Monitoring APIs

additionalPeers

array (string)

AdditionalPeers allows injecting a set of additional Alertmanagers to peer with to form a highly available cluster.

affinity

object

If specified, the pod’s scheduling constraints.

alertmanagerConfigMatcherStrategy

object

The AlertmanagerConfigMatcherStrategy defines how AlertmanagerConfig objects match the alerts. In the future more options may be added.

alertmanagerConfigNamespaceSelector

object

Namespaces to be selected for AlertmanagerConfig discovery. If nil, only check own namespace.

alertmanagerConfigSelector

object

AlertmanagerConfigs to be selected for to merge and configure Alertmanager with.

alertmanagerConfiguration

object

alertmanagerConfiguration specifies the configuration of Alertmanager.

If defined, it takes precedence over the configSecret field.

This is an experimental feature, it may change in any upcoming release in a breaking way.

automountServiceAccountToken

boolean

AutomountServiceAccountToken indicates whether a service account token should be automatically mounted in the pod. If the service account has automountServiceAccountToken: true, set the field to false to opt out of automounting API credentials.

baseImage

string

Base image that is used to deploy pods, without tag. Deprecated: use 'image' instead.

clusterAdvertiseAddress

string

ClusterAdvertiseAddress is the explicit address to advertise in cluster. Needs to be provided for non RFC1918 [1] (public) addresses. [1] RFC1918: https://tools.ietf.org/html/rfc1918

clusterGossipInterval

string

Interval between gossip attempts.

clusterLabel

string

Defines the identifier that uniquely identifies the Alertmanager cluster. You should only set it when the Alertmanager cluster includes Alertmanager instances which are external to this Alertmanager resource. In practice, the addresses of the external instances are provided via the .spec.additionalPeers field.

clusterPeerTimeout

string

Timeout for cluster peering.

clusterPushpullInterval

string

Interval between pushpull attempts.

configMaps

array (string)

ConfigMaps is a list of ConfigMaps in the same namespace as the Alertmanager object, which shall be mounted into the Alertmanager Pods. Each ConfigMap is added to the StatefulSet definition as a volume named configmap-<configmap-name>. The ConfigMaps are mounted into /etc/alertmanager/configmaps/<configmap-name> in the 'alertmanager' container.

configSecret

string

ConfigSecret is the name of a Kubernetes Secret in the same namespace as the Alertmanager object, which contains the configuration for this Alertmanager instance. If empty, it defaults to alertmanager-<alertmanager-name>.

The Alertmanager configuration should be available under the alertmanager.yaml key. Additional keys from the original secret are copied to the generated secret and mounted into the /etc/alertmanager/config directory in the alertmanager container.

If either the secret or the alertmanager.yaml key is missing, the operator provisions a minimal Alertmanager configuration with one empty receiver (effectively dropping alert notifications).

containers

array

Containers allows injecting additional containers. This is meant to allow adding an authentication proxy to an Alertmanager pod. Containers described here modify an operator generated container if they share the same name and modifications are done via a strategic merge patch. The current container names are: alertmanager and config-reloader. Overriding containers is entirely outside the scope of what the maintainers will support and by doing so, you accept that this behaviour may break at any time without notice.

containers[]

object

A single application container that you want to run within a pod.

enableFeatures

array (string)

Enable access to Alertmanager feature flags. By default, no features are enabled. Enabling features which are disabled by default is entirely outside the scope of what the maintainers will support and by doing so, you accept that this behaviour may break at any time without notice.

It requires Alertmanager >= 0.27.0.

externalUrl

string

The external URL the Alertmanager instances will be available under. This is necessary to generate correct URLs. This is necessary if Alertmanager is not served from root of a DNS name.

forceEnableClusterMode

boolean

ForceEnableClusterMode ensures Alertmanager does not deactivate the cluster mode when running with a single replica. Use case is e.g. spanning an Alertmanager cluster across Kubernetes clusters with a single replica in each.

hostAliases

array

Pods' hostAliases configuration

hostAliases[]

object

HostAlias holds the mapping between IP and hostnames that will be injected as an entry in the pod’s hosts file.

image

string

Image if specified has precedence over baseImage, tag and sha combinations. Specifying the version is still necessary to ensure the Prometheus Operator knows what version of Alertmanager is being configured.

imagePullPolicy

string

Image pull policy for the 'alertmanager', 'init-config-reloader' and 'config-reloader' containers. See https://kubernetes.io/docs/concepts/containers/images/#image-pull-policy for more details.

imagePullSecrets

array

An optional list of references to secrets in the same namespace to use for pulling prometheus and alertmanager images from registries see http://kubernetes.io/docs/user-guide/images#specifying-imagepullsecrets-on-a-pod

imagePullSecrets[]

object

LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace.

initContainers

array

InitContainers allows adding initContainers to the pod definition. Those can be used to e.g. fetch secrets for injection into the Alertmanager configuration from external sources. Any errors during the execution of an initContainer will lead to a restart of the Pod. More info: https://kubernetes.io/docs/concepts/workloads/pods/init-containers/ InitContainers described here modify an operator generated init containers if they share the same name and modifications are done via a strategic merge patch. The current init container name is: init-config-reloader. Overriding init containers is entirely outside the scope of what the maintainers will support and by doing so, you accept that this behaviour may break at any time without notice.

initContainers[]

object

A single application container that you want to run within a pod.

listenLocal

boolean

ListenLocal makes the Alertmanager server listen on loopback, so that it does not bind against the Pod IP. Note this is only for the Alertmanager UI, not the gossip communication.

logFormat

string

Log format for Alertmanager to be configured with.

logLevel

string

Log level for Alertmanager to be configured with.

minReadySeconds

integer

Minimum number of seconds for which a newly created pod should be ready without any of its container crashing for it to be considered available. Defaults to 0 (pod will be considered available as soon as it is ready) This is an alpha field from kubernetes 1.22 until 1.24 which requires enabling the StatefulSetMinReadySeconds feature gate.

nodeSelector

object (string)

Define which Nodes the Pods are scheduled on.

paused

boolean

If set to true all actions on the underlying managed objects are not goint to be performed, except for delete actions.

podMetadata

object

PodMetadata configures labels and annotations which are propagated to the Alertmanager pods.

The following items are reserved and cannot be overridden: * "alertmanager" label, set to the name of the Alertmanager instance. * "app.kubernetes.io/instance" label, set to the name of the Alertmanager instance. * "app.kubernetes.io/managed-by" label, set to "prometheus-operator". * "app.kubernetes.io/name" label, set to "alertmanager". * "app.kubernetes.io/version" label, set to the Alertmanager version. * "kubectl.kubernetes.io/default-container" annotation, set to "alertmanager".

portName

string

Port name used for the pods and governing service. Defaults to web.

priorityClassName

string

Priority class assigned to the Pods

replicas

integer

Size is the expected size of the alertmanager cluster. The controller will eventually make the size of the running cluster equal to the expected size.

resources

object

Define resources requests and limits for single Pods.

retention

string

Time duration Alertmanager shall retain data for. Default is '120h', and must match the regular expression [0-9]+(ms|s|m|h) (milliseconds seconds minutes hours).

routePrefix

string

The route prefix Alertmanager registers HTTP handlers for. This is useful, if using ExternalURL and a proxy is rewriting HTTP routes of a request, and the actual ExternalURL is still true, but the server serves requests under a different route prefix. For example for use with kubectl proxy.

secrets

array (string)

Secrets is a list of Secrets in the same namespace as the Alertmanager object, which shall be mounted into the Alertmanager Pods. Each Secret is added to the StatefulSet definition as a volume named secret-<secret-name>. The Secrets are mounted into /etc/alertmanager/secrets/<secret-name> in the 'alertmanager' container.

securityContext

object

SecurityContext holds pod-level security attributes and common container settings. This defaults to the default PodSecurityContext.

serviceAccountName

string

ServiceAccountName is the name of the ServiceAccount to use to run the Prometheus Pods.

sha

string

SHA of Alertmanager container image to be deployed. Defaults to the value of version. Similar to a tag, but the SHA explicitly deploys an immutable container image. Version and Tag are ignored if SHA is set. Deprecated: use 'image' instead. The image digest can be specified as part of the image URL.

storage

object

Storage is the definition of how storage will be used by the Alertmanager instances.

tag

string

Tag of Alertmanager container image to be deployed. Defaults to the value of version. Version is ignored if Tag is set. Deprecated: use 'image' instead. The image tag can be specified as part of the image URL.

tolerations

array

If specified, the pod’s tolerations.

tolerations[]

object

The pod this Toleration is attached to tolerates any taint that matches the triple <key,value,effect> using the matching operator <operator>.

topologySpreadConstraints

array

If specified, the pod’s topology spread constraints.

topologySpreadConstraints[]

object

TopologySpreadConstraint specifies how to spread matching pods among the given topology.

version

string

Version the cluster should be on.

volumeMounts

array

VolumeMounts allows configuration of additional VolumeMounts on the output StatefulSet definition. VolumeMounts specified will be appended to other VolumeMounts in the alertmanager container, that are generated as a result of StorageSpec objects.

volumeMounts[]

object

VolumeMount describes a mounting of a Volume within a container.

volumes

array

Volumes allows configuration of additional volumes on the output StatefulSet definition. Volumes specified will be appended to other volumes that are generated as a result of StorageSpec objects.

volumes[]

object

Volume represents a named volume in a pod that may be accessed by any container in the pod.

web

object

Defines the web command line flags when starting Alertmanager.

nodeAffinity

object

Describes node affinity scheduling rules for the pod.

podAffinity

object

Describes pod affinity scheduling rules (e.g. co-locate this pod in the same node, zone, etc. as some other pod(s)).

podAntiAffinity

object

Describes pod anti-affinity scheduling rules (e.g. avoid putting this pod in the same node, zone, etc. as some other pod(s)).

preferredDuringSchedulingIgnoredDuringExecution

array

The scheduler will prefer to schedule pods to nodes that satisfy the affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding "weight" to the sum if the node matches the corresponding matchExpressions; the node(s) with the highest sum are the most preferred.

preferredDuringSchedulingIgnoredDuringExecution[]

object

An empty preferred scheduling term matches all objects with implicit weight 0 (i.e. it’s a no-op). A null preferred scheduling term matches no objects (i.e. is also a no-op).

requiredDuringSchedulingIgnoredDuringExecution

object

If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to an update), the system may or may not try to eventually evict the pod from its node.

preference

object

A node selector term, associated with the corresponding weight.

weight

integer

Weight associated with matching the corresponding nodeSelectorTerm, in the range 1-100.

matchExpressions

array

A list of node selector requirements by node’s labels.

matchExpressions[]

object

A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values.

matchFields

array

A list of node selector requirements by node’s fields.

matchFields[]

object

A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values.

key

string

The label key that the selector applies to.

operator

string

Represents a key’s relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt.

values

array (string)

An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch.

key

string

The label key that the selector applies to.

operator

string

Represents a key’s relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt.

values

array (string)

An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch.

nodeSelectorTerms

array

Required. A list of node selector terms. The terms are ORed.

nodeSelectorTerms[]

object

A null or empty node selector term matches no objects. The requirements of them are ANDed. The TopologySelectorTerm type implements a subset of the NodeSelectorTerm.

matchExpressions

array

A list of node selector requirements by node’s labels.

matchExpressions[]

object

A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values.

matchFields

array

A list of node selector requirements by node’s fields.

matchFields[]

object

A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values.

key

string

The label key that the selector applies to.

operator

string

Represents a key’s relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt.

values

array (string)

An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch.

key

string

The label key that the selector applies to.

operator

string

Represents a key’s relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt.

values

array (string)

An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch.

preferredDuringSchedulingIgnoredDuringExecution

array

The scheduler will prefer to schedule pods to nodes that satisfy the affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the node(s) with the highest sum are the most preferred.

preferredDuringSchedulingIgnoredDuringExecution[]

object

The weights of all of the matched WeightedPodAffinityTerm fields are added per-node to find the most preferred node(s)

requiredDuringSchedulingIgnoredDuringExecution

array

If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to a pod label update), the system may or may not try to eventually evict the pod from its node. When there are multiple elements, the lists of nodes corresponding to each podAffinityTerm are intersected, i.e. all terms must be satisfied.

requiredDuringSchedulingIgnoredDuringExecution[]

object

Defines a set of pods (namely those matching the labelSelector relative to the given namespace(s)) that this pod should be co-located (affinity) or not co-located (anti-affinity) with, where co-located is defined as running on a node whose value of the label with key <topologyKey> matches that of any node on which a pod of the set of pods is running

podAffinityTerm

object

Required. A pod affinity term, associated with the corresponding weight.

weight

integer

weight associated with matching the corresponding podAffinityTerm, in the range 1-100.

labelSelector

object

A label query over a set of resources, in this case pods. If it’s null, this PodAffinityTerm matches with no Pods.

matchLabelKeys

array (string)

MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with labelSelector as key in (value) to select the group of existing pods which pods will be taken into consideration for the incoming pod’s pod (anti) affinity. Keys that don’t exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both matchLabelKeys and labelSelector. Also, matchLabelKeys cannot be set when labelSelector isn’t set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.

mismatchLabelKeys

array (string)

MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with labelSelector as key notin (value) to select the group of existing pods which pods will be taken into consideration for the incoming pod’s pod (anti) affinity. Keys that don’t exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. Also, mismatchLabelKeys cannot be set when labelSelector isn’t set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.

namespaceSelector

object

A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod’s namespace". An empty selector ({}) matches all namespaces.

namespaces

array (string)

namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod’s namespace".

topologyKey

string

This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed.

matchExpressions

array

matchExpressions is a list of label selector requirements. The requirements are ANDed.

matchExpressions[]

object

A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.

matchLabels

object (string)

matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.

key

string

key is the label key that the selector applies to.

operator

string

operator represents a key’s relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.

values

array (string)

values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.

matchExpressions

array

matchExpressions is a list of label selector requirements. The requirements are ANDed.

matchExpressions[]

object

A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.

matchLabels

object (string)

matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.

key

string

key is the label key that the selector applies to.

operator

string

operator represents a key’s relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.

values

array (string)

values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.

labelSelector

object

A label query over a set of resources, in this case pods. If it’s null, this PodAffinityTerm matches with no Pods.

matchLabelKeys

array (string)

MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with labelSelector as key in (value) to select the group of existing pods which pods will be taken into consideration for the incoming pod’s pod (anti) affinity. Keys that don’t exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both matchLabelKeys and labelSelector. Also, matchLabelKeys cannot be set when labelSelector isn’t set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.

mismatchLabelKeys

array (string)

MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with labelSelector as key notin (value) to select the group of existing pods which pods will be taken into consideration for the incoming pod’s pod (anti) affinity. Keys that don’t exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. Also, mismatchLabelKeys cannot be set when labelSelector isn’t set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.

namespaceSelector

object

A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod’s namespace". An empty selector ({}) matches all namespaces.

namespaces

array (string)

namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod’s namespace".

topologyKey

string

This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed.

matchExpressions

array

matchExpressions is a list of label selector requirements. The requirements are ANDed.

matchExpressions[]

object

A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.

matchLabels

object (string)

matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.

key

string

key is the label key that the selector applies to.

operator

string

operator represents a key’s relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.

values

array (string)

values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.

matchExpressions

array

matchExpressions is a list of label selector requirements. The requirements are ANDed.

matchExpressions[]

object

A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.

matchLabels

object (string)

matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.

key

string

key is the label key that the selector applies to.

operator

string

operator represents a key’s relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.

values

array (string)

values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.

preferredDuringSchedulingIgnoredDuringExecution

array

The scheduler will prefer to schedule pods to nodes that satisfy the anti-affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling anti-affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the node(s) with the highest sum are the most preferred.

preferredDuringSchedulingIgnoredDuringExecution[]

object

The weights of all of the matched WeightedPodAffinityTerm fields are added per-node to find the most preferred node(s)

requiredDuringSchedulingIgnoredDuringExecution

array

If the anti-affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the anti-affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to a pod label update), the system may or may not try to eventually evict the pod from its node. When there are multiple elements, the lists of nodes corresponding to each podAffinityTerm are intersected, i.e. all terms must be satisfied.

requiredDuringSchedulingIgnoredDuringExecution[]

object

Defines a set of pods (namely those matching the labelSelector relative to the given namespace(s)) that this pod should be co-located (affinity) or not co-located (anti-affinity) with, where co-located is defined as running on a node whose value of the label with key <topologyKey> matches that of any node on which a pod of the set of pods is running

podAffinityTerm

object

Required. A pod affinity term, associated with the corresponding weight.

weight

integer

weight associated with matching the corresponding podAffinityTerm, in the range 1-100.

labelSelector

object

A label query over a set of resources, in this case pods. If it’s null, this PodAffinityTerm matches with no Pods.

matchLabelKeys

array (string)

MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with labelSelector as key in (value) to select the group of existing pods which pods will be taken into consideration for the incoming pod’s pod (anti) affinity. Keys that don’t exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both matchLabelKeys and labelSelector. Also, matchLabelKeys cannot be set when labelSelector isn’t set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.

mismatchLabelKeys

array (string)

MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with labelSelector as key notin (value) to select the group of existing pods which pods will be taken into consideration for the incoming pod’s pod (anti) affinity. Keys that don’t exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. Also, mismatchLabelKeys cannot be set when labelSelector isn’t set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.

namespaceSelector

object

A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod’s namespace". An empty selector ({}) matches all namespaces.

namespaces

array (string)

namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod’s namespace".

topologyKey

string

This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed.

matchExpressions

array

matchExpressions is a list of label selector requirements. The requirements are ANDed.

matchExpressions[]

object

A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.

matchLabels

object (string)

matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.

key

string

key is the label key that the selector applies to.

operator

string

operator represents a key’s relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.

values

array (string)

values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.

matchExpressions

array

matchExpressions is a list of label selector requirements. The requirements are ANDed.

matchExpressions[]

object

A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.

matchLabels

object (string)

matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.

key

string

key is the label key that the selector applies to.

operator

string

operator represents a key’s relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.

values

array (string)

values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.

labelSelector

object

A label query over a set of resources, in this case pods. If it’s null, this PodAffinityTerm matches with no Pods.

matchLabelKeys

array (string)

MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with labelSelector as key in (value) to select the group of existing pods which pods will be taken into consideration for the incoming pod’s pod (anti) affinity. Keys that don’t exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both matchLabelKeys and labelSelector. Also, matchLabelKeys cannot be set when labelSelector isn’t set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.

mismatchLabelKeys

array (string)

MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with labelSelector as key notin (value) to select the group of existing pods which pods will be taken into consideration for the incoming pod’s pod (anti) affinity. Keys that don’t exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. Also, mismatchLabelKeys cannot be set when labelSelector isn’t set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.

namespaceSelector

object

A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod’s namespace". An empty selector ({}) matches all namespaces.

namespaces

array (string)

namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod’s namespace".

topologyKey

string

This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed.

matchExpressions

array

matchExpressions is a list of label selector requirements. The requirements are ANDed.

matchExpressions[]

object

A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.

matchLabels

object (string)

matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.

key

string

key is the label key that the selector applies to.

operator

string

operator represents a key’s relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.

values

array (string)

values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.

matchExpressions

array

matchExpressions is a list of label selector requirements. The requirements are ANDed.

matchExpressions[]

object

A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.

matchLabels

object (string)

matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.

key

string

key is the label key that the selector applies to.

operator

string

operator represents a key’s relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.

values

array (string)

values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.

type

string

If set to OnNamespace, the operator injects a label matcher matching the namespace of the AlertmanagerConfig object for all its routes and inhibition rules. None will not add any additional matchers other than the ones specified in the AlertmanagerConfig. Default is OnNamespace.

matchExpressions

array

matchExpressions is a list of label selector requirements. The requirements are ANDed.

matchExpressions[]

object

A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.

matchLabels

object (string)

matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.

key

string

key is the label key that the selector applies to.

operator

string

operator represents a key’s relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.

values

array (string)

values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.

matchExpressions

array

matchExpressions is a list of label selector requirements. The requirements are ANDed.

matchExpressions[]

object

A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.

matchLabels

object (string)

matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.

key

string

key is the label key that the selector applies to.

operator

string

operator represents a key’s relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.

values

array (string)

values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.

global

object

Defines the global parameters of the Alertmanager configuration.

name

string

The name of the AlertmanagerConfig resource which is used to generate the Alertmanager configuration. It must be defined in the same namespace as the Alertmanager object. The operator will not enforce a namespace label for routes and inhibition rules.

templates

array

Custom notification templates.

templates[]

object

SecretOrConfigMap allows to specify data as a Secret or ConfigMap. Fields are mutually exclusive.

httpConfig

object

HTTP client configuration.

opsGenieApiKey

object

The default OpsGenie API Key.

opsGenieApiUrl

object

The default OpsGenie API URL.

pagerdutyUrl

string

The default Pagerduty URL.

resolveTimeout

string

ResolveTimeout is the default value used by alertmanager if the alert does not include EndsAt, after this time passes it can declare the alert as resolved if it has not been updated. This has no impact on alerts from Prometheus, as they always include EndsAt.

slackApiUrl

object

The default Slack API URL.

smtp

object

Configures global SMTP parameters.

authorization

object

Authorization header configuration for the client. This is mutually exclusive with BasicAuth and is only available starting from Alertmanager v0.22+.

basicAuth

object

BasicAuth for the client. This is mutually exclusive with Authorization. If both are defined, BasicAuth takes precedence.

bearerTokenSecret

object

The secret’s key that contains the bearer token to be used by the client for authentication. The secret needs to be in the same namespace as the Alertmanager object and accessible by the Prometheus Operator.

followRedirects

boolean

FollowRedirects specifies whether the client should follow HTTP 3xx redirects.

oauth2

object

OAuth2 client credentials used to fetch a token for the targets.

proxyURL

string

Optional proxy URL.

tlsConfig

object

TLS configuration for the client.

credentials

object

Selects a key of a Secret in the namespace that contains the credentials for authentication.

type

string

Defines the authentication type. The value is case-insensitive.

"Basic" is not a supported value.

Default: "Bearer"

key

string

The key of the secret to select from. Must be a valid secret key.

name

string

Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop kubebuilder:default when controller-gen doesn’t need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.

optional

boolean

Specify whether the Secret or its key must be defined

password

object

password specifies a key of a Secret containing the password for authentication.

username

object

username specifies a key of a Secret containing the username for authentication.

key

string

The key of the secret to select from. Must be a valid secret key.

name

string

Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop kubebuilder:default when controller-gen doesn’t need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.

optional

boolean

Specify whether the Secret or its key must be defined

key

string

The key of the secret to select from. Must be a valid secret key.

name

string

Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop kubebuilder:default when controller-gen doesn’t need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.

optional

boolean

Specify whether the Secret or its key must be defined

key

string

The key of the secret to select from. Must be a valid secret key.

name

string

Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop kubebuilder:default when controller-gen doesn’t need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.

optional

boolean

Specify whether the Secret or its key must be defined

clientId

object

clientId specifies a key of a Secret or ConfigMap containing the OAuth2 client’s ID.

clientSecret

object

clientSecret specifies a key of a Secret containing the OAuth2 client’s secret.

endpointParams

object (string)

endpointParams configures the HTTP parameters to append to the token URL.

scopes

array (string)

scopes defines the OAuth2 scopes used for the token request.

tokenUrl

string

tokenURL configures the URL to fetch the token from.

configMap

object

ConfigMap containing data to use for the targets.

secret

object

Secret containing data to use for the targets.

key

string

The key to select.

name

string

Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop kubebuilder:default when controller-gen doesn’t need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.

optional

boolean

Specify whether the ConfigMap or its key must be defined

key

string

The key of the secret to select from. Must be a valid secret key.

name

string

Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop kubebuilder:default when controller-gen doesn’t need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.

optional

boolean

Specify whether the Secret or its key must be defined

key

string

The key of the secret to select from. Must be a valid secret key.

name

string

Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop kubebuilder:default when controller-gen doesn’t need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.

optional

boolean

Specify whether the Secret or its key must be defined

ca

object

Certificate authority used when verifying server certificates.

cert

object

Client certificate to present when doing client-authentication.

insecureSkipVerify

boolean

Disable target certificate validation.

keySecret

object

Secret containing the client key file for the targets.

serverName

string

Used to verify the hostname for the targets.

configMap

object

ConfigMap containing data to use for the targets.

secret

object

Secret containing data to use for the targets.

key

string

The key to select.

name

string

Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop kubebuilder:default when controller-gen doesn’t need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.

optional

boolean

Specify whether the ConfigMap or its key must be defined

key

string

The key of the secret to select from. Must be a valid secret key.

name

string

Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop kubebuilder:default when controller-gen doesn’t need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.

optional

boolean

Specify whether the Secret or its key must be defined

configMap

object

ConfigMap containing data to use for the targets.

secret

object

Secret containing data to use for the targets.

key

string

The key to select.

name

string

Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop kubebuilder:default when controller-gen doesn’t need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.

optional

boolean

Specify whether the ConfigMap or its key must be defined

key

string

The key of the secret to select from. Must be a valid secret key.

name

string

Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop kubebuilder:default when controller-gen doesn’t need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.

optional

boolean

Specify whether the Secret or its key must be defined

key

string

The key of the secret to select from. Must be a valid secret key.

name

string

Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop kubebuilder:default when controller-gen doesn’t need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.

optional

boolean

Specify whether the Secret or its key must be defined

key

string

The key of the secret to select from. Must be a valid secret key.

name

string

Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop kubebuilder:default when controller-gen doesn’t need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.

optional

boolean

Specify whether the Secret or its key must be defined

key

string

The key of the secret to select from. Must be a valid secret key.

name

string

Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop kubebuilder:default when controller-gen doesn’t need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.

optional

boolean

Specify whether the Secret or its key must be defined

key

string

The key of the secret to select from. Must be a valid secret key.

name

string

Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop kubebuilder:default when controller-gen doesn’t need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.

optional

boolean

Specify whether the Secret or its key must be defined

authIdentity

string

SMTP Auth using PLAIN

authPassword

object

SMTP Auth using LOGIN and PLAIN.

authSecret

object

SMTP Auth using CRAM-MD5.

authUsername

string

SMTP Auth using CRAM-MD5, LOGIN and PLAIN. If empty, Alertmanager doesn’t authenticate to the SMTP server.

from

string

The default SMTP From header field.

hello

string

The default hostname to identify to the SMTP server.

requireTLS

boolean

The default SMTP TLS requirement. Note that Go does not support unencrypted connections to remote SMTP endpoints.

smartHost

object

The default SMTP smarthost used for sending emails.

key

string

The key of the secret to select from. Must be a valid secret key.

name

string

Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop kubebuilder:default when controller-gen doesn’t need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.

optional

boolean

Specify whether the Secret or its key must be defined

key

string

The key of the secret to select from. Must be a valid secret key.

name

string

Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop kubebuilder:default when controller-gen doesn’t need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.

optional

boolean

Specify whether the Secret or its key must be defined

host

string

Defines the host’s address, it can be a DNS name or a literal IP address.

port

string

Defines the host’s port, it can be a literal port number or a port name.

configMap

object

ConfigMap containing data to use for the targets.

secret

object

Secret containing data to use for the targets.

key

string

The key to select.

name

string

Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop kubebuilder:default when controller-gen doesn’t need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.

optional

boolean

Specify whether the ConfigMap or its key must be defined

key

string

The key of the secret to select from. Must be a valid secret key.

name

string

Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop kubebuilder:default when controller-gen doesn’t need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.

optional

boolean

Specify whether the Secret or its key must be defined

args

array (string)

Arguments to the entrypoint. The container image’s CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container’s environment. If a variable cannot be resolved, the reference in the input string will be unchanged. Double are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "(VAR_NAME)" will produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell

command

array (string)

Entrypoint array. Not executed within a shell. The container image’s ENTRYPOINT is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container’s environment. If a variable cannot be resolved, the reference in the input string will be unchanged. Double are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "(VAR_NAME)" will produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell

env

array

List of environment variables to set in the container. Cannot be updated.

env[]

object

EnvVar represents an environment variable present in a Container.

envFrom

array

List of sources to populate environment variables in the container. The keys defined within a source must be a C_IDENTIFIER. All invalid keys will be reported as an event when the container is starting. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated.

envFrom[]

object

EnvFromSource represents the source of a set of ConfigMaps

image

string

Container image name. More info: https://kubernetes.io/docs/concepts/containers/images This field is optional to allow higher level config management to default or override container images in workload controllers like Deployments and StatefulSets.

imagePullPolicy

string

Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images

lifecycle

object

Actions that the management system should take in response to container lifecycle events. Cannot be updated.

livenessProbe

object

Periodic probe of container liveness. Container will be restarted if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes

name

string

Name of the container specified as a DNS_LABEL. Each container in a pod must have a unique name (DNS_LABEL). Cannot be updated.

ports

array

List of ports to expose from the container. Not specifying a port here DOES NOT prevent that port from being exposed. Any port which is listening on the default "0.0.0.0" address inside a container will be accessible from the network. Modifying this array with strategic merge patch may corrupt the data. For more information See https://github.com/kubernetes/kubernetes/issues/108255. Cannot be updated.

ports[]

object

ContainerPort represents a network port in a single container.

readinessProbe

object

Periodic probe of container service readiness. Container will be removed from service endpoints if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes

resizePolicy

array

Resources resize policy for the container.

resizePolicy[]

object

ContainerResizePolicy represents resource resize policy for the container.

resources

object

Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/

restartPolicy

string

RestartPolicy defines the restart behavior of individual containers in a pod. This field may only be set for init containers, and the only allowed value is "Always". For non-init containers or when this field is not specified, the restart behavior is defined by the Pod’s restart policy and the container type. Setting the RestartPolicy as "Always" for the init container will have the following effect: this init container will be continually restarted on exit until all regular containers have terminated. Once all regular containers have completed, all init containers with restartPolicy "Always" will be shut down. This lifecycle differs from normal init containers and is often referred to as a "sidecar" container. Although this init container still starts in the init container sequence, it does not wait for the container to complete before proceeding to the next init container. Instead, the next init container starts immediately after this init container is started, or after any startupProbe has successfully completed.

securityContext

object

SecurityContext defines the security options the container should be run with. If set, the fields of SecurityContext override the equivalent fields of PodSecurityContext. More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/

startupProbe

object

StartupProbe indicates that the Pod has successfully initialized. If specified, no other probes are executed until this completes successfully. If this probe fails, the Pod will be restarted, just as if the livenessProbe failed. This can be used to provide different probe parameters at the beginning of a Pod’s lifecycle, when it might take a long time to load data or warm a cache, than during steady-state operation. This cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes

stdin

boolean

Whether this container should allocate a buffer for stdin in the container runtime. If this is not set, reads from stdin in the container will always result in EOF. Default is false.

stdinOnce

boolean

Whether the container runtime should close the stdin channel after it has been opened by a single attach. When stdin is true the stdin stream will remain open across multiple attach sessions. If stdinOnce is set to true, stdin is opened on container start, is empty until the first client attaches to stdin, and then remains open and accepts data until the client disconnects, at which time stdin is closed and remains closed until the container is restarted. If this flag is false, a container processes that reads from stdin will never receive an EOF. Default is false

terminationMessagePath

string

Optional: Path at which the file to which the container’s termination message will be written is mounted into the container’s filesystem. Message written is intended to be brief final status, such as an assertion failure message. Will be truncated by the node if greater than 4096 bytes. The total message length across all containers will be limited to 12kb. Defaults to /dev/termination-log. Cannot be updated.

terminationMessagePolicy

string

Indicate how the termination message should be populated. File will use the contents of terminationMessagePath to populate the container status message on both success and failure. FallbackToLogsOnError will use the last chunk of container log output if the termination message file is empty and the container exited with an error. The log output is limited to 2048 bytes or 80 lines, whichever is smaller. Defaults to File. Cannot be updated.

tty

boolean

Whether this container should allocate a TTY for itself, also requires 'stdin' to be true. Default is false.

volumeDevices

array

volumeDevices is the list of block devices to be used by the container.

volumeDevices[]

object

volumeDevice describes a mapping of a raw block device within a container.

volumeMounts

array

Pod volumes to mount into the container’s filesystem. Cannot be updated.

volumeMounts[]

object

VolumeMount describes a mounting of a Volume within a container.

workingDir

string

Container’s working directory. If not specified, the container runtime’s default will be used, which might be configured in the container image. Cannot be updated.

name

string

Name of the environment variable. Must be a C_IDENTIFIER.

value

string

Variable references $(VAR_NAME) are expanded using the previously defined environment variables in the container and any service environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. Double are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "(VAR_NAME)" will produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to "".

valueFrom

object

Source for the environment variable’s value. Cannot be used if value is not empty.

configMapKeyRef

object

Selects a key of a ConfigMap.

fieldRef

object

Selects a field of the pod: supports metadata.name, metadata.namespace, metadata.labels['<KEY>'], metadata.annotations['<KEY>'], spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs.

resourceFieldRef

object

Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported.

secretKeyRef

object

Selects a key of a secret in the pod’s namespace

key

string

The key to select.

name

string

Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop kubebuilder:default when controller-gen doesn’t need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.

optional

boolean

Specify whether the ConfigMap or its key must be defined

apiVersion

string

Version of the schema the FieldPath is written in terms of, defaults to "v1".

fieldPath

string

Path of the field to select in the specified API version.

containerName

string

Container name: required for volumes, optional for env vars

divisor

integer-or-string

Specifies the output format of the exposed resources, defaults to "1"

resource

string

Required: resource to select

key

string

The key of the secret to select from. Must be a valid secret key.

name

string

Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop kubebuilder:default when controller-gen doesn’t need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.

optional

boolean

Specify whether the Secret or its key must be defined

configMapRef

object

The ConfigMap to select from

prefix

string

An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER.

secretRef

object

The Secret to select from

name

string

Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop kubebuilder:default when controller-gen doesn’t need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.

optional

boolean

Specify whether the ConfigMap must be defined

name

string

Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop kubebuilder:default when controller-gen doesn’t need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.

optional

boolean

Specify whether the Secret must be defined

postStart

object

PostStart is called immediately after a container is created. If the handler fails, the container is terminated and restarted according to its restart policy. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks

preStop

object

PreStop is called immediately before a container is terminated due to an API request or management event such as liveness/startup probe failure, preemption, resource contention, etc. The handler is not called if the container crashes or exits. The Pod’s termination grace period countdown begins before the PreStop hook is executed. Regardless of the outcome of the handler, the container will eventually terminate within the Pod’s termination grace period (unless delayed by finalizers). Other management of the container blocks until the hook completes or until the termination grace period is reached. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks

exec

object

Exec specifies the action to take.

httpGet

object

HTTPGet specifies the http request to perform.

sleep

object

Sleep represents the duration that the container should sleep before being terminated.

tcpSocket

object

Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept for the backward compatibility. There are no validation of this field and lifecycle hooks will fail in runtime when tcp handler is specified.

command

array (string)

Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container’s filesystem. The command is simply exec’d, it is not run inside a shell, so traditional shell instructions ('|', etc) won’t work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy.

host

string

Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead.

httpHeaders

array

Custom headers to set in the request. HTTP allows repeated headers.

httpHeaders[]

object

HTTPHeader describes a custom header to be used in HTTP probes

path

string

Path to access on the HTTP server.

port

integer-or-string

Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME.

scheme

string

Scheme to use for connecting to the host. Defaults to HTTP.

name

string

The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header.

value

string

The header field value

seconds

integer

Seconds is the number of seconds to sleep.

host

string

Optional: Host name to connect to, defaults to the pod IP.

port

integer-or-string

Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME.

exec

object

Exec specifies the action to take.

httpGet

object

HTTPGet specifies the http request to perform.

sleep

object

Sleep represents the duration that the container should sleep before being terminated.

tcpSocket

object

Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept for the backward compatibility. There are no validation of this field and lifecycle hooks will fail in runtime when tcp handler is specified.

command

array (string)

Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container’s filesystem. The command is simply exec’d, it is not run inside a shell, so traditional shell instructions ('|', etc) won’t work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy.

host

string

Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead.

httpHeaders

array

Custom headers to set in the request. HTTP allows repeated headers.

httpHeaders[]

object

HTTPHeader describes a custom header to be used in HTTP probes

path

string

Path to access on the HTTP server.

port

integer-or-string

Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME.

scheme

string

Scheme to use for connecting to the host. Defaults to HTTP.

name

string

The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header.

value

string

The header field value

seconds

integer

Seconds is the number of seconds to sleep.

host

string

Optional: Host name to connect to, defaults to the pod IP.

port

integer-or-string

Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME.

exec

object

Exec specifies the action to take.

failureThreshold

integer

Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1.

grpc

object

GRPC specifies an action involving a GRPC port.

httpGet

object

HTTPGet specifies the http request to perform.

initialDelaySeconds

integer

Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes

periodSeconds

integer

How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1.

successThreshold

integer

Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1.

tcpSocket

object

TCPSocket specifies an action involving a TCP port.

terminationGracePeriodSeconds

integer

Optional duration in seconds the pod needs to terminate gracefully upon probe failure. The grace period is the duration in seconds after the processes running in the pod are sent a termination signal and the time when the processes are forcibly halted with a kill signal. Set this value longer than the expected cleanup time for your process. If this value is nil, the pod’s terminationGracePeriodSeconds will be used. Otherwise, this value overrides the value provided by the pod spec. Value must be non-negative integer. The value zero indicates stop immediately via the kill signal (no opportunity to shut down). This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset.

timeoutSeconds

integer

Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes

command

array (string)

Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container’s filesystem. The command is simply exec’d, it is not run inside a shell, so traditional shell instructions ('|', etc) won’t work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy.

port

integer

Port number of the gRPC service. Number must be in the range 1 to 65535.

service

string

Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).

If this is not specified, the default behavior is defined by gRPC.

host

string

Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead.

httpHeaders

array

Custom headers to set in the request. HTTP allows repeated headers.

httpHeaders[]

object

HTTPHeader describes a custom header to be used in HTTP probes

path

string

Path to access on the HTTP server.

port

integer-or-string

Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME.

scheme

string

Scheme to use for connecting to the host. Defaults to HTTP.

name

string

The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header.

value

string

The header field value

host

string

Optional: Host name to connect to, defaults to the pod IP.

port

integer-or-string

Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME.

containerPort

integer

Number of port to expose on the pod’s IP address. This must be a valid port number, 0 < x < 65536.

hostIP

string

What host IP to bind the external port to.

hostPort

integer

Number of port to expose on the host. If specified, this must be a valid port number, 0 < x < 65536. If HostNetwork is specified, this must match ContainerPort. Most containers do not need this.

name

string

If specified, this must be an IANA_SVC_NAME and unique within the pod. Each named port in a pod must have a unique name. Name for the port that can be referred to by services.

protocol

string

Protocol for port. Must be UDP, TCP, or SCTP. Defaults to "TCP".

exec

object

Exec specifies the action to take.

failureThreshold

integer

Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1.

grpc

object

GRPC specifies an action involving a GRPC port.

httpGet

object

HTTPGet specifies the http request to perform.

initialDelaySeconds

integer

Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes

periodSeconds

integer

How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1.

successThreshold

integer

Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1.

tcpSocket

object

TCPSocket specifies an action involving a TCP port.

terminationGracePeriodSeconds

integer

Optional duration in seconds the pod needs to terminate gracefully upon probe failure. The grace period is the duration in seconds after the processes running in the pod are sent a termination signal and the time when the processes are forcibly halted with a kill signal. Set this value longer than the expected cleanup time for your process. If this value is nil, the pod’s terminationGracePeriodSeconds will be used. Otherwise, this value overrides the value provided by the pod spec. Value must be non-negative integer. The value zero indicates stop immediately via the kill signal (no opportunity to shut down). This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset.

timeoutSeconds

integer

Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes

command

array (string)

Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container’s filesystem. The command is simply exec’d, it is not run inside a shell, so traditional shell instructions ('|', etc) won’t work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy.

port

integer

Port number of the gRPC service. Number must be in the range 1 to 65535.

service

string

Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).

If this is not specified, the default behavior is defined by gRPC.

host

string

Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead.

httpHeaders

array

Custom headers to set in the request. HTTP allows repeated headers.

httpHeaders[]

object

HTTPHeader describes a custom header to be used in HTTP probes

path

string

Path to access on the HTTP server.

port

integer-or-string

Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME.

scheme

string

Scheme to use for connecting to the host. Defaults to HTTP.