig
defines settings for the Alertmanager component in the 
openshift-monitoring
namespace.

enableUserWorkload

*bool 

UserWorkloadEnabled
is a Boolean flag that enables monitoring for user-defined projects.

k8sPrometheusAdapter

*K8sPrometheusAdapter 

K8sPrometheusAdapter
defines settings for the Prometheus Adapter component.

kubeStateMetrics

*KubeStateMetricsConfig 

KubeStateMetricsConfig
defines settings for the 
kube-state-metrics
agent.

prometheusK8s

*PrometheusK8sConfig 

PrometheusK8sConfig
defines settings for the Prometheus component.

prometheusOperator

*PrometheusOperatorConfig 

PrometheusOperatorConfig
defines settings for the Prometheus Operator component.

prometheusOperatorAdmissionWebhook

*PrometheusOperatorAdmissionWebhookConfig 

PrometheusOperatorAdmissionWebhookConfig
defines settings for the admission webhook component of Prometheus Operator.

openshiftStateMetrics

*OpenShiftStateMetricsConfig 

OpenShiftMetricsConfig
defines settings for the 
openshift-state-metrics
agent.

telemeterClient

*TelemeterClientConfig 

TelemeterClientConfig
defines settings for the Telemeter Client component.

thanosQuerier

*ThanosQuerierConfig 

ThanosQuerierConfig
defines settings for the Thanos Querier component.

nodeExporter

NodeExporterConfig 

NodeExporterConfig
defines settings for the 
node-exporter
agent.

monitoringPlugin

*MonitoringPluginConfig 

MonitoringPluginConfig
defines settings for the monitoring 
console-plugin
component.

8.6. DedicatedServiceMonitors
Link kopieren

8.6.1. Description
Link kopieren

You can use the 

DedicatedServiceMonitors
resource to configure dedicated Service Monitors for the Prometheus Adapter

Appears in: K8sPrometheusAdapter

Expand
PropertyTypeDescription

enabled

bool

When 

enabled
is set to 
true
, the Cluster Monitoring Operator (CMO) deploys a dedicated Service Monitor that exposes the kubelet 
/metrics/resource
endpoint. This Service Monitor sets 
honorTimestamps: true
and only keeps metrics that are relevant for the pod resource queries of Prometheus Adapter. Additionally, Prometheus Adapter is configured to use these dedicated metrics. Overall, this feature improves the consistency of Prometheus Adapter-based CPU usage measurements used by, for example, the 
oc adm top pod
command or the Horizontal Pod Autoscaler.

8.7. K8sPrometheusAdapter
Link kopieren

8.7.1. Description
Link kopieren

The 

K8sPrometheusAdapter
resource defines settings for the Prometheus Adapter component.

Appears in: ClusterMonitoringConfiguration

Expand
PropertyTypeDescription

audit

*Audit

Defines the audit configuration used by the Prometheus Adapter instance. Possible profile values are: 

Metadata
, 
Request
, 
RequestResponse
, and 
None
. The default value is 
Metadata
.

nodeSelector

map[string]string

Defines the nodes on which the pods are scheduled.

resources

*v1.ResourceRequirements

Defines resource requests and limits for the 

PrometheusAdapter
container.

tolerations

[]v1.Toleration

Defines tolerations for the pods.

topologySpreadConstraints

[]v1.TopologySpreadConstraint

Defines a pod’s topology spread constraints.

dedicatedServiceMonitors

*DedicatedServiceMonitors

Defines dedicated service monitors.

8.8. KubeStateMetricsConfig
Link kopieren

8.8.1. Description
Link kopieren

The 

KubeStateMetricsConfig
resource defines settings for the 
kube-state-metrics
agent.

Appears in: ClusterMonitoringConfiguration

Expand
PropertyTypeDescription

nodeSelector

map[string]string

Defines the nodes on which the pods are scheduled.

resources

*v1.ResourceRequirements

Defines resource requests and limits for the 

KubeStateMetrics
container.

tolerations

[]v1.Toleration

Defines tolerations for the pods.

topologySpreadConstraints

[]v1.TopologySpreadConstraint

Defines a pod’s topology spread constraints.

8.9. PrometheusOperatorAdmissionWebhookConfig
Link kopieren

8.9.1. Description
Link kopieren

The 

PrometheusOperatorAdmissionWebhookConfig
resource defines settings for the admission webhook workload for Prometheus Operator.

Appears in: ClusterMonitoringConfiguration

Expand
PropertyTypeDescription

resources

*v1.ResourceRequirements

Defines resource requests and limits for the 

prometheus-operator-admission-webhook
container.

topologySpreadConstraints

[]v1.TopologySpreadConstraint

Defines a pod’s topology spread constraints.

8.10. MonitoringPluginConfig
Link kopieren

8.10.1. Description
Link kopieren

The 

MonitoringPluginConfig
resource defines settings for the web console plugin component in the 
openshift-monitoring
namespace.

Appears in: ClusterMonitoringConfiguration

Expand
PropertyTypeDescription

nodeSelector

map[string]string

Defines the nodes on which the pods are scheduled.

resources

*v1.ResourceRequirements

Defines resource requests and limits for the 

console-plugin
container.

tolerations

[]v1.Toleration

Defines tolerations for the pods.

topologySpreadConstraints

[]v1.TopologySpreadConstraint

Defines a pod’s topology spread constraints.

8.11. NodeExporterCollectorBuddyInfoConfig
Link kopieren

8.11.1. Description
Link kopieren

The 

NodeExporterCollectorBuddyInfoConfig
resource works as an on/off switch for the 
buddyinfo
collector of the 
node-exporter
agent. By default, the 
buddyinfo
collector is disabled.

Appears in: NodeExporterCollectorConfig

Expand
PropertyTypeDescription

enabled

bool

A Boolean flag that enables or disables the 

buddyinfo
collector.

8.12. NodeExporterCollectorConfig
Link kopieren

8.12.1. Description
Link kopieren

The 

NodeExporterCollectorConfig
resource defines settings for individual collectors of the 
node-exporter
agent.

Appears in: NodeExporterConfig

Expand
PropertyTypeDescription

cpufreq

NodeExporterCollectorCpufreqConfig

Defines the configuration of the 

cpufreq
collector, which collects CPU frequency statistics. Disabled by default.

tcpstat

NodeExporterCollectorTcpStatConfig

Defines the configuration of the 

tcpstat
collector, which collects TCP connection statistics. Disabled by default.

netdev

NodeExporterCollectorNetDevConfig

Defines the configuration of the 

netdev
collector, which collects network devices statistics. Enabled by default.

netclass

NodeExporterCollectorNetClassConfig

Defines the configuration of the 

netclass
collector, which collects information about network devices. Enabled by default.

buddyinfo

NodeExporterCollectorBuddyInfoConfig

Defines the configuration of the 

buddyinfo
collector, which collects statistics about memory fragmentation from the 
node_buddyinfo_blocks
metric. This metric collects data from 
/proc/buddyinfo
. Disabled by default.

mountstats

NodeExporterCollectorMountStatsConfig

Defines the configuration of the 

mountstats
collector, which collects statistics about NFS volume I/O activities. Disabled by default.

ksmd

NodeExporterCollectorKSMDConfig

Defines the configuration of the 

ksmd
collector, which collects statistics from the kernel same-page merger daemon. Disabled by default.

processes

NodeExporterCollectorProcessesConfig

Defines the configuration of the 

processes
collector, which collects statistics from processes and threads running in the system. Disabled by default.

systemd

NodeExporterCollectorSystemdConfig

Defines the configuration of the 

systemd
collector, which collects statistics on the systemd daemon and its managed services. Disabled by default.

8.13. NodeExporterCollectorCpufreqConfig
Link kopieren

8.13.1. Description
Link kopieren

Use the 

NodeExporterCollectorCpufreqConfig
resource to enable or disable the 
cpufreq
collector of the 
node-exporter
agent. By default, the 
cpufreq
collector is disabled. Under certain circumstances, enabling the 
cpufreq
collector increases CPU usage on machines with many cores. If you enable this collector and have machines with many cores, monitor your systems closely for excessive CPU usage.

Appears in: NodeExporterCollectorConfig

Expand
PropertyTypeDescription

enabled

bool

A Boolean flag that enables or disables the 

cpufreq
collector.

8.14. NodeExporterCollectorKSMDConfig
Link kopieren

8.14.1. Description
Link kopieren

Use the 

NodeExporterCollectorKSMDConfig
resource to enable or disable the 
ksmd
collector of the 
node-exporter
agent. By default, the 
ksmd
collector is disabled.

Appears in: NodeExporterCollectorConfig

Expand
PropertyTypeDescription

enabled

bool

A Boolean flag that enables or disables the 

ksmd
collector.

8.15. NodeExporterCollectorMountStatsConfig
Link kopieren

8.15.1. Description
Link kopieren

Use the 

NodeExporterCollectorMountStatsConfig
resource to enable or disable the 
mountstats
collector of the 
node-exporter
agent. By default, the 
mountstats
collector is disabled. If you enable the collector, the following metrics become available: 
node_mountstats_nfs_read_bytes_total
, 
node_mountstats_nfs_write_bytes_total
, and 
node_mountstats_nfs_operations_requests_total
. Be aware that these metrics can have a high cardinality. If you enable this collector, closely monitor any increases in memory usage for the 
prometheus-k8s
pods.

Appears in: NodeExporterCollectorConfig

Expand
PropertyTypeDescription

enabled

bool

A Boolean flag that enables or disables the 

mountstats
collector.

8.16. NodeExporterCollectorNetClassConfig
Link kopieren

8.16.1. Description
Link kopieren

Use the 

NodeExporterCollectorNetClassConfig
resource to enable or disable the 
netclass
collector of the 
node-exporter
agent. By default, the 
netclass
collector is enabled. If you disable this collector, these metrics become unavailable: 
node_network_info
, 
node_network_address_assign_type
, 
node_network_carrier
, 
node_network_carrier_changes_total
, 
node_network_carrier_up_changes_total
, 
node_network_carrier_down_changes_total
, 
node_network_device_id
, 
node_network_dormant
, 
node_network_flags
, 
node_network_iface_id
, 
node_network_iface_link
, 
node_network_iface_link_mode
, 
node_network_mtu_bytes
, 
node_network_name_assign_type
, 
node_network_net_dev_group
, 
node_network_speed_bytes
, 
node_network_transmit_queue_length
, and 
node_network_protocol_type
.

Appears in: NodeExporterCollectorConfig

Expand
PropertyTypeDescription

enabled

bool

A Boolean flag that enables or disables the 

netclass
collector.

useNetlink

bool

A Boolean flag that activates the 

netlink
implementation of the 
netclass
collector. The default value is 
true
, which activates the 
netlink
mode. This implementation improves the performance of the 
netclass
collector.

8.17. NodeExporterCollectorNetDevConfig
Link kopieren

8.17.1. Description
Link kopieren

Use the 

NodeExporterCollectorNetDevConfig
resource to enable or disable the 
netdev
collector of the 
node-exporter
agent. By default, the 
netdev
collector is enabled. If disabled, these metrics become unavailable: 
node_network_receive_bytes_total
, 
node_network_receive_compressed_total
, 
node_network_receive_drop_total
, 
node_network_receive_errs_total
, 
node_network_receive_fifo_total
, 
node_network_receive_frame_total
, 
node_network_receive_multicast_total
, 
node_network_receive_nohandler_total
, 
node_network_receive_packets_total
, 
node_network_transmit_bytes_total
, 
node_network_transmit_carrier_total
, 
node_network_transmit_colls_total
, 
node_network_transmit_compressed_total
, 
node_network_transmit_drop_total
, 
node_network_transmit_errs_total
, 
node_network_transmit_fifo_total
, and 
node_network_transmit_packets_total
.

Appears in: NodeExporterCollectorConfig

Expand
PropertyTypeDescription

enabled

bool

A Boolean flag that enables or disables the 

netdev
collector.

8.18. NodeExporterCollectorProcessesConfig
Link kopieren

8.18.1. Description
Link kopieren

Use the 

NodeExporterCollectorProcessesConfig
resource to enable or disable the 
processes
collector of the 
node-exporter
agent. If the collector is enabled, the following metrics become available: 
node_processes_max_processes
, 
node_processes_pids
, 
node_processes_state
, 
node_processes_threads
, 
node_processes_threads_state
. The metric 
node_processes_state
and 
node_processes_threads_state
can have up to five series each, depending on the state of the processes and threads. The possible states of a process or a thread are: 
D
(UNINTERRUPTABLE_SLEEP), 
R
(RUNNING & RUNNABLE), 
S
(INTERRUPTABLE_SLEEP), 
T
(STOPPED), or 
Z
(ZOMBIE). By default, the 
processes
collector is disabled.

Appears in: NodeExporterCollectorConfig

Expand
PropertyTypeDescription

enabled

bool

A Boolean flag that enables or disables the 

processes
collector.

8.19. NodeExporterCollectorSystemdConfig
Link kopieren

8.19.1. Description
Link kopieren

Use the 

NodeExporterCollectorSystemdConfig
resource to enable or disable the 
systemd
collector of the 
node-exporter
agent. By default, the 
systemd
collector is disabled. If enabled, the following metrics become available: 
node_systemd_system_running
, 
node_systemd_units
, 
node_systemd_version
. If the unit uses a socket, it also generates the following metrics: 
node_systemd_socket_accepted_connections_total
, 
node_systemd_socket_current_connections
, 
node_systemd_socket_refused_connections_total
. You can use the 
units
parameter to select the 
systemd
units to be included by the 
systemd
collector. The selected units are used to generate the 
node_systemd_unit_state
metric, which shows the state of each 
systemd
unit. However, this metric’s cardinality might be high (at least five series per unit per node). If you enable this collector with a long list of selected units, closely monitor the 
prometheus-k8s
deployment for excessive memory usage. Note that the 
node_systemd_timer_last_trigger_seconds
metric is only shown if you have configured the value of the 
units
parameter as 
logrotate.timer
.

Appears in: NodeExporterCollectorConfig

Expand
PropertyTypeDescription

enabled

bool

A Boolean flag that enables or disables the 

systemd
collector.

units

[]string

A list of regular expression (regex) patterns that match systemd units to be included by the 

systemd
collector. By default, the list is empty, so the collector exposes no metrics for systemd units.

8.20. NodeExporterCollectorTcpStatConfig
Link kopieren

8.20.1. Description
Link kopieren

The 

NodeExporterCollectorTcpStatConfig
resource works as an on/off switch for the 
tcpstat
collector of the 
node-exporter
agent. By default, the 
tcpstat
collector is disabled.

Appears in: NodeExporterCollectorConfig

Expand
PropertyTypeDescription

enabled

bool

A Boolean flag that enables or disables the 

tcpstat
collector.

8.21. NodeExporterConfig
Link kopieren

8.21.1. Description
Link kopieren

The 

NodeExporterConfig
resource defines settings for the 
node-exporter
agent.

Appears in: ClusterMonitoringConfiguration

Expand
PropertyTypeDescription

collectors

NodeExporterCollectorConfig

Defines which collectors are enabled and their additional configuration parameters.

maxProcs

uint32

The target number of CPUs on which the node-exporter’s process will run. The default value is 

0
, which means that node-exporter runs on all CPUs. If a kernel deadlock occurs or if performance degrades when reading from 
sysfs
concurrently, you can change this value to 
1
, which limits node-exporter to running on one CPU. For nodes with a high CPU count, you can set the limit to a low number, which saves resources by preventing Go routines from being scheduled to run on all CPUs. However, I/O performance degrades if the 
maxProcs
value is set too low and there are many metrics to collect.

ignoredNetworkDevices

*[]string

A list of network devices, defined as regular expressions, that you want to exclude from the relevant collector configuration such as 

netdev
and 
netclass
. If no list is specified, the Cluster Monitoring Operator uses a predefined list of devices to be excluded to minimize the impact on memory usage. If the list is empty, no devices are excluded. If you modify this setting, monitor the 
prometheus-k8s
deployment closely for excessive memory usage.

resources

*v1.ResourceRequirements

Defines resource requests and limits for the 

NodeExporter
container.

8.22. OpenShiftStateMetricsConfig
Link kopieren

8.22.1. Description
Link kopieren

The 

OpenShiftStateMetricsConfig
resource defines settings for the 
openshift-state-metrics
agent.

Appears in: ClusterMonitoringConfiguration

Expand
PropertyTypeDescription

nodeSelector

map[string]string

Defines the nodes on which the pods are scheduled.

resources

*v1.ResourceRequirements

Defines resource requests and limits for the 

OpenShiftStateMetrics
container.

tolerations

[]v1.Toleration

Defines tolerations for the pods.

topologySpreadConstraints

[]v1.TopologySpreadConstraint

Defines the pod’s topology spread constraints.

8.23. PrometheusK8sConfig
Link kopieren

8.23.1. Description
Link kopieren

The 

PrometheusK8sConfig
resource defines settings for the Prometheus component.

Appears in: ClusterMonitoringConfiguration

Expand
PropertyTypeDescription

additionalAlertmanagerConfigs

[]AdditionalAlertmanagerConfig

Configures additional Alertmanager instances that receive alerts from the Prometheus component. By default, no additional Alertmanager instances are configured.

enforcedBodySizeLimit

string

Enforces a body size limit for Prometheus scraped metrics. If a scraped target’s body response is larger than the limit, the scrape will fail. The following values are valid: an empty value to specify no limit, a numeric value in Prometheus size format (such as 

64MB
), or the string 
automatic
, which indicates that the limit will be automatically calculated based on cluster capacity. The default value is empty, which indicates no limit.

externalLabels

map[string]string

Defines labels to be added to any time series or alerts when communicating with external systems such as federation, remote storage, and Alertmanager. By default, no labels are added.

logLevel

string

Defines the log level setting for Prometheus. The possible values are: 

error
, 
warn
, 
info
, and 
debug
. The default value is 
info
.

nodeSelector

map[string]string

Defines the nodes on which the pods are scheduled.

queryLogFile

string

Specifies the file to which PromQL queries are logged. This setting can be either a filename, in which case the queries are saved to an 

emptyDir
volume at 
/var/log/prometheus
, or a full path to a location where an 
emptyDir
volume will be mounted and the queries saved. Writing to 
/dev/stderr
, 
/dev/stdout
or 
/dev/null
is supported, but writing to any other 
/dev/
path is not supported. Relative paths are also not supported. By default, PromQL queries are not logged.

remoteWrite

[]RemoteWriteSpec

Defines the remote write configuration, including URL, authentication, and relabeling settings.

resources

*v1.ResourceRequirements

Defines resource requests and limits for the 

Prometheus
container.

retention

string

Defines the duration for which Prometheus retains data. This definition must be specified using the following regular expression pattern: 

[0-9]+(ms|s|m|h|d|w|y)
(ms = milliseconds, s= seconds,m = minutes, h = hours, d = days, w = weeks, y = years). The default value is 
15d
.

retentionSize

string

Defines the maximum amount of disk space used by data blocks plus the write-ahead log (WAL). Supported values are 

B
, 
KB
, 
KiB
, 
MB
, 
MiB
, 
GB
, 
GiB
, 
TB
, 
TiB
, 
PB
, 
PiB
, 
EB
, and 
EiB
. By default, no limit is defined.

tolerations

[]v1.Toleration

Defines tolerations for the pods.

topologySpreadConstraints

[]v1.TopologySpreadConstraint

Defines the pod’s topology spread constraints.

collectionProfile

CollectionProfile

Defines the metrics collection profile that Prometheus uses to collect metrics from the platform components. Supported values are 

full
or 
minimal
. In the 
full
profile (default), Prometheus collects all metrics that are exposed by the platform components. In the 
minimal
profile, Prometheus only collects metrics necessary for the default platform alerts, recording rules, telemetry, and console dashboards.

volumeClaimTemplate

*monv1.EmbeddedPersistentVolumeClaim

Defines persistent storage for Prometheus. Use this setting to configure the persistent volume claim, including storage class, volume size and name.

8.24. PrometheusOperatorConfig
Link kopieren

8.24.1. Description
Link kopieren

The 

PrometheusOperatorConfig
resource defines settings for the Prometheus Operator component.

Appears in: ClusterMonitoringConfiguration, UserWorkloadConfiguration

Expand
PropertyTypeDescription

logLevel

string

Defines the log level settings for Prometheus Operator. The possible values are 

error
, 
warn
, 
info
, and 
debug
. The default value is 
info
.

nodeSelector

map[string]string

Defines the nodes on which the pods are scheduled.

resources

*v1.ResourceRequirements

Defines resource requests and limits for the 

PrometheusOperator
container.

tolerations

[]v1.Toleration

Defines tolerations for the pods.

topologySpreadConstraints

[]v1.TopologySpreadConstraint

Defines the pod’s topology spread constraints.

8.25. PrometheusRestrictedConfig
Link kopieren

8.25.1. Description
Link kopieren

The 

PrometheusRestrictedConfig
resource defines the settings for the Prometheus component that monitors user-defined projects.

Appears in: UserWorkloadConfiguration

Expand
PropertyTypeDescription

additionalAlertmanagerConfigs

[]AdditionalAlertmanagerConfig

Configures additional Alertmanager instances that receive alerts from the Prometheus component. By default, no additional Alertmanager instances are configured.

enforcedLabelLimit

*uint64

Specifies a per-scrape limit on the number of labels accepted for a sample. If the number of labels exceeds this limit after metric relabeling, the entire scrape is treated as failed. The default value is 

0
, which means that no limit is set.

enforcedLabelNameLengthLimit

*uint64

Specifies a per-scrape limit on the length of a label name for a sample. If the length of a label name exceeds this limit after metric relabeling, the entire scrape is treated as failed. The default value is 

0
, which means that no limit is set.

enforcedLabelValueLengthLimit

*uint64

Specifies a per-scrape limit on the length of a label value for a sample. If the length of a label value exceeds this limit after metric relabeling, the entire scrape is treated as failed. The default value is 

0
, which means that no limit is set.

enforcedSampleLimit

*uint64

Specifies a global limit on the number of scraped samples that will be accepted. This setting overrides the 

SampleLimit
value set in any user-defined 
ServiceMonitor
or 
PodMonitor
object if the value is greater than 
enforcedTargetLimit
. Administrators can use this setting to keep the overall number of samples under control. The default value is 
0
, which means that no limit is set.

enforcedTargetLimit

*uint64

Specifies a global limit on the number of scraped targets. This setting overrides the 

TargetLimit
value set in any user-defined 
ServiceMonitor
or 
PodMonitor
object if the value is greater than 
enforcedSampleLimit
. Administrators can use this setting to keep the overall number of targets under control. The default value is 
0
.

externalLabels

map[string]string

Defines labels to be added to any time series or alerts when communicating with external systems such as federation, remote storage, and Alertmanager. By default, no labels are added.

logLevel

string

Defines the log level setting for Prometheus. The possible values are 

error
, 
warn
, 
info
, and 
debug
. The default setting is 
info
.

nodeSelector

map[string]string

Defines the nodes on which the pods are scheduled.

queryLogFile

string

Specifies the file to which PromQL queries are logged. This setting can be either a filename, in which case the queries are saved to an 

emptyDir
volume at 
/var/log/prometheus
, or a full path to a location where an 
emptyDir
volume will be mounted and the queries saved. Writing to 
/dev/stderr
, 
/dev/stdout
or 
/dev/null
is supported, but writing to any other 
/dev/
path is not supported. Relative paths are also not supported. By default, PromQL queries are not logged.

remoteWrite

[]RemoteWriteSpec

Defines the remote write configuration, including URL, authentication, and relabeling settings.

resources

*v1.ResourceRequirements

Defines resource requests and limits for the Prometheus container.

retention

string

Defines the duration for which Prometheus retains data. This definition must be specified using the following regular expression pattern: 

[0-9]+(ms|s|m|h|d|w|y)
(ms = milliseconds, s= seconds,m = minutes, h = hours, d = days, w = weeks, y = years). The default value is 
15d
.

retentionSize

string

Defines the maximum amount of disk space used by data blocks plus the write-ahead log (WAL). Supported values are 

B
, 
KB
, 
KiB
, 
MB
, 
MiB
, 
GB
, 
GiB
, 
TB
, 
TiB
, 
PB
, 
PiB
, 
EB
, and 
EiB
. The default value is 
nil
.

tolerations

[]v1.Toleration

Defines tolerations for the pods.

topologySpreadConstraints

[]v1.TopologySpreadConstraint

Defines the pod’s topology spread constraints.

volumeClaimTemplate

*monv1.EmbeddedPersistentVolumeClaim

Defines persistent storage for Prometheus. Use this setting to configure the storage class and size of a volume.

8.26. RemoteWriteSpec
Link kopieren

8.26.1. Description
Link kopieren

The 

RemoteWriteSpec
resource defines the settings for remote write storage.

8.26.2. Required
Link kopieren

  • url

Appears in: PrometheusK8sConfig, PrometheusRestrictedConfig

Expand
PropertyTypeDescription

authorization

*monv1.SafeAuthorization

Defines the authorization settings for remote write storage.

basicAuth

*monv1.BasicAuth

Defines Basic authentication settings for the remote write endpoint URL.

bearerTokenFile

string

Defines the file that contains the bearer token for the remote write endpoint. However, because you cannot mount secrets in a pod, in practice you can only reference the token of the service account.

headers

map[string]string

Specifies the custom HTTP headers to be sent along with each remote write request. Headers set by Prometheus cannot be overwritten.

metadataConfig

*monv1.MetadataConfig

Defines settings for sending series metadata to remote write storage.

name

string

Defines the name of the remote write queue. This name is used in metrics and logging to differentiate queues. If specified, this name must be unique.

oauth2

*monv1.OAuth2

Defines OAuth2 authentication settings for the remote write endpoint.

proxyUrl

string

Defines an optional proxy URL. It is superseded by the cluster-wide proxy, if enabled.

queueConfig

*monv1.QueueConfig

Allows tuning configuration for remote write queue parameters.

remoteTimeout

string

Defines the timeout value for requests to the remote write endpoint.

sigv4

*monv1.Sigv4

Defines AWS Signature Version 4 authentication settings.

tlsConfig

*monv1.SafeTLSConfig

Defines TLS authentication settings for the remote write endpoint.

url

string

Defines the URL of the remote write endpoint to which samples will be sent.

writeRelabelConfigs

[]monv1.RelabelConfig

Defines the list of remote write relabel configurations.

8.27. TLSConfig
Link kopieren

8.27.1. Description
Link kopieren

The 

TLSConfig
resource configures the settings for TLS connections.

8.27.2. Required
Link kopieren

  • insecureSkipVerify

Appears in: AdditionalAlertmanagerConfig

Expand
PropertyTypeDescription

ca

*v1.SecretKeySelector

Defines the secret key reference containing the Certificate Authority (CA) to use for the remote host.

cert

*v1.SecretKeySelector

Defines the secret key reference containing the public certificate to use for the remote host.

key

*v1.SecretKeySelector

Defines the secret key reference containing the private key to use for the remote host.

serverName

string

Used to verify the hostname on the returned certificate.

insecureSkipVerify

bool

When set to 

true
, disables the verification of the remote host’s certificate and name.

8.28. TelemeterClientConfig
Link kopieren

8.28.1. Description
Link kopieren

TelemeterClientConfig
defines settings for the Telemeter Client component.

8.28.2. Required
Link kopieren

  • nodeSelector
     
  • tolerations

Appears in: ClusterMonitoringConfiguration

Expand
PropertyTypeDescription

nodeSelector

map[string]string

Defines the nodes on which the pods are scheduled.

resources

*v1.ResourceRequirements

Defines resource requests and limits for the 

TelemeterClient
container.

tolerations

[]v1.Toleration

Defines tolerations for the pods.

topologySpreadConstraints

[]v1.TopologySpreadConstraint

Defines the pod’s topology spread constraints.

8.29. ThanosQuerierConfig
Link kopieren

8.29.1. Description
Link kopieren

The 

ThanosQuerierConfig
resource defines settings for the Thanos Querier component.

Appears in: ClusterMonitoringConfiguration

Expand
PropertyTypeDescription

enableRequestLogging

bool

A Boolean flag that enables or disables request logging. The default value is 

false
.

logLevel

string

Defines the log level setting for Thanos Querier. The possible values are 

error
, 
warn
, 
info
, and 
debug
. The default value is 
info
.

enableCORS

bool

A Boolean flag that enables setting CORS headers. The headers allow access from any origin. The default value is 

false
.

nodeSelector

map[string]string

Defines the nodes on which the pods are scheduled.

resources

*v1.ResourceRequirements

Defines resource requests and limits for the Thanos Querier container.

tolerations

[]v1.Toleration

Defines tolerations for the pods.

topologySpreadConstraints

[]v1.TopologySpreadConstraint

Defines the pod’s topology spread constraints.

8.30. ThanosRulerConfig
Link kopieren

8.30.1. Description
Link kopieren

The 

ThanosRulerConfig
resource defines configuration for the Thanos Ruler instance for user-defined projects.

Appears in: UserWorkloadConfiguration

Expand
PropertyTypeDescription

additionalAlertmanagerConfigs

[]AdditionalAlertmanagerConfig

Configures how the Thanos Ruler component communicates with additional Alertmanager instances. The default value is 

nil
.

logLevel

string

Defines the log level setting for Thanos Ruler. The possible values are 

error
, 
warn
, 
info
, and 
debug
. The default value is 
info
.

nodeSelector

map[string]string

Defines the nodes on which the Pods are scheduled.

resources

*v1.ResourceRequirements

Defines resource requests and limits for the Alertmanager container.

retention

string

Defines the duration for which Prometheus retains data. This definition must be specified using the following regular expression pattern: 

[0-9]+(ms|s|m|h|d|w|y)
(ms = milliseconds, s= seconds,m = minutes, h = hours, d = days, w = weeks, y = years). The default value is 
15d
.

tolerations

[]v1.Toleration

Defines tolerations for the pods.

topologySpreadConstraints

[]v1.TopologySpreadConstraint

Defines the pod’s topology spread constraints.

volumeClaimTemplate

*monv1.EmbeddedPersistentVolumeClaim

Defines persistent storage for Thanos Ruler. Use this setting to configure the storage class and size of a volume.

8.31. UserWorkloadConfiguration
Link kopieren

8.31.1. Description
Link kopieren

The 

UserWorkloadConfiguration
resource defines the settings responsible for user-defined projects in the 
user-workload-monitoring-config
config map in the 
openshift-user-workload-monitoring
namespace. You can only enable 
UserWorkloadConfiguration
after you have set 
enableUserWorkload
to 
true
in the 
cluster-monitoring-config
config map under the 
openshift-monitoring
namespace.

Expand
PropertyTypeDescription

alertmanager

*AlertmanagerUserWorkloadConfig

Defines the settings for the Alertmanager component in user workload monitoring.

prometheus

*PrometheusRestrictedConfig

Defines the settings for the Prometheus component in user workload monitoring.

prometheusOperator

*PrometheusOperatorConfig

Defines the settings for the Prometheus Operator component in user workload monitoring.

thanosRuler

*ThanosRulerConfig

Defines the settings for the Thanos Ruler component in user workload monitoring.

Red Hat logoGithubredditYoutubeTwitter

Lernen

Testen, kaufen und verkaufen

Communitys

Über Red Hat Dokumentation

Wir helfen Red Hat Benutzern, mit unseren Produkten und Diensten innovativ zu sein und ihre Ziele zu erreichen – mit Inhalten, denen sie vertrauen können. Entdecken Sie unsere neuesten Updates.

Mehr Inklusion in Open Source

Red Hat hat sich verpflichtet, problematische Sprache in unserem Code, unserer Dokumentation und unseren Web-Eigenschaften zu ersetzen. Weitere Einzelheiten finden Sie in Red Hat Blog.

Über Red Hat

Wir liefern gehärtete Lösungen, die es Unternehmen leichter machen, plattform- und umgebungsübergreifend zu arbeiten, vom zentralen Rechenzentrum bis zum Netzwerkrand.

Theme

© 2026 Red HatNach oben