mirror of
https://github.com/VictoriaMetrics/VictoriaMetrics.git
synced 2024-11-23 04:21:12 +01:00
Automatic update operator docs from VictoriaMetrics/operator@f8ca70f (#7444)
Some checks are pending
build / Build (push) Waiting to run
CodeQL Go / Analyze (push) Waiting to run
main / lint (push) Waiting to run
main / test (test-full) (push) Blocked by required conditions
main / test (test-full-386) (push) Blocked by required conditions
main / test (test-pure) (push) Blocked by required conditions
publish-docs / Build (push) Waiting to run
Some checks are pending
build / Build (push) Waiting to run
CodeQL Go / Analyze (push) Waiting to run
main / lint (push) Waiting to run
main / test (test-full) (push) Blocked by required conditions
main / test (test-full-386) (push) Blocked by required conditions
main / test (test-pure) (push) Blocked by required conditions
publish-docs / Build (push) Waiting to run
Automated changes by [create-pull-request](https://github.com/peter-evans/create-pull-request) GitHub action Signed-off-by: Github Actions <133988544+victoriametrics-bot@users.noreply.github.com> Co-authored-by: f41gh7 <18450869+f41gh7@users.noreply.github.com>
This commit is contained in:
parent
74a9c6f91c
commit
fa7adcaeaf
@ -11,6 +11,21 @@ aliases:
|
||||
- /operator/changelog/index.html
|
||||
---
|
||||
|
||||
## tip
|
||||
|
||||
## [v0.49.0](https://github.com/VictoriaMetrics/operator/releases/tag/v0.49.0) - 15 Oct 2024
|
||||
|
||||
- [operator](https://docs.victoriametrics.com/operator/): properly apply `useStrictSecurity: true` to the `initContainers` for `VMAuth`, `VMAgent` and `VMAlertmanager`. See [this issue](https://github.com/VictoriaMetrics/operator/issues/1134) for details.
|
||||
- [vmauth](https://docs.victoriametrics.com/operator/resources/vmauth): Moved `spec.configSecret` to `spec.externalConfig.secretRef.name` and added `spec.externalConfig.localPath` to be able to provide custom configs via sidecar.
|
||||
- [vmcluster](https://docs.victoriametrics.com/operator/resources/vmcluster): adds `requestsLoadBalancer` configuration to the `VMCluster.spec`. See [this issue](https://github.com/VictoriaMetrics/operator/issues/1130) for details.
|
||||
- [vmcluster](https://docs.victoriametrics.com/operator/resources/vmcluster): properly configure monitoring for `VMCluster` with enabled `backup`.
|
||||
- [vmalertmanager](https://docs.victoriametrics.com/operator/resources/vmalertmanager): properly trigger reload when `ConfigMap` provided via `.spec.configMap` are changed.
|
||||
- [operator](https://docs.victoriametrics.com/operator/): fixed operator reconcile on storage size change
|
||||
- [operator](https://docs.victoriametrics.com/operator/): fixed converting AlertmanagerConfig to VMAlertmanagerConfig
|
||||
- [vmoperator](https://docs.victoriametrics.com/operator/): bump default version of VictoriaMetrics components to [1.106.0](https://github.com/VictoriaMetrics/VictoriaMetrics/releases/tag/v1.106.6).
|
||||
|
||||
|
||||
|
||||
## [v0.48.4](https://github.com/VictoriaMetrics/operator/releases/tag/v0.48.4) - 15 Oct 2024
|
||||
|
||||
- [api](https://docs.victoriametrics.com/operator/api): adds new fields `maxDiskUsagePerUrl` and`forceVMProto` to the `VMagent` `remoteWriteSpec`
|
||||
@ -51,7 +66,7 @@ aliases:
|
||||
- [vmsingle/vlogs](https://docs.victoriametrics.com/operator/resources): makes better compatible with argo-cd by adding ownerReference to PersistentVolumeClaim. See this [issue](https://github.com/VictoriaMetrics/operator/issues/1091) for details.
|
||||
- [operator](https://docs.victoriametrics.com/operator/): reduces reconcile latency. See this [commit](2a9d09d0131cc10a0f9e32f0e2e054687ada78f7) for details.
|
||||
- [operator](https://docs.victoriametrics.com/operator/): reduces load on kubernetes api-server. See this commits: [commit-0](a0145b8a89dd5bb9051f8d4359b6a70c1d1a95ce), [commit-1](e2fbbd3e37146670f656d700ad0f64b2c299b0a0), [commit-2](184ba19a5f1d10dc2ac1bf018b2729f64e2a8c25).
|
||||
- [operator](https://docs.victoriametrics.com/operator/): enables client cache back for `secrets` and `configmaps`. Adds new flag `-controller.disableCacheFor=secret,configmap` to disable it if needed.
|
||||
- [operator](https://docs.victoriametrics.com/operator/): enables client cache back for `secrets` and `configmaps`. Adds new flag `-controller.disableCacheFor=seccret,configmap` to disable it if needed.
|
||||
- [operator](https://docs.victoriametrics.com/operator/): made webhook port configurable. See [this issue](https://github.com/VictoriaMetrics/operator/issues/1106) for details.
|
||||
- [operator](https://docs.victoriametrics.com/operator/): operator trims spaces from `Secret` and `Configmap` values by default. This behaviour could be changed with flag `disableSecretKeySpaceTrim`. Related [issue](https://github.com/VictoriaMetrics/VictoriaMetrics/issues/6986).
|
||||
- [operator](#https://docs.victoriametrics.com/operator/): expose again only command-line flags related to the operator. Release [v0.45.0](https://github.com/VictoriaMetrics/operator/releases/tag/v0.45.0) added regression with incorrectly exposed flags.
|
||||
@ -148,7 +163,7 @@ aliases:
|
||||
|
||||
- [operator](#https://docs.victoriametrics.com/operator/): expose only command-line flags related to the operator. Remove all transitive dependency flags. See this [issue](https://github.com/VictoriaMetrics/operator/issues/963) for details.
|
||||
- [vmalertmanager](https://docs.victoriametrics.com/operator/api#vmalertmanager): ignores content of `cr.spec.configSecret` if it's name clashes with secret used by operator for storing alertmanager config. See this [issue](https://github.com/VictoriaMetrics/operator/issues/954) for details.
|
||||
- [operator](https://docs.victoriametrics.com/operator/): remove finalizer for child objects with non-empty `DeletionTimestamp`. See this [issue](https://github.com/VictoriaMetrics/operator/issues/953) for details.
|
||||
- [operator](https://docs.victoriametrics.com/operator/): remove finalizer for child objects with non-empty `DeletetionTimestamp`. See this [issue](https://github.com/VictoriaMetrics/operator/issues/953) for details.
|
||||
- [operator](https://docs.victoriametrics.com/operator/): skip storageClass check if there is no PVC size change. See this [issue](https://github.com/VictoriaMetrics/operator/issues/957) for details.
|
||||
- [vmauth](https://docs.victoriametrics.com/operator/api#vmauth): fix url when default http port is changed in targetRef. See this [issue](https://github.com/VictoriaMetrics/operator/issues/960) for details.
|
||||
- [vmauth](https://docs.victoriametrics.com/operator/api#vmauth): fix deployment when custom reloader is used. See [this pull request](https://github.com/VictoriaMetrics/operator/pull/964).
|
||||
|
@ -78,6 +78,7 @@ _Appears in:_
|
||||
- [VMAgentSpec](#vmagentspec)
|
||||
- [VMAlertSpec](#vmalertspec)
|
||||
- [VMAlertmanagerSpec](#vmalertmanagerspec)
|
||||
- [VMAuthLoadBalancerSpec](#vmauthloadbalancerspec)
|
||||
- [VMAuthSpec](#vmauthspec)
|
||||
- [VMInsert](#vminsert)
|
||||
- [VMSelect](#vmselect)
|
||||
@ -352,6 +353,7 @@ _Appears in:_
|
||||
- [VMAgentSpec](#vmagentspec)
|
||||
- [VMAlertSpec](#vmalertspec)
|
||||
- [VMAlertmanagerSpec](#vmalertmanagerspec)
|
||||
- [VMAuthLoadBalancerSpec](#vmauthloadbalancerspec)
|
||||
- [VMAuthSpec](#vmauthspec)
|
||||
- [VMInsert](#vminsert)
|
||||
- [VMSelect](#vmselect)
|
||||
@ -426,6 +428,7 @@ _Appears in:_
|
||||
- [VMAgentSpec](#vmagentspec)
|
||||
- [VMAlertSpec](#vmalertspec)
|
||||
- [VMAlertmanagerSpec](#vmalertmanagerspec)
|
||||
- [VMAuthLoadBalancerSpec](#vmauthloadbalancerspec)
|
||||
- [VMAuthSpec](#vmauthspec)
|
||||
- [VMInsert](#vminsert)
|
||||
- [VMSelect](#vmselect)
|
||||
@ -651,7 +654,7 @@ _Appears in:_
|
||||
| --- | --- | --- | --- |
|
||||
| `auth_identity` | The identity to use for authentication. | _string_ | false |
|
||||
| `auth_password` | AuthPassword defines secret name and key at CRD namespace. | _[SecretKeySelector](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.30/#secretkeyselector-v1-core)_ | false |
|
||||
| `auth_secret` | AuthSecret defines secret name and key at CRD namespace.<br />It must contain the CRAM-MD5 secret. | _[SecretKeySelector](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.30/#secretkeyselector-v1-core)_ | false |
|
||||
| `auth_secret` | AuthSecret defines secrent name and key at CRD namespace.<br />It must contain the CRAM-MD5 secret. | _[SecretKeySelector](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.30/#secretkeyselector-v1-core)_ | false |
|
||||
| `auth_username` | The username to use for authentication. | _string_ | false |
|
||||
| `from` | The sender address.<br />fallback to global setting if empty | _string_ | false |
|
||||
| `headers` | Further headers email header key/value pairs. Overrides any headers<br />previously set by the notification implementation. | _object (keys:string, values:string)_ | true |
|
||||
@ -727,6 +730,7 @@ _Appears in:_
|
||||
- [VMAgentSpec](#vmagentspec)
|
||||
- [VMAlertSpec](#vmalertspec)
|
||||
- [VMAlertmanagerSpec](#vmalertmanagerspec)
|
||||
- [VMAuthLoadBalancerSpec](#vmauthloadbalancerspec)
|
||||
- [VMAuthSpec](#vmauthspec)
|
||||
- [VMInsert](#vminsert)
|
||||
- [VMSelect](#vmselect)
|
||||
@ -770,6 +774,7 @@ _Appears in:_
|
||||
- [VMAgentSpec](#vmagentspec)
|
||||
- [VMAlertSpec](#vmalertspec)
|
||||
- [VMAlertmanagerSpec](#vmalertmanagerspec)
|
||||
- [VMAuthLoadBalancerSpec](#vmauthloadbalancerspec)
|
||||
- [VMAuthSpec](#vmauthspec)
|
||||
- [VMInsert](#vminsert)
|
||||
- [VMSelect](#vmselect)
|
||||
@ -797,6 +802,7 @@ _Appears in:_
|
||||
- [VMAgentSpec](#vmagentspec)
|
||||
- [VMAlertSpec](#vmalertspec)
|
||||
- [VMAlertmanagerSpec](#vmalertmanagerspec)
|
||||
- [VMAuthLoadBalancerSpec](#vmauthloadbalancerspec)
|
||||
- [VMAuthSpec](#vmauthspec)
|
||||
- [VMInsert](#vminsert)
|
||||
- [VMSelect](#vmselect)
|
||||
@ -931,6 +937,23 @@ _Appears in:_
|
||||
| `vm_scrape_params` | VMScrapeParams defines VictoriaMetrics specific scrape parameters | _[VMScrapeParams](#vmscrapeparams)_ | false |
|
||||
|
||||
|
||||
#### ExternalConfig
|
||||
|
||||
|
||||
|
||||
ExternalConfig defines external source of configuration
|
||||
|
||||
|
||||
|
||||
_Appears in:_
|
||||
- [VMAuthSpec](#vmauthspec)
|
||||
|
||||
| Field | Description | Scheme | Required |
|
||||
| --- | --- | --- | --- |
|
||||
| `localPath` | LocalPath contains static path to a config, which is managed externally for cases<br />when using secrets is not applicable, e.g.: Vault sidecar. | _string_ | false |
|
||||
| `secretRef` | SecretRef defines selector for externally managed secret which contains configuration | _[SecretKeySelector](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.30/#secretkeyselector-v1-core)_ | false |
|
||||
|
||||
|
||||
#### FileSDConfig
|
||||
|
||||
|
||||
@ -1068,6 +1091,7 @@ _Appears in:_
|
||||
- [VMAgentSpec](#vmagentspec)
|
||||
- [VMAlertSpec](#vmalertspec)
|
||||
- [VMAlertmanagerSpec](#vmalertmanagerspec)
|
||||
- [VMAuthLoadBalancerSpec](#vmauthloadbalancerspec)
|
||||
- [VMAuthSpec](#vmauthspec)
|
||||
- [VMBackup](#vmbackup)
|
||||
- [VMInsert](#vminsert)
|
||||
@ -1744,6 +1768,7 @@ _Appears in:_
|
||||
- [VMAgentSpec](#vmagentspec)
|
||||
- [VMAlertSpec](#vmalertspec)
|
||||
- [VMAlertmanagerSpec](#vmalertmanagerspec)
|
||||
- [VMAuthLoadBalancerSpec](#vmauthloadbalancerspec)
|
||||
- [VMAuthSpec](#vmauthspec)
|
||||
- [VMInsert](#vminsert)
|
||||
- [VMSelect](#vmselect)
|
||||
@ -2091,7 +2116,7 @@ _Appears in:_
|
||||
|
||||
| Field | Description | Scheme | Required |
|
||||
| --- | --- | --- | --- |
|
||||
| `ca` | Struct containing the CA cert to use for the targets. | _[SecretOrConfigMap](#secretorconfigmap)_ | false |
|
||||
| `ca` | Stuct containing the CA cert to use for the targets. | _[SecretOrConfigMap](#secretorconfigmap)_ | false |
|
||||
| `caFile` | Path to the CA cert in the container to use for the targets. | _string_ | false |
|
||||
| `cert` | Struct containing the client cert file for the targets. | _[SecretOrConfigMap](#secretorconfigmap)_ | false |
|
||||
| `certFile` | Path to the client cert file in the container for the targets. | _string_ | false |
|
||||
@ -3003,6 +3028,82 @@ VMAuth is the Schema for the vmauths API
|
||||
| `spec` | | _[VMAuthSpec](#vmauthspec)_ | true |
|
||||
|
||||
|
||||
#### VMAuthLoadBalancer
|
||||
|
||||
|
||||
|
||||
VMAuthLoadBalancer configures vmauth as a load balancer
|
||||
for the requests
|
||||
|
||||
|
||||
|
||||
_Appears in:_
|
||||
- [VMClusterSpec](#vmclusterspec)
|
||||
|
||||
| Field | Description | Scheme | Required |
|
||||
| --- | --- | --- | --- |
|
||||
| `disableInsertBalancing` | | _boolean_ | true |
|
||||
| `disableSelectBalancing` | | _boolean_ | true |
|
||||
| `enabled` | | _boolean_ | true |
|
||||
| `spec` | | _[VMAuthLoadBalancerSpec](#vmauthloadbalancerspec)_ | true |
|
||||
|
||||
|
||||
#### VMAuthLoadBalancerSpec
|
||||
|
||||
|
||||
|
||||
VMAuthLoadBalancerSpec defines configuration spec for VMAuth used as load-balancer
|
||||
for VMCluster component
|
||||
|
||||
|
||||
|
||||
_Appears in:_
|
||||
- [VMAuthLoadBalancer](#vmauthloadbalancer)
|
||||
|
||||
| Field | Description | Scheme | Required |
|
||||
| --- | --- | --- | --- |
|
||||
| `affinity` | Affinity If specified, the pod's scheduling constraints. | _[Affinity](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.30/#affinity-v1-core)_ | false |
|
||||
| `configMaps` | ConfigMaps is a list of ConfigMaps in the same namespace as the Application<br />object, which shall be mounted into the Application container<br />at /etc/vm/configs/CONFIGMAP_NAME folder | _string array_ | false |
|
||||
| `containers` | Containers property allows to inject additions sidecars or to patch existing containers.<br />It can be useful for proxies, backup, etc. | _[Container](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.30/#container-v1-core) array_ | false |
|
||||
| `disableSelfServiceScrape` | DisableSelfServiceScrape controls creation of VMServiceScrape by operator<br />for the application.<br />Has priority over `VM_DISABLESELFSERVICESCRAPECREATION` operator env variable | _boolean_ | false |
|
||||
| `dnsConfig` | Specifies the DNS parameters of a pod.<br />Parameters specified here will be merged to the generated DNS<br />configuration based on DNSPolicy. | _[PodDNSConfig](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.30/#poddnsconfig-v1-core)_ | false |
|
||||
| `dnsPolicy` | DNSPolicy sets DNS policy for the pod | _[DNSPolicy](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.30/#dnspolicy-v1-core)_ | false |
|
||||
| `extraArgs` | ExtraArgs that will be passed to the application container<br />for example remoteWrite.tmpDataPath: /tmp | _object (keys:string, values:string)_ | false |
|
||||
| `extraEnvs` | ExtraEnvs that will be passed to the application container | _[EnvVar](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.30/#envvar-v1-core) array_ | false |
|
||||
| `hostAliases` | HostAliases provides mapping for ip and hostname,<br />that would be propagated to pod,<br />cannot be used with HostNetwork. | _[HostAlias](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.30/#hostalias-v1-core) array_ | false |
|
||||
| `hostNetwork` | HostNetwork controls whether the pod may use the node network namespace | _boolean_ | false |
|
||||
| `host_aliases` | HostAliasesUnderScore provides mapping for ip and hostname,<br />that would be propagated to pod,<br />cannot be used with HostNetwork.<br />Has Priority over hostAliases field | _[HostAlias](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.30/#hostalias-v1-core) array_ | false |
|
||||
| `image` | Image - docker image settings<br />if no specified operator uses default version from operator config | _[Image](#image)_ | false |
|
||||
| `imagePullSecrets` | ImagePullSecrets An optional list of references to secrets in the same namespace<br />to use for pulling images from registries<br />see https://kubernetes.io/docs/concepts/containers/images/#referring-to-an-imagepullsecrets-on-a-pod | _[LocalObjectReference](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.30/#localobjectreference-v1-core) array_ | false |
|
||||
| `initContainers` | InitContainers allows adding initContainers to the pod definition.<br />Any errors during the execution of an initContainer will lead to a restart of the Pod.<br />More info: https://kubernetes.io/docs/concepts/workloads/pods/init-containers/ | _[Container](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.30/#container-v1-core) array_ | false |
|
||||
| `logFormat` | LogFormat for vmauth<br />default or json | _string_ | false |
|
||||
| `logLevel` | LogLevel for vmauth container. | _string_ | false |
|
||||
| `minReadySeconds` | MinReadySeconds defines a minim number os seconds to wait before starting update next pod<br />if previous in healthy state<br />Has no effect for VLogs and VMSingle | _integer_ | false |
|
||||
| `nodeSelector` | NodeSelector Define which Nodes the Pods are scheduled on. | _object (keys:string, values:string)_ | false |
|
||||
| `paused` | Paused If set to true all actions on the underlying managed objects are not<br />going to be performed, except for delete actions. | _boolean_ | false |
|
||||
| `podDisruptionBudget` | PodDisruptionBudget created by operator | _[EmbeddedPodDisruptionBudgetSpec](#embeddedpoddisruptionbudgetspec)_ | false |
|
||||
| `podMetadata` | Common params for scheduling<br />PodMetadata configures Labels and Annotations which are propagated to the vmauth lb pods. | _[EmbeddedObjectMetadata](#embeddedobjectmetadata)_ | true |
|
||||
| `port` | Port listen address | _string_ | false |
|
||||
| `priorityClassName` | PriorityClassName class assigned to the Pods | _string_ | false |
|
||||
| `readinessGates` | ReadinessGates defines pod readiness gates | _[PodReadinessGate](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.30/#podreadinessgate-v1-core) array_ | true |
|
||||
| `replicaCount` | ReplicaCount is the expected size of the Application. | _integer_ | false |
|
||||
| `resources` | Resources container resource request and limits, https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/<br />if not defined default resources from operator config will be used | _[ResourceRequirements](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.30/#resourcerequirements-v1-core)_ | false |
|
||||
| `revisionHistoryLimitCount` | The number of old ReplicaSets to retain to allow rollback in deployment or<br />maximum number of revisions that will be maintained in the Deployment revision history.<br />Has no effect at StatefulSets<br />Defaults to 10. | _integer_ | false |
|
||||
| `runtimeClassName` | RuntimeClassName - defines runtime class for kubernetes pod.<br />https://kubernetes.io/docs/concepts/containers/runtime-class/ | _string_ | false |
|
||||
| `schedulerName` | SchedulerName - defines kubernetes scheduler name | _string_ | false |
|
||||
| `secrets` | Secrets is a list of Secrets in the same namespace as the Application<br />object, which shall be mounted into the Application container<br />at /etc/vm/secrets/SECRET_NAME folder | _string array_ | false |
|
||||
| `securityContext` | SecurityContext holds pod-level security attributes and common container settings.<br />This defaults to the default PodSecurityContext. | _[SecurityContext](#securitycontext)_ | false |
|
||||
| `serviceScrapeSpec` | ServiceScrapeSpec that will be added to vmauthlb VMServiceScrape spec | _[VMServiceScrapeSpec](#vmservicescrapespec)_ | false |
|
||||
| `serviceSpec` | AdditionalServiceSpec defines service override configuration for vmauth lb deployment<br />it'll be only applied to vmclusterlb- service | _[AdditionalServiceSpec](#additionalservicespec)_ | true |
|
||||
| `terminationGracePeriodSeconds` | TerminationGracePeriodSeconds period for container graceful termination | _integer_ | false |
|
||||
| `tolerations` | Tolerations If specified, the pod's tolerations. | _[Toleration](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.30/#toleration-v1-core) array_ | false |
|
||||
| `topologySpreadConstraints` | TopologySpreadConstraints embedded kubernetes pod configuration option,<br />controls how pods are spread across your cluster among failure-domains<br />such as regions, zones, nodes, and other user-defined topology domains<br />https://kubernetes.io/docs/concepts/workloads/pods/pod-topology-spread-constraints/ | _[TopologySpreadConstraint](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.30/#topologyspreadconstraint-v1-core) array_ | false |
|
||||
| `useDefaultResources` | UseDefaultResources controls resource settings<br />By default, operator sets built-in resource requirements | _boolean_ | false |
|
||||
| `useStrictSecurity` | UseStrictSecurity enables strict security mode for component<br />it restricts disk writes access<br />uses non-root user out of the box<br />drops not needed security permissions | _boolean_ | false |
|
||||
| `volumeMounts` | VolumeMounts allows configuration of additional VolumeMounts on the output Deployment/StatefulSet definition.<br />VolumeMounts specified will be appended to other VolumeMounts in the Application container | _[VolumeMount](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.30/#volumemount-v1-core) array_ | false |
|
||||
| `volumes` | Volumes allows configuration of additional volumes on the output Deployment/StatefulSet definition.<br />Volumes specified will be appended to other volumes that are generated.<br />/ +optional | _[Volume](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.30/#volume-v1-core) array_ | true |
|
||||
|
||||
|
||||
#### VMAuthSpec
|
||||
|
||||
|
||||
@ -3021,7 +3122,7 @@ _Appears in:_
|
||||
| `configReloaderExtraArgs` | ConfigReloaderExtraArgs that will be passed to VMAuths config-reloader container<br />for example resyncInterval: "30s" | _object (keys:string, values:string)_ | false |
|
||||
| `configReloaderImageTag` | ConfigReloaderImageTag defines image:tag for config-reloader container | _string_ | false |
|
||||
| `configReloaderResources` | ConfigReloaderResources config-reloader container resource request and limits, https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/<br />if not defined default resources from operator config will be used | _[ResourceRequirements](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.30/#resourcerequirements-v1-core)_ | false |
|
||||
| `configSecret` | ConfigSecret is the name of a Kubernetes Secret in the same namespace as the<br />VMAuth object, which contains auth configuration for vmauth,<br />configuration must be inside secret key: config.yaml.<br />It must be created and managed manually.<br />If it's defined, configuration for vmauth becomes unmanaged and operator'll not create any related secrets/config-reloaders | _string_ | false |
|
||||
| `configSecret` | ConfigSecret is the name of a Kubernetes Secret in the same namespace as the<br />VMAuth object, which contains auth configuration for vmauth,<br />configuration must be inside secret key: config.yaml.<br />It must be created and managed manually.<br />If it's defined, configuration for vmauth becomes unmanaged and operator'll not create any related secrets/config-reloaders<br />Deprecated, use externalConfig.secretRef instead | _string_ | true |
|
||||
| `containers` | Containers property allows to inject additions sidecars or to patch existing containers.<br />It can be useful for proxies, backup, etc. | _[Container](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.30/#container-v1-core) array_ | false |
|
||||
| `default_url` | DefaultURLs backend url for non-matching paths filter<br />usually used for default backend with error message | _string array_ | true |
|
||||
| `disableSelfServiceScrape` | DisableSelfServiceScrape controls creation of VMServiceScrape by operator<br />for the application.<br />Has priority over `VM_DISABLESELFSERVICESCRAPECREATION` operator env variable | _boolean_ | false |
|
||||
@ -3029,6 +3130,7 @@ _Appears in:_
|
||||
| `dnsConfig` | Specifies the DNS parameters of a pod.<br />Parameters specified here will be merged to the generated DNS<br />configuration based on DNSPolicy. | _[PodDNSConfig](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.30/#poddnsconfig-v1-core)_ | false |
|
||||
| `dnsPolicy` | DNSPolicy sets DNS policy for the pod | _[DNSPolicy](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.30/#dnspolicy-v1-core)_ | false |
|
||||
| `drop_src_path_prefix_parts` | DropSrcPathPrefixParts is the number of `/`-delimited request path prefix parts to drop before proxying the request to backend.<br />See [here](https://docs.victoriametrics.com/vmauth#dropping-request-path-prefix) for more details. | _integer_ | false |
|
||||
| `externalConfig` | ExternalConfig defines a source of external VMAuth configuration.<br />If it's defined, configuration for vmauth becomes unmanaged and operator'll not create any related secrets/config-reloaders | _[ExternalConfig](#externalconfig)_ | false |
|
||||
| `extraArgs` | ExtraArgs that will be passed to the application container<br />for example remoteWrite.tmpDataPath: /tmp | _object (keys:string, values:string)_ | false |
|
||||
| `extraEnvs` | ExtraEnvs that will be passed to the application container | _[EnvVar](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.30/#envvar-v1-core) array_ | false |
|
||||
| `headers` | Headers represent additional http headers, that vmauth uses<br />in form of ["header_key: header_value"]<br />multiple values for header key:<br />["header_key: value1,value2"]<br />it's available since 1.68.0 version of vmauth | _string array_ | false |
|
||||
@ -3157,6 +3259,7 @@ _Appears in:_
|
||||
| `license` | License allows to configure license key to be used for enterprise features.<br />Using license key is supported starting from VictoriaMetrics v1.94.0.<br />See [here](https://docs.victoriametrics.com/enterprise) | _[License](#license)_ | false |
|
||||
| `paused` | Paused If set to true all actions on the underlying managed objects are not<br />going to be performed, except for delete actions. | _boolean_ | false |
|
||||
| `replicationFactor` | ReplicationFactor defines how many copies of data make among<br />distinct storage nodes | _integer_ | false |
|
||||
| `requestsLoadBalancer` | RequestsLoadBalancer configures load-balancing for vminsert and vmselect requests<br />it helps to evenly spread load across pods<br />usually it's not possible with kubernetes TCP based service | _[VMAuthLoadBalancer](#vmauthloadbalancer)_ | true |
|
||||
| `retentionPeriod` | RetentionPeriod for the stored metrics<br />Note VictoriaMetrics has data/ and indexdb/ folders<br />metrics from data/ removed eventually as soon as partition leaves retention period<br />reverse index data at indexdb rotates once at the half of configured<br />[retention period](https://docs.victoriametrics.com/Single-server-VictoriaMetrics/#retention) | _string_ | true |
|
||||
| `serviceAccountName` | ServiceAccountName is the name of the ServiceAccount to use to run the<br />VMSelect, VMStorage and VMInsert Pods. | _string_ | false |
|
||||
| `useStrictSecurity` | UseStrictSecurity enables strict security mode for component<br />it restricts disk writes access<br />uses non-root user out of the box<br />drops not needed security permissions | _boolean_ | false |
|
||||
@ -3704,6 +3807,7 @@ _Appears in:_
|
||||
- [VMAgentSpec](#vmagentspec)
|
||||
- [VMAlertSpec](#vmalertspec)
|
||||
- [VMAlertmanagerSpec](#vmalertmanagerspec)
|
||||
- [VMAuthLoadBalancerSpec](#vmauthloadbalancerspec)
|
||||
- [VMAuthSpec](#vmauthspec)
|
||||
- [VMInsert](#vminsert)
|
||||
- [VMSelect](#vmselect)
|
||||
|
@ -344,7 +344,7 @@ spec:
|
||||
After enabling enterprise version you can use [Multitenancy](https://docs.victoriametrics.com/vmalert#multitenancy)
|
||||
feature in `VMAlert`.
|
||||
|
||||
For that you need to set `clusterMode` command-line flag
|
||||
For that you need to set `clusterMode` commad-line flag
|
||||
with [extraArgs](./#extra-arguments)
|
||||
and specify `tenant` field for groups
|
||||
in [VMRule](https://docs.victoriametrics.com/operator/resources/vmrule#enterprise-features):
|
||||
|
@ -43,6 +43,44 @@ see [Extra arguments section](./#extra-arguments).
|
||||
|
||||
Also, you can check out the [examples](#examples) section.
|
||||
|
||||
## Requests Load-Balancing
|
||||
|
||||
Operator provides enhanced load-balancing mechanism for `vminsert` and `vmselect` clients. By default, operator uses built-in Kubernetes [service]() with `clusterIP` type for clients connection. It's good solution for short lived connections. But it acts poorly with long-lived TCP sessions and leads to the uneven resources utilisation for `vmselect` and `vminsert` components.
|
||||
|
||||
Consider the following example:
|
||||
|
||||
![CR](vmcluster_default_balancer.webp)
|
||||
|
||||
In this case clients could establish multiple connections to the same `pod` via `service`. And client requests will be served only by subset of `pods`.
|
||||
|
||||
Operator allows to tweak this behaviour with enabled `requestsLoadbalacing`:
|
||||
|
||||
```yaml
|
||||
apiVersion: operator.victoriametrics.com/v1beta1
|
||||
kind: VMCluster
|
||||
metadata:
|
||||
name: with-balanacer
|
||||
spec:
|
||||
retentionPeriod: "4"
|
||||
replicationFactor: 1
|
||||
requestsLoadBalancer:
|
||||
enabled: true
|
||||
spec:
|
||||
replicaCount: 2
|
||||
```
|
||||
|
||||
Operator will deploy `VMAuth` deployment with 2 replicas. And update vminsert and vmselect services to point to `vmauth`.
|
||||
In addition, operator will create 3 additional services with the following pattern:
|
||||
|
||||
- vminsertinternal-CLUSTER_NAME - needed for vmselect pod discovery
|
||||
- vmselectinternal-CLUSTER_NAME - needed for vminsert pod discovery
|
||||
- vmclusterlb-CLUSTER_NAME - needed for metrics collection and exposing `vmselect` and `vminsert` components via `VMAuth` balancer.
|
||||
|
||||
Network scheme with load-balancing:
|
||||
![CR](vmcluster_with_balancer.webp)
|
||||
|
||||
Operator allows to customise load-balancing configuration with `requestsLoadBalancer.Spec` settings.
|
||||
|
||||
## High availability
|
||||
|
||||
The cluster version provides a full set of high availability features - metrics replication, node failover, horizontal scaling.
|
||||
|
BIN
docs/operator/resources/vmcluster_default_balancer.webp
Normal file
BIN
docs/operator/resources/vmcluster_default_balancer.webp
Normal file
Binary file not shown.
After Width: | Height: | Size: 24 KiB |
BIN
docs/operator/resources/vmcluster_with_balancer.webp
Normal file
BIN
docs/operator/resources/vmcluster_with_balancer.webp
Normal file
Binary file not shown.
After Width: | Height: | Size: 36 KiB |
@ -10,14 +10,14 @@ aliases:
|
||||
- /operator/vars/index.html
|
||||
---
|
||||
<!-- this doc autogenerated - don't edit it manually -->
|
||||
updated at Mon Oct 21 21:47:16 UTC 2024
|
||||
updated at Tue Nov 5 17:35:31 UTC 2024
|
||||
|
||||
|
||||
| variable name | variable default value | variable required | variable description |
|
||||
| --- | --- | --- | --- |
|
||||
| VM_USECUSTOMCONFIGRELOADER | false | false | enables custom config reloader for vmauth and vmagent, it should speed-up config reloading process. |
|
||||
| VM_CONTAINERREGISTRY | - | false | container registry name prefix, e.g. docker.io |
|
||||
| VM_CUSTOMCONFIGRELOADERIMAGE | victoriametrics/operator:config-reloader-v0.48.2 | false | - |
|
||||
| VM_CUSTOMCONFIGRELOADERIMAGE | victoriametrics/operator:config-reloader-v0.48.4 | false | - |
|
||||
| VM_PSPAUTOCREATEENABLED | false | false | - |
|
||||
| VM_VLOGSDEFAULT_IMAGE | victoriametrics/victoria-logs | false | - |
|
||||
| VM_VLOGSDEFAULT_VERSION | v0.32.0-victorialogs | false | - |
|
||||
@ -31,7 +31,7 @@ aliases:
|
||||
| VM_VLOGSDEFAULT_CONFIGRELOADERCPU | - | false | ignored |
|
||||
| VM_VLOGSDEFAULT_CONFIGRELOADERMEMORY | - | false | ignored |
|
||||
| VM_VMALERTDEFAULT_IMAGE | victoriametrics/vmalert | false | - |
|
||||
| VM_VMALERTDEFAULT_VERSION | v1.105.0 | false | - |
|
||||
| VM_VMALERTDEFAULT_VERSION | v1.106.0 | false | - |
|
||||
| VM_VMALERTDEFAULT_CONFIGRELOADIMAGE | jimmidyson/configmap-reload:v0.3.0 | false | - |
|
||||
| VM_VMALERTDEFAULT_PORT | 8080 | false | - |
|
||||
| VM_VMALERTDEFAULT_USEDEFAULTRESOURCES | true | false | - |
|
||||
@ -42,7 +42,7 @@ aliases:
|
||||
| VM_VMALERTDEFAULT_CONFIGRELOADERCPU | 100m | false | - |
|
||||
| VM_VMALERTDEFAULT_CONFIGRELOADERMEMORY | 25Mi | false | - |
|
||||
| VM_VMAGENTDEFAULT_IMAGE | victoriametrics/vmagent | false | - |
|
||||
| VM_VMAGENTDEFAULT_VERSION | v1.105.0 | false | - |
|
||||
| VM_VMAGENTDEFAULT_VERSION | v1.106.0 | false | - |
|
||||
| VM_VMAGENTDEFAULT_CONFIGRELOADIMAGE | quay.io/prometheus-operator/prometheus-config-reloader:v0.68.0 | false | - |
|
||||
| VM_VMAGENTDEFAULT_PORT | 8429 | false | - |
|
||||
| VM_VMAGENTDEFAULT_USEDEFAULTRESOURCES | true | false | - |
|
||||
@ -53,7 +53,7 @@ aliases:
|
||||
| VM_VMAGENTDEFAULT_CONFIGRELOADERCPU | 100m | false | - |
|
||||
| VM_VMAGENTDEFAULT_CONFIGRELOADERMEMORY | 25Mi | false | - |
|
||||
| VM_VMSINGLEDEFAULT_IMAGE | victoriametrics/victoria-metrics | false | - |
|
||||
| VM_VMSINGLEDEFAULT_VERSION | v1.105.0 | false | - |
|
||||
| VM_VMSINGLEDEFAULT_VERSION | v1.106.0 | false | - |
|
||||
| VM_VMSINGLEDEFAULT_CONFIGRELOADIMAGE | - | false | ignored |
|
||||
| VM_VMSINGLEDEFAULT_PORT | 8429 | false | - |
|
||||
| VM_VMSINGLEDEFAULT_USEDEFAULTRESOURCES | true | false | - |
|
||||
@ -65,14 +65,14 @@ aliases:
|
||||
| VM_VMSINGLEDEFAULT_CONFIGRELOADERMEMORY | - | false | ignored |
|
||||
| VM_VMCLUSTERDEFAULT_USEDEFAULTRESOURCES | true | false | - |
|
||||
| VM_VMCLUSTERDEFAULT_VMSELECTDEFAULT_IMAGE | victoriametrics/vmselect | false | - |
|
||||
| VM_VMCLUSTERDEFAULT_VMSELECTDEFAULT_VERSION | v1.105.0-cluster | false | - |
|
||||
| VM_VMCLUSTERDEFAULT_VMSELECTDEFAULT_VERSION | v1.106.0-cluster | false | - |
|
||||
| VM_VMCLUSTERDEFAULT_VMSELECTDEFAULT_PORT | 8481 | false | - |
|
||||
| VM_VMCLUSTERDEFAULT_VMSELECTDEFAULT_RESOURCE_LIMIT_MEM | 1000Mi | false | - |
|
||||
| VM_VMCLUSTERDEFAULT_VMSELECTDEFAULT_RESOURCE_LIMIT_CPU | 500m | false | - |
|
||||
| VM_VMCLUSTERDEFAULT_VMSELECTDEFAULT_RESOURCE_REQUEST_MEM | 500Mi | false | - |
|
||||
| VM_VMCLUSTERDEFAULT_VMSELECTDEFAULT_RESOURCE_REQUEST_CPU | 100m | false | - |
|
||||
| VM_VMCLUSTERDEFAULT_VMSTORAGEDEFAULT_IMAGE | victoriametrics/vmstorage | false | - |
|
||||
| VM_VMCLUSTERDEFAULT_VMSTORAGEDEFAULT_VERSION | v1.105.0-cluster | false | - |
|
||||
| VM_VMCLUSTERDEFAULT_VMSTORAGEDEFAULT_VERSION | v1.106.0-cluster | false | - |
|
||||
| VM_VMCLUSTERDEFAULT_VMSTORAGEDEFAULT_VMINSERTPORT | 8400 | false | - |
|
||||
| VM_VMCLUSTERDEFAULT_VMSTORAGEDEFAULT_VMSELECTPORT | 8401 | false | - |
|
||||
| VM_VMCLUSTERDEFAULT_VMSTORAGEDEFAULT_PORT | 8482 | false | - |
|
||||
@ -81,7 +81,7 @@ aliases:
|
||||
| VM_VMCLUSTERDEFAULT_VMSTORAGEDEFAULT_RESOURCE_REQUEST_MEM | 500Mi | false | - |
|
||||
| VM_VMCLUSTERDEFAULT_VMSTORAGEDEFAULT_RESOURCE_REQUEST_CPU | 250m | false | - |
|
||||
| VM_VMCLUSTERDEFAULT_VMINSERTDEFAULT_IMAGE | victoriametrics/vminsert | false | - |
|
||||
| VM_VMCLUSTERDEFAULT_VMINSERTDEFAULT_VERSION | v1.105.0-cluster | false | - |
|
||||
| VM_VMCLUSTERDEFAULT_VMINSERTDEFAULT_VERSION | v1.106.0-cluster | false | - |
|
||||
| VM_VMCLUSTERDEFAULT_VMINSERTDEFAULT_PORT | 8480 | false | - |
|
||||
| VM_VMCLUSTERDEFAULT_VMINSERTDEFAULT_RESOURCE_LIMIT_MEM | 500Mi | false | - |
|
||||
| VM_VMCLUSTERDEFAULT_VMINSERTDEFAULT_RESOURCE_LIMIT_CPU | 500m | false | - |
|
||||
@ -100,7 +100,7 @@ aliases:
|
||||
| VM_VMALERTMANAGER_RESOURCE_REQUEST_CPU | 30m | false | - |
|
||||
| VM_DISABLESELFSERVICESCRAPECREATION | false | false | - |
|
||||
| VM_VMBACKUP_IMAGE | victoriametrics/vmbackupmanager | false | - |
|
||||
| VM_VMBACKUP_VERSION | v1.105.0-enterprise | false | - |
|
||||
| VM_VMBACKUP_VERSION | v1.106.0-enterprise | false | - |
|
||||
| VM_VMBACKUP_PORT | 8300 | false | - |
|
||||
| VM_VMBACKUP_USEDEFAULTRESOURCES | true | false | - |
|
||||
| VM_VMBACKUP_RESOURCE_LIMIT_MEM | 500Mi | false | - |
|
||||
@ -108,7 +108,7 @@ aliases:
|
||||
| VM_VMBACKUP_RESOURCE_REQUEST_MEM | 200Mi | false | - |
|
||||
| VM_VMBACKUP_RESOURCE_REQUEST_CPU | 150m | false | - |
|
||||
| VM_VMAUTHDEFAULT_IMAGE | victoriametrics/vmauth | false | - |
|
||||
| VM_VMAUTHDEFAULT_VERSION | v1.105.0 | false | - |
|
||||
| VM_VMAUTHDEFAULT_VERSION | v1.106.0 | false | - |
|
||||
| VM_VMAUTHDEFAULT_CONFIGRELOADIMAGE | quay.io/prometheus-operator/prometheus-config-reloader:v0.68.0 | false | - |
|
||||
| VM_VMAUTHDEFAULT_PORT | 8427 | false | - |
|
||||
| VM_VMAUTHDEFAULT_USEDEFAULTRESOURCES | true | false | - |
|
||||
@ -131,9 +131,9 @@ aliases:
|
||||
| VM_FILTERPROMETHEUSCONVERTERLABELPREFIXES | - | false | allows filtering for converted labels, labels with matched prefix will be ignored |
|
||||
| VM_FILTERPROMETHEUSCONVERTERANNOTATIONPREFIXES | - | false | allows filtering for converted annotations, annotations with matched prefix will be ignored |
|
||||
| VM_CLUSTERDOMAINNAME | - | false | Defines domain name suffix for in-cluster addresses most known ClusterDomainName is .cluster.local |
|
||||
| VM_APPREADYTIMEOUT | 80s | false | Defines deadline for deployment/statefulset to transit into ready state to wait for transition to ready state |
|
||||
| VM_APPREADYTIMEOUT | 80s | false | Defines deadline for deploymnet/statefulset to transit into ready state to wait for transition to ready state |
|
||||
| VM_PODWAITREADYTIMEOUT | 80s | false | Defines single pod deadline to wait for transition to ready state |
|
||||
| VM_PODWAITREADYINTERVALCHECK | 5s | false | Defines poll interval for pods ready check at statefulset rollout update |
|
||||
| VM_FORCERESYNCINTERVAL | 60s | false | configures force resync interval for VMAgent, VMAlert, VMAlertmanager and VMAuth. |
|
||||
| VM_ENABLESTRICTSECURITY | false | false | EnableStrictSecurity will add default `securityContext` to pods and containers created by operator Default PodSecurityContext include: 1. RunAsNonRoot: true 2. RunAsUser/RunAsGroup/FSGroup: 65534 '65534' refers to 'nobody' in all the used default images like alpine, busybox. If you're using customize image, please make sure '65534' is a valid uid in there or specify SecurityContext. 3. FSGroupChangePolicy: &onRootMismatch If KubeVersion>=1.20, use `FSGroupChangePolicy="onRootMismatch"` to skip the recursive permission change when the root of the volume already has the correct permissions 4. SeccompProfile: type: RuntimeDefault Use `RuntimeDefault` seccomp profile by default, which is defined by the container runtime, instead of using the Unconfined (seccomp disabled) mode. Default container SecurityContext include: 1. AllowPrivilegeEscalation: false 2. ReadOnlyRootFilesystem: true 3. Capabilities: drop: - all turn off `EnableStrictSecurity` by default, see https://github.com/VictoriaMetrics/operator/issues/749 for details |
|
||||
[envconfig-sum]: f319004a92b62b1dad0c3e51323365dc
|
||||
[envconfig-sum]: 1633bf4709b7f1602ed6f44ebb3f2fa2
|
Loading…
Reference in New Issue
Block a user