ScrapeConfig
monitoring.coreos.com / v1alpha1
apiVersion: monitoring.coreos.com/v1alpha1
kind: ScrapeConfig
metadata:
name: example
apiVersion
string
APIVersion defines the versioned schema of this representation of an object.
Servers should convert recognized schemas to the latest internal value, and
may reject unrecognized values.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
kind
string
Kind is a string value representing the REST resource this object represents.
Servers may infer this from the endpoint the client submits requests to.
Cannot be updated.
In CamelCase.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
metadata
object
spec object required
ScrapeConfigSpec is a specification of the desired configuration for a scrape configuration.
authorization object
Authorization header to use on every scrape request.
credentials object
Selects a key of a Secret in the namespace that contains the credentials for authentication.
key
string required
The key of the secret to select from. Must be a valid secret key.
name
string
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
optional
boolean
Specify whether the Secret or its key must be defined
type
string
Defines the authentication type. The value is case-insensitive.
"Basic" is not a supported value.
Default: "Bearer"
azureSDConfigs []object
AzureSDConfigs defines a list of Azure service discovery configurations.
authenticationMethod
string
# The authentication method, either `OAuth` or `ManagedIdentity` or `SDK`.
See https://docs.microsoft.com/en-us/azure/active-directory/managed-identities-azure-resources/overview
SDK authentication method uses environment variables by default.
See https://learn.microsoft.com/en-us/azure/developer/go/azure-sdk-authentication
enum:
OAuth, ManagedIdentity, SDKauthorization object
Authorization header configuration to authenticate against the target HTTP endpoint.
Cannot be set at the same time as `oAuth2`, or `basicAuth`.
credentials object
Selects a key of a Secret in the namespace that contains the credentials for authentication.
key
string required
The key of the secret to select from. Must be a valid secret key.
name
string
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
optional
boolean
Specify whether the Secret or its key must be defined
type
string
Defines the authentication type. The value is case-insensitive.
"Basic" is not a supported value.
Default: "Bearer"
basicAuth object
BasicAuth information to authenticate against the target HTTP endpoint.
More info: https://prometheus.io/docs/operating/configuration/#endpoints
Cannot be set at the same time as `authorization`, or `oAuth2`.
password object
`password` specifies a key of a Secret containing the password for
authentication.
key
string required
The key of the secret to select from. Must be a valid secret key.
name
string
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
optional
boolean
Specify whether the Secret or its key must be defined
username object
`username` specifies a key of a Secret containing the username for
authentication.
key
string required
The key of the secret to select from. Must be a valid secret key.
name
string
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
optional
boolean
Specify whether the Secret or its key must be defined
clientID
string
Optional client ID. Only required with the OAuth authentication method.
minLength:
1clientSecret object
Optional client secret. Only required with the OAuth authentication method.
key
string required
The key of the secret to select from. Must be a valid secret key.
name
string
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
optional
boolean
Specify whether the Secret or its key must be defined
enableHTTP2
boolean
Whether to enable HTTP2.
environment
string
The Azure environment.
minLength:
1
followRedirects
boolean
Configure whether HTTP requests follow HTTP 3xx redirects.
noProxy
string
`noProxy` is a comma-separated string that can contain IPs, CIDR notation, domain names
that should be excluded from proxying. IP and domain names can
contain port numbers.
It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0.
oauth2 object
Optional OAuth 2.0 configuration to authenticate against the target HTTP endpoint.
Cannot be set at the same time as `authorization`, or `basicAuth`.
clientId object required
`clientId` specifies a key of a Secret or ConfigMap containing the
OAuth2 client's ID.
configMap object
ConfigMap containing data to use for the targets.
key
string required
The key to select.
name
string
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
optional
boolean
Specify whether the ConfigMap or its key must be defined
secret object
Secret containing data to use for the targets.
key
string required
The key of the secret to select from. Must be a valid secret key.
name
string
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
optional
boolean
Specify whether the Secret or its key must be defined
clientSecret object required
`clientSecret` specifies a key of a Secret containing the OAuth2
client's secret.
key
string required
The key of the secret to select from. Must be a valid secret key.
name
string
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
optional
boolean
Specify whether the Secret or its key must be defined
endpointParams
object
`endpointParams` configures the HTTP parameters to append to the token
URL.
noProxy
string
`noProxy` is a comma-separated string that can contain IPs, CIDR notation, domain names
that should be excluded from proxying. IP and domain names can
contain port numbers.
It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0.
proxyConnectHeader
object
ProxyConnectHeader optionally specifies headers to send to
proxies during CONNECT requests.
It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0.
proxyFromEnvironment
boolean
Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY).
It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0.
proxyUrl
string
`proxyURL` defines the HTTP proxy server to use.
pattern:
^(http|https|socks5)://.+$
scopes
[]string
`scopes` defines the OAuth2 scopes used for the token request.
tlsConfig object
TLS configuration to use when connecting to the OAuth2 server.
It requires Prometheus >= v2.43.0.
ca object
Certificate authority used when verifying server certificates.
configMap object
ConfigMap containing data to use for the targets.
key
string required
The key to select.
name
string
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
optional
boolean
Specify whether the ConfigMap or its key must be defined
secret object
Secret containing data to use for the targets.
key
string required
The key of the secret to select from. Must be a valid secret key.
name
string
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
optional
boolean
Specify whether the Secret or its key must be defined
cert object
Client certificate to present when doing client-authentication.
configMap object
ConfigMap containing data to use for the targets.
key
string required
The key to select.
name
string
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
optional
boolean
Specify whether the ConfigMap or its key must be defined
secret object
Secret containing data to use for the targets.
key
string required
The key of the secret to select from. Must be a valid secret key.
name
string
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
optional
boolean
Specify whether the Secret or its key must be defined
insecureSkipVerify
boolean
Disable target certificate validation.
keySecret object
Secret containing the client key file for the targets.
key
string required
The key of the secret to select from. Must be a valid secret key.
name
string
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
optional
boolean
Specify whether the Secret or its key must be defined
maxVersion
string
Maximum acceptable TLS version.
It requires Prometheus >= v2.41.0 or Thanos >= v0.31.0.
enum:
TLS10, TLS11, TLS12, TLS13
minVersion
string
Minimum acceptable TLS version.
It requires Prometheus >= v2.35.0 or Thanos >= v0.28.0.
enum:
TLS10, TLS11, TLS12, TLS13
serverName
string
Used to verify the hostname for the targets.
tokenUrl
string required
`tokenURL` configures the URL to fetch the token from.
minLength:
1
port
integer
The port to scrape metrics from. If using the public IP address, this must
instead be specified in the relabeling rule.
format:
int32minimum:
0maximum:
65535
proxyConnectHeader
object
ProxyConnectHeader optionally specifies headers to send to
proxies during CONNECT requests.
It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0.
proxyFromEnvironment
boolean
Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY).
It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0.
proxyUrl
string
`proxyURL` defines the HTTP proxy server to use.
pattern:
^(http|https|socks5)://.+$
refreshInterval
string
RefreshInterval configures the refresh interval at which Prometheus will re-read the instance list.
pattern:
^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$
resourceGroup
string
Optional resource group name. Limits discovery to this resource group.
Requires Prometheus v2.35.0 and above
minLength:
1
subscriptionID
string required
The subscription ID. Always required.
minLength:
1
tenantID
string
Optional tenant ID. Only required with the OAuth authentication method.
minLength:
1tlsConfig object
TLS configuration applying to the target HTTP endpoint.
ca object
Certificate authority used when verifying server certificates.
configMap object
ConfigMap containing data to use for the targets.
key
string required
The key to select.
name
string
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
optional
boolean
Specify whether the ConfigMap or its key must be defined
secret object
Secret containing data to use for the targets.
key
string required
The key of the secret to select from. Must be a valid secret key.
name
string
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
optional
boolean
Specify whether the Secret or its key must be defined
cert object
Client certificate to present when doing client-authentication.
configMap object
ConfigMap containing data to use for the targets.
key
string required
The key to select.
name
string
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
optional
boolean
Specify whether the ConfigMap or its key must be defined
secret object
Secret containing data to use for the targets.
key
string required
The key of the secret to select from. Must be a valid secret key.
name
string
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
optional
boolean
Specify whether the Secret or its key must be defined
insecureSkipVerify
boolean
Disable target certificate validation.
keySecret object
Secret containing the client key file for the targets.
key
string required
The key of the secret to select from. Must be a valid secret key.
name
string
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
optional
boolean
Specify whether the Secret or its key must be defined
maxVersion
string
Maximum acceptable TLS version.
It requires Prometheus >= v2.41.0 or Thanos >= v0.31.0.
enum:
TLS10, TLS11, TLS12, TLS13
minVersion
string
Minimum acceptable TLS version.
It requires Prometheus >= v2.35.0 or Thanos >= v0.28.0.
enum:
TLS10, TLS11, TLS12, TLS13
serverName
string
Used to verify the hostname for the targets.
basicAuth object
BasicAuth information to use on every scrape request.
password object
`password` specifies a key of a Secret containing the password for
authentication.
key
string required
The key of the secret to select from. Must be a valid secret key.
name
string
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
optional
boolean
Specify whether the Secret or its key must be defined
username object
`username` specifies a key of a Secret containing the username for
authentication.
key
string required
The key of the secret to select from. Must be a valid secret key.
name
string
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
optional
boolean
Specify whether the Secret or its key must be defined
consulSDConfigs []object
ConsulSDConfigs defines a list of Consul service discovery configurations.
allowStale
boolean
Allow stale Consul results (see https://www.consul.io/api/features/consistency.html). Will reduce load on Consul.
If unset, Prometheus uses its default value.
authorization object
Optional Authorization header configuration to authenticate against the Consul Server.
Cannot be set at the same time as `basicAuth`, or `oauth2`.
credentials object
Selects a key of a Secret in the namespace that contains the credentials for authentication.
key
string required
The key of the secret to select from. Must be a valid secret key.
name
string
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
optional
boolean
Specify whether the Secret or its key must be defined
type
string
Defines the authentication type. The value is case-insensitive.
"Basic" is not a supported value.
Default: "Bearer"
basicAuth object
Optional BasicAuth information to authenticate against the Consul Server.
More info: https://prometheus.io/docs/operating/configuration/#endpoints
Cannot be set at the same time as `authorization`, or `oauth2`.
password object
`password` specifies a key of a Secret containing the password for
authentication.
key
string required
The key of the secret to select from. Must be a valid secret key.
name
string
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
optional
boolean
Specify whether the Secret or its key must be defined
username object
`username` specifies a key of a Secret containing the username for
authentication.
key
string required
The key of the secret to select from. Must be a valid secret key.
name
string
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
optional
boolean
Specify whether the Secret or its key must be defined
datacenter
string
Consul Datacenter name, if not provided it will use the local Consul Agent Datacenter.
minLength:
1
enableHTTP2
boolean
Whether to enable HTTP2.
If unset, Prometheus uses its default value.
filter
string
Filter expression used to filter the catalog results.
See https://www.consul.io/api-docs/catalog#list-services
It requires Prometheus >= 3.0.0.
minLength:
1
followRedirects
boolean
Configure whether HTTP requests follow HTTP 3xx redirects.
If unset, Prometheus uses its default value.
namespace
string
Namespaces are only supported in Consul Enterprise.
It requires Prometheus >= 2.28.0.
minLength:
1
noProxy
string
`noProxy` is a comma-separated string that can contain IPs, CIDR notation, domain names
that should be excluded from proxying. IP and domain names can
contain port numbers.
It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0.
nodeMeta
object
Node metadata key/value pairs to filter nodes for a given service.
Starting with Consul 1.14, it is recommended to use `filter` with the `NodeMeta` selector instead.
oauth2 object
Optional OAuth2.0 configuration.
Cannot be set at the same time as `basicAuth`, or `authorization`.
clientId object required
`clientId` specifies a key of a Secret or ConfigMap containing the
OAuth2 client's ID.
configMap object
ConfigMap containing data to use for the targets.
key
string required
The key to select.
name
string
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
optional
boolean
Specify whether the ConfigMap or its key must be defined
secret object
Secret containing data to use for the targets.
key
string required
The key of the secret to select from. Must be a valid secret key.
name
string
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
optional
boolean
Specify whether the Secret or its key must be defined
clientSecret object required
`clientSecret` specifies a key of a Secret containing the OAuth2
client's secret.
key
string required
The key of the secret to select from. Must be a valid secret key.
name
string
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
optional
boolean
Specify whether the Secret or its key must be defined
endpointParams
object
`endpointParams` configures the HTTP parameters to append to the token
URL.
noProxy
string
`noProxy` is a comma-separated string that can contain IPs, CIDR notation, domain names
that should be excluded from proxying. IP and domain names can
contain port numbers.
It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0.
proxyConnectHeader
object
ProxyConnectHeader optionally specifies headers to send to
proxies during CONNECT requests.
It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0.
proxyFromEnvironment
boolean
Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY).
It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0.
proxyUrl
string
`proxyURL` defines the HTTP proxy server to use.
pattern:
^(http|https|socks5)://.+$
scopes
[]string
`scopes` defines the OAuth2 scopes used for the token request.
tlsConfig object
TLS configuration to use when connecting to the OAuth2 server.
It requires Prometheus >= v2.43.0.
ca object
Certificate authority used when verifying server certificates.
configMap object
ConfigMap containing data to use for the targets.
key
string required
The key to select.
name
string
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
optional
boolean
Specify whether the ConfigMap or its key must be defined
secret object
Secret containing data to use for the targets.
key
string required
The key of the secret to select from. Must be a valid secret key.
name
string
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
optional
boolean
Specify whether the Secret or its key must be defined
cert object
Client certificate to present when doing client-authentication.
configMap object
ConfigMap containing data to use for the targets.
key
string required
The key to select.
name
string
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
optional
boolean
Specify whether the ConfigMap or its key must be defined
secret object
Secret containing data to use for the targets.
key
string required
The key of the secret to select from. Must be a valid secret key.
name
string
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
optional
boolean
Specify whether the Secret or its key must be defined
insecureSkipVerify
boolean
Disable target certificate validation.
keySecret object
Secret containing the client key file for the targets.
key
string required
The key of the secret to select from. Must be a valid secret key.
name
string
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
optional
boolean
Specify whether the Secret or its key must be defined
maxVersion
string
Maximum acceptable TLS version.
It requires Prometheus >= v2.41.0 or Thanos >= v0.31.0.
enum:
TLS10, TLS11, TLS12, TLS13
minVersion
string
Minimum acceptable TLS version.
It requires Prometheus >= v2.35.0 or Thanos >= v0.28.0.
enum:
TLS10, TLS11, TLS12, TLS13
serverName
string
Used to verify the hostname for the targets.
tokenUrl
string required
`tokenURL` configures the URL to fetch the token from.
minLength:
1
partition
string
Admin Partitions are only supported in Consul Enterprise.
minLength:
1
pathPrefix
string
Prefix for URIs for when consul is behind an API gateway (reverse proxy).
It requires Prometheus >= 2.45.0.
minLength:
1
proxyConnectHeader
object
ProxyConnectHeader optionally specifies headers to send to
proxies during CONNECT requests.
It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0.
proxyFromEnvironment
boolean
Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY).
It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0.
proxyUrl
string
`proxyURL` defines the HTTP proxy server to use.
pattern:
^(http|https|socks5)://.+$
refreshInterval
string
The time after which the provided names are refreshed.
On large setup it might be a good idea to increase this value because the catalog will change all the time.
If unset, Prometheus uses its default value.
pattern:
^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$
scheme
string
HTTP Scheme default "http"
enum:
HTTP, HTTPS
server
string required
Consul server address. A valid string consisting of a hostname or IP followed by an optional port number.
minLength:
1
services
[]string
A list of services for which targets are retrieved. If omitted, all services are scraped.
tagSeparator
string
The string by which Consul tags are joined into the tag label.
If unset, Prometheus uses its default value.
minLength:
1
tags
[]string
An optional list of tags used to filter nodes for a given service. Services must contain all tags in the list.
Starting with Consul 1.14, it is recommended to use `filter` with the `ServiceTags` selector instead.
tlsConfig object
TLS configuration to connect to the Consul API.
ca object
Certificate authority used when verifying server certificates.
configMap object
ConfigMap containing data to use for the targets.
key
string required
The key to select.
name
string
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
optional
boolean
Specify whether the ConfigMap or its key must be defined
secret object
Secret containing data to use for the targets.
key
string required
The key of the secret to select from. Must be a valid secret key.
name
string
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
optional
boolean
Specify whether the Secret or its key must be defined
cert object
Client certificate to present when doing client-authentication.
configMap object
ConfigMap containing data to use for the targets.
key
string required
The key to select.
name
string
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
optional
boolean
Specify whether the ConfigMap or its key must be defined
secret object
Secret containing data to use for the targets.
key
string required
The key of the secret to select from. Must be a valid secret key.
name
string
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
optional
boolean
Specify whether the Secret or its key must be defined
insecureSkipVerify
boolean
Disable target certificate validation.
keySecret object
Secret containing the client key file for the targets.
key
string required
The key of the secret to select from. Must be a valid secret key.
name
string
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
optional
boolean
Specify whether the Secret or its key must be defined
maxVersion
string
Maximum acceptable TLS version.
It requires Prometheus >= v2.41.0 or Thanos >= v0.31.0.
enum:
TLS10, TLS11, TLS12, TLS13
minVersion
string
Minimum acceptable TLS version.
It requires Prometheus >= v2.35.0 or Thanos >= v0.28.0.
enum:
TLS10, TLS11, TLS12, TLS13
serverName
string
Used to verify the hostname for the targets.
tokenRef object
Consul ACL TokenRef, if not provided it will use the ACL from the local Consul Agent.
key
string required
The key of the secret to select from. Must be a valid secret key.
name
string
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
optional
boolean
Specify whether the Secret or its key must be defined
convertClassicHistogramsToNHCB
boolean
Whether to convert all scraped classic histograms into a native histogram with custom buckets.
It requires Prometheus >= v3.0.0.
digitalOceanSDConfigs []object
DigitalOceanSDConfigs defines a list of DigitalOcean service discovery configurations.
authorization object
Authorization header configuration to authenticate against the DigitalOcean API.
Cannot be set at the same time as `oauth2`.
credentials object
Selects a key of a Secret in the namespace that contains the credentials for authentication.
key
string required
The key of the secret to select from. Must be a valid secret key.
name
string
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
optional
boolean
Specify whether the Secret or its key must be defined
type
string
Defines the authentication type. The value is case-insensitive.
"Basic" is not a supported value.
Default: "Bearer"
enableHTTP2
boolean
Whether to enable HTTP2.
followRedirects
boolean
Configure whether HTTP requests follow HTTP 3xx redirects.
noProxy
string
`noProxy` is a comma-separated string that can contain IPs, CIDR notation, domain names
that should be excluded from proxying. IP and domain names can
contain port numbers.
It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0.
oauth2 object
Optional OAuth 2.0 configuration.
Cannot be set at the same time as `authorization`.
clientId object required
`clientId` specifies a key of a Secret or ConfigMap containing the
OAuth2 client's ID.
configMap object
ConfigMap containing data to use for the targets.
key
string required
The key to select.
name
string
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
optional
boolean
Specify whether the ConfigMap or its key must be defined
secret object
Secret containing data to use for the targets.
key
string required
The key of the secret to select from. Must be a valid secret key.
name
string
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
optional
boolean
Specify whether the Secret or its key must be defined
clientSecret object required
`clientSecret` specifies a key of a Secret containing the OAuth2
client's secret.
key
string required
The key of the secret to select from. Must be a valid secret key.
name
string
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
optional
boolean
Specify whether the Secret or its key must be defined
endpointParams
object
`endpointParams` configures the HTTP parameters to append to the token
URL.
noProxy
string
`noProxy` is a comma-separated string that can contain IPs, CIDR notation, domain names
that should be excluded from proxying. IP and domain names can
contain port numbers.
It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0.
proxyConnectHeader
object
ProxyConnectHeader optionally specifies headers to send to
proxies during CONNECT requests.
It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0.
proxyFromEnvironment
boolean
Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY).
It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0.
proxyUrl
string
`proxyURL` defines the HTTP proxy server to use.
pattern:
^(http|https|socks5)://.+$
scopes
[]string
`scopes` defines the OAuth2 scopes used for the token request.
tlsConfig object
TLS configuration to use when connecting to the OAuth2 server.
It requires Prometheus >= v2.43.0.
ca object
Certificate authority used when verifying server certificates.
configMap object
ConfigMap containing data to use for the targets.
key
string required
The key to select.
name
string
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
optional
boolean
Specify whether the ConfigMap or its key must be defined
secret object
Secret containing data to use for the targets.
key
string required
The key of the secret to select from. Must be a valid secret key.
name
string
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
optional
boolean
Specify whether the Secret or its key must be defined
cert object
Client certificate to present when doing client-authentication.
configMap object
ConfigMap containing data to use for the targets.
key
string required
The key to select.
name
string
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
optional
boolean
Specify whether the ConfigMap or its key must be defined
secret object
Secret containing data to use for the targets.
key
string required
The key of the secret to select from. Must be a valid secret key.
name
string
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
optional
boolean
Specify whether the Secret or its key must be defined
insecureSkipVerify
boolean
Disable target certificate validation.
keySecret object
Secret containing the client key file for the targets.
key
string required
The key of the secret to select from. Must be a valid secret key.
name
string
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
optional
boolean
Specify whether the Secret or its key must be defined
maxVersion
string
Maximum acceptable TLS version.
It requires Prometheus >= v2.41.0 or Thanos >= v0.31.0.
enum:
TLS10, TLS11, TLS12, TLS13
minVersion
string
Minimum acceptable TLS version.
It requires Prometheus >= v2.35.0 or Thanos >= v0.28.0.
enum:
TLS10, TLS11, TLS12, TLS13
serverName
string
Used to verify the hostname for the targets.
tokenUrl
string required
`tokenURL` configures the URL to fetch the token from.
minLength:
1
port
integer
The port to scrape metrics from.
format:
int32minimum:
0maximum:
65535
proxyConnectHeader
object
ProxyConnectHeader optionally specifies headers to send to
proxies during CONNECT requests.
It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0.
proxyFromEnvironment
boolean
Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY).
It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0.
proxyUrl
string
`proxyURL` defines the HTTP proxy server to use.
pattern:
^(http|https|socks5)://.+$
refreshInterval
string
Refresh interval to re-read the instance list.
pattern:
^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$tlsConfig object
TLS configuration applying to the target HTTP endpoint.
ca object
Certificate authority used when verifying server certificates.
configMap object
ConfigMap containing data to use for the targets.
key
string required
The key to select.
name
string
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
optional
boolean
Specify whether the ConfigMap or its key must be defined
secret object
Secret containing data to use for the targets.
key
string required
The key of the secret to select from. Must be a valid secret key.
name
string
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
optional
boolean
Specify whether the Secret or its key must be defined
cert object
Client certificate to present when doing client-authentication.
configMap object
ConfigMap containing data to use for the targets.
key
string required
The key to select.
name
string
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
optional
boolean
Specify whether the ConfigMap or its key must be defined
secret object
Secret containing data to use for the targets.
key
string required
The key of the secret to select from. Must be a valid secret key.
name
string
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
optional
boolean
Specify whether the Secret or its key must be defined
insecureSkipVerify
boolean
Disable target certificate validation.
keySecret object
Secret containing the client key file for the targets.
key
string required
The key of the secret to select from. Must be a valid secret key.
name
string
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
optional
boolean
Specify whether the Secret or its key must be defined
maxVersion
string
Maximum acceptable TLS version.
It requires Prometheus >= v2.41.0 or Thanos >= v0.31.0.
enum:
TLS10, TLS11, TLS12, TLS13
minVersion
string
Minimum acceptable TLS version.
It requires Prometheus >= v2.35.0 or Thanos >= v0.28.0.
enum:
TLS10, TLS11, TLS12, TLS13
serverName
string
Used to verify the hostname for the targets.
dnsSDConfigs []object
DNSSDConfigs defines a list of DNS service discovery configurations.
names
[]string required
A list of DNS domain names to be queried.
minItems:
1
port
integer
The port number used if the query type is not SRV
Ignored for SRV records
format:
int32minimum:
0maximum:
65535
refreshInterval
string
RefreshInterval configures the time after which the provided names are refreshed.
If not set, Prometheus uses its default value.
pattern:
^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$
type
string
The type of DNS query to perform. One of SRV, A, AAAA, MX or NS.
If not set, Prometheus uses its default value.
When set to NS, it requires Prometheus >= v2.49.0.
When set to MX, it requires Prometheus >= v2.38.0
enum:
A, AAAA, MX, NS, SRVdockerSDConfigs []object
DockerSDConfigs defines a list of Docker service discovery configurations.
authorization object
Authorization header configuration to authenticate against the Docker API.
Cannot be set at the same time as `oauth2`.
credentials object
Selects a key of a Secret in the namespace that contains the credentials for authentication.
key
string required
The key of the secret to select from. Must be a valid secret key.
name
string
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
optional
boolean
Specify whether the Secret or its key must be defined
type
string
Defines the authentication type. The value is case-insensitive.
"Basic" is not a supported value.
Default: "Bearer"
basicAuth object
BasicAuth information to use on every scrape request.
password object
`password` specifies a key of a Secret containing the password for
authentication.
key
string required
The key of the secret to select from. Must be a valid secret key.
name
string
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
optional
boolean
Specify whether the Secret or its key must be defined
username object
`username` specifies a key of a Secret containing the username for
authentication.
key
string required
The key of the secret to select from. Must be a valid secret key.
name
string
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
optional
boolean
Specify whether the Secret or its key must be defined
enableHTTP2
boolean
Whether to enable HTTP2.
filters []object
Optional filters to limit the discovery process to a subset of the available resources.
name
string required
Name of the Filter.
values
[]string required
Value to filter on.
minItems:
1
followRedirects
boolean
Configure whether HTTP requests follow HTTP 3xx redirects.
host
string required
Address of the docker daemon
minLength:
1
hostNetworkingHost
string
The host to use if the container is in host networking mode.
minLength:
1
matchFirstNetwork
boolean
Configure whether to match the first network if the container has multiple networks defined.
If unset, Prometheus uses true by default.
It requires Prometheus >= v2.54.1.
noProxy
string
`noProxy` is a comma-separated string that can contain IPs, CIDR notation, domain names
that should be excluded from proxying. IP and domain names can
contain port numbers.
It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0.
oauth2 object
Optional OAuth 2.0 configuration.
Cannot be set at the same time as `authorization`.
clientId object required
`clientId` specifies a key of a Secret or ConfigMap containing the
OAuth2 client's ID.
configMap object
ConfigMap containing data to use for the targets.
key
string required
The key to select.
name
string
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
optional
boolean
Specify whether the ConfigMap or its key must be defined
secret object
Secret containing data to use for the targets.
key
string required
The key of the secret to select from. Must be a valid secret key.
name
string
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
optional
boolean
Specify whether the Secret or its key must be defined
clientSecret object required
`clientSecret` specifies a key of a Secret containing the OAuth2
client's secret.
key
string required
The key of the secret to select from. Must be a valid secret key.
name
string
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
optional
boolean
Specify whether the Secret or its key must be defined
endpointParams
object
`endpointParams` configures the HTTP parameters to append to the token
URL.
noProxy
string
`noProxy` is a comma-separated string that can contain IPs, CIDR notation, domain names
that should be excluded from proxying. IP and domain names can
contain port numbers.
It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0.
proxyConnectHeader
object
ProxyConnectHeader optionally specifies headers to send to
proxies during CONNECT requests.
It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0.
proxyFromEnvironment
boolean
Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY).
It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0.
proxyUrl
string
`proxyURL` defines the HTTP proxy server to use.
pattern:
^(http|https|socks5)://.+$
scopes
[]string
`scopes` defines the OAuth2 scopes used for the token request.
tlsConfig object
TLS configuration to use when connecting to the OAuth2 server.
It requires Prometheus >= v2.43.0.
ca object
Certificate authority used when verifying server certificates.
configMap object
ConfigMap containing data to use for the targets.
key
string required
The key to select.
name
string
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
optional
boolean
Specify whether the ConfigMap or its key must be defined
secret object
Secret containing data to use for the targets.
key
string required
The key of the secret to select from. Must be a valid secret key.
name
string
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
optional
boolean
Specify whether the Secret or its key must be defined
cert object
Client certificate to present when doing client-authentication.
configMap object
ConfigMap containing data to use for the targets.
key
string required
The key to select.
name
string
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
optional
boolean
Specify whether the ConfigMap or its key must be defined
secret object
Secret containing data to use for the targets.
key
string required
The key of the secret to select from. Must be a valid secret key.
name
string
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
optional
boolean
Specify whether the Secret or its key must be defined
insecureSkipVerify
boolean
Disable target certificate validation.
keySecret object
Secret containing the client key file for the targets.
key
string required
The key of the secret to select from. Must be a valid secret key.
name
string
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
optional
boolean
Specify whether the Secret or its key must be defined
maxVersion
string
Maximum acceptable TLS version.
It requires Prometheus >= v2.41.0 or Thanos >= v0.31.0.
enum:
TLS10, TLS11, TLS12, TLS13
minVersion
string
Minimum acceptable TLS version.
It requires Prometheus >= v2.35.0 or Thanos >= v0.28.0.
enum:
TLS10, TLS11, TLS12, TLS13
serverName
string
Used to verify the hostname for the targets.
tokenUrl
string required
`tokenURL` configures the URL to fetch the token from.
minLength:
1
port
integer
The port to scrape metrics from.
format:
int32minimum:
0maximum:
65535
proxyConnectHeader
object
ProxyConnectHeader optionally specifies headers to send to
proxies during CONNECT requests.
It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0.
proxyFromEnvironment
boolean
Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY).
It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0.
proxyUrl
string
`proxyURL` defines the HTTP proxy server to use.
pattern:
^(http|https|socks5)://.+$
refreshInterval
string
Time after which the container is refreshed.
pattern:
^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$tlsConfig object
TLS configuration applying to the target HTTP endpoint.
ca object
Certificate authority used when verifying server certificates.
configMap object
ConfigMap containing data to use for the targets.
key
string required
The key to select.
name
string
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
optional
boolean
Specify whether the ConfigMap or its key must be defined
secret object
Secret containing data to use for the targets.
key
string required
The key of the secret to select from. Must be a valid secret key.
name
string
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
optional
boolean
Specify whether the Secret or its key must be defined
cert object
Client certificate to present when doing client-authentication.
configMap object
ConfigMap containing data to use for the targets.
key
string required
The key to select.
name
string
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
optional
boolean
Specify whether the ConfigMap or its key must be defined
secret object
Secret containing data to use for the targets.
key
string required
The key of the secret to select from. Must be a valid secret key.
name
string
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
optional
boolean
Specify whether the Secret or its key must be defined
insecureSkipVerify
boolean
Disable target certificate validation.
keySecret object
Secret containing the client key file for the targets.
key
string required
The key of the secret to select from. Must be a valid secret key.
name
string
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
optional
boolean
Specify whether the Secret or its key must be defined
maxVersion
string
Maximum acceptable TLS version.
It requires Prometheus >= v2.41.0 or Thanos >= v0.31.0.
enum:
TLS10, TLS11, TLS12, TLS13
minVersion
string
Minimum acceptable TLS version.
It requires Prometheus >= v2.35.0 or Thanos >= v0.28.0.
enum:
TLS10, TLS11, TLS12, TLS13
serverName
string
Used to verify the hostname for the targets.
dockerSwarmSDConfigs []object
DockerswarmSDConfigs defines a list of Dockerswarm service discovery configurations.
authorization object
Authorization header configuration to authenticate against the target HTTP endpoint.
credentials object
Selects a key of a Secret in the namespace that contains the credentials for authentication.
key
string required
The key of the secret to select from. Must be a valid secret key.
name
string
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
optional
boolean
Specify whether the Secret or its key must be defined
type
string
Defines the authentication type. The value is case-insensitive.
"Basic" is not a supported value.
Default: "Bearer"
basicAuth object
Optional HTTP basic authentication information.
password object
`password` specifies a key of a Secret containing the password for
authentication.
key
string required
The key of the secret to select from. Must be a valid secret key.
name
string
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
optional
boolean
Specify whether the Secret or its key must be defined
username object
`username` specifies a key of a Secret containing the username for
authentication.
key
string required
The key of the secret to select from. Must be a valid secret key.
name
string
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
optional
boolean
Specify whether the Secret or its key must be defined
enableHTTP2
boolean
Whether to enable HTTP2.
filters []object
Optional filters to limit the discovery process to a subset of available
resources.
The available filters are listed in the upstream documentation:
Services: https://docs.docker.com/engine/api/v1.40/#operation/ServiceList
Tasks: https://docs.docker.com/engine/api/v1.40/#operation/TaskList
Nodes: https://docs.docker.com/engine/api/v1.40/#operation/NodeList
name
string required
Name of the Filter.
values
[]string required
Value to filter on.
minItems:
1
followRedirects
boolean
Configure whether HTTP requests follow HTTP 3xx redirects.
host
string required
Address of the Docker daemon
pattern:
^[a-zA-Z][a-zA-Z0-9+.-]*://.+$
noProxy
string
`noProxy` is a comma-separated string that can contain IPs, CIDR notation, domain names
that should be excluded from proxying. IP and domain names can
contain port numbers.
It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0.
oauth2 object
Optional OAuth 2.0 configuration.
Cannot be set at the same time as `authorization`, or `basicAuth`.
clientId object required
`clientId` specifies a key of a Secret or ConfigMap containing the
OAuth2 client's ID.
configMap object
ConfigMap containing data to use for the targets.
key
string required
The key to select.
name
string
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
optional
boolean
Specify whether the ConfigMap or its key must be defined
secret object
Secret containing data to use for the targets.
key
string required
The key of the secret to select from. Must be a valid secret key.
name
string
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
optional
boolean
Specify whether the Secret or its key must be defined
clientSecret object required
`clientSecret` specifies a key of a Secret containing the OAuth2
client's secret.
key
string required
The key of the secret to select from. Must be a valid secret key.
name
string
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
optional
boolean
Specify whether the Secret or its key must be defined
endpointParams
object
`endpointParams` configures the HTTP parameters to append to the token
URL.
noProxy
string
`noProxy` is a comma-separated string that can contain IPs, CIDR notation, domain names
that should be excluded from proxying. IP and domain names can
contain port numbers.
It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0.
proxyConnectHeader
object
ProxyConnectHeader optionally specifies headers to send to
proxies during CONNECT requests.
It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0.
proxyFromEnvironment
boolean
Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY).
It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0.
proxyUrl
string
`proxyURL` defines the HTTP proxy server to use.
pattern:
^(http|https|socks5)://.+$
scopes
[]string
`scopes` defines the OAuth2 scopes used for the token request.
tlsConfig object
TLS configuration to use when connecting to the OAuth2 server.
It requires Prometheus >= v2.43.0.
ca object
Certificate authority used when verifying server certificates.
configMap object
ConfigMap containing data to use for the targets.
key
string required
The key to select.
name
string
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
optional
boolean
Specify whether the ConfigMap or its key must be defined
secret object
Secret containing data to use for the targets.
key
string required
The key of the secret to select from. Must be a valid secret key.
name
string
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
optional
boolean
Specify whether the Secret or its key must be defined
cert object
Client certificate to present when doing client-authentication.
configMap object
ConfigMap containing data to use for the targets.
key
string required
The key to select.
name
string
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
optional
boolean
Specify whether the ConfigMap or its key must be defined
secret object
Secret containing data to use for the targets.
key
string required
The key of the secret to select from. Must be a valid secret key.
name
string
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
optional
boolean
Specify whether the Secret or its key must be defined
insecureSkipVerify
boolean
Disable target certificate validation.
keySecret object
Secret containing the client key file for the targets.
key
string required
The key of the secret to select from. Must be a valid secret key.
name
string
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
optional
boolean
Specify whether the Secret or its key must be defined
maxVersion
string
Maximum acceptable TLS version.
It requires Prometheus >= v2.41.0 or Thanos >= v0.31.0.
enum:
TLS10, TLS11, TLS12, TLS13
minVersion
string
Minimum acceptable TLS version.
It requires Prometheus >= v2.35.0 or Thanos >= v0.28.0.
enum:
TLS10, TLS11, TLS12, TLS13
serverName
string
Used to verify the hostname for the targets.
tokenUrl
string required
`tokenURL` configures the URL to fetch the token from.
minLength:
1
port
integer
The port to scrape metrics from, when `role` is nodes, and for discovered
tasks and services that don't have published ports.
format:
int32minimum:
0maximum:
65535
proxyConnectHeader
object
ProxyConnectHeader optionally specifies headers to send to
proxies during CONNECT requests.
It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0.
proxyFromEnvironment
boolean
Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY).
It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0.
proxyUrl
string
`proxyURL` defines the HTTP proxy server to use.
pattern:
^(http|https|socks5)://.+$
refreshInterval
string
The time after which the service discovery data is refreshed.
pattern:
^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$
role
string required
Role of the targets to retrieve. Must be `Services`, `Tasks`, or `Nodes`.
enum:
Services, Tasks, NodestlsConfig object
TLS configuration to use on every scrape request
ca object
Certificate authority used when verifying server certificates.
configMap object
ConfigMap containing data to use for the targets.
key
string required
The key to select.
name
string
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
optional
boolean
Specify whether the ConfigMap or its key must be defined
secret object
Secret containing data to use for the targets.
key
string required
The key of the secret to select from. Must be a valid secret key.
name
string
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
optional
boolean
Specify whether the Secret or its key must be defined
cert object
Client certificate to present when doing client-authentication.
configMap object
ConfigMap containing data to use for the targets.
key
string required
The key to select.
name
string
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
optional
boolean
Specify whether the ConfigMap or its key must be defined
secret object
Secret containing data to use for the targets.
key
string required
The key of the secret to select from. Must be a valid secret key.
name
string
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
optional
boolean
Specify whether the Secret or its key must be defined
insecureSkipVerify
boolean
Disable target certificate validation.
keySecret object
Secret containing the client key file for the targets.
key
string required
The key of the secret to select from. Must be a valid secret key.
name
string
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
optional
boolean
Specify whether the Secret or its key must be defined
maxVersion
string
Maximum acceptable TLS version.
It requires Prometheus >= v2.41.0 or Thanos >= v0.31.0.
enum:
TLS10, TLS11, TLS12, TLS13
minVersion
string
Minimum acceptable TLS version.
It requires Prometheus >= v2.35.0 or Thanos >= v0.28.0.
enum:
TLS10, TLS11, TLS12, TLS13
serverName
string
Used to verify the hostname for the targets.
ec2SDConfigs []object
EC2SDConfigs defines a list of EC2 service discovery configurations.
accessKey object
AccessKey is the AWS API key.
key
string required
The key of the secret to select from. Must be a valid secret key.
name
string
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
optional
boolean
Specify whether the Secret or its key must be defined
enableHTTP2
boolean
Whether to enable HTTP2.
It requires Prometheus >= v2.41.0
filters []object
Filters can be used optionally to filter the instance list by other criteria.
Available filter criteria can be found here:
https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeInstances.html
Filter API documentation: https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_Filter.html
It requires Prometheus >= v2.3.0
name
string required
Name of the Filter.
values
[]string required
Value to filter on.
minItems:
1
followRedirects
boolean
Configure whether HTTP requests follow HTTP 3xx redirects.
It requires Prometheus >= v2.41.0
noProxy
string
`noProxy` is a comma-separated string that can contain IPs, CIDR notation, domain names
that should be excluded from proxying. IP and domain names can
contain port numbers.
It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0.
port
integer
The port to scrape metrics from. If using the public IP address, this must
instead be specified in the relabeling rule.
format:
int32minimum:
0maximum:
65535
proxyConnectHeader
object
ProxyConnectHeader optionally specifies headers to send to
proxies during CONNECT requests.
It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0.
proxyFromEnvironment
boolean
Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY).
It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0.
proxyUrl
string
`proxyURL` defines the HTTP proxy server to use.
pattern:
^(http|https|socks5)://.+$
refreshInterval
string
RefreshInterval configures the refresh interval at which Prometheus will re-read the instance list.
pattern:
^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$
region
string
The AWS region.
minLength:
1
roleARN
string
AWS Role ARN, an alternative to using AWS API keys.
minLength:
1secretKey object
SecretKey is the AWS API secret.
key
string required
The key of the secret to select from. Must be a valid secret key.
name
string
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
optional
boolean
Specify whether the Secret or its key must be defined
tlsConfig object
TLS configuration to connect to the AWS EC2 API.
It requires Prometheus >= v2.41.0
ca object
Certificate authority used when verifying server certificates.
configMap object
ConfigMap containing data to use for the targets.
key
string required
The key to select.
name
string
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
optional
boolean
Specify whether the ConfigMap or its key must be defined
secret object
Secret containing data to use for the targets.
key
string required
The key of the secret to select from. Must be a valid secret key.
name
string
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
optional
boolean
Specify whether the Secret or its key must be defined
cert object
Client certificate to present when doing client-authentication.
configMap object
ConfigMap containing data to use for the targets.
key
string required
The key to select.
name
string
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
optional
boolean
Specify whether the ConfigMap or its key must be defined
secret object
Secret containing data to use for the targets.
key
string required
The key of the secret to select from. Must be a valid secret key.
name
string
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
optional
boolean
Specify whether the Secret or its key must be defined
insecureSkipVerify
boolean
Disable target certificate validation.
keySecret object
Secret containing the client key file for the targets.
key
string required
The key of the secret to select from. Must be a valid secret key.
name
string
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
optional
boolean
Specify whether the Secret or its key must be defined
maxVersion
string
Maximum acceptable TLS version.
It requires Prometheus >= v2.41.0 or Thanos >= v0.31.0.
enum:
TLS10, TLS11, TLS12, TLS13
minVersion
string
Minimum acceptable TLS version.
It requires Prometheus >= v2.35.0 or Thanos >= v0.28.0.
enum:
TLS10, TLS11, TLS12, TLS13
serverName
string
Used to verify the hostname for the targets.
enableCompression
boolean
When false, Prometheus will request uncompressed response from the scraped target.
It requires Prometheus >= v2.49.0.
If unset, Prometheus uses true by default.
enableHTTP2
boolean
Whether to enable HTTP2.
eurekaSDConfigs []object
EurekaSDConfigs defines a list of Eureka service discovery configurations.
authorization object
Authorization header to use on every scrape request.
credentials object
Selects a key of a Secret in the namespace that contains the credentials for authentication.
key
string required
The key of the secret to select from. Must be a valid secret key.
name
string
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
optional
boolean
Specify whether the Secret or its key must be defined
type
string
Defines the authentication type. The value is case-insensitive.
"Basic" is not a supported value.
Default: "Bearer"
basicAuth object
BasicAuth information to use on every scrape request.
password object
`password` specifies a key of a Secret containing the password for
authentication.
key
string required
The key of the secret to select from. Must be a valid secret key.
name
string
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
optional
boolean
Specify whether the Secret or its key must be defined
username object
`username` specifies a key of a Secret containing the username for
authentication.
key
string required
The key of the secret to select from. Must be a valid secret key.
name
string
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
optional
boolean
Specify whether the Secret or its key must be defined
enableHTTP2
boolean
Whether to enable HTTP2.
followRedirects
boolean
Configure whether HTTP requests follow HTTP 3xx redirects.
noProxy
string
`noProxy` is a comma-separated string that can contain IPs, CIDR notation, domain names
that should be excluded from proxying. IP and domain names can
contain port numbers.
It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0.
oauth2 object
Optional OAuth 2.0 configuration.
Cannot be set at the same time as `authorization` or `basic_auth`.
clientId object required
`clientId` specifies a key of a Secret or ConfigMap containing the
OAuth2 client's ID.
configMap object
ConfigMap containing data to use for the targets.
key
string required
The key to select.
name
string
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
optional
boolean
Specify whether the ConfigMap or its key must be defined
secret object
Secret containing data to use for the targets.
key
string required
The key of the secret to select from. Must be a valid secret key.
name
string
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
optional
boolean
Specify whether the Secret or its key must be defined
clientSecret object required
`clientSecret` specifies a key of a Secret containing the OAuth2
client's secret.
key
string required
The key of the secret to select from. Must be a valid secret key.
name
string
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
optional
boolean
Specify whether the Secret or its key must be defined
endpointParams
object
`endpointParams` configures the HTTP parameters to append to the token
URL.
noProxy
string
`noProxy` is a comma-separated string that can contain IPs, CIDR notation, domain names
that should be excluded from proxying. IP and domain names can
contain port numbers.
It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0.
proxyConnectHeader
object
ProxyConnectHeader optionally specifies headers to send to
proxies during CONNECT requests.
It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0.
proxyFromEnvironment
boolean
Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY).
It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0.
proxyUrl
string
`proxyURL` defines the HTTP proxy server to use.
pattern:
^(http|https|socks5)://.+$
scopes
[]string
`scopes` defines the OAuth2 scopes used for the token request.
tlsConfig object
TLS configuration to use when connecting to the OAuth2 server.
It requires Prometheus >= v2.43.0.
ca object
Certificate authority used when verifying server certificates.
configMap object
ConfigMap containing data to use for the targets.
key
string required
The key to select.
name
string
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
optional
boolean
Specify whether the ConfigMap or its key must be defined
secret object
Secret containing data to use for the targets.
key
string required
The key of the secret to select from. Must be a valid secret key.
name
string
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
optional
boolean
Specify whether the Secret or its key must be defined
cert object
Client certificate to present when doing client-authentication.
configMap object
ConfigMap containing data to use for the targets.
key
string required
The key to select.
name
string
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
optional
boolean
Specify whether the ConfigMap or its key must be defined
secret object
Secret containing data to use for the targets.
key
string required
The key of the secret to select from. Must be a valid secret key.
name
string
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
optional
boolean
Specify whether the Secret or its key must be defined
insecureSkipVerify
boolean
Disable target certificate validation.
keySecret object
Secret containing the client key file for the targets.
key
string required
The key of the secret to select from. Must be a valid secret key.
name
string
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
optional
boolean
Specify whether the Secret or its key must be defined
maxVersion
string
Maximum acceptable TLS version.
It requires Prometheus >= v2.41.0 or Thanos >= v0.31.0.
enum:
TLS10, TLS11, TLS12, TLS13
minVersion
string
Minimum acceptable TLS version.
It requires Prometheus >= v2.35.0 or Thanos >= v0.28.0.
enum:
TLS10, TLS11, TLS12, TLS13
serverName
string
Used to verify the hostname for the targets.
tokenUrl
string required
`tokenURL` configures the URL to fetch the token from.
minLength:
1
proxyConnectHeader
object
ProxyConnectHeader optionally specifies headers to send to
proxies during CONNECT requests.
It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0.
proxyFromEnvironment
boolean
Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY).
It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0.
proxyUrl
string
`proxyURL` defines the HTTP proxy server to use.
pattern:
^(http|https|socks5)://.+$
refreshInterval
string
Refresh interval to re-read the instance list.
pattern:
^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$
server
string required
The URL to connect to the Eureka server.
minLength:
1tlsConfig object
TLS configuration applying to the target HTTP endpoint.
ca object
Certificate authority used when verifying server certificates.
configMap object
ConfigMap containing data to use for the targets.
key
string required
The key to select.
name
string
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
optional
boolean
Specify whether the ConfigMap or its key must be defined
secret object
Secret containing data to use for the targets.
key
string required
The key of the secret to select from. Must be a valid secret key.
name
string
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
optional
boolean
Specify whether the Secret or its key must be defined
cert object
Client certificate to present when doing client-authentication.
configMap object
ConfigMap containing data to use for the targets.
key
string required
The key to select.
name
string
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
optional
boolean
Specify whether the ConfigMap or its key must be defined
secret object
Secret containing data to use for the targets.
key
string required
The key of the secret to select from. Must be a valid secret key.
name
string
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
optional
boolean
Specify whether the Secret or its key must be defined
insecureSkipVerify
boolean
Disable target certificate validation.
keySecret object
Secret containing the client key file for the targets.
key
string required
The key of the secret to select from. Must be a valid secret key.
name
string
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
optional
boolean
Specify whether the Secret or its key must be defined
maxVersion
string
Maximum acceptable TLS version.
It requires Prometheus >= v2.41.0 or Thanos >= v0.31.0.
enum:
TLS10, TLS11, TLS12, TLS13
minVersion
string
Minimum acceptable TLS version.
It requires Prometheus >= v2.35.0 or Thanos >= v0.28.0.
enum:
TLS10, TLS11, TLS12, TLS13
serverName
string
Used to verify the hostname for the targets.
fallbackScrapeProtocol
string
The protocol to use if a scrape returns blank, unparseable, or otherwise invalid Content-Type.
It requires Prometheus >= v3.0.0.
enum:
PrometheusProto, OpenMetricsText0.0.1, OpenMetricsText1.0.0, PrometheusText0.0.4, PrometheusText1.0.0fileSDConfigs []object
FileSDConfigs defines a list of file service discovery configurations.
files
[]string required
List of files to be used for file discovery. Recommendation: use absolute paths. While relative paths work, the
prometheus-operator project makes no guarantees about the working directory where the configuration file is
stored.
Files must be mounted using Prometheus.ConfigMaps or Prometheus.Secrets.
minItems:
1
refreshInterval
string
RefreshInterval configures the refresh interval at which Prometheus will reload the content of the files.
pattern:
^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$gceSDConfigs []object
GCESDConfigs defines a list of GCE service discovery configurations.
filter
string
Filter can be used optionally to filter the instance list by other criteria
Syntax of this filter is described in the filter query parameter section:
https://cloud.google.com/compute/docs/reference/latest/instances/list
minLength:
1
port
integer
The port to scrape metrics from. If using the public IP address, this must
instead be specified in the relabeling rule.
format:
int32minimum:
0maximum:
65535
project
string required
The Google Cloud Project ID
minLength:
1
refreshInterval
string
RefreshInterval configures the refresh interval at which Prometheus will re-read the instance list.
pattern:
^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$
tagSeparator
string
The tag separator is used to separate the tags on concatenation
minLength:
1
zone
string required
The zone of the scrape targets. If you need multiple zones use multiple GCESDConfigs.
minLength:
1hetznerSDConfigs []object
HetznerSDConfigs defines a list of Hetzner service discovery configurations.
authorization object
Authorization header configuration, required when role is hcloud.
Role robot does not support bearer token authentication.
credentials object
Selects a key of a Secret in the namespace that contains the credentials for authentication.
key
string required
The key of the secret to select from. Must be a valid secret key.
name
string
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
optional
boolean
Specify whether the Secret or its key must be defined
type
string
Defines the authentication type. The value is case-insensitive.
"Basic" is not a supported value.
Default: "Bearer"
basicAuth object
BasicAuth information to use on every scrape request, required when role is robot.
Role hcloud does not support basic auth.
password object
`password` specifies a key of a Secret containing the password for
authentication.
key
string required
The key of the secret to select from. Must be a valid secret key.
name
string
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
optional
boolean
Specify whether the Secret or its key must be defined
username object
`username` specifies a key of a Secret containing the username for
authentication.
key
string required
The key of the secret to select from. Must be a valid secret key.
name
string
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
optional
boolean
Specify whether the Secret or its key must be defined
enableHTTP2
boolean
Whether to enable HTTP2.
followRedirects
boolean
Configure whether HTTP requests follow HTTP 3xx redirects.
labelSelector
string
Label selector used to filter the servers when fetching them from the API.
It requires Prometheus >= v3.5.0.
minLength:
1
noProxy
string
`noProxy` is a comma-separated string that can contain IPs, CIDR notation, domain names
that should be excluded from proxying. IP and domain names can
contain port numbers.
It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0.
oauth2 object
Optional OAuth 2.0 configuration.
Cannot be used at the same time as `basic_auth` or `authorization`.
clientId object required
`clientId` specifies a key of a Secret or ConfigMap containing the
OAuth2 client's ID.
configMap object
ConfigMap containing data to use for the targets.
key
string required
The key to select.
name
string
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
optional
boolean
Specify whether the ConfigMap or its key must be defined
secret object
Secret containing data to use for the targets.
key
string required
The key of the secret to select from. Must be a valid secret key.
name
string
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
optional
boolean
Specify whether the Secret or its key must be defined
clientSecret object required
`clientSecret` specifies a key of a Secret containing the OAuth2
client's secret.
key
string required
The key of the secret to select from. Must be a valid secret key.
name
string
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
optional
boolean
Specify whether the Secret or its key must be defined
endpointParams
object
`endpointParams` configures the HTTP parameters to append to the token
URL.
noProxy
string
`noProxy` is a comma-separated string that can contain IPs, CIDR notation, domain names
that should be excluded from proxying. IP and domain names can
contain port numbers.
It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0.
proxyConnectHeader
object
ProxyConnectHeader optionally specifies headers to send to
proxies during CONNECT requests.
It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0.
proxyFromEnvironment
boolean
Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY).
It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0.
proxyUrl
string
`proxyURL` defines the HTTP proxy server to use.
pattern:
^(http|https|socks5)://.+$
scopes
[]string
`scopes` defines the OAuth2 scopes used for the token request.
tlsConfig object
TLS configuration to use when connecting to the OAuth2 server.
It requires Prometheus >= v2.43.0.
ca object
Certificate authority used when verifying server certificates.
configMap object
ConfigMap containing data to use for the targets.
key
string required
The key to select.
name
string
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
optional
boolean
Specify whether the ConfigMap or its key must be defined
secret object
Secret containing data to use for the targets.
key
string required
The key of the secret to select from. Must be a valid secret key.
name
string
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
optional
boolean
Specify whether the Secret or its key must be defined
cert object
Client certificate to present when doing client-authentication.
configMap object
ConfigMap containing data to use for the targets.
key
string required
The key to select.
name
string
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
optional
boolean
Specify whether the ConfigMap or its key must be defined
secret object
Secret containing data to use for the targets.
key
string required
The key of the secret to select from. Must be a valid secret key.
name
string
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
optional
boolean
Specify whether the Secret or its key must be defined
insecureSkipVerify
boolean
Disable target certificate validation.
keySecret object
Secret containing the client key file for the targets.
key
string required
The key of the secret to select from. Must be a valid secret key.
name
string
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
optional
boolean
Specify whether the Secret or its key must be defined
maxVersion
string
Maximum acceptable TLS version.
It requires Prometheus >= v2.41.0 or Thanos >= v0.31.0.
enum:
TLS10, TLS11, TLS12, TLS13
minVersion
string
Minimum acceptable TLS version.
It requires Prometheus >= v2.35.0 or Thanos >= v0.28.0.
enum:
TLS10, TLS11, TLS12, TLS13
serverName
string
Used to verify the hostname for the targets.
tokenUrl
string required
`tokenURL` configures the URL to fetch the token from.
minLength:
1
port
integer
The port to scrape metrics from.
proxyConnectHeader
object
ProxyConnectHeader optionally specifies headers to send to
proxies during CONNECT requests.
It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0.
proxyFromEnvironment
boolean
Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY).
It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0.
proxyUrl
string
`proxyURL` defines the HTTP proxy server to use.
pattern:
^(http|https|socks5)://.+$
refreshInterval
string
The time after which the servers are refreshed.
pattern:
^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$
role
string required
The Hetzner role of entities that should be discovered.
enum:
hcloud, Hcloud, robot, RobottlsConfig object
TLS configuration to use on every scrape request.
ca object
Certificate authority used when verifying server certificates.
configMap object
ConfigMap containing data to use for the targets.
key
string required
The key to select.
name
string
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
optional
boolean
Specify whether the ConfigMap or its key must be defined
secret object
Secret containing data to use for the targets.
key
string required
The key of the secret to select from. Must be a valid secret key.
name
string
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
optional
boolean
Specify whether the Secret or its key must be defined
cert object
Client certificate to present when doing client-authentication.
configMap object
ConfigMap containing data to use for the targets.
key
string required
The key to select.
name
string
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
optional
boolean
Specify whether the ConfigMap or its key must be defined
secret object
Secret containing data to use for the targets.
key
string required
The key of the secret to select from. Must be a valid secret key.
name
string
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
optional
boolean
Specify whether the Secret or its key must be defined
insecureSkipVerify
boolean
Disable target certificate validation.
keySecret object
Secret containing the client key file for the targets.
key
string required
The key of the secret to select from. Must be a valid secret key.
name
string
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
optional
boolean
Specify whether the Secret or its key must be defined
maxVersion
string
Maximum acceptable TLS version.
It requires Prometheus >= v2.41.0 or Thanos >= v0.31.0.
enum:
TLS10, TLS11, TLS12, TLS13
minVersion
string
Minimum acceptable TLS version.
It requires Prometheus >= v2.35.0 or Thanos >= v0.28.0.
enum:
TLS10, TLS11, TLS12, TLS13
serverName
string
Used to verify the hostname for the targets.
honorLabels
boolean
HonorLabels chooses the metric's labels on collisions with target labels.
honorTimestamps
boolean
HonorTimestamps controls whether Prometheus respects the timestamps present in scraped data.
httpSDConfigs []object
HTTPSDConfigs defines a list of HTTP service discovery configurations.
authorization object
Authorization header configuration to authenticate against the target HTTP endpoint.
Cannot be set at the same time as `oAuth2`, or `basicAuth`.
credentials object
Selects a key of a Secret in the namespace that contains the credentials for authentication.
key
string required
The key of the secret to select from. Must be a valid secret key.
name
string
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
optional
boolean
Specify whether the Secret or its key must be defined
type
string
Defines the authentication type. The value is case-insensitive.
"Basic" is not a supported value.
Default: "Bearer"
basicAuth object
BasicAuth information to authenticate against the target HTTP endpoint.
More info: https://prometheus.io/docs/operating/configuration/#endpoints
Cannot be set at the same time as `authorization`, or `oAuth2`.
password object
`password` specifies a key of a Secret containing the password for
authentication.
key
string required
The key of the secret to select from. Must be a valid secret key.
name
string
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
optional
boolean
Specify whether the Secret or its key must be defined
username object
`username` specifies a key of a Secret containing the username for
authentication.
key
string required
The key of the secret to select from. Must be a valid secret key.
name
string
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
optional
boolean
Specify whether the Secret or its key must be defined
enableHTTP2
boolean
Whether to enable HTTP2.
followRedirects
boolean
Configure whether HTTP requests follow HTTP 3xx redirects.
noProxy
string
`noProxy` is a comma-separated string that can contain IPs, CIDR notation, domain names
that should be excluded from proxying. IP and domain names can
contain port numbers.
It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0.
oauth2 object
Optional OAuth 2.0 configuration to authenticate against the target HTTP endpoint.
Cannot be set at the same time as `authorization`, or `basicAuth`.
clientId object required
`clientId` specifies a key of a Secret or ConfigMap containing the
OAuth2 client's ID.
configMap object
ConfigMap containing data to use for the targets.
key
string required
The key to select.
name
string
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
optional
boolean
Specify whether the ConfigMap or its key must be defined
secret object
Secret containing data to use for the targets.
key
string required
The key of the secret to select from. Must be a valid secret key.
name
string
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
optional
boolean
Specify whether the Secret or its key must be defined
clientSecret object required
`clientSecret` specifies a key of a Secret containing the OAuth2
client's secret.
key
string required
The key of the secret to select from. Must be a valid secret key.
name
string
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
optional
boolean
Specify whether the Secret or its key must be defined
endpointParams
object
`endpointParams` configures the HTTP parameters to append to the token
URL.
noProxy
string
`noProxy` is a comma-separated string that can contain IPs, CIDR notation, domain names
that should be excluded from proxying. IP and domain names can
contain port numbers.
It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0.
proxyConnectHeader
object
ProxyConnectHeader optionally specifies headers to send to
proxies during CONNECT requests.
It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0.
proxyFromEnvironment
boolean
Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY).
It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0.
proxyUrl
string
`proxyURL` defines the HTTP proxy server to use.
pattern:
^(http|https|socks5)://.+$
scopes
[]string
`scopes` defines the OAuth2 scopes used for the token request.
tlsConfig object
TLS configuration to use when connecting to the OAuth2 server.
It requires Prometheus >= v2.43.0.
ca object
Certificate authority used when verifying server certificates.
configMap object
ConfigMap containing data to use for the targets.
key
string required
The key to select.
name
string
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
optional
boolean
Specify whether the ConfigMap or its key must be defined
secret object
Secret containing data to use for the targets.
key
string required
The key of the secret to select from. Must be a valid secret key.
name
string
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
optional
boolean
Specify whether the Secret or its key must be defined
cert object
Client certificate to present when doing client-authentication.
configMap object
ConfigMap containing data to use for the targets.
key
string required
The key to select.
name
string
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
optional
boolean
Specify whether the ConfigMap or its key must be defined
secret object
Secret containing data to use for the targets.
key
string required
The key of the secret to select from. Must be a valid secret key.
name
string
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
optional
boolean
Specify whether the Secret or its key must be defined
insecureSkipVerify
boolean
Disable target certificate validation.
keySecret object
Secret containing the client key file for the targets.
key
string required
The key of the secret to select from. Must be a valid secret key.
name
string
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
optional
boolean
Specify whether the Secret or its key must be defined
maxVersion
string
Maximum acceptable TLS version.
It requires Prometheus >= v2.41.0 or Thanos >= v0.31.0.
enum:
TLS10, TLS11, TLS12, TLS13
minVersion
string
Minimum acceptable TLS version.
It requires Prometheus >= v2.35.0 or Thanos >= v0.28.0.
enum:
TLS10, TLS11, TLS12, TLS13
serverName
string
Used to verify the hostname for the targets.
tokenUrl
string required
`tokenURL` configures the URL to fetch the token from.
minLength:
1
proxyConnectHeader
object
ProxyConnectHeader optionally specifies headers to send to
proxies during CONNECT requests.
It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0.
proxyFromEnvironment
boolean
Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY).
It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0.
proxyUrl
string
`proxyURL` defines the HTTP proxy server to use.
pattern:
^(http|https|socks5)://.+$
refreshInterval
string
RefreshInterval configures the refresh interval at which Prometheus will re-query the
endpoint to update the target list.
pattern:
^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$tlsConfig object
TLS configuration applying to the target HTTP endpoint.
ca object
Certificate authority used when verifying server certificates.
configMap object
ConfigMap containing data to use for the targets.
key
string required
The key to select.
name
string
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
optional
boolean
Specify whether the ConfigMap or its key must be defined
secret object
Secret containing data to use for the targets.
key
string required
The key of the secret to select from. Must be a valid secret key.
name
string
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
optional
boolean
Specify whether the Secret or its key must be defined
cert object
Client certificate to present when doing client-authentication.
configMap object
ConfigMap containing data to use for the targets.
key
string required
The key to select.
name
string
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
optional
boolean
Specify whether the ConfigMap or its key must be defined
secret object
Secret containing data to use for the targets.
key
string required
The key of the secret to select from. Must be a valid secret key.
name
string
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
optional
boolean
Specify whether the Secret or its key must be defined
insecureSkipVerify
boolean
Disable target certificate validation.
keySecret object
Secret containing the client key file for the targets.
key
string required
The key of the secret to select from. Must be a valid secret key.
name
string
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
optional
boolean
Specify whether the Secret or its key must be defined
maxVersion
string
Maximum acceptable TLS version.
It requires Prometheus >= v2.41.0 or Thanos >= v0.31.0.
enum:
TLS10, TLS11, TLS12, TLS13
minVersion
string
Minimum acceptable TLS version.
It requires Prometheus >= v2.35.0 or Thanos >= v0.28.0.
enum:
TLS10, TLS11, TLS12, TLS13
serverName
string
Used to verify the hostname for the targets.
url
string required
URL from which the targets are fetched.
pattern:
^http(s)?://.+$minLength:
1ionosSDConfigs []object
IonosSDConfigs defines a list of IONOS service discovery configurations.
authorization object required
Authorization` header configuration, required when using IONOS.
credentials object
Selects a key of a Secret in the namespace that contains the credentials for authentication.
key
string required
The key of the secret to select from. Must be a valid secret key.
name
string
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
optional
boolean
Specify whether the Secret or its key must be defined
type
string
Defines the authentication type. The value is case-insensitive.
"Basic" is not a supported value.
Default: "Bearer"
datacenterID
string required
The unique ID of the IONOS data center.
minLength:
1
enableHTTP2
boolean
Configure whether to enable HTTP2.
followRedirects
boolean
Configure whether the HTTP requests should follow HTTP 3xx redirects.
noProxy
string
`noProxy` is a comma-separated string that can contain IPs, CIDR notation, domain names
that should be excluded from proxying. IP and domain names can
contain port numbers.
It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0.
oauth2 object
Configure whether to enable OAuth2.
clientId object required
`clientId` specifies a key of a Secret or ConfigMap containing the
OAuth2 client's ID.
configMap object
ConfigMap containing data to use for the targets.
key
string required
The key to select.
name
string
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
optional
boolean
Specify whether the ConfigMap or its key must be defined
secret object
Secret containing data to use for the targets.
key
string required
The key of the secret to select from. Must be a valid secret key.
name
string
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
optional
boolean
Specify whether the Secret or its key must be defined
clientSecret object required
`clientSecret` specifies a key of a Secret containing the OAuth2
client's secret.
key
string required
The key of the secret to select from. Must be a valid secret key.
name
string
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
optional
boolean
Specify whether the Secret or its key must be defined
endpointParams
object
`endpointParams` configures the HTTP parameters to append to the token
URL.
noProxy
string
`noProxy` is a comma-separated string that can contain IPs, CIDR notation, domain names
that should be excluded from proxying. IP and domain names can
contain port numbers.
It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0.
proxyConnectHeader
object
ProxyConnectHeader optionally specifies headers to send to
proxies during CONNECT requests.
It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0.
proxyFromEnvironment
boolean
Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY).
It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0.
proxyUrl
string
`proxyURL` defines the HTTP proxy server to use.
pattern:
^(http|https|socks5)://.+$
scopes
[]string
`scopes` defines the OAuth2 scopes used for the token request.
tlsConfig object
TLS configuration to use when connecting to the OAuth2 server.
It requires Prometheus >= v2.43.0.
ca object
Certificate authority used when verifying server certificates.
configMap object
ConfigMap containing data to use for the targets.
key
string required
The key to select.
name
string
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
optional
boolean
Specify whether the ConfigMap or its key must be defined
secret object
Secret containing data to use for the targets.
key
string required
The key of the secret to select from. Must be a valid secret key.
name
string
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
optional
boolean
Specify whether the Secret or its key must be defined
cert object
Client certificate to present when doing client-authentication.
configMap object
ConfigMap containing data to use for the targets.
key
string required
The key to select.
name
string
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
optional
boolean
Specify whether the ConfigMap or its key must be defined
secret object
Secret containing data to use for the targets.
key
string required
The key of the secret to select from. Must be a valid secret key.
name
string
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
optional
boolean
Specify whether the Secret or its key must be defined
insecureSkipVerify
boolean
Disable target certificate validation.
keySecret object
Secret containing the client key file for the targets.
key
string required
The key of the secret to select from. Must be a valid secret key.
name
string
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
optional
boolean
Specify whether the Secret or its key must be defined
maxVersion
string
Maximum acceptable TLS version.
It requires Prometheus >= v2.41.0 or Thanos >= v0.31.0.
enum:
TLS10, TLS11, TLS12, TLS13
minVersion
string
Minimum acceptable TLS version.
It requires Prometheus >= v2.35.0 or Thanos >= v0.28.0.
enum:
TLS10, TLS11, TLS12, TLS13
serverName
string
Used to verify the hostname for the targets.
tokenUrl
string required
`tokenURL` configures the URL to fetch the token from.
minLength:
1
port
integer
Port to scrape the metrics from.
format:
int32minimum:
0maximum:
65535
proxyConnectHeader
object
ProxyConnectHeader optionally specifies headers to send to
proxies during CONNECT requests.
It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0.
proxyFromEnvironment
boolean
Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY).
It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0.
proxyUrl
string
`proxyURL` defines the HTTP proxy server to use.
pattern:
^(http|https|socks5)://.+$
refreshInterval
string
Refresh interval to re-read the list of resources.
pattern:
^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$tlsConfig object
TLS configuration to use when connecting to the IONOS API.
ca object
Certificate authority used when verifying server certificates.
configMap object
ConfigMap containing data to use for the targets.
key
string required
The key to select.
name
string
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
optional
boolean
Specify whether the ConfigMap or its key must be defined
secret object
Secret containing data to use for the targets.
key
string required
The key of the secret to select from. Must be a valid secret key.
name
string
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
optional
boolean
Specify whether the Secret or its key must be defined
cert object
Client certificate to present when doing client-authentication.
configMap object
ConfigMap containing data to use for the targets.
key
string required
The key to select.
name
string
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
optional
boolean
Specify whether the ConfigMap or its key must be defined
secret object
Secret containing data to use for the targets.
key
string required
The key of the secret to select from. Must be a valid secret key.
name
string
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
optional
boolean
Specify whether the Secret or its key must be defined
insecureSkipVerify
boolean
Disable target certificate validation.
keySecret object
Secret containing the client key file for the targets.
key
string required
The key of the secret to select from. Must be a valid secret key.
name
string
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
optional
boolean
Specify whether the Secret or its key must be defined
maxVersion
string
Maximum acceptable TLS version.
It requires Prometheus >= v2.41.0 or Thanos >= v0.31.0.
enum:
TLS10, TLS11, TLS12, TLS13
minVersion
string
Minimum acceptable TLS version.
It requires Prometheus >= v2.35.0 or Thanos >= v0.28.0.
enum:
TLS10, TLS11, TLS12, TLS13
serverName
string
Used to verify the hostname for the targets.
jobName
string
The value of the `job` label assigned to the scraped metrics by default.
The `job_name` field in the rendered scrape configuration is always controlled by the
operator to prevent duplicate job names, which Prometheus does not allow. Instead the
`job` label is set by means of relabeling configs.
minLength:
1
keepDroppedTargets
integer
Per-scrape limit on the number of targets dropped by relabeling
that will be kept in memory. 0 means no limit.
It requires Prometheus >= v2.47.0.
format:
int64kubernetesSDConfigs []object
KubernetesSDConfigs defines a list of Kubernetes service discovery configurations.
apiServer
string
The API server address consisting of a hostname or IP address followed
by an optional port number.
If left empty, Prometheus is assumed to run inside
of the cluster. It will discover API servers automatically and use the pod's
CA certificate and bearer token file at /var/run/secrets/kubernetes.io/serviceaccount/.
minLength:
1attachMetadata object
Optional metadata to attach to discovered targets.
It requires Prometheus >= v2.35.0 when using the `Pod` role and
Prometheus >= v2.37.0 for `Endpoints` and `Endpointslice` roles.
node
boolean
Attaches node metadata to discovered targets.
When set to true, Prometheus must have the `get` permission on the
`Nodes` objects.
Only valid for Pod, Endpoint and Endpointslice roles.
authorization object
Authorization header to use on every scrape request.
Cannot be set at the same time as `basicAuth`, or `oauth2`.
credentials object
Selects a key of a Secret in the namespace that contains the credentials for authentication.
key
string required
The key of the secret to select from. Must be a valid secret key.
name
string
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
optional
boolean
Specify whether the Secret or its key must be defined
type
string
Defines the authentication type. The value is case-insensitive.
"Basic" is not a supported value.
Default: "Bearer"
basicAuth object
BasicAuth information to use on every scrape request.
Cannot be set at the same time as `authorization`, or `oauth2`.
password object
`password` specifies a key of a Secret containing the password for
authentication.
key
string required
The key of the secret to select from. Must be a valid secret key.
name
string
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
optional
boolean
Specify whether the Secret or its key must be defined
username object
`username` specifies a key of a Secret containing the username for
authentication.
key
string required
The key of the secret to select from. Must be a valid secret key.
name
string
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
optional
boolean
Specify whether the Secret or its key must be defined
enableHTTP2
boolean
Whether to enable HTTP2.
followRedirects
boolean
Configure whether HTTP requests follow HTTP 3xx redirects.
namespaces object
Optional namespace discovery. If omitted, Prometheus discovers targets across all namespaces.
names
[]string
List of namespaces where to watch for resources.
If empty and `ownNamespace` isn't true, Prometheus watches for resources in all namespaces.
ownNamespace
boolean
Includes the namespace in which the Prometheus pod runs to the list of watched namespaces.
noProxy
string
`noProxy` is a comma-separated string that can contain IPs, CIDR notation, domain names
that should be excluded from proxying. IP and domain names can
contain port numbers.
It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0.
oauth2 object
Optional OAuth 2.0 configuration.
Cannot be set at the same time as `authorization`, or `basicAuth`.
clientId object required
`clientId` specifies a key of a Secret or ConfigMap containing the
OAuth2 client's ID.
configMap object
ConfigMap containing data to use for the targets.
key
string required
The key to select.
name
string
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
optional
boolean
Specify whether the ConfigMap or its key must be defined
secret object
Secret containing data to use for the targets.
key
string required
The key of the secret to select from. Must be a valid secret key.
name
string
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
optional
boolean
Specify whether the Secret or its key must be defined
clientSecret object required
`clientSecret` specifies a key of a Secret containing the OAuth2
client's secret.
key
string required
The key of the secret to select from. Must be a valid secret key.
name
string
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
optional
boolean
Specify whether the Secret or its key must be defined
endpointParams
object
`endpointParams` configures the HTTP parameters to append to the token
URL.
noProxy
string
`noProxy` is a comma-separated string that can contain IPs, CIDR notation, domain names
that should be excluded from proxying. IP and domain names can
contain port numbers.
It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0.
proxyConnectHeader
object
ProxyConnectHeader optionally specifies headers to send to
proxies during CONNECT requests.
It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0.
proxyFromEnvironment
boolean
Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY).
It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0.
proxyUrl
string
`proxyURL` defines the HTTP proxy server to use.
pattern:
^(http|https|socks5)://.+$
scopes
[]string
`scopes` defines the OAuth2 scopes used for the token request.
tlsConfig object
TLS configuration to use when connecting to the OAuth2 server.
It requires Prometheus >= v2.43.0.
ca object
Certificate authority used when verifying server certificates.
configMap object
ConfigMap containing data to use for the targets.
key
string required
The key to select.
name
string
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
optional
boolean
Specify whether the ConfigMap or its key must be defined
secret object
Secret containing data to use for the targets.
key
string required
The key of the secret to select from. Must be a valid secret key.
name
string
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
optional
boolean
Specify whether the Secret or its key must be defined
cert object
Client certificate to present when doing client-authentication.
configMap object
ConfigMap containing data to use for the targets.
key
string required
The key to select.
name
string
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
optional
boolean
Specify whether the ConfigMap or its key must be defined
secret object
Secret containing data to use for the targets.
key
string required
The key of the secret to select from. Must be a valid secret key.
name
string
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
optional
boolean
Specify whether the Secret or its key must be defined
insecureSkipVerify
boolean
Disable target certificate validation.
keySecret object
Secret containing the client key file for the targets.
key
string required
The key of the secret to select from. Must be a valid secret key.
name
string
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
optional
boolean
Specify whether the Secret or its key must be defined
maxVersion
string
Maximum acceptable TLS version.
It requires Prometheus >= v2.41.0 or Thanos >= v0.31.0.
enum:
TLS10, TLS11, TLS12, TLS13
minVersion
string
Minimum acceptable TLS version.
It requires Prometheus >= v2.35.0 or Thanos >= v0.28.0.
enum:
TLS10, TLS11, TLS12, TLS13
serverName
string
Used to verify the hostname for the targets.
tokenUrl
string required
`tokenURL` configures the URL to fetch the token from.
minLength:
1
proxyConnectHeader
object
ProxyConnectHeader optionally specifies headers to send to
proxies during CONNECT requests.
It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0.
proxyFromEnvironment
boolean
Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY).
It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0.
proxyUrl
string
`proxyURL` defines the HTTP proxy server to use.
pattern:
^(http|https|socks5)://.+$
role
string required
Role of the Kubernetes entities that should be discovered.
Role `Endpointslice` requires Prometheus >= v2.21.0
enum:
Pod, Endpoints, Ingress, Service, Node, EndpointSliceselectors []object
Selector to select objects.
It requires Prometheus >= v2.17.0
field
string
An optional field selector to limit the service discovery to resources which have fields with specific values.
e.g: `metadata.name=foobar`
minLength:
1
label
string
An optional label selector to limit the service discovery to resources with specific labels and label values.
e.g: `node.kubernetes.io/instance-type=master`
minLength:
1
role
string required
Role specifies the type of Kubernetes resource to limit the service discovery to.
Accepted values are: Node, Pod, Endpoints, EndpointSlice, Service, Ingress.
enum:
Pod, Endpoints, Ingress, Service, Node, EndpointSlicetlsConfig object
TLS configuration to connect to the Kubernetes API.
ca object
Certificate authority used when verifying server certificates.
configMap object
ConfigMap containing data to use for the targets.
key
string required
The key to select.
name
string
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
optional
boolean
Specify whether the ConfigMap or its key must be defined
secret object
Secret containing data to use for the targets.
key
string required
The key of the secret to select from. Must be a valid secret key.
name
string
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
optional
boolean
Specify whether the Secret or its key must be defined
cert object
Client certificate to present when doing client-authentication.
configMap object
ConfigMap containing data to use for the targets.
key
string required
The key to select.
name
string
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
optional
boolean
Specify whether the ConfigMap or its key must be defined
secret object
Secret containing data to use for the targets.
key
string required
The key of the secret to select from. Must be a valid secret key.
name
string
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
optional
boolean
Specify whether the Secret or its key must be defined
insecureSkipVerify
boolean
Disable target certificate validation.
keySecret object
Secret containing the client key file for the targets.
key
string required
The key of the secret to select from. Must be a valid secret key.
name
string
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
optional
boolean
Specify whether the Secret or its key must be defined
maxVersion
string
Maximum acceptable TLS version.
It requires Prometheus >= v2.41.0 or Thanos >= v0.31.0.
enum:
TLS10, TLS11, TLS12, TLS13
minVersion
string
Minimum acceptable TLS version.
It requires Prometheus >= v2.35.0 or Thanos >= v0.28.0.
enum:
TLS10, TLS11, TLS12, TLS13
serverName
string
Used to verify the hostname for the targets.
kumaSDConfigs []object
KumaSDConfigs defines a list of Kuma service discovery configurations.
authorization object
Authorization header to use on every scrape request.
credentials object
Selects a key of a Secret in the namespace that contains the credentials for authentication.
key
string required
The key of the secret to select from. Must be a valid secret key.
name
string
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
optional
boolean
Specify whether the Secret or its key must be defined
type
string
Defines the authentication type. The value is case-insensitive.
"Basic" is not a supported value.
Default: "Bearer"
basicAuth object
BasicAuth information to use on every scrape request.
password object
`password` specifies a key of a Secret containing the password for
authentication.
key
string required
The key of the secret to select from. Must be a valid secret key.
name
string
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
optional
boolean
Specify whether the Secret or its key must be defined
username object
`username` specifies a key of a Secret containing the username for
authentication.
key
string required
The key of the secret to select from. Must be a valid secret key.
name
string
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
optional
boolean
Specify whether the Secret or its key must be defined
clientID
string
Client id is used by Kuma Control Plane to compute Monitoring Assignment for specific Prometheus backend.
enableHTTP2
boolean
Whether to enable HTTP2.
fetchTimeout
string
The time after which the monitoring assignments are refreshed.
pattern:
^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$
followRedirects
boolean
Configure whether HTTP requests follow HTTP 3xx redirects.
noProxy
string
`noProxy` is a comma-separated string that can contain IPs, CIDR notation, domain names
that should be excluded from proxying. IP and domain names can
contain port numbers.
It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0.
oauth2 object
Optional OAuth 2.0 configuration.
Cannot be set at the same time as `authorization`, or `basicAuth`.
clientId object required
`clientId` specifies a key of a Secret or ConfigMap containing the
OAuth2 client's ID.
configMap object
ConfigMap containing data to use for the targets.
key
string required
The key to select.
name
string
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
optional
boolean
Specify whether the ConfigMap or its key must be defined
secret object
Secret containing data to use for the targets.
key
string required
The key of the secret to select from. Must be a valid secret key.
name
string
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
optional
boolean
Specify whether the Secret or its key must be defined
clientSecret object required
`clientSecret` specifies a key of a Secret containing the OAuth2
client's secret.
key
string required
The key of the secret to select from. Must be a valid secret key.
name
string
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
optional
boolean
Specify whether the Secret or its key must be defined
endpointParams
object
`endpointParams` configures the HTTP parameters to append to the token
URL.
noProxy
string
`noProxy` is a comma-separated string that can contain IPs, CIDR notation, domain names
that should be excluded from proxying. IP and domain names can
contain port numbers.
It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0.
proxyConnectHeader
object
ProxyConnectHeader optionally specifies headers to send to
proxies during CONNECT requests.
It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0.
proxyFromEnvironment
boolean
Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY).
It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0.
proxyUrl
string
`proxyURL` defines the HTTP proxy server to use.
pattern:
^(http|https|socks5)://.+$
scopes
[]string
`scopes` defines the OAuth2 scopes used for the token request.
tlsConfig object
TLS configuration to use when connecting to the OAuth2 server.
It requires Prometheus >= v2.43.0.
ca object
Certificate authority used when verifying server certificates.
configMap object
ConfigMap containing data to use for the targets.
key
string required
The key to select.
name
string
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
optional
boolean
Specify whether the ConfigMap or its key must be defined
secret object
Secret containing data to use for the targets.
key
string required
The key of the secret to select from. Must be a valid secret key.
name
string
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
optional
boolean
Specify whether the Secret or its key must be defined
cert object
Client certificate to present when doing client-authentication.
configMap object
ConfigMap containing data to use for the targets.
key
string required
The key to select.
name
string
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
optional
boolean
Specify whether the ConfigMap or its key must be defined
secret object
Secret containing data to use for the targets.
key
string required
The key of the secret to select from. Must be a valid secret key.
name
string
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
optional
boolean
Specify whether the Secret or its key must be defined
insecureSkipVerify
boolean
Disable target certificate validation.
keySecret object
Secret containing the client key file for the targets.
key
string required
The key of the secret to select from. Must be a valid secret key.
name
string
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
optional
boolean
Specify whether the Secret or its key must be defined
maxVersion
string
Maximum acceptable TLS version.
It requires Prometheus >= v2.41.0 or Thanos >= v0.31.0.
enum:
TLS10, TLS11, TLS12, TLS13
minVersion
string
Minimum acceptable TLS version.
It requires Prometheus >= v2.35.0 or Thanos >= v0.28.0.
enum:
TLS10, TLS11, TLS12, TLS13
serverName
string
Used to verify the hostname for the targets.
tokenUrl
string required
`tokenURL` configures the URL to fetch the token from.
minLength:
1
proxyConnectHeader
object
ProxyConnectHeader optionally specifies headers to send to
proxies during CONNECT requests.
It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0.
proxyFromEnvironment
boolean
Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY).
It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0.
proxyUrl
string
`proxyURL` defines the HTTP proxy server to use.
pattern:
^(http|https|socks5)://.+$
refreshInterval
string
The time to wait between polling update requests.
pattern:
^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$
server
string required
Address of the Kuma Control Plane's MADS xDS server.
minLength:
1tlsConfig object
TLS configuration to use on every scrape request
ca object
Certificate authority used when verifying server certificates.
configMap object
ConfigMap containing data to use for the targets.
key
string required
The key to select.
name
string
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
optional
boolean
Specify whether the ConfigMap or its key must be defined
secret object
Secret containing data to use for the targets.
key
string required
The key of the secret to select from. Must be a valid secret key.
name
string
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
optional
boolean
Specify whether the Secret or its key must be defined
cert object
Client certificate to present when doing client-authentication.
configMap object
ConfigMap containing data to use for the targets.
key
string required
The key to select.
name
string
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
optional
boolean
Specify whether the ConfigMap or its key must be defined
secret object
Secret containing data to use for the targets.
key
string required
The key of the secret to select from. Must be a valid secret key.
name
string
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
optional
boolean
Specify whether the Secret or its key must be defined
insecureSkipVerify
boolean
Disable target certificate validation.
keySecret object
Secret containing the client key file for the targets.
key
string required
The key of the secret to select from. Must be a valid secret key.
name
string
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
optional
boolean
Specify whether the Secret or its key must be defined
maxVersion
string
Maximum acceptable TLS version.
It requires Prometheus >= v2.41.0 or Thanos >= v0.31.0.
enum:
TLS10, TLS11, TLS12, TLS13
minVersion
string
Minimum acceptable TLS version.
It requires Prometheus >= v2.35.0 or Thanos >= v0.28.0.
enum:
TLS10, TLS11, TLS12, TLS13
serverName
string
Used to verify the hostname for the targets.
labelLimit
integer
Per-scrape limit on number of labels that will be accepted for a sample.
Only valid in Prometheus versions 2.27.0 and newer.
format:
int64
labelNameLengthLimit
integer
Per-scrape limit on length of labels name that will be accepted for a sample.
Only valid in Prometheus versions 2.27.0 and newer.
format:
int64
labelValueLengthLimit
integer
Per-scrape limit on length of labels value that will be accepted for a sample.
Only valid in Prometheus versions 2.27.0 and newer.
format:
int64lightSailSDConfigs []object
LightsailSDConfigs defines a list of Lightsail service discovery configurations.
accessKey object
AccessKey is the AWS API key.
key
string required
The key of the secret to select from. Must be a valid secret key.
name
string
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
optional
boolean
Specify whether the Secret or its key must be defined
authorization object
Optional `authorization` HTTP header configuration.
Cannot be set at the same time as `basicAuth`, or `oauth2`.
credentials object
Selects a key of a Secret in the namespace that contains the credentials for authentication.
key
string required
The key of the secret to select from. Must be a valid secret key.
name
string
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
optional
boolean
Specify whether the Secret or its key must be defined
type
string
Defines the authentication type. The value is case-insensitive.
"Basic" is not a supported value.
Default: "Bearer"
basicAuth object
Optional HTTP basic authentication information.
Cannot be set at the same time as `authorization`, or `oauth2`.
password object
`password` specifies a key of a Secret containing the password for
authentication.
key
string required
The key of the secret to select from. Must be a valid secret key.
name
string
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
optional
boolean
Specify whether the Secret or its key must be defined
username object
`username` specifies a key of a Secret containing the username for
authentication.
key
string required
The key of the secret to select from. Must be a valid secret key.
name
string
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
optional
boolean
Specify whether the Secret or its key must be defined
enableHTTP2
boolean
Configure whether to enable HTTP2.
endpoint
string
Custom endpoint to be used.
minLength:
1
followRedirects
boolean
Configure whether the HTTP requests should follow HTTP 3xx redirects.
noProxy
string
`noProxy` is a comma-separated string that can contain IPs, CIDR notation, domain names
that should be excluded from proxying. IP and domain names can
contain port numbers.
It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0.
oauth2 object
Optional OAuth2.0 configuration.
Cannot be set at the same time as `basicAuth`, or `authorization`.
clientId object required
`clientId` specifies a key of a Secret or ConfigMap containing the
OAuth2 client's ID.
configMap object
ConfigMap containing data to use for the targets.
key
string required
The key to select.
name
string
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
optional
boolean
Specify whether the ConfigMap or its key must be defined
secret object
Secret containing data to use for the targets.
key
string required
The key of the secret to select from. Must be a valid secret key.
name
string
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
optional
boolean
Specify whether the Secret or its key must be defined
clientSecret object required
`clientSecret` specifies a key of a Secret containing the OAuth2
client's secret.
key
string required
The key of the secret to select from. Must be a valid secret key.
name
string
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
optional
boolean
Specify whether the Secret or its key must be defined
endpointParams
object
`endpointParams` configures the HTTP parameters to append to the token
URL.
noProxy
string
`noProxy` is a comma-separated string that can contain IPs, CIDR notation, domain names
that should be excluded from proxying. IP and domain names can
contain port numbers.
It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0.
proxyConnectHeader
object
ProxyConnectHeader optionally specifies headers to send to
proxies during CONNECT requests.
It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0.
proxyFromEnvironment
boolean
Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY).
It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0.
proxyUrl
string
`proxyURL` defines the HTTP proxy server to use.
pattern:
^(http|https|socks5)://.+$
scopes
[]string
`scopes` defines the OAuth2 scopes used for the token request.
tlsConfig object
TLS configuration to use when connecting to the OAuth2 server.
It requires Prometheus >= v2.43.0.
ca object
Certificate authority used when verifying server certificates.
configMap object
ConfigMap containing data to use for the targets.
key
string required
The key to select.
name
string
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
optional
boolean
Specify whether the ConfigMap or its key must be defined
secret object
Secret containing data to use for the targets.
key
string required
The key of the secret to select from. Must be a valid secret key.
name
string
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
optional
boolean
Specify whether the Secret or its key must be defined
cert object
Client certificate to present when doing client-authentication.
configMap object
ConfigMap containing data to use for the targets.
key
string required
The key to select.
name
string
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
optional
boolean
Specify whether the ConfigMap or its key must be defined
secret object
Secret containing data to use for the targets.
key
string required
The key of the secret to select from. Must be a valid secret key.
name
string
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
optional
boolean
Specify whether the Secret or its key must be defined
insecureSkipVerify
boolean
Disable target certificate validation.
keySecret object
Secret containing the client key file for the targets.
key
string required
The key of the secret to select from. Must be a valid secret key.
name
string
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
optional
boolean
Specify whether the Secret or its key must be defined
maxVersion
string
Maximum acceptable TLS version.
It requires Prometheus >= v2.41.0 or Thanos >= v0.31.0.
enum:
TLS10, TLS11, TLS12, TLS13
minVersion
string
Minimum acceptable TLS version.
It requires Prometheus >= v2.35.0 or Thanos >= v0.28.0.
enum:
TLS10, TLS11, TLS12, TLS13
serverName
string
Used to verify the hostname for the targets.
tokenUrl
string required
`tokenURL` configures the URL to fetch the token from.
minLength:
1
port
integer
Port to scrape the metrics from.
If using the public IP address, this must instead be specified in the relabeling rule.
format:
int32minimum:
0maximum:
65535
proxyConnectHeader
object
ProxyConnectHeader optionally specifies headers to send to
proxies during CONNECT requests.
It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0.
proxyFromEnvironment
boolean
Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY).
It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0.
proxyUrl
string
`proxyURL` defines the HTTP proxy server to use.
pattern:
^(http|https|socks5)://.+$
refreshInterval
string
Refresh interval to re-read the list of instances.
pattern:
^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$
region
string
The AWS region.
minLength:
1
roleARN
string
AWS Role ARN, an alternative to using AWS API keys.
secretKey object
SecretKey is the AWS API secret.
key
string required
The key of the secret to select from. Must be a valid secret key.
name
string
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
optional
boolean
Specify whether the Secret or its key must be defined
tlsConfig object
TLS configuration to connect to the Puppet DB.
ca object
Certificate authority used when verifying server certificates.
configMap object
ConfigMap containing data to use for the targets.
key
string required
The key to select.
name
string
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
optional
boolean
Specify whether the ConfigMap or its key must be defined
secret object
Secret containing data to use for the targets.
key
string required
The key of the secret to select from. Must be a valid secret key.
name
string
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
optional
boolean
Specify whether the Secret or its key must be defined
cert object
Client certificate to present when doing client-authentication.
configMap object
ConfigMap containing data to use for the targets.
key
string required
The key to select.
name
string
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
optional
boolean
Specify whether the ConfigMap or its key must be defined
secret object
Secret containing data to use for the targets.
key
string required
The key of the secret to select from. Must be a valid secret key.
name
string
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
optional
boolean
Specify whether the Secret or its key must be defined
insecureSkipVerify
boolean
Disable target certificate validation.
keySecret object
Secret containing the client key file for the targets.
key
string required
The key of the secret to select from. Must be a valid secret key.
name
string
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
optional
boolean
Specify whether the Secret or its key must be defined
maxVersion
string
Maximum acceptable TLS version.
It requires Prometheus >= v2.41.0 or Thanos >= v0.31.0.
enum:
TLS10, TLS11, TLS12, TLS13
minVersion
string
Minimum acceptable TLS version.
It requires Prometheus >= v2.35.0 or Thanos >= v0.28.0.
enum:
TLS10, TLS11, TLS12, TLS13
serverName
string
Used to verify the hostname for the targets.
linodeSDConfigs []object
LinodeSDConfigs defines a list of Linode service discovery configurations.
authorization object
Authorization header configuration.
credentials object
Selects a key of a Secret in the namespace that contains the credentials for authentication.
key
string required
The key of the secret to select from. Must be a valid secret key.
name
string
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
optional
boolean
Specify whether the Secret or its key must be defined
type
string
Defines the authentication type. The value is case-insensitive.
"Basic" is not a supported value.
Default: "Bearer"
enableHTTP2
boolean
Whether to enable HTTP2.
followRedirects
boolean
Configure whether HTTP requests follow HTTP 3xx redirects.
noProxy
string
`noProxy` is a comma-separated string that can contain IPs, CIDR notation, domain names
that should be excluded from proxying. IP and domain names can
contain port numbers.
It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0.
oauth2 object
Optional OAuth 2.0 configuration.
Cannot be used at the same time as `authorization`.
clientId object required
`clientId` specifies a key of a Secret or ConfigMap containing the
OAuth2 client's ID.
configMap object
ConfigMap containing data to use for the targets.
key
string required
The key to select.
name
string
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
optional
boolean
Specify whether the ConfigMap or its key must be defined
secret object
Secret containing data to use for the targets.
key
string required
The key of the secret to select from. Must be a valid secret key.
name
string
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
optional
boolean
Specify whether the Secret or its key must be defined
clientSecret object required
`clientSecret` specifies a key of a Secret containing the OAuth2
client's secret.
key
string required
The key of the secret to select from. Must be a valid secret key.
name
string
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
optional
boolean
Specify whether the Secret or its key must be defined
endpointParams
object
`endpointParams` configures the HTTP parameters to append to the token
URL.
noProxy
string
`noProxy` is a comma-separated string that can contain IPs, CIDR notation, domain names
that should be excluded from proxying. IP and domain names can
contain port numbers.
It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0.
proxyConnectHeader
object
ProxyConnectHeader optionally specifies headers to send to
proxies during CONNECT requests.
It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0.
proxyFromEnvironment
boolean
Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY).
It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0.
proxyUrl
string
`proxyURL` defines the HTTP proxy server to use.
pattern:
^(http|https|socks5)://.+$
scopes
[]string
`scopes` defines the OAuth2 scopes used for the token request.
tlsConfig object
TLS configuration to use when connecting to the OAuth2 server.
It requires Prometheus >= v2.43.0.
ca object
Certificate authority used when verifying server certificates.
configMap object
ConfigMap containing data to use for the targets.
key
string required
The key to select.
name
string
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
optional
boolean
Specify whether the ConfigMap or its key must be defined
secret object
Secret containing data to use for the targets.
key
string required
The key of the secret to select from. Must be a valid secret key.
name
string
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
optional
boolean
Specify whether the Secret or its key must be defined
cert object
Client certificate to present when doing client-authentication.
configMap object
ConfigMap containing data to use for the targets.
key
string required
The key to select.
name
string
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
optional
boolean
Specify whether the ConfigMap or its key must be defined
secret object
Secret containing data to use for the targets.
key
string required
The key of the secret to select from. Must be a valid secret key.
name
string
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
optional
boolean
Specify whether the Secret or its key must be defined
insecureSkipVerify
boolean
Disable target certificate validation.
keySecret object
Secret containing the client key file for the targets.
key
string required
The key of the secret to select from. Must be a valid secret key.
name
string
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
optional
boolean
Specify whether the Secret or its key must be defined
maxVersion
string
Maximum acceptable TLS version.
It requires Prometheus >= v2.41.0 or Thanos >= v0.31.0.
enum:
TLS10, TLS11, TLS12, TLS13
minVersion
string
Minimum acceptable TLS version.
It requires Prometheus >= v2.35.0 or Thanos >= v0.28.0.
enum:
TLS10, TLS11, TLS12, TLS13
serverName
string
Used to verify the hostname for the targets.
tokenUrl
string required
`tokenURL` configures the URL to fetch the token from.
minLength:
1
port
integer
Default port to scrape metrics from.
format:
int32minimum:
0maximum:
65535
proxyConnectHeader
object
ProxyConnectHeader optionally specifies headers to send to
proxies during CONNECT requests.
It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0.
proxyFromEnvironment
boolean
Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY).
It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0.
proxyUrl
string
`proxyURL` defines the HTTP proxy server to use.
pattern:
^(http|https|socks5)://.+$
refreshInterval
string
Time after which the linode instances are refreshed.
pattern:
^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$
region
string
Optional region to filter on.
minLength:
1
tagSeparator
string
The string by which Linode Instance tags are joined into the tag label.
minLength:
1tlsConfig object
TLS configuration applying to the target HTTP endpoint.
ca object
Certificate authority used when verifying server certificates.
configMap object
ConfigMap containing data to use for the targets.
key
string required
The key to select.
name
string
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
optional
boolean
Specify whether the ConfigMap or its key must be defined
secret object
Secret containing data to use for the targets.
key
string required
The key of the secret to select from. Must be a valid secret key.
name
string
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
optional
boolean
Specify whether the Secret or its key must be defined
cert object
Client certificate to present when doing client-authentication.
configMap object
ConfigMap containing data to use for the targets.
key
string required
The key to select.
name
string
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
optional
boolean
Specify whether the ConfigMap or its key must be defined
secret object
Secret containing data to use for the targets.
key
string required
The key of the secret to select from. Must be a valid secret key.
name
string
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
optional
boolean
Specify whether the Secret or its key must be defined
insecureSkipVerify
boolean
Disable target certificate validation.
keySecret object
Secret containing the client key file for the targets.
key
string required
The key of the secret to select from. Must be a valid secret key.
name
string
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
optional
boolean
Specify whether the Secret or its key must be defined
maxVersion
string
Maximum acceptable TLS version.
It requires Prometheus >= v2.41.0 or Thanos >= v0.31.0.
enum:
TLS10, TLS11, TLS12, TLS13
minVersion
string
Minimum acceptable TLS version.
It requires Prometheus >= v2.35.0 or Thanos >= v0.28.0.
enum:
TLS10, TLS11, TLS12, TLS13
serverName
string
Used to verify the hostname for the targets.
metricRelabelings []object
MetricRelabelConfigs to apply to samples before ingestion.
minItems:
1
action
string
Action to perform based on the regex matching.
`Uppercase` and `Lowercase` actions require Prometheus >= v2.36.0.
`DropEqual` and `KeepEqual` actions require Prometheus >= v2.41.0.
Default: "Replace"
enum:
enum: replace, Replace, keep, Keep, drop, Drop, hashmod, HashMod, labelmap, LabelMap, labeldrop, LabelDrop, labelkeep, LabelKe...
replace, Replace, keep, Keep, drop, Drop, hashmod, HashMod, labelmap, LabelMap, labeldrop, LabelDrop, labelkeep, LabelKeep, lowercase, Lowercase, uppercase, Uppercase, keepequal, KeepEqual, dropequal, DropEqual
modulus
integer
Modulus to take of the hash of the source label values.
Only applicable when the action is `HashMod`.
format:
int64
regex
string
Regular expression against which the extracted value is matched.
replacement
string
Replacement value against which a Replace action is performed if the
regular expression matches.
Regex capture groups are available.
separator
string
Separator is the string between concatenated SourceLabels.
sourceLabels
[]string
The source labels select values from existing labels. Their content is
concatenated using the configured Separator and matched against the
configured regular expression.
targetLabel
string
Label to which the resulting string is written in a replacement.
It is mandatory for `Replace`, `HashMod`, `Lowercase`, `Uppercase`,
`KeepEqual` and `DropEqual` actions.
Regex capture groups are available.
metricsPath
string
MetricsPath HTTP path to scrape for metrics. If empty, Prometheus uses the default value (e.g. /metrics).
minLength:
1
nameEscapingScheme
string
Metric name escaping mode to request through content negotiation.
It requires Prometheus >= v3.4.0.
enum:
AllowUTF8, Underscores, Dots, Values
nameValidationScheme
string
Specifies the validation scheme for metric and label names.
It requires Prometheus >= v3.0.0.
enum:
UTF8, Legacy
nativeHistogramBucketLimit
integer
If there are more than this many buckets in a native histogram,
buckets will be merged to stay within the limit.
It requires Prometheus >= v2.45.0.
format:
int64
nativeHistogramMinBucketFactor
string | integer
If the growth factor of one bucket to the next is smaller than this,
buckets will be merged to increase the factor sufficiently.
It requires Prometheus >= v2.50.0.
string pattern:
^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
noProxy
string
`noProxy` is a comma-separated string that can contain IPs, CIDR notation, domain names
that should be excluded from proxying. IP and domain names can
contain port numbers.
It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0.
nomadSDConfigs []object
NomadSDConfigs defines a list of Nomad service discovery configurations.
allowStale
boolean
The information to access the Nomad API. It is to be defined
as the Nomad documentation requires.
authorization object
Authorization header to use on every scrape request.
credentials object
Selects a key of a Secret in the namespace that contains the credentials for authentication.
key
string required
The key of the secret to select from. Must be a valid secret key.
name
string
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
optional
boolean
Specify whether the Secret or its key must be defined
type
string
Defines the authentication type. The value is case-insensitive.
"Basic" is not a supported value.
Default: "Bearer"
basicAuth object
BasicAuth information to use on every scrape request.
password object
`password` specifies a key of a Secret containing the password for
authentication.
key
string required
The key of the secret to select from. Must be a valid secret key.
name
string
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
optional
boolean
Specify whether the Secret or its key must be defined
username object
`username` specifies a key of a Secret containing the username for
authentication.
key
string required
The key of the secret to select from. Must be a valid secret key.
name
string
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
optional
boolean
Specify whether the Secret or its key must be defined
enableHTTP2
boolean
Whether to enable HTTP2.
followRedirects
boolean
Configure whether HTTP requests follow HTTP 3xx redirects.
namespace
string
noProxy
string
`noProxy` is a comma-separated string that can contain IPs, CIDR notation, domain names
that should be excluded from proxying. IP and domain names can
contain port numbers.
It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0.
oauth2 object
Optional OAuth 2.0 configuration.
Cannot be set at the same time as `authorization` or `basic_auth`.
clientId object required
`clientId` specifies a key of a Secret or ConfigMap containing the
OAuth2 client's ID.
configMap object
ConfigMap containing data to use for the targets.
key
string required
The key to select.
name
string
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
optional
boolean
Specify whether the ConfigMap or its key must be defined
secret object
Secret containing data to use for the targets.
key
string required
The key of the secret to select from. Must be a valid secret key.
name
string
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
optional
boolean
Specify whether the Secret or its key must be defined
clientSecret object required
`clientSecret` specifies a key of a Secret containing the OAuth2
client's secret.
key
string required
The key of the secret to select from. Must be a valid secret key.
name
string
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
optional
boolean
Specify whether the Secret or its key must be defined
endpointParams
object
`endpointParams` configures the HTTP parameters to append to the token
URL.
noProxy
string
`noProxy` is a comma-separated string that can contain IPs, CIDR notation, domain names
that should be excluded from proxying. IP and domain names can
contain port numbers.
It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0.
proxyConnectHeader
object
ProxyConnectHeader optionally specifies headers to send to
proxies during CONNECT requests.
It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0.
proxyFromEnvironment
boolean
Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY).
It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0.
proxyUrl
string
`proxyURL` defines the HTTP proxy server to use.
pattern:
^(http|https|socks5)://.+$
scopes
[]string
`scopes` defines the OAuth2 scopes used for the token request.
tlsConfig object
TLS configuration to use when connecting to the OAuth2 server.
It requires Prometheus >= v2.43.0.
ca object
Certificate authority used when verifying server certificates.
configMap object
ConfigMap containing data to use for the targets.
key
string required
The key to select.
name
string
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
optional
boolean
Specify whether the ConfigMap or its key must be defined
secret object
Secret containing data to use for the targets.
key
string required
The key of the secret to select from. Must be a valid secret key.
name
string
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
optional
boolean
Specify whether the Secret or its key must be defined
cert object
Client certificate to present when doing client-authentication.
configMap object
ConfigMap containing data to use for the targets.
key
string required
The key to select.
name
string
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
optional
boolean
Specify whether the ConfigMap or its key must be defined
secret object
Secret containing data to use for the targets.
key
string required
The key of the secret to select from. Must be a valid secret key.
name
string
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
optional
boolean
Specify whether the Secret or its key must be defined
insecureSkipVerify
boolean
Disable target certificate validation.
keySecret object
Secret containing the client key file for the targets.
key
string required
The key of the secret to select from. Must be a valid secret key.
name
string
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
optional
boolean
Specify whether the Secret or its key must be defined
maxVersion
string
Maximum acceptable TLS version.
It requires Prometheus >= v2.41.0 or Thanos >= v0.31.0.
enum:
TLS10, TLS11, TLS12, TLS13
minVersion
string
Minimum acceptable TLS version.
It requires Prometheus >= v2.35.0 or Thanos >= v0.28.0.
enum:
TLS10, TLS11, TLS12, TLS13
serverName
string
Used to verify the hostname for the targets.
tokenUrl
string required
`tokenURL` configures the URL to fetch the token from.
minLength:
1
proxyConnectHeader
object
ProxyConnectHeader optionally specifies headers to send to
proxies during CONNECT requests.
It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0.
proxyFromEnvironment
boolean
Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY).
It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0.
proxyUrl
string
`proxyURL` defines the HTTP proxy server to use.
pattern:
^(http|https|socks5)://.+$
refreshInterval
string
Duration is a valid time duration that can be parsed by Prometheus model.ParseDuration() function.
Supported units: y, w, d, h, m, s, ms
Examples: `30s`, `1m`, `1h20m15s`, `15d`
pattern:
^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$
region
string
server
string required
minLength:
1
tagSeparator
string
tlsConfig object
TLS configuration applying to the target HTTP endpoint.
ca object
Certificate authority used when verifying server certificates.
configMap object
ConfigMap containing data to use for the targets.
key
string required
The key to select.
name
string
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
optional
boolean
Specify whether the ConfigMap or its key must be defined
secret object
Secret containing data to use for the targets.
key
string required
The key of the secret to select from. Must be a valid secret key.
name
string
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
optional
boolean
Specify whether the Secret or its key must be defined
cert object
Client certificate to present when doing client-authentication.
configMap object
ConfigMap containing data to use for the targets.
key
string required
The key to select.
name
string
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
optional
boolean
Specify whether the ConfigMap or its key must be defined
secret object
Secret containing data to use for the targets.
key
string required
The key of the secret to select from. Must be a valid secret key.
name
string
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
optional
boolean
Specify whether the Secret or its key must be defined
insecureSkipVerify
boolean
Disable target certificate validation.
keySecret object
Secret containing the client key file for the targets.
key
string required
The key of the secret to select from. Must be a valid secret key.
name
string
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
optional
boolean
Specify whether the Secret or its key must be defined
maxVersion
string
Maximum acceptable TLS version.
It requires Prometheus >= v2.41.0 or Thanos >= v0.31.0.
enum:
TLS10, TLS11, TLS12, TLS13
minVersion
string
Minimum acceptable TLS version.
It requires Prometheus >= v2.35.0 or Thanos >= v0.28.0.
enum:
TLS10, TLS11, TLS12, TLS13
serverName
string
Used to verify the hostname for the targets.
oauth2 object
OAuth2 configuration to use on every scrape request.
clientId object required
`clientId` specifies a key of a Secret or ConfigMap containing the
OAuth2 client's ID.
configMap object
ConfigMap containing data to use for the targets.
key
string required
The key to select.
name
string
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
optional
boolean
Specify whether the ConfigMap or its key must be defined
secret object
Secret containing data to use for the targets.
key
string required
The key of the secret to select from. Must be a valid secret key.
name
string
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
optional
boolean
Specify whether the Secret or its key must be defined
clientSecret object required
`clientSecret` specifies a key of a Secret containing the OAuth2
client's secret.
key
string required
The key of the secret to select from. Must be a valid secret key.
name
string
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
optional
boolean
Specify whether the Secret or its key must be defined
endpointParams
object
`endpointParams` configures the HTTP parameters to append to the token
URL.
noProxy
string
`noProxy` is a comma-separated string that can contain IPs, CIDR notation, domain names
that should be excluded from proxying. IP and domain names can
contain port numbers.
It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0.
proxyConnectHeader
object
ProxyConnectHeader optionally specifies headers to send to
proxies during CONNECT requests.
It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0.
proxyFromEnvironment
boolean
Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY).
It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0.
proxyUrl
string
`proxyURL` defines the HTTP proxy server to use.
pattern:
^(http|https|socks5)://.+$
scopes
[]string
`scopes` defines the OAuth2 scopes used for the token request.
tlsConfig object
TLS configuration to use when connecting to the OAuth2 server.
It requires Prometheus >= v2.43.0.
ca object
Certificate authority used when verifying server certificates.
configMap object
ConfigMap containing data to use for the targets.
key
string required
The key to select.
name
string
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
optional
boolean
Specify whether the ConfigMap or its key must be defined
secret object
Secret containing data to use for the targets.
key
string required
The key of the secret to select from. Must be a valid secret key.
name
string
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
optional
boolean
Specify whether the Secret or its key must be defined
cert object
Client certificate to present when doing client-authentication.
configMap object
ConfigMap containing data to use for the targets.
key
string required
The key to select.
name
string
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
optional
boolean
Specify whether the ConfigMap or its key must be defined
secret object
Secret containing data to use for the targets.
key
string required
The key of the secret to select from. Must be a valid secret key.
name
string
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
optional
boolean
Specify whether the Secret or its key must be defined
insecureSkipVerify
boolean
Disable target certificate validation.
keySecret object
Secret containing the client key file for the targets.
key
string required
The key of the secret to select from. Must be a valid secret key.
name
string
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
optional
boolean
Specify whether the Secret or its key must be defined
maxVersion
string
Maximum acceptable TLS version.
It requires Prometheus >= v2.41.0 or Thanos >= v0.31.0.
enum:
TLS10, TLS11, TLS12, TLS13
minVersion
string
Minimum acceptable TLS version.
It requires Prometheus >= v2.35.0 or Thanos >= v0.28.0.
enum:
TLS10, TLS11, TLS12, TLS13
serverName
string
Used to verify the hostname for the targets.
tokenUrl
string required
`tokenURL` configures the URL to fetch the token from.
minLength:
1openstackSDConfigs []object
OpenStackSDConfigs defines a list of OpenStack service discovery configurations.
allTenants
boolean
Whether the service discovery should list all instances for all projects.
It is only relevant for the 'instance' role and usually requires admin permissions.
applicationCredentialId
string
ApplicationCredentialID
applicationCredentialName
string
The ApplicationCredentialID or ApplicationCredentialName fields are
required if using an application credential to authenticate. Some providers
allow you to create an application credential to authenticate rather than a
password.
minLength:
1applicationCredentialSecret object
The applicationCredentialSecret field is required if using an application
credential to authenticate.
key
string required
The key of the secret to select from. Must be a valid secret key.
name
string
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
optional
boolean
Specify whether the Secret or its key must be defined
availability
string
Availability of the endpoint to connect to.
enum:
Public, public, Admin, admin, Internal, internal
domainID
string
DomainID
minLength:
1
domainName
string
At most one of domainId and domainName must be provided if using username
with Identity V3. Otherwise, either are optional.
minLength:
1
identityEndpoint
string
IdentityEndpoint specifies the HTTP endpoint that is required to work with
the Identity API of the appropriate version.
pattern:
^http(s)?:\/\/.+$password object
Password for the Identity V2 and V3 APIs. Consult with your provider's
control panel to discover your account's preferred method of authentication.
key
string required
The key of the secret to select from. Must be a valid secret key.
name
string
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
optional
boolean
Specify whether the Secret or its key must be defined
port
integer
The port to scrape metrics from. If using the public IP address, this must
instead be specified in the relabeling rule.
format:
int32minimum:
0maximum:
65535
projectID
string
ProjectID
minLength:
1
projectName
string
The ProjectId and ProjectName fields are optional for the Identity V2 API.
Some providers allow you to specify a ProjectName instead of the ProjectId.
Some require both. Your provider's authentication policies will determine
how these fields influence authentication.
minLength:
1
refreshInterval
string
Refresh interval to re-read the instance list.
pattern:
^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$
region
string required
The OpenStack Region.
minLength:
1
role
string required
The OpenStack role of entities that should be discovered.
Note: The `LoadBalancer` role requires Prometheus >= v3.2.0.
enum:
Instance, Hypervisor, LoadBalancertlsConfig object
TLS configuration applying to the target HTTP endpoint.
ca object
Certificate authority used when verifying server certificates.
configMap object
ConfigMap containing data to use for the targets.
key
string required
The key to select.
name
string
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
optional
boolean
Specify whether the ConfigMap or its key must be defined
secret object
Secret containing data to use for the targets.
key
string required
The key of the secret to select from. Must be a valid secret key.
name
string
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
optional
boolean
Specify whether the Secret or its key must be defined
cert object
Client certificate to present when doing client-authentication.
configMap object
ConfigMap containing data to use for the targets.
key
string required
The key to select.
name
string
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
optional
boolean
Specify whether the ConfigMap or its key must be defined
secret object
Secret containing data to use for the targets.
key
string required
The key of the secret to select from. Must be a valid secret key.
name
string
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
optional
boolean
Specify whether the Secret or its key must be defined
insecureSkipVerify
boolean
Disable target certificate validation.
keySecret object
Secret containing the client key file for the targets.
key
string required
The key of the secret to select from. Must be a valid secret key.
name
string
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
optional
boolean
Specify whether the Secret or its key must be defined
maxVersion
string
Maximum acceptable TLS version.
It requires Prometheus >= v2.41.0 or Thanos >= v0.31.0.
enum:
TLS10, TLS11, TLS12, TLS13
minVersion
string
Minimum acceptable TLS version.
It requires Prometheus >= v2.35.0 or Thanos >= v0.28.0.
enum:
TLS10, TLS11, TLS12, TLS13
serverName
string
Used to verify the hostname for the targets.
userid
string
UserID
minLength:
1
username
string
Username is required if using Identity V2 API. Consult with your provider's
control panel to discover your account's username.
In Identity V3, either userid or a combination of username
and domainId or domainName are needed
minLength:
1ovhcloudSDConfigs []object
OVHCloudSDConfigs defines a list of OVHcloud service discovery configurations.
applicationKey
string required
Access key to use. https://api.ovh.com.
minLength:
1applicationSecret object required
SecretKeySelector selects a key of a Secret.
key
string required
The key of the secret to select from. Must be a valid secret key.
name
string
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
optional
boolean
Specify whether the Secret or its key must be defined
consumerKey object required
SecretKeySelector selects a key of a Secret.
key
string required
The key of the secret to select from. Must be a valid secret key.
name
string
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
optional
boolean
Specify whether the Secret or its key must be defined
endpoint
string
Custom endpoint to be used.
minLength:
1
refreshInterval
string
Refresh interval to re-read the resources list.
pattern:
^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$
service
string required
Service of the targets to retrieve. Must be `VPS` or `DedicatedServer`.
params
object
Optional HTTP URL parameters
proxyConnectHeader
object
ProxyConnectHeader optionally specifies headers to send to
proxies during CONNECT requests.
It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0.
proxyFromEnvironment
boolean
Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY).
It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0.
proxyUrl
string
`proxyURL` defines the HTTP proxy server to use.
pattern:
^(http|https|socks5)://.+$puppetDBSDConfigs []object
PuppetDBSDConfigs defines a list of PuppetDB service discovery configurations.
authorization object
Optional `authorization` HTTP header configuration.
Cannot be set at the same time as `basicAuth`, or `oauth2`.
credentials object
Selects a key of a Secret in the namespace that contains the credentials for authentication.
key
string required
The key of the secret to select from. Must be a valid secret key.
name
string
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
optional
boolean
Specify whether the Secret or its key must be defined
type
string
Defines the authentication type. The value is case-insensitive.
"Basic" is not a supported value.
Default: "Bearer"
basicAuth object
Optional HTTP basic authentication information.
Cannot be set at the same time as `authorization`, or `oauth2`.
password object
`password` specifies a key of a Secret containing the password for
authentication.
key
string required
The key of the secret to select from. Must be a valid secret key.
name
string
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
optional
boolean
Specify whether the Secret or its key must be defined
username object
`username` specifies a key of a Secret containing the username for
authentication.
key
string required
The key of the secret to select from. Must be a valid secret key.
name
string
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
optional
boolean
Specify whether the Secret or its key must be defined
enableHTTP2
boolean
Configure whether to enable HTTP2.
followRedirects
boolean
Configure whether the HTTP requests should follow HTTP 3xx redirects.
includeParameters
boolean
Whether to include the parameters as meta labels.
Note: Enabling this exposes parameters in the Prometheus UI and API. Make sure
that you don't have secrets exposed as parameters if you enable this.
noProxy
string
`noProxy` is a comma-separated string that can contain IPs, CIDR notation, domain names
that should be excluded from proxying. IP and domain names can
contain port numbers.
It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0.
oauth2 object
Optional OAuth2.0 configuration.
Cannot be set at the same time as `basicAuth`, or `authorization`.
clientId object required
`clientId` specifies a key of a Secret or ConfigMap containing the
OAuth2 client's ID.
configMap object
ConfigMap containing data to use for the targets.
key
string required
The key to select.
name
string
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
optional
boolean
Specify whether the ConfigMap or its key must be defined
secret object
Secret containing data to use for the targets.
key
string required
The key of the secret to select from. Must be a valid secret key.
name
string
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
optional
boolean
Specify whether the Secret or its key must be defined
clientSecret object required
`clientSecret` specifies a key of a Secret containing the OAuth2
client's secret.
key
string required
The key of the secret to select from. Must be a valid secret key.
name
string
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
optional
boolean
Specify whether the Secret or its key must be defined
endpointParams
object
`endpointParams` configures the HTTP parameters to append to the token
URL.
noProxy
string
`noProxy` is a comma-separated string that can contain IPs, CIDR notation, domain names
that should be excluded from proxying. IP and domain names can
contain port numbers.
It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0.
proxyConnectHeader
object
ProxyConnectHeader optionally specifies headers to send to
proxies during CONNECT requests.
It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0.
proxyFromEnvironment
boolean
Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY).
It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0.
proxyUrl
string
`proxyURL` defines the HTTP proxy server to use.
pattern:
^(http|https|socks5)://.+$
scopes
[]string
`scopes` defines the OAuth2 scopes used for the token request.
tlsConfig object
TLS configuration to use when connecting to the OAuth2 server.
It requires Prometheus >= v2.43.0.
ca object
Certificate authority used when verifying server certificates.
configMap object
ConfigMap containing data to use for the targets.
key
string required
The key to select.
name
string
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
optional
boolean
Specify whether the ConfigMap or its key must be defined
secret object
Secret containing data to use for the targets.
key
string required
The key of the secret to select from. Must be a valid secret key.
name
string
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
optional
boolean
Specify whether the Secret or its key must be defined
cert object
Client certificate to present when doing client-authentication.
configMap object
ConfigMap containing data to use for the targets.
key
string required
The key to select.
name
string
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
optional
boolean
Specify whether the ConfigMap or its key must be defined
secret object
Secret containing data to use for the targets.
key
string required
The key of the secret to select from. Must be a valid secret key.
name
string
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
optional
boolean
Specify whether the Secret or its key must be defined
insecureSkipVerify
boolean
Disable target certificate validation.
keySecret object
Secret containing the client key file for the targets.
key
string required
The key of the secret to select from. Must be a valid secret key.
name
string
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
optional
boolean
Specify whether the Secret or its key must be defined
maxVersion
string
Maximum acceptable TLS version.
It requires Prometheus >= v2.41.0 or Thanos >= v0.31.0.
enum:
TLS10, TLS11, TLS12, TLS13
minVersion
string
Minimum acceptable TLS version.
It requires Prometheus >= v2.35.0 or Thanos >= v0.28.0.
enum:
TLS10, TLS11, TLS12, TLS13
serverName
string
Used to verify the hostname for the targets.
tokenUrl
string required
`tokenURL` configures the URL to fetch the token from.
minLength:
1
port
integer
Port to scrape the metrics from.
format:
int32minimum:
0maximum:
65535
proxyConnectHeader
object
ProxyConnectHeader optionally specifies headers to send to
proxies during CONNECT requests.
It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0.
proxyFromEnvironment
boolean
Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY).
It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0.
proxyUrl
string
`proxyURL` defines the HTTP proxy server to use.
pattern:
^(http|https|socks5)://.+$
query
string required
Puppet Query Language (PQL) query. Only resources are supported.
https://puppet.com/docs/puppetdb/latest/api/query/v4/pql.html
minLength:
1
refreshInterval
string
Refresh interval to re-read the list of resources.
pattern:
^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$tlsConfig object
TLS configuration to connect to the Puppet DB.
ca object
Certificate authority used when verifying server certificates.
configMap object
ConfigMap containing data to use for the targets.
key
string required
The key to select.
name
string
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
optional
boolean
Specify whether the ConfigMap or its key must be defined
secret object
Secret containing data to use for the targets.
key
string required
The key of the secret to select from. Must be a valid secret key.
name
string
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
optional
boolean
Specify whether the Secret or its key must be defined
cert object
Client certificate to present when doing client-authentication.
configMap object
ConfigMap containing data to use for the targets.
key
string required
The key to select.
name
string
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
optional
boolean
Specify whether the ConfigMap or its key must be defined
secret object
Secret containing data to use for the targets.
key
string required
The key of the secret to select from. Must be a valid secret key.
name
string
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
optional
boolean
Specify whether the Secret or its key must be defined
insecureSkipVerify
boolean
Disable target certificate validation.
keySecret object
Secret containing the client key file for the targets.
key
string required
The key of the secret to select from. Must be a valid secret key.
name
string
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
optional
boolean
Specify whether the Secret or its key must be defined
maxVersion
string
Maximum acceptable TLS version.
It requires Prometheus >= v2.41.0 or Thanos >= v0.31.0.
enum:
TLS10, TLS11, TLS12, TLS13
minVersion
string
Minimum acceptable TLS version.
It requires Prometheus >= v2.35.0 or Thanos >= v0.28.0.
enum:
TLS10, TLS11, TLS12, TLS13
serverName
string
Used to verify the hostname for the targets.
url
string required
The URL of the PuppetDB root query endpoint.
pattern:
^http(s)?://.+$minLength:
1relabelings []object
RelabelConfigs defines how to rewrite the target's labels before scraping.
Prometheus Operator automatically adds relabelings for a few standard Kubernetes fields.
The original scrape job's name is available via the `__tmp_prometheus_job_name` label.
More info: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#relabel_config
minItems:
1
action
string
Action to perform based on the regex matching.
`Uppercase` and `Lowercase` actions require Prometheus >= v2.36.0.
`DropEqual` and `KeepEqual` actions require Prometheus >= v2.41.0.
Default: "Replace"
enum:
enum: replace, Replace, keep, Keep, drop, Drop, hashmod, HashMod, labelmap, LabelMap, labeldrop, LabelDrop, labelkeep, LabelKe...
replace, Replace, keep, Keep, drop, Drop, hashmod, HashMod, labelmap, LabelMap, labeldrop, LabelDrop, labelkeep, LabelKeep, lowercase, Lowercase, uppercase, Uppercase, keepequal, KeepEqual, dropequal, DropEqual
modulus
integer
Modulus to take of the hash of the source label values.
Only applicable when the action is `HashMod`.
format:
int64
regex
string
Regular expression against which the extracted value is matched.
replacement
string
Replacement value against which a Replace action is performed if the
regular expression matches.
Regex capture groups are available.
separator
string
Separator is the string between concatenated SourceLabels.
sourceLabels
[]string
The source labels select values from existing labels. Their content is
concatenated using the configured Separator and matched against the
configured regular expression.
targetLabel
string
Label to which the resulting string is written in a replacement.
It is mandatory for `Replace`, `HashMod`, `Lowercase`, `Uppercase`,
`KeepEqual` and `DropEqual` actions.
Regex capture groups are available.
sampleLimit
integer
SampleLimit defines per-scrape limit on number of scraped samples that will be accepted.
format:
int64scalewaySDConfigs []object
ScalewaySDConfigs defines a list of Scaleway instances and baremetal service discovery configurations.
accessKey
string required
Access key to use. https://console.scaleway.com/project/credentials
minLength:
1
apiURL
string
API URL to use when doing the server listing requests.
pattern:
^http(s)?://.+$
enableHTTP2
boolean
Whether to enable HTTP2.
followRedirects
boolean
Configure whether HTTP requests follow HTTP 3xx redirects.
nameFilter
string
NameFilter specify a name filter (works as a LIKE) to apply on the server listing request.
minLength:
1
noProxy
string
`noProxy` is a comma-separated string that can contain IPs, CIDR notation, domain names
that should be excluded from proxying. IP and domain names can
contain port numbers.
It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0.
port
integer
The port to scrape metrics from.
format:
int32minimum:
0maximum:
65535
projectID
string required
Project ID of the targets.
minLength:
1
proxyConnectHeader
object
ProxyConnectHeader optionally specifies headers to send to
proxies during CONNECT requests.
It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0.
proxyFromEnvironment
boolean
Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY).
It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0.
proxyUrl
string
`proxyURL` defines the HTTP proxy server to use.
pattern:
^(http|https|socks5)://.+$
refreshInterval
string
Refresh interval to re-read the list of instances.
pattern:
^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$
role
string required
Service of the targets to retrieve. Must be `Instance` or `Baremetal`.
enum:
Instance, BaremetalsecretKey object required
Secret key to use when listing targets.
key
string required
The key of the secret to select from. Must be a valid secret key.
name
string
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
optional
boolean
Specify whether the Secret or its key must be defined
tagsFilter
[]string
TagsFilter specify a tag filter (a server needs to have all defined tags to be listed) to apply on the server listing request.
minItems:
1tlsConfig object
TLS configuration to use on every scrape request
ca object
Certificate authority used when verifying server certificates.
configMap object
ConfigMap containing data to use for the targets.
key
string required
The key to select.
name
string
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
optional
boolean
Specify whether the ConfigMap or its key must be defined
secret object
Secret containing data to use for the targets.
key
string required
The key of the secret to select from. Must be a valid secret key.
name
string
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
optional
boolean
Specify whether the Secret or its key must be defined
cert object
Client certificate to present when doing client-authentication.
configMap object
ConfigMap containing data to use for the targets.
key
string required
The key to select.
name
string
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
optional
boolean
Specify whether the ConfigMap or its key must be defined
secret object
Secret containing data to use for the targets.
key
string required
The key of the secret to select from. Must be a valid secret key.
name
string
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
optional
boolean
Specify whether the Secret or its key must be defined
insecureSkipVerify
boolean
Disable target certificate validation.
keySecret object
Secret containing the client key file for the targets.
key
string required
The key of the secret to select from. Must be a valid secret key.
name
string
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
optional
boolean
Specify whether the Secret or its key must be defined
maxVersion
string
Maximum acceptable TLS version.
It requires Prometheus >= v2.41.0 or Thanos >= v0.31.0.
enum:
TLS10, TLS11, TLS12, TLS13
minVersion
string
Minimum acceptable TLS version.
It requires Prometheus >= v2.35.0 or Thanos >= v0.28.0.
enum:
TLS10, TLS11, TLS12, TLS13
serverName
string
Used to verify the hostname for the targets.
zone
string
Zone is the availability zone of your targets (e.g. fr-par-1).
minLength:
1
scheme
string
Configures the protocol scheme used for requests.
If empty, Prometheus uses HTTP by default.
enum:
HTTP, HTTPS
scrapeClass
string
The scrape class to apply.
minLength:
1
scrapeClassicHistograms
boolean
Whether to scrape a classic histogram that is also exposed as a native histogram.
It requires Prometheus >= v2.45.0.
Notice: `scrapeClassicHistograms` corresponds to the `always_scrape_classic_histograms` field in the Prometheus configuration.
scrapeInterval
string
ScrapeInterval is the interval between consecutive scrapes.
pattern:
^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$
scrapeProtocols
[]string
The protocols to negotiate during a scrape. It tells clients the
protocols supported by Prometheus in order of preference (from most to least preferred).
If unset, Prometheus uses its default value.
It requires Prometheus >= v2.49.0.
minItems:
1
scrapeTimeout
string
ScrapeTimeout is the number of seconds to wait until a scrape request times out.
The value cannot be greater than the scrape interval otherwise the operator will reject the resource.
pattern:
^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$staticConfigs []object
StaticConfigs defines a list of static targets with a common label set.
labels
object
Labels assigned to all metrics scraped from the targets.
targets
[]string required
List of targets for this static configuration.
minItems:
1
targetLimit
integer
TargetLimit defines a limit on the number of scraped targets that will be accepted.
format:
int64tlsConfig object
TLS configuration to use on every scrape request
ca object
Certificate authority used when verifying server certificates.
configMap object
ConfigMap containing data to use for the targets.
key
string required
The key to select.
name
string
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
optional
boolean
Specify whether the ConfigMap or its key must be defined
secret object
Secret containing data to use for the targets.
key
string required
The key of the secret to select from. Must be a valid secret key.
name
string
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
optional
boolean
Specify whether the Secret or its key must be defined
cert object
Client certificate to present when doing client-authentication.
configMap object
ConfigMap containing data to use for the targets.
key
string required
The key to select.
name
string
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
optional
boolean
Specify whether the ConfigMap or its key must be defined
secret object
Secret containing data to use for the targets.
key
string required
The key of the secret to select from. Must be a valid secret key.
name
string
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
optional
boolean
Specify whether the Secret or its key must be defined
insecureSkipVerify
boolean
Disable target certificate validation.
keySecret object
Secret containing the client key file for the targets.
key
string required
The key of the secret to select from. Must be a valid secret key.
name
string
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
optional
boolean
Specify whether the Secret or its key must be defined
maxVersion
string
Maximum acceptable TLS version.
It requires Prometheus >= v2.41.0 or Thanos >= v0.31.0.
enum:
TLS10, TLS11, TLS12, TLS13
minVersion
string
Minimum acceptable TLS version.
It requires Prometheus >= v2.35.0 or Thanos >= v0.28.0.
enum:
TLS10, TLS11, TLS12, TLS13
serverName
string
Used to verify the hostname for the targets.
trackTimestampsStaleness
boolean
TrackTimestampsStaleness whether Prometheus tracks staleness of
the metrics that have an explicit timestamp present in scraped data.
Has no effect if `honorTimestamps` is false.
It requires Prometheus >= v2.48.0.
No matches. Try .spec.authorization for an exact path