├── .dockerignore
├── .github
├── CODEOWNERS
└── workflows
│ ├── close-pr.yaml
│ ├── crds.yaml
│ ├── docs.yaml
│ ├── main.yaml
│ ├── operatorhub.yaml
│ ├── release.yaml
│ └── sandbox.yaml
├── .gitignore
├── .golangci.yml
├── .trivyignore
├── CONTRIBUTING.md
├── Dockerfile
├── LICENSE
├── Makefile
├── PROJECT
├── README.md
├── api
├── client
│ ├── informers
│ │ └── externalversions
│ │ │ ├── factory.go
│ │ │ ├── generic.go
│ │ │ ├── internalinterfaces
│ │ │ └── factory_interfaces.go
│ │ │ └── operator
│ │ │ ├── interface.go
│ │ │ ├── v1
│ │ │ ├── interface.go
│ │ │ ├── vlcluster.go
│ │ │ └── vlsingle.go
│ │ │ └── v1beta1
│ │ │ ├── interface.go
│ │ │ ├── vlogs.go
│ │ │ ├── vmagent.go
│ │ │ ├── vmalert.go
│ │ │ ├── vmalertmanager.go
│ │ │ ├── vmalertmanagerconfig.go
│ │ │ ├── vmauth.go
│ │ │ ├── vmcluster.go
│ │ │ ├── vmnodescrape.go
│ │ │ ├── vmpodscrape.go
│ │ │ ├── vmprobe.go
│ │ │ ├── vmrule.go
│ │ │ ├── vmscrapeconfig.go
│ │ │ ├── vmservicescrape.go
│ │ │ ├── vmsingle.go
│ │ │ ├── vmstaticscrape.go
│ │ │ └── vmuser.go
│ ├── listers
│ │ └── operator
│ │ │ ├── v1
│ │ │ ├── expansion_generated.go
│ │ │ ├── vlcluster.go
│ │ │ └── vlsingle.go
│ │ │ └── v1beta1
│ │ │ ├── expansion_generated.go
│ │ │ ├── vlogs.go
│ │ │ ├── vmagent.go
│ │ │ ├── vmalert.go
│ │ │ ├── vmalertmanager.go
│ │ │ ├── vmalertmanagerconfig.go
│ │ │ ├── vmauth.go
│ │ │ ├── vmcluster.go
│ │ │ ├── vmnodescrape.go
│ │ │ ├── vmpodscrape.go
│ │ │ ├── vmprobe.go
│ │ │ ├── vmrule.go
│ │ │ ├── vmscrapeconfig.go
│ │ │ ├── vmservicescrape.go
│ │ │ ├── vmsingle.go
│ │ │ ├── vmstaticscrape.go
│ │ │ └── vmuser.go
│ └── versioned
│ │ ├── clientset.go
│ │ ├── fake
│ │ ├── clientset_generated.go
│ │ ├── doc.go
│ │ └── register.go
│ │ ├── scheme
│ │ ├── doc.go
│ │ └── register.go
│ │ └── typed
│ │ └── operator
│ │ ├── v1
│ │ ├── doc.go
│ │ ├── fake
│ │ │ ├── doc.go
│ │ │ ├── fake_operator_client.go
│ │ │ ├── fake_vlcluster.go
│ │ │ └── fake_vlsingle.go
│ │ ├── generated_expansion.go
│ │ ├── operator_client.go
│ │ ├── vlcluster.go
│ │ └── vlsingle.go
│ │ └── v1beta1
│ │ ├── doc.go
│ │ ├── fake
│ │ ├── doc.go
│ │ ├── fake_operator_client.go
│ │ ├── fake_vlogs.go
│ │ ├── fake_vmagent.go
│ │ ├── fake_vmalert.go
│ │ ├── fake_vmalertmanager.go
│ │ ├── fake_vmalertmanagerconfig.go
│ │ ├── fake_vmauth.go
│ │ ├── fake_vmcluster.go
│ │ ├── fake_vmnodescrape.go
│ │ ├── fake_vmpodscrape.go
│ │ ├── fake_vmprobe.go
│ │ ├── fake_vmrule.go
│ │ ├── fake_vmscrapeconfig.go
│ │ ├── fake_vmservicescrape.go
│ │ ├── fake_vmsingle.go
│ │ ├── fake_vmstaticscrape.go
│ │ └── fake_vmuser.go
│ │ ├── generated_expansion.go
│ │ ├── operator_client.go
│ │ ├── vlogs.go
│ │ ├── vmagent.go
│ │ ├── vmalert.go
│ │ ├── vmalertmanager.go
│ │ ├── vmalertmanagerconfig.go
│ │ ├── vmauth.go
│ │ ├── vmcluster.go
│ │ ├── vmnodescrape.go
│ │ ├── vmpodscrape.go
│ │ ├── vmprobe.go
│ │ ├── vmrule.go
│ │ ├── vmscrapeconfig.go
│ │ ├── vmservicescrape.go
│ │ ├── vmsingle.go
│ │ ├── vmstaticscrape.go
│ │ └── vmuser.go
├── go.mod
├── go.sum
└── operator
│ ├── v1
│ ├── common.go
│ ├── groupversion_info.go
│ ├── vlcluster_types.go
│ ├── vlsingle_types.go
│ └── zz_generated.deepcopy.go
│ └── v1beta1
│ ├── common_scrapeparams.go
│ ├── groupversion_info.go
│ ├── owner.go
│ ├── v1beta1_test.go
│ ├── vlogs_types.go
│ ├── vmagent_types.go
│ ├── vmagent_types_test.go
│ ├── vmalert_types.go
│ ├── vmalert_types_test.go
│ ├── vmalertmanager_types.go
│ ├── vmalertmanager_types_test.go
│ ├── vmalertmanagerconfig_test.go
│ ├── vmalertmanagerconfig_types.go
│ ├── vmalertmanagerconfig_types_test.go
│ ├── vmauth_types.go
│ ├── vmauth_types_test.go
│ ├── vmcluster_types.go
│ ├── vmcluster_types_test.go
│ ├── vmextra_types.go
│ ├── vmextra_types_test.go
│ ├── vmnodescrape_types.go
│ ├── vmpodscrape_types.go
│ ├── vmprobe_types.go
│ ├── vmrule_types.go
│ ├── vmrule_types_test.go
│ ├── vmscrapeconfig_types.go
│ ├── vmservicescrape_types.go
│ ├── vmsingle_types.go
│ ├── vmstaticscrape_types.go
│ ├── vmuser_types.go
│ ├── vmuser_types_test.go
│ └── zz_generated.deepcopy.go
├── cmd
├── config-reloader
│ ├── README.md
│ ├── file_watch.go
│ ├── k8s_watch.go
│ └── main.go
└── main.go
├── codespell
├── Dockerfile
├── Makefile
└── stopwords
├── config
├── alerting
│ └── vmoperator-rules.yaml
├── base-with-webhook
│ └── kustomization.yaml
├── base
│ └── kustomization.yaml
├── certmanager
│ ├── certificate-metrics.yaml
│ ├── certificate-webhook.yaml
│ ├── issuer.yaml
│ ├── kustomization.yaml
│ └── kustomizeconfig.yaml
├── crd
│ ├── kustomization.yaml
│ ├── kustomizeconfig.yaml
│ ├── overlay
│ │ ├── crd.yaml
│ │ └── kustomization.yaml
│ └── patches
│ │ ├── cainjection_in_operator_vlogs.yaml
│ │ ├── cainjection_in_operator_vmagents.yaml
│ │ ├── cainjection_in_operator_vmalertmanagerconfigs.yaml
│ │ ├── cainjection_in_operator_vmalertmanagers.yaml
│ │ ├── cainjection_in_operator_vmalerts.yaml
│ │ ├── cainjection_in_operator_vmauths.yaml
│ │ ├── cainjection_in_operator_vmclusters.yaml
│ │ ├── cainjection_in_operator_vmrules.yaml
│ │ ├── cainjection_in_operator_vmsingles.yaml
│ │ ├── cainjection_in_operator_vmusers.yaml
│ │ ├── operator.victoriametrics.com_vlclusters.yaml
│ │ ├── operator.victoriametrics.com_vlogs.yaml
│ │ ├── operator.victoriametrics.com_vlsingles.yaml
│ │ ├── operator.victoriametrics.com_vmagents.yaml
│ │ ├── operator.victoriametrics.com_vmalertmanagerconfigs.yaml
│ │ ├── operator.victoriametrics.com_vmalertmanagers.yaml
│ │ ├── operator.victoriametrics.com_vmalerts.yaml
│ │ ├── operator.victoriametrics.com_vmauths.yaml
│ │ ├── operator.victoriametrics.com_vmclusters.yaml
│ │ ├── operator.victoriametrics.com_vmsingles.yaml
│ │ ├── webhook_in_operator_vlogs.yaml
│ │ ├── webhook_in_operator_vmagents.yaml
│ │ ├── webhook_in_operator_vmalertmanagerconfigs.yaml
│ │ ├── webhook_in_operator_vmalertmanagers.yaml
│ │ ├── webhook_in_operator_vmalerts.yaml
│ │ ├── webhook_in_operator_vmauths.yaml
│ │ ├── webhook_in_operator_vmclusters.yaml
│ │ ├── webhook_in_operator_vmrules.yaml
│ │ ├── webhook_in_operator_vmsingles.yaml
│ │ └── webhook_in_operator_vmusers.yaml
├── default-with-webhook
│ ├── kustomization.yaml
│ ├── manager_metrics_patch.yaml
│ ├── manager_webhook_patch.yaml
│ └── webhookcainjection_patch.yaml
├── default
│ ├── kustomization.yaml
│ ├── manager_metrics_patch.yaml
│ └── metrics_service.yaml
├── examples
│ ├── kustomization.yaml
│ ├── operator_rbac_for_single_namespace.yaml
│ ├── vlcluster.yaml
│ ├── vlogs.yaml
│ ├── vlsingle.yaml
│ ├── vmagent-full.yaml
│ ├── vmagent-stream-aggr.yaml
│ ├── vmagent.yaml
│ ├── vmagent_daemonset.yaml
│ ├── vmagent_ingest_only.yaml
│ ├── vmagent_istio.yaml
│ ├── vmagent_rbac.yaml
│ ├── vmagent_reloadauth.yaml
│ ├── vmagent_shard_vmauth_routing.yaml
│ ├── vmagent_stateful_with_sharding.yaml
│ ├── vmagent_tls.yaml
│ ├── vmalert-full.yaml
│ ├── vmalert.yaml
│ ├── vmalertmanager.yaml
│ ├── vmalertmanager_config-full.yaml
│ ├── vmalertmanager_config.yaml
│ ├── vmalertmanager_web_tls.yaml
│ ├── vmalertmanager_with_mtls.yaml
│ ├── vmauth.yaml
│ ├── vmauth_cert_manager.yaml
│ ├── vmauth_unmanaged.yaml
│ ├── vmauth_with_unauthorized_access.yaml
│ ├── vmcluster.yaml
│ ├── vmcluster_loadbalancer.yaml
│ ├── vmcluster_storage_class_unexpandable.yaml
│ ├── vmcluster_with_additional_claim.yaml
│ ├── vmcluster_with_backuper.yaml
│ ├── vmcluster_with_service_override.yaml
│ ├── vmnodescrape.yaml
│ ├── vmpodscrape-full.yaml
│ ├── vmpodscrape.yaml
│ ├── vmpodscrape_sd.yaml
│ ├── vmprobe.yaml
│ ├── vmrule.yaml
│ ├── vmscrapeconfig.yaml
│ ├── vmservicescrape-full.yaml
│ ├── vmservicescrape-metrics-server.yml
│ ├── vmservicescrape.yaml
│ ├── vmservicescrape_oauth2_tls.yaml
│ ├── vmservicescrape_service_sd.yaml
│ ├── vmsingle-stream-aggr.yaml
│ ├── vmsingle.yaml
│ ├── vmsingle_with_backuper.yaml
│ ├── vmsingle_with_pvc.yaml
│ ├── vmstaticscrape.yaml
│ ├── vmuser_cluster_ref.yaml
│ ├── vmuser_cluster_tenant.yaml
│ ├── vmuser_with_ip_filters.yaml
│ └── vmusers.yaml
├── kind
│ └── kustomization.yaml
├── manager
│ ├── kustomization.yaml
│ └── manager.yaml
├── manifests
│ ├── bases
│ │ └── victoriametrics-operator.clusterserviceversion.yaml
│ ├── ci.yaml
│ ├── kustomization.yaml
│ ├── release-config.yaml
│ └── scorecard.yaml
├── network-policy
│ ├── allow-metrics-traffic.yaml
│ ├── allow-webhook-traffic.yaml
│ └── kustomization.yaml
├── olm
│ ├── kind.yaml
│ ├── kustomization.yaml
│ └── olm.yaml
├── rbac
│ ├── kustomization.yaml
│ ├── leader_election_role.yaml
│ ├── leader_election_role_binding.yaml
│ ├── operator_vlcluster_editor_role.yaml
│ ├── operator_vlcluster_viewer_role.yaml
│ ├── operator_vlogs_editor_role.yaml
│ ├── operator_vlogs_viewer_role.yaml
│ ├── operator_vlsingle_editor_role.yaml
│ ├── operator_vlsingle_viewer_role.yaml
│ ├── operator_vmagent_editor_role.yaml
│ ├── operator_vmagent_viewer_role.yaml
│ ├── operator_vmalert_editor_role.yaml
│ ├── operator_vmalert_viewer_role.yaml
│ ├── operator_vmalertmanager_editor_role.yaml
│ ├── operator_vmalertmanager_viewer_role.yaml
│ ├── operator_vmalertmanagerconfig_editor_role.yaml
│ ├── operator_vmalertmanagerconfig_viewer_role.yaml
│ ├── operator_vmauth_editor_role.yaml
│ ├── operator_vmauth_viewer_role.yaml
│ ├── operator_vmcluster_editor_role.yaml
│ ├── operator_vmcluster_viewer_role.yaml
│ ├── operator_vmnodescrape_editor_role.yaml
│ ├── operator_vmnodescrape_viewer_role.yaml
│ ├── operator_vmpodscrape_editor_role.yaml
│ ├── operator_vmpodscrape_viewer_role.yaml
│ ├── operator_vmprobe_editor_role.yaml
│ ├── operator_vmprobe_viewer_role.yaml
│ ├── operator_vmrule_editor_role.yaml
│ ├── operator_vmrule_viewer_role.yaml
│ ├── operator_vmscrapeconfig_editor_role.yaml
│ ├── operator_vmscrapeconfig_viewer_role.yaml
│ ├── operator_vmservicescrape_editor_role.yaml
│ ├── operator_vmservicescrape_viewer_role.yaml
│ ├── operator_vmsingle_editor_role.yaml
│ ├── operator_vmsingle_viewer_role.yaml
│ ├── operator_vmstaticscrape_editor_role.yaml
│ ├── operator_vmstaticscrape_viewer_role.yaml
│ ├── operator_vmuser_editor_role.yaml
│ ├── operator_vmuser_viewer_role.yaml
│ ├── role.yaml
│ ├── role_binding.yaml
│ └── service_account.yaml
├── samples
│ ├── kustomization.yaml
│ ├── operator_v1_vlcluster.yaml
│ ├── operator_v1_vlsingle.yaml
│ ├── operator_v1beta1_vlogs.yaml
│ ├── operator_v1beta1_vmagent.yaml
│ ├── operator_v1beta1_vmalert.yaml
│ ├── operator_v1beta1_vmalertmanager.yaml
│ ├── operator_v1beta1_vmalertmanagerconfig.yaml
│ ├── operator_v1beta1_vmauth.yaml
│ ├── operator_v1beta1_vmcluster.yaml
│ ├── operator_v1beta1_vmnodescrape.yaml
│ ├── operator_v1beta1_vmpodscrape.yaml
│ ├── operator_v1beta1_vmprobe.yaml
│ ├── operator_v1beta1_vmrule.yaml
│ ├── operator_v1beta1_vmscrapeconfig.yaml
│ ├── operator_v1beta1_vmservicescrape.yaml
│ ├── operator_v1beta1_vmsingle.yaml
│ ├── operator_v1beta1_vmstaticscrape.yaml
│ └── operator_v1beta1_vmuser.yaml
└── webhook
│ ├── kustomization.yaml
│ ├── kustomizeconfig.yaml
│ ├── manifests.yaml
│ └── service.yaml
├── docs
├── CHANGELOG.md
├── FAQ.md
├── Makefile
├── README.md
├── README_operator-workflow.excalidraw
├── README_operator-workflow.webp
├── _index.md
├── api.md
├── auth.md
├── config.yaml
├── configuration.md
├── enterprise.md
├── env.md
├── flags.md
├── high-availability.md
├── integrations
│ ├── _index.md
│ ├── grafana.md
│ ├── istio.md
│ └── prometheus.md
├── logo.webp
├── logo_white.webp
├── migration.md
├── migration_prometheus-conversion.excalidraw
├── migration_prometheus-conversion.webp
├── monitoring.md
├── monitoring_operator-dashboard.webp
├── quick-start.md
├── release-guide.md
├── resources
│ ├── README.md
│ ├── README_cr-relations.excalidraw
│ ├── README_cr-relations.webp
│ ├── _index.md
│ ├── vlcluster.md
│ ├── vlsingle.md
│ ├── vmagent.md
│ ├── vmalert.md
│ ├── vmalertmanager.md
│ ├── vmalertmanagerconfig.md
│ ├── vmauth.md
│ ├── vmcluster.md
│ ├── vmcluster_balancer.excalidraw
│ ├── vmcluster_default_balancer.webp
│ ├── vmcluster_with_balancer.webp
│ ├── vmnodescrape.md
│ ├── vmpodscrape.md
│ ├── vmprobe.md
│ ├── vmrule.md
│ ├── vmscrapeconfig.md
│ ├── vmservicescrape.md
│ ├── vmsingle.md
│ ├── vmstaticscrape.md
│ └── vmuser.md
├── security.md
├── setup.md
├── templates
│ └── api
│ │ ├── details.tpl
│ │ ├── list.tpl
│ │ ├── members.tpl
│ │ └── type.tpl
└── vars.md
├── go.mod
├── go.sum
├── hack
├── boilerplate.go.txt
└── crd
│ └── prometheus
│ └── crd.yaml
├── internal
├── .DS_Store
├── config
│ ├── config.go
│ └── print.go
├── controller
│ └── operator
│ │ ├── controllers.go
│ │ ├── controllers_test.go
│ │ ├── converter
│ │ ├── apis.go
│ │ ├── apis_test.go
│ │ └── v1alpha1
│ │ │ ├── apis.go
│ │ │ └── apis_test.go
│ │ ├── factory
│ │ ├── alertmanager
│ │ │ ├── alertmanager.go
│ │ │ ├── alertmanager_test.go
│ │ │ ├── config.go
│ │ │ ├── config_test.go
│ │ │ ├── rbac.go
│ │ │ └── statefulset.go
│ │ ├── build
│ │ │ ├── backup.go
│ │ │ ├── build.go
│ │ │ ├── common.go
│ │ │ ├── container.go
│ │ │ ├── container_test.go
│ │ │ ├── daemonset.go
│ │ │ ├── defaults.go
│ │ │ ├── deployment.go
│ │ │ ├── hpa.go
│ │ │ ├── hpa_test.go
│ │ │ ├── pdb.go
│ │ │ ├── pdb_test.go
│ │ │ ├── security.go
│ │ │ ├── security_test.go
│ │ │ ├── service.go
│ │ │ ├── service_account.go
│ │ │ ├── service_account_test.go
│ │ │ ├── service_test.go
│ │ │ ├── statefulset.go
│ │ │ ├── vmservicescrape.go
│ │ │ └── vmservicescrape_test.go
│ │ ├── finalize
│ │ │ ├── common.go
│ │ │ ├── orphaned.go
│ │ │ ├── orphaned_test.go
│ │ │ ├── vlcluster.go
│ │ │ ├── vlogs.go
│ │ │ ├── vlsingle.go
│ │ │ ├── vmagent.go
│ │ │ ├── vmalert.go
│ │ │ ├── vmalertmanager.go
│ │ │ ├── vmauth.go
│ │ │ ├── vmcluster.go
│ │ │ ├── vmsingle.go
│ │ │ └── vmuser.go
│ │ ├── k8stools
│ │ │ ├── client_utils.go
│ │ │ ├── placeholders.go
│ │ │ ├── placeholders_test.go
│ │ │ ├── secret_content.go
│ │ │ ├── secret_content_test.go
│ │ │ ├── selectors.go
│ │ │ ├── test_helpers.go
│ │ │ ├── version.go
│ │ │ └── version_test.go
│ │ ├── limiter
│ │ │ └── limiter.go
│ │ ├── logger
│ │ │ └── logger.go
│ │ ├── reconcile
│ │ │ ├── configmap.go
│ │ │ ├── daemonset.go
│ │ │ ├── deploy.go
│ │ │ ├── deploy_test.go
│ │ │ ├── diff.go
│ │ │ ├── diff_test.go
│ │ │ ├── hpa.go
│ │ │ ├── pdb.go
│ │ │ ├── pvc.go
│ │ │ ├── rbac.go
│ │ │ ├── reconcile.go
│ │ │ ├── secret.go
│ │ │ ├── service.go
│ │ │ ├── service_account.go
│ │ │ ├── service_test.go
│ │ │ ├── statefulset.go
│ │ │ ├── statefulset_pvc_expand.go
│ │ │ ├── statefulset_pvc_expand_test.go
│ │ │ ├── statefulset_test.go
│ │ │ ├── status.go
│ │ │ └── vmservicescrape.go
│ │ ├── vlcluster
│ │ │ ├── helpers.go
│ │ │ ├── vlcluster.go
│ │ │ ├── vlcluster_test.go
│ │ │ ├── vlinsert.go
│ │ │ ├── vlinsert_test.go
│ │ │ ├── vlselect.go
│ │ │ ├── vlstorage.go
│ │ │ └── vmauth_lb.go
│ │ ├── vlsingle
│ │ │ ├── vlogs.go
│ │ │ ├── vlogs_test.go
│ │ │ ├── vlsingle.go
│ │ │ └── vlsingle_test.go
│ │ ├── vmagent
│ │ │ ├── collect_scrapes.go
│ │ │ ├── collect_scrapes_test.go
│ │ │ ├── nodescrape.go
│ │ │ ├── nodescrape_test.go
│ │ │ ├── podscrape.go
│ │ │ ├── podscrape_test.go
│ │ │ ├── probe.go
│ │ │ ├── probe_test.go
│ │ │ ├── rbac.go
│ │ │ ├── rbac_test.go
│ │ │ ├── scrapeconfig.go
│ │ │ ├── scrapeconfig_test.go
│ │ │ ├── servicescrape.go
│ │ │ ├── servicescrape_test.go
│ │ │ ├── staticscrape.go
│ │ │ ├── staticscrape_test.go
│ │ │ ├── vmagent.go
│ │ │ ├── vmagent_scrapeconfig.go
│ │ │ ├── vmagent_scrapeconfig_test.go
│ │ │ └── vmagent_test.go
│ │ ├── vmalert
│ │ │ ├── rules.go
│ │ │ ├── rules_test.go
│ │ │ ├── vmalert.go
│ │ │ └── vmalert_test.go
│ │ ├── vmauth
│ │ │ ├── rbac.go
│ │ │ ├── vmauth.go
│ │ │ ├── vmauth_test.go
│ │ │ ├── vmusers_config.go
│ │ │ └── vmusers_config_test.go
│ │ ├── vmcluster
│ │ │ ├── vmcluster.go
│ │ │ └── vmcluster_test.go
│ │ └── vmsingle
│ │ │ ├── vmsingle.go
│ │ │ └── vmsingle_test.go
│ │ ├── objects_stat.go
│ │ ├── suite_test.go
│ │ ├── vlcluster_controller.go
│ │ ├── vlcluster_controller_test.go
│ │ ├── vlogs_controller.go
│ │ ├── vlogs_controller_test.go
│ │ ├── vlsingle_controller.go
│ │ ├── vlsingle_controller_test.go
│ │ ├── vmagent_controller.go
│ │ ├── vmagent_controller_test.go
│ │ ├── vmalert_controller.go
│ │ ├── vmalert_controller_test.go
│ │ ├── vmalertmanager_controller.go
│ │ ├── vmalertmanager_controller_test.go
│ │ ├── vmalertmanagerconfig_controller.go
│ │ ├── vmalertmanagerconfig_controller_test.go
│ │ ├── vmauth_controller.go
│ │ ├── vmauth_controller_test.go
│ │ ├── vmcluster_controller.go
│ │ ├── vmcluster_controller_test.go
│ │ ├── vmnodescrape_controller.go
│ │ ├── vmnodescrape_controller_test.go
│ │ ├── vmpodscrape_controller.go
│ │ ├── vmpodscrape_controller_test.go
│ │ ├── vmprobe_controller.go
│ │ ├── vmprobe_controller_test.go
│ │ ├── vmprometheusconverter_controller.go
│ │ ├── vmprometheusconverter_controller_test.go
│ │ ├── vmrule_controller.go
│ │ ├── vmrule_controller_test.go
│ │ ├── vmscrapeconfig_controller.go
│ │ ├── vmscrapeconfig_controller_test.go
│ │ ├── vmservicescrape_controller.go
│ │ ├── vmservicescrape_controller_test.go
│ │ ├── vmsingle_controller.go
│ │ ├── vmsingle_controller_test.go
│ │ ├── vmstaticscrape_controller.go
│ │ ├── vmstaticscrape_controller_test.go
│ │ ├── vmuser_controller.go
│ │ └── vmuser_controller_test.go
├── manager
│ └── manager.go
└── webhook
│ └── operator
│ ├── v1
│ ├── vlcluster_webhook.go
│ └── vlsingle_webhook.go
│ └── v1beta1
│ ├── vlogs_webhook.go
│ ├── vmagent_webhook.go
│ ├── vmalert_webhook.go
│ ├── vmalertmanager_webhook.go
│ ├── vmalertmanagerconfig_webhook.go
│ ├── vmauth_webhook.go
│ ├── vmcluster_webhook.go
│ ├── vmnodescrape_webhook.go
│ ├── vmpodscrape_webhook.go
│ ├── vmprobe_webhook.go
│ ├── vmrule_webhook.go
│ ├── vmscrapeconfig_webhook.go
│ ├── vmservicescrape_webhook.go
│ ├── vmsingle_webhook.go
│ ├── vmstaticscrape_webhook.go
│ └── vmuser_webhook.go
└── test
├── e2e
├── childobjects
│ ├── suite_test.go
│ ├── vmalertmanagerconfig_test.go
│ ├── vmrule_test.go
│ ├── vmscrapes_test.go
│ └── vmuser_test.go
├── deploy
│ └── deploy_test.go
├── e2e_test.go
├── prometheus_converter_test.go
├── suite
│ ├── suite.go
│ └── utils.go
├── utils_test.go
├── vlcluster_test.go
├── vlsingle_test.go
├── vmagent_test.go
├── vmalert_test.go
├── vmalertmanager_test.go
├── vmauth_test.go
├── vmcluster_test.go
├── vmsingle_test.go
└── watchnamespace
│ ├── controllers_test.go
│ ├── prometheus_converter_test.go
│ ├── suite_test.go
│ └── utils_test.go
└── utils
└── utils.go
/.dockerignore:
--------------------------------------------------------------------------------
1 | # Temporary Build Files
2 | build/_output
3 | build/_test
4 | # Created by https://www.gitignore.io/api/go,vim,emacs,visualstudiocode
5 | ### Emacs ###
6 | # -*- mode: gitignore; -*-
7 | *~
8 | \#*\#
9 | /.emacs.desktop
10 | /.emacs.desktop.lock
11 | *.elc
12 | auto-save-list
13 | tramp
14 | .\#*
15 | # Org-mode
16 | .org-id-locations
17 | *_archive
18 | # flymake-mode
19 | *_flymake.*
20 | # eshell files
21 | /eshell/history
22 | /eshell/lastdir
23 | # elpa packages
24 | /elpa/
25 | # reftex files
26 | *.rel
27 | # AUCTeX auto folder
28 | /auto/
29 | # cask packages
30 | .cask/
31 | dist/
32 | # Flycheck
33 | flycheck_*.el
34 | # server auth directory
35 | /server/
36 | # projectiles files
37 | .projectile
38 | projectile-bookmarks.eld
39 | # directory configuration
40 | .dir-locals.el
41 | # saveplace
42 | places
43 | # url cache
44 | url/cache/
45 | # cedet
46 | ede-projects.el
47 | # smex
48 | smex-items
49 | # company-statistics
50 | company-statistics-cache.el
51 | # anaconda-mode
52 | anaconda-mode/
53 | ### Go ###
54 | # Binaries for programs and plugins
55 | *.exe
56 | *.exe~
57 | *.dll
58 | *.so
59 | *.dylib
60 | # Test binary, build with 'go test -c'
61 | *.test
62 | # Output of the go coverage tool, specifically when used with LiteIDE
63 | *.out
64 | ### Vim ###
65 | # swap
66 | .sw[a-p]
67 | .*.sw[a-p]
68 | # session
69 | Session.vim
70 | # temporary
71 | .netrwhist
72 | # auto-generated tag files
73 | tags
74 | ### VisualStudioCode ###
75 | .vscode/*
76 | .history
77 | # End of https://www.gitignore.io/api/go,vim,emacs,visualstudiocode
78 |
--------------------------------------------------------------------------------
/.github/CODEOWNERS:
--------------------------------------------------------------------------------
1 | * @f41gh7 @Haleygo @AndrewChubatiuk
2 |
--------------------------------------------------------------------------------
/.github/workflows/close-pr.yaml:
--------------------------------------------------------------------------------
1 | name: Close PR
2 |
3 | on:
4 | workflow_dispatch:
5 | inputs:
6 | repo:
7 | description: Repo slug where PR should be closed
8 | required: true
9 | type: choice
10 | options:
11 | - k8s-operatorhub/community-operators
12 | - redhat-openshift-ecosystem/community-operators-prod
13 | prNumber:
14 | description: PR number to close
15 | required: true
16 | type: string
17 |
18 | jobs:
19 | update:
20 | name: Close PR
21 | runs-on: ubuntu-latest
22 | steps:
23 | - name: Close PR
24 | run: |
25 | gh pr close https://github.com/${{ github.event.inputs.repo }}/pull/${{ github.event.inputs.prNumber }}
26 | env:
27 | GH_TOKEN: ${{ secrets.VM_BOT_GH_TOKEN }}
28 |
--------------------------------------------------------------------------------
/.gitignore:
--------------------------------------------------------------------------------
1 | # Temporary Build Files
2 | .DS_Store
3 | Dockerfile.cross
4 | .idea
5 | /bin/
6 | /build*
7 | /bundle*
8 | release
9 | operator.zip
10 | coverage.txt
11 | # Created by https://www.gitignore.io/api/go,vim,emacs,visualstudiocode
12 | ### Emacs ###
13 | # -*- mode: gitignore; -*-
14 | *~
15 | \#*\#
16 | /.emacs.desktop
17 | /.emacs.desktop.lock
18 | *.elc
19 | auto-save-list
20 | tramp
21 | .\#*
22 | # Org-mode
23 | .org-id-locations
24 | *_archive
25 | # flymake-mode
26 | *_flymake.*
27 | # eshell files
28 | /eshell/history
29 | /eshell/lastdir
30 | # elpa packages
31 | /elpa/
32 | # reftex files
33 | *.rel
34 | # AUCTeX auto folder
35 | /auto/
36 | # cask packages
37 | .cask/
38 | dist/
39 | # Flycheck
40 | flycheck_*.el
41 | # server auth directory
42 | /server/
43 | # projectiles files
44 | .projectile
45 | projectile-bookmarks.eld
46 | # directory configuration
47 | .dir-locals.el
48 | # saveplace
49 | places
50 | # url cache
51 | url/cache/
52 | # cedet
53 | ede-projects.el
54 | # smex
55 | smex-items
56 | # company-statistics
57 | company-statistics-cache.el
58 | # anaconda-mode
59 | anaconda-mode/
60 | ### Go ###
61 | # Binaries for programs and plugins
62 | *.exe
63 | *.exe~
64 | *.dll
65 | *.so
66 | *.dylib
67 | # Test binary, build with 'go test -c'
68 | *.test
69 | # Output of the go coverage tool, specifically when used with LiteIDE
70 | *.out
71 | ### Vim ###
72 | # swap
73 | .sw[a-p]
74 | .*.sw[a-p]
75 | # session
76 | Session.vim
77 | # temporary
78 | .netrwhist
79 | # auto-generated tag files
80 | tags
81 | ### VisualStudioCode ###
82 | .vscode/*
83 | .history
84 | vendor
85 | vmdocs/
86 | config/crd/bases/*
87 | # End of https://www.gitignore.io/api/go,vim,emacs,visualstudiocode
88 |
--------------------------------------------------------------------------------
/.golangci.yml:
--------------------------------------------------------------------------------
1 | version: "2"
2 | run:
3 | allow-parallel-runners: true
4 | linters:
5 | default: none
6 | enable:
7 | - copyloopvar
8 | - dupl
9 | - ginkgolinter
10 | - govet
11 | - ineffassign
12 | - lll
13 | - misspell
14 | - staticcheck
15 | - unconvert
16 | - unparam
17 | - unused
18 | exclusions:
19 | generated: lax
20 | rules:
21 | - linters:
22 | - lll
23 | path: api/*
24 | - linters:
25 | - dupl
26 | - lll
27 | path: internal/*
28 | paths:
29 | - third_party$
30 | - builtin$
31 | - examples$
32 | formatters:
33 | enable:
34 | - gofmt
35 | - goimports
36 | exclusions:
37 | generated: lax
38 | paths:
39 | - third_party$
40 | - builtin$
41 | - examples$
42 |
--------------------------------------------------------------------------------
/.trivyignore:
--------------------------------------------------------------------------------
1 | # k8s - no impact, new lib version is used
2 | CVE-2021-25735
3 | CVE-2021-25735
4 | CVE-2020-8565
5 | CVE-2020-8559
6 | CVE-2020-8557
7 | CVE-2020-8555
8 | CVE-2020-8554
9 | CVE-2020-8552
10 | CVE-2019-11250
11 | CVE-2019-1002101
12 | CVE-2020-8563
13 | CVE-2020-8564
14 |
15 | # has no impact
16 | CVE-2020-8558
17 | CVE-2021-41103
18 | CVE-2020-35381
19 | CVE-2020-10675
20 | CVE-2020-13949
21 | CVE-2020-26160
22 | CVE-2019-3826
23 | GO-2020-0001
24 | GO-2020-0020
25 | CVE-2022-24450
26 |
27 | # gin not used as web server
28 | CVE-2020-28483
29 |
30 | # mongodb has no impact
31 | CVE-2021-20329
32 |
33 | # containerd has no impact
34 | CVE-2020-15257
35 | CVE-2021-21334
36 | CVE-2021-32760
37 |
--------------------------------------------------------------------------------
/CONTRIBUTING.md:
--------------------------------------------------------------------------------
1 |
2 | ## Required programs
3 |
4 | for developing you need:
5 |
6 | - kubebuilder v4
7 | - golang 1.23+
8 | - docker
9 | - kubectl
10 |
11 | ## installing local env
12 |
13 | ```bash
14 | # make install-tools
15 | ```
16 |
17 | ## local build and run
18 |
19 | Use `make build` - it will generate new crds and build binary
20 |
21 | for running locally on kind you need to run:
22 |
23 | ```bash
24 | make deploy-kind
25 | ```
26 |
27 | or you can run it from IDE with ```main.go```
28 |
29 | ## publish changes
30 |
31 | before creating merge request, ensure that tests passed locally:
32 |
33 | ```bash
34 | make build # it will update crds
35 | make lint # linting project
36 | make test #unit tests
37 | make test-e2e #e2e tests with minikube
38 | ```
39 |
40 | ## adding new api
41 |
42 | For adding new kind - `KIND_NAME`, you have to execute command:
43 |
44 | ```bash
45 | kubebuilder create api --group operator --version v1beta1 --kind KIND_NAME
46 | ```
47 |
48 | For adding new webhook for a `KIND_NAME`, you have to execute command:
49 |
50 | ```bash
51 | kubebuilder create webhook --group operator --version v1beta1 --kind KIND_NAME --conversion --programmatic-validation
52 | ```
53 |
54 | This will scaffold api and controller. Then you have to edit code at `api/operator/v1beta1` and `internal/controller/operator` folder.
55 |
--------------------------------------------------------------------------------
/Dockerfile:
--------------------------------------------------------------------------------
1 | ARG ROOT
2 | ARG BUILDINFO
3 |
4 | # Build the manager binary
5 | FROM golang:1.24.3 AS builder
6 | ARG TARGETOS
7 | ARG TARGETARCH
8 |
9 | WORKDIR /workspace
10 | # Copy the Go Modules manifests
11 | COPY go.* .
12 | COPY api/go.* api/
13 | # cache deps before building and copying source so that we don't need to re-download as much
14 | # and so that source changes don't invalidate our downloaded layer
15 | RUN \
16 | --mount=type=cache,target=/go/pkg/mod \
17 | --mount=type=cache,target=/root/.cache/go-build \
18 | go mod download
19 |
20 | # Copy the go source
21 | COPY cmd/ cmd/
22 | COPY api/ api/
23 | COPY internal/ internal/
24 | ARG ROOT
25 | ARG BUILDINFO
26 | ARG FIPS_VERSION
27 | ARG GODEBUG_ARGS
28 | # Build
29 | # the GOARCH has not a default value to allow the binary be built according to the host where the command
30 | # was called. For example, if we call make docker-build in a local env which has the Apple Silicon M1 SO
31 | # the docker BUILDPLATFORM arg will be linux/arm64 when for Apple x86 it will be linux/amd64. Therefore,
32 | # by leaving it empty we can ensure that the container and binary shipped on it will have the same platform.
33 | ENV GOCACHE=/root/.cache/go-build
34 | RUN --mount=type=cache,target="/root/.cache/go-build"
35 | RUN \
36 | --mount=type=cache,target=/root/.cache \
37 | --mount=type=cache,target=/go/pkg/mod \
38 | CGO_ENABLED=0 GOOS=${TARGETOS:-linux} GOARCH=${TARGETARCH} GODEBUG=${GODEBUG_ARGS} GOFIPS140=${FIPS_VERSION} go build -a \
39 | -ldflags="-X 'github.com/VictoriaMetrics/VictoriaMetrics/lib/buildinfo.Version=operator-${BUILDINFO}'" \
40 | -o app ${ROOT}/
41 |
42 | # Use scratch as minimal base image to package the manager binary
43 | FROM scratch
44 | WORKDIR /
45 | COPY --from=builder /workspace/app .
46 | USER 65532:65532
47 |
48 | ENTRYPOINT ["/app"]
49 |
--------------------------------------------------------------------------------
/api/client/informers/externalversions/internalinterfaces/factory_interfaces.go:
--------------------------------------------------------------------------------
1 | /*
2 |
3 |
4 | Licensed under the Apache License, Version 2.0 (the "License");
5 | you may not use this file except in compliance with the License.
6 | You may obtain a copy of the License at
7 |
8 | http://www.apache.org/licenses/LICENSE-2.0
9 |
10 | Unless required by applicable law or agreed to in writing, software
11 | distributed under the License is distributed on an "AS IS" BASIS,
12 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 | See the License for the specific language governing permissions and
14 | limitations under the License.
15 | */
16 | // Code generated by informer-gen-v0.32. DO NOT EDIT.
17 |
18 | package internalinterfaces
19 |
20 | import (
21 | time "time"
22 |
23 | versioned "github.com/VictoriaMetrics/operator/api/client/versioned"
24 | v1 "k8s.io/apimachinery/pkg/apis/meta/v1"
25 | runtime "k8s.io/apimachinery/pkg/runtime"
26 | cache "k8s.io/client-go/tools/cache"
27 | )
28 |
29 | // NewInformerFunc takes versioned.Interface and time.Duration to return a SharedIndexInformer.
30 | type NewInformerFunc func(versioned.Interface, time.Duration) cache.SharedIndexInformer
31 |
32 | // SharedInformerFactory a small interface to allow for adding an informer without an import cycle
33 | type SharedInformerFactory interface {
34 | Start(stopCh <-chan struct{})
35 | InformerFor(obj runtime.Object, newFunc NewInformerFunc) cache.SharedIndexInformer
36 | }
37 |
38 | // TweakListOptionsFunc is a function that transforms a v1.ListOptions.
39 | type TweakListOptionsFunc func(*v1.ListOptions)
40 |
--------------------------------------------------------------------------------
/api/client/listers/operator/v1/expansion_generated.go:
--------------------------------------------------------------------------------
1 | /*
2 |
3 |
4 | Licensed under the Apache License, Version 2.0 (the "License");
5 | you may not use this file except in compliance with the License.
6 | You may obtain a copy of the License at
7 |
8 | http://www.apache.org/licenses/LICENSE-2.0
9 |
10 | Unless required by applicable law or agreed to in writing, software
11 | distributed under the License is distributed on an "AS IS" BASIS,
12 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 | See the License for the specific language governing permissions and
14 | limitations under the License.
15 | */
16 | // Code generated by lister-gen-v0.32. DO NOT EDIT.
17 |
18 | package v1
19 |
20 | // VLClusterListerExpansion allows custom methods to be added to
21 | // VLClusterLister.
22 | type VLClusterListerExpansion interface{}
23 |
24 | // VLClusterNamespaceListerExpansion allows custom methods to be added to
25 | // VLClusterNamespaceLister.
26 | type VLClusterNamespaceListerExpansion interface{}
27 |
28 | // VLSingleListerExpansion allows custom methods to be added to
29 | // VLSingleLister.
30 | type VLSingleListerExpansion interface{}
31 |
32 | // VLSingleNamespaceListerExpansion allows custom methods to be added to
33 | // VLSingleNamespaceLister.
34 | type VLSingleNamespaceListerExpansion interface{}
35 |
--------------------------------------------------------------------------------
/api/client/versioned/fake/doc.go:
--------------------------------------------------------------------------------
1 | /*
2 |
3 |
4 | Licensed under the Apache License, Version 2.0 (the "License");
5 | you may not use this file except in compliance with the License.
6 | You may obtain a copy of the License at
7 |
8 | http://www.apache.org/licenses/LICENSE-2.0
9 |
10 | Unless required by applicable law or agreed to in writing, software
11 | distributed under the License is distributed on an "AS IS" BASIS,
12 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 | See the License for the specific language governing permissions and
14 | limitations under the License.
15 | */
16 | // Code generated by client-gen-v0.32. DO NOT EDIT.
17 |
18 | // This package has the automatically generated fake clientset.
19 | package fake
20 |
--------------------------------------------------------------------------------
/api/client/versioned/scheme/doc.go:
--------------------------------------------------------------------------------
1 | /*
2 |
3 |
4 | Licensed under the Apache License, Version 2.0 (the "License");
5 | you may not use this file except in compliance with the License.
6 | You may obtain a copy of the License at
7 |
8 | http://www.apache.org/licenses/LICENSE-2.0
9 |
10 | Unless required by applicable law or agreed to in writing, software
11 | distributed under the License is distributed on an "AS IS" BASIS,
12 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 | See the License for the specific language governing permissions and
14 | limitations under the License.
15 | */
16 | // Code generated by client-gen-v0.32. DO NOT EDIT.
17 |
18 | // This package contains the scheme of the automatically generated clientset.
19 | package scheme
20 |
--------------------------------------------------------------------------------
/api/client/versioned/typed/operator/v1/doc.go:
--------------------------------------------------------------------------------
1 | /*
2 |
3 |
4 | Licensed under the Apache License, Version 2.0 (the "License");
5 | you may not use this file except in compliance with the License.
6 | You may obtain a copy of the License at
7 |
8 | http://www.apache.org/licenses/LICENSE-2.0
9 |
10 | Unless required by applicable law or agreed to in writing, software
11 | distributed under the License is distributed on an "AS IS" BASIS,
12 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 | See the License for the specific language governing permissions and
14 | limitations under the License.
15 | */
16 | // Code generated by client-gen-v0.32. DO NOT EDIT.
17 |
18 | // This package has the automatically generated typed clients.
19 | package v1
20 |
--------------------------------------------------------------------------------
/api/client/versioned/typed/operator/v1/fake/doc.go:
--------------------------------------------------------------------------------
1 | /*
2 |
3 |
4 | Licensed under the Apache License, Version 2.0 (the "License");
5 | you may not use this file except in compliance with the License.
6 | You may obtain a copy of the License at
7 |
8 | http://www.apache.org/licenses/LICENSE-2.0
9 |
10 | Unless required by applicable law or agreed to in writing, software
11 | distributed under the License is distributed on an "AS IS" BASIS,
12 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 | See the License for the specific language governing permissions and
14 | limitations under the License.
15 | */
16 | // Code generated by client-gen-v0.32. DO NOT EDIT.
17 |
18 | // Package fake has the automatically generated clients.
19 | package fake
20 |
--------------------------------------------------------------------------------
/api/client/versioned/typed/operator/v1/fake/fake_operator_client.go:
--------------------------------------------------------------------------------
1 | /*
2 |
3 |
4 | Licensed under the Apache License, Version 2.0 (the "License");
5 | you may not use this file except in compliance with the License.
6 | You may obtain a copy of the License at
7 |
8 | http://www.apache.org/licenses/LICENSE-2.0
9 |
10 | Unless required by applicable law or agreed to in writing, software
11 | distributed under the License is distributed on an "AS IS" BASIS,
12 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 | See the License for the specific language governing permissions and
14 | limitations under the License.
15 | */
16 | // Code generated by client-gen-v0.32. DO NOT EDIT.
17 |
18 | package fake
19 |
20 | import (
21 | v1 "github.com/VictoriaMetrics/operator/api/client/versioned/typed/operator/v1"
22 | rest "k8s.io/client-go/rest"
23 | testing "k8s.io/client-go/testing"
24 | )
25 |
26 | type FakeOperatorV1 struct {
27 | *testing.Fake
28 | }
29 |
30 | func (c *FakeOperatorV1) VLClusters(namespace string) v1.VLClusterInterface {
31 | return newFakeVLClusters(c, namespace)
32 | }
33 |
34 | func (c *FakeOperatorV1) VLSingles(namespace string) v1.VLSingleInterface {
35 | return newFakeVLSingles(c, namespace)
36 | }
37 |
38 | // RESTClient returns a RESTClient that is used to communicate
39 | // with API server by this client implementation.
40 | func (c *FakeOperatorV1) RESTClient() rest.Interface {
41 | var ret *rest.RESTClient
42 | return ret
43 | }
44 |
--------------------------------------------------------------------------------
/api/client/versioned/typed/operator/v1/fake/fake_vlcluster.go:
--------------------------------------------------------------------------------
1 | /*
2 |
3 |
4 | Licensed under the Apache License, Version 2.0 (the "License");
5 | you may not use this file except in compliance with the License.
6 | You may obtain a copy of the License at
7 |
8 | http://www.apache.org/licenses/LICENSE-2.0
9 |
10 | Unless required by applicable law or agreed to in writing, software
11 | distributed under the License is distributed on an "AS IS" BASIS,
12 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 | See the License for the specific language governing permissions and
14 | limitations under the License.
15 | */
16 | // Code generated by client-gen-v0.32. DO NOT EDIT.
17 |
18 | package fake
19 |
20 | import (
21 | operatorv1 "github.com/VictoriaMetrics/operator/api/client/versioned/typed/operator/v1"
22 | v1 "github.com/VictoriaMetrics/operator/api/operator/v1"
23 | gentype "k8s.io/client-go/gentype"
24 | )
25 |
26 | // fakeVLClusters implements VLClusterInterface
27 | type fakeVLClusters struct {
28 | *gentype.FakeClientWithList[*v1.VLCluster, *v1.VLClusterList]
29 | Fake *FakeOperatorV1
30 | }
31 |
32 | func newFakeVLClusters(fake *FakeOperatorV1, namespace string) operatorv1.VLClusterInterface {
33 | return &fakeVLClusters{
34 | gentype.NewFakeClientWithList[*v1.VLCluster, *v1.VLClusterList](
35 | fake.Fake,
36 | namespace,
37 | v1.SchemeGroupVersion.WithResource("vlclusters"),
38 | v1.SchemeGroupVersion.WithKind("VLCluster"),
39 | func() *v1.VLCluster { return &v1.VLCluster{} },
40 | func() *v1.VLClusterList { return &v1.VLClusterList{} },
41 | func(dst, src *v1.VLClusterList) { dst.ListMeta = src.ListMeta },
42 | func(list *v1.VLClusterList) []*v1.VLCluster { return gentype.ToPointerSlice(list.Items) },
43 | func(list *v1.VLClusterList, items []*v1.VLCluster) { list.Items = gentype.FromPointerSlice(items) },
44 | ),
45 | fake,
46 | }
47 | }
48 |
--------------------------------------------------------------------------------
/api/client/versioned/typed/operator/v1/fake/fake_vlsingle.go:
--------------------------------------------------------------------------------
1 | /*
2 |
3 |
4 | Licensed under the Apache License, Version 2.0 (the "License");
5 | you may not use this file except in compliance with the License.
6 | You may obtain a copy of the License at
7 |
8 | http://www.apache.org/licenses/LICENSE-2.0
9 |
10 | Unless required by applicable law or agreed to in writing, software
11 | distributed under the License is distributed on an "AS IS" BASIS,
12 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 | See the License for the specific language governing permissions and
14 | limitations under the License.
15 | */
16 | // Code generated by client-gen-v0.32. DO NOT EDIT.
17 |
18 | package fake
19 |
20 | import (
21 | operatorv1 "github.com/VictoriaMetrics/operator/api/client/versioned/typed/operator/v1"
22 | v1 "github.com/VictoriaMetrics/operator/api/operator/v1"
23 | gentype "k8s.io/client-go/gentype"
24 | )
25 |
26 | // fakeVLSingles implements VLSingleInterface
27 | type fakeVLSingles struct {
28 | *gentype.FakeClientWithList[*v1.VLSingle, *v1.VLSingleList]
29 | Fake *FakeOperatorV1
30 | }
31 |
32 | func newFakeVLSingles(fake *FakeOperatorV1, namespace string) operatorv1.VLSingleInterface {
33 | return &fakeVLSingles{
34 | gentype.NewFakeClientWithList[*v1.VLSingle, *v1.VLSingleList](
35 | fake.Fake,
36 | namespace,
37 | v1.SchemeGroupVersion.WithResource("vlsingles"),
38 | v1.SchemeGroupVersion.WithKind("VLSingle"),
39 | func() *v1.VLSingle { return &v1.VLSingle{} },
40 | func() *v1.VLSingleList { return &v1.VLSingleList{} },
41 | func(dst, src *v1.VLSingleList) { dst.ListMeta = src.ListMeta },
42 | func(list *v1.VLSingleList) []*v1.VLSingle { return gentype.ToPointerSlice(list.Items) },
43 | func(list *v1.VLSingleList, items []*v1.VLSingle) { list.Items = gentype.FromPointerSlice(items) },
44 | ),
45 | fake,
46 | }
47 | }
48 |
--------------------------------------------------------------------------------
/api/client/versioned/typed/operator/v1/generated_expansion.go:
--------------------------------------------------------------------------------
1 | /*
2 |
3 |
4 | Licensed under the Apache License, Version 2.0 (the "License");
5 | you may not use this file except in compliance with the License.
6 | You may obtain a copy of the License at
7 |
8 | http://www.apache.org/licenses/LICENSE-2.0
9 |
10 | Unless required by applicable law or agreed to in writing, software
11 | distributed under the License is distributed on an "AS IS" BASIS,
12 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 | See the License for the specific language governing permissions and
14 | limitations under the License.
15 | */
16 | // Code generated by client-gen-v0.32. DO NOT EDIT.
17 |
18 | package v1
19 |
20 | type VLClusterExpansion interface{}
21 |
22 | type VLSingleExpansion interface{}
23 |
--------------------------------------------------------------------------------
/api/client/versioned/typed/operator/v1beta1/doc.go:
--------------------------------------------------------------------------------
1 | /*
2 |
3 |
4 | Licensed under the Apache License, Version 2.0 (the "License");
5 | you may not use this file except in compliance with the License.
6 | You may obtain a copy of the License at
7 |
8 | http://www.apache.org/licenses/LICENSE-2.0
9 |
10 | Unless required by applicable law or agreed to in writing, software
11 | distributed under the License is distributed on an "AS IS" BASIS,
12 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 | See the License for the specific language governing permissions and
14 | limitations under the License.
15 | */
16 | // Code generated by client-gen-v0.32. DO NOT EDIT.
17 |
18 | // This package has the automatically generated typed clients.
19 | package v1beta1
20 |
--------------------------------------------------------------------------------
/api/client/versioned/typed/operator/v1beta1/fake/doc.go:
--------------------------------------------------------------------------------
1 | /*
2 |
3 |
4 | Licensed under the Apache License, Version 2.0 (the "License");
5 | you may not use this file except in compliance with the License.
6 | You may obtain a copy of the License at
7 |
8 | http://www.apache.org/licenses/LICENSE-2.0
9 |
10 | Unless required by applicable law or agreed to in writing, software
11 | distributed under the License is distributed on an "AS IS" BASIS,
12 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 | See the License for the specific language governing permissions and
14 | limitations under the License.
15 | */
16 | // Code generated by client-gen-v0.32. DO NOT EDIT.
17 |
18 | // Package fake has the automatically generated clients.
19 | package fake
20 |
--------------------------------------------------------------------------------
/api/client/versioned/typed/operator/v1beta1/fake/fake_vlogs.go:
--------------------------------------------------------------------------------
1 | /*
2 |
3 |
4 | Licensed under the Apache License, Version 2.0 (the "License");
5 | you may not use this file except in compliance with the License.
6 | You may obtain a copy of the License at
7 |
8 | http://www.apache.org/licenses/LICENSE-2.0
9 |
10 | Unless required by applicable law or agreed to in writing, software
11 | distributed under the License is distributed on an "AS IS" BASIS,
12 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 | See the License for the specific language governing permissions and
14 | limitations under the License.
15 | */
16 | // Code generated by client-gen-v0.32. DO NOT EDIT.
17 |
18 | package fake
19 |
20 | import (
21 | operatorv1beta1 "github.com/VictoriaMetrics/operator/api/client/versioned/typed/operator/v1beta1"
22 | v1beta1 "github.com/VictoriaMetrics/operator/api/operator/v1beta1"
23 | gentype "k8s.io/client-go/gentype"
24 | )
25 |
26 | // fakeVLogs implements VLogsInterface
27 | type fakeVLogs struct {
28 | *gentype.FakeClientWithList[*v1beta1.VLogs, *v1beta1.VLogsList]
29 | Fake *FakeOperatorV1beta1
30 | }
31 |
32 | func newFakeVLogs(fake *FakeOperatorV1beta1, namespace string) operatorv1beta1.VLogsInterface {
33 | return &fakeVLogs{
34 | gentype.NewFakeClientWithList[*v1beta1.VLogs, *v1beta1.VLogsList](
35 | fake.Fake,
36 | namespace,
37 | v1beta1.SchemeGroupVersion.WithResource("vlogs"),
38 | v1beta1.SchemeGroupVersion.WithKind("VLogs"),
39 | func() *v1beta1.VLogs { return &v1beta1.VLogs{} },
40 | func() *v1beta1.VLogsList { return &v1beta1.VLogsList{} },
41 | func(dst, src *v1beta1.VLogsList) { dst.ListMeta = src.ListMeta },
42 | func(list *v1beta1.VLogsList) []*v1beta1.VLogs { return gentype.ToPointerSlice(list.Items) },
43 | func(list *v1beta1.VLogsList, items []*v1beta1.VLogs) { list.Items = gentype.FromPointerSlice(items) },
44 | ),
45 | fake,
46 | }
47 | }
48 |
--------------------------------------------------------------------------------
/api/client/versioned/typed/operator/v1beta1/fake/fake_vmagent.go:
--------------------------------------------------------------------------------
1 | /*
2 |
3 |
4 | Licensed under the Apache License, Version 2.0 (the "License");
5 | you may not use this file except in compliance with the License.
6 | You may obtain a copy of the License at
7 |
8 | http://www.apache.org/licenses/LICENSE-2.0
9 |
10 | Unless required by applicable law or agreed to in writing, software
11 | distributed under the License is distributed on an "AS IS" BASIS,
12 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 | See the License for the specific language governing permissions and
14 | limitations under the License.
15 | */
16 | // Code generated by client-gen-v0.32. DO NOT EDIT.
17 |
18 | package fake
19 |
20 | import (
21 | operatorv1beta1 "github.com/VictoriaMetrics/operator/api/client/versioned/typed/operator/v1beta1"
22 | v1beta1 "github.com/VictoriaMetrics/operator/api/operator/v1beta1"
23 | gentype "k8s.io/client-go/gentype"
24 | )
25 |
26 | // fakeVMAgents implements VMAgentInterface
27 | type fakeVMAgents struct {
28 | *gentype.FakeClientWithList[*v1beta1.VMAgent, *v1beta1.VMAgentList]
29 | Fake *FakeOperatorV1beta1
30 | }
31 |
32 | func newFakeVMAgents(fake *FakeOperatorV1beta1, namespace string) operatorv1beta1.VMAgentInterface {
33 | return &fakeVMAgents{
34 | gentype.NewFakeClientWithList[*v1beta1.VMAgent, *v1beta1.VMAgentList](
35 | fake.Fake,
36 | namespace,
37 | v1beta1.SchemeGroupVersion.WithResource("vmagents"),
38 | v1beta1.SchemeGroupVersion.WithKind("VMAgent"),
39 | func() *v1beta1.VMAgent { return &v1beta1.VMAgent{} },
40 | func() *v1beta1.VMAgentList { return &v1beta1.VMAgentList{} },
41 | func(dst, src *v1beta1.VMAgentList) { dst.ListMeta = src.ListMeta },
42 | func(list *v1beta1.VMAgentList) []*v1beta1.VMAgent { return gentype.ToPointerSlice(list.Items) },
43 | func(list *v1beta1.VMAgentList, items []*v1beta1.VMAgent) {
44 | list.Items = gentype.FromPointerSlice(items)
45 | },
46 | ),
47 | fake,
48 | }
49 | }
50 |
--------------------------------------------------------------------------------
/api/client/versioned/typed/operator/v1beta1/fake/fake_vmalert.go:
--------------------------------------------------------------------------------
1 | /*
2 |
3 |
4 | Licensed under the Apache License, Version 2.0 (the "License");
5 | you may not use this file except in compliance with the License.
6 | You may obtain a copy of the License at
7 |
8 | http://www.apache.org/licenses/LICENSE-2.0
9 |
10 | Unless required by applicable law or agreed to in writing, software
11 | distributed under the License is distributed on an "AS IS" BASIS,
12 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 | See the License for the specific language governing permissions and
14 | limitations under the License.
15 | */
16 | // Code generated by client-gen-v0.32. DO NOT EDIT.
17 |
18 | package fake
19 |
20 | import (
21 | operatorv1beta1 "github.com/VictoriaMetrics/operator/api/client/versioned/typed/operator/v1beta1"
22 | v1beta1 "github.com/VictoriaMetrics/operator/api/operator/v1beta1"
23 | gentype "k8s.io/client-go/gentype"
24 | )
25 |
26 | // fakeVMAlerts implements VMAlertInterface
27 | type fakeVMAlerts struct {
28 | *gentype.FakeClientWithList[*v1beta1.VMAlert, *v1beta1.VMAlertList]
29 | Fake *FakeOperatorV1beta1
30 | }
31 |
32 | func newFakeVMAlerts(fake *FakeOperatorV1beta1, namespace string) operatorv1beta1.VMAlertInterface {
33 | return &fakeVMAlerts{
34 | gentype.NewFakeClientWithList[*v1beta1.VMAlert, *v1beta1.VMAlertList](
35 | fake.Fake,
36 | namespace,
37 | v1beta1.SchemeGroupVersion.WithResource("vmalerts"),
38 | v1beta1.SchemeGroupVersion.WithKind("VMAlert"),
39 | func() *v1beta1.VMAlert { return &v1beta1.VMAlert{} },
40 | func() *v1beta1.VMAlertList { return &v1beta1.VMAlertList{} },
41 | func(dst, src *v1beta1.VMAlertList) { dst.ListMeta = src.ListMeta },
42 | func(list *v1beta1.VMAlertList) []*v1beta1.VMAlert { return gentype.ToPointerSlice(list.Items) },
43 | func(list *v1beta1.VMAlertList, items []*v1beta1.VMAlert) {
44 | list.Items = gentype.FromPointerSlice(items)
45 | },
46 | ),
47 | fake,
48 | }
49 | }
50 |
--------------------------------------------------------------------------------
/api/client/versioned/typed/operator/v1beta1/fake/fake_vmauth.go:
--------------------------------------------------------------------------------
1 | /*
2 |
3 |
4 | Licensed under the Apache License, Version 2.0 (the "License");
5 | you may not use this file except in compliance with the License.
6 | You may obtain a copy of the License at
7 |
8 | http://www.apache.org/licenses/LICENSE-2.0
9 |
10 | Unless required by applicable law or agreed to in writing, software
11 | distributed under the License is distributed on an "AS IS" BASIS,
12 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 | See the License for the specific language governing permissions and
14 | limitations under the License.
15 | */
16 | // Code generated by client-gen-v0.32. DO NOT EDIT.
17 |
18 | package fake
19 |
20 | import (
21 | operatorv1beta1 "github.com/VictoriaMetrics/operator/api/client/versioned/typed/operator/v1beta1"
22 | v1beta1 "github.com/VictoriaMetrics/operator/api/operator/v1beta1"
23 | gentype "k8s.io/client-go/gentype"
24 | )
25 |
26 | // fakeVMAuths implements VMAuthInterface
27 | type fakeVMAuths struct {
28 | *gentype.FakeClientWithList[*v1beta1.VMAuth, *v1beta1.VMAuthList]
29 | Fake *FakeOperatorV1beta1
30 | }
31 |
32 | func newFakeVMAuths(fake *FakeOperatorV1beta1, namespace string) operatorv1beta1.VMAuthInterface {
33 | return &fakeVMAuths{
34 | gentype.NewFakeClientWithList[*v1beta1.VMAuth, *v1beta1.VMAuthList](
35 | fake.Fake,
36 | namespace,
37 | v1beta1.SchemeGroupVersion.WithResource("vmauths"),
38 | v1beta1.SchemeGroupVersion.WithKind("VMAuth"),
39 | func() *v1beta1.VMAuth { return &v1beta1.VMAuth{} },
40 | func() *v1beta1.VMAuthList { return &v1beta1.VMAuthList{} },
41 | func(dst, src *v1beta1.VMAuthList) { dst.ListMeta = src.ListMeta },
42 | func(list *v1beta1.VMAuthList) []*v1beta1.VMAuth { return gentype.ToPointerSlice(list.Items) },
43 | func(list *v1beta1.VMAuthList, items []*v1beta1.VMAuth) { list.Items = gentype.FromPointerSlice(items) },
44 | ),
45 | fake,
46 | }
47 | }
48 |
--------------------------------------------------------------------------------
/api/client/versioned/typed/operator/v1beta1/fake/fake_vmcluster.go:
--------------------------------------------------------------------------------
1 | /*
2 |
3 |
4 | Licensed under the Apache License, Version 2.0 (the "License");
5 | you may not use this file except in compliance with the License.
6 | You may obtain a copy of the License at
7 |
8 | http://www.apache.org/licenses/LICENSE-2.0
9 |
10 | Unless required by applicable law or agreed to in writing, software
11 | distributed under the License is distributed on an "AS IS" BASIS,
12 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 | See the License for the specific language governing permissions and
14 | limitations under the License.
15 | */
16 | // Code generated by client-gen-v0.32. DO NOT EDIT.
17 |
18 | package fake
19 |
20 | import (
21 | operatorv1beta1 "github.com/VictoriaMetrics/operator/api/client/versioned/typed/operator/v1beta1"
22 | v1beta1 "github.com/VictoriaMetrics/operator/api/operator/v1beta1"
23 | gentype "k8s.io/client-go/gentype"
24 | )
25 |
26 | // fakeVMClusters implements VMClusterInterface
27 | type fakeVMClusters struct {
28 | *gentype.FakeClientWithList[*v1beta1.VMCluster, *v1beta1.VMClusterList]
29 | Fake *FakeOperatorV1beta1
30 | }
31 |
32 | func newFakeVMClusters(fake *FakeOperatorV1beta1, namespace string) operatorv1beta1.VMClusterInterface {
33 | return &fakeVMClusters{
34 | gentype.NewFakeClientWithList[*v1beta1.VMCluster, *v1beta1.VMClusterList](
35 | fake.Fake,
36 | namespace,
37 | v1beta1.SchemeGroupVersion.WithResource("vmclusters"),
38 | v1beta1.SchemeGroupVersion.WithKind("VMCluster"),
39 | func() *v1beta1.VMCluster { return &v1beta1.VMCluster{} },
40 | func() *v1beta1.VMClusterList { return &v1beta1.VMClusterList{} },
41 | func(dst, src *v1beta1.VMClusterList) { dst.ListMeta = src.ListMeta },
42 | func(list *v1beta1.VMClusterList) []*v1beta1.VMCluster { return gentype.ToPointerSlice(list.Items) },
43 | func(list *v1beta1.VMClusterList, items []*v1beta1.VMCluster) {
44 | list.Items = gentype.FromPointerSlice(items)
45 | },
46 | ),
47 | fake,
48 | }
49 | }
50 |
--------------------------------------------------------------------------------
/api/client/versioned/typed/operator/v1beta1/fake/fake_vmprobe.go:
--------------------------------------------------------------------------------
1 | /*
2 |
3 |
4 | Licensed under the Apache License, Version 2.0 (the "License");
5 | you may not use this file except in compliance with the License.
6 | You may obtain a copy of the License at
7 |
8 | http://www.apache.org/licenses/LICENSE-2.0
9 |
10 | Unless required by applicable law or agreed to in writing, software
11 | distributed under the License is distributed on an "AS IS" BASIS,
12 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 | See the License for the specific language governing permissions and
14 | limitations under the License.
15 | */
16 | // Code generated by client-gen-v0.32. DO NOT EDIT.
17 |
18 | package fake
19 |
20 | import (
21 | operatorv1beta1 "github.com/VictoriaMetrics/operator/api/client/versioned/typed/operator/v1beta1"
22 | v1beta1 "github.com/VictoriaMetrics/operator/api/operator/v1beta1"
23 | gentype "k8s.io/client-go/gentype"
24 | )
25 |
26 | // fakeVMProbes implements VMProbeInterface
27 | type fakeVMProbes struct {
28 | *gentype.FakeClientWithList[*v1beta1.VMProbe, *v1beta1.VMProbeList]
29 | Fake *FakeOperatorV1beta1
30 | }
31 |
32 | func newFakeVMProbes(fake *FakeOperatorV1beta1, namespace string) operatorv1beta1.VMProbeInterface {
33 | return &fakeVMProbes{
34 | gentype.NewFakeClientWithList[*v1beta1.VMProbe, *v1beta1.VMProbeList](
35 | fake.Fake,
36 | namespace,
37 | v1beta1.SchemeGroupVersion.WithResource("vmprobes"),
38 | v1beta1.SchemeGroupVersion.WithKind("VMProbe"),
39 | func() *v1beta1.VMProbe { return &v1beta1.VMProbe{} },
40 | func() *v1beta1.VMProbeList { return &v1beta1.VMProbeList{} },
41 | func(dst, src *v1beta1.VMProbeList) { dst.ListMeta = src.ListMeta },
42 | func(list *v1beta1.VMProbeList) []*v1beta1.VMProbe { return gentype.ToPointerSlice(list.Items) },
43 | func(list *v1beta1.VMProbeList, items []*v1beta1.VMProbe) {
44 | list.Items = gentype.FromPointerSlice(items)
45 | },
46 | ),
47 | fake,
48 | }
49 | }
50 |
--------------------------------------------------------------------------------
/api/client/versioned/typed/operator/v1beta1/fake/fake_vmrule.go:
--------------------------------------------------------------------------------
1 | /*
2 |
3 |
4 | Licensed under the Apache License, Version 2.0 (the "License");
5 | you may not use this file except in compliance with the License.
6 | You may obtain a copy of the License at
7 |
8 | http://www.apache.org/licenses/LICENSE-2.0
9 |
10 | Unless required by applicable law or agreed to in writing, software
11 | distributed under the License is distributed on an "AS IS" BASIS,
12 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 | See the License for the specific language governing permissions and
14 | limitations under the License.
15 | */
16 | // Code generated by client-gen-v0.32. DO NOT EDIT.
17 |
18 | package fake
19 |
20 | import (
21 | operatorv1beta1 "github.com/VictoriaMetrics/operator/api/client/versioned/typed/operator/v1beta1"
22 | v1beta1 "github.com/VictoriaMetrics/operator/api/operator/v1beta1"
23 | gentype "k8s.io/client-go/gentype"
24 | )
25 |
26 | // fakeVMRules implements VMRuleInterface
27 | type fakeVMRules struct {
28 | *gentype.FakeClientWithList[*v1beta1.VMRule, *v1beta1.VMRuleList]
29 | Fake *FakeOperatorV1beta1
30 | }
31 |
32 | func newFakeVMRules(fake *FakeOperatorV1beta1, namespace string) operatorv1beta1.VMRuleInterface {
33 | return &fakeVMRules{
34 | gentype.NewFakeClientWithList[*v1beta1.VMRule, *v1beta1.VMRuleList](
35 | fake.Fake,
36 | namespace,
37 | v1beta1.SchemeGroupVersion.WithResource("vmrules"),
38 | v1beta1.SchemeGroupVersion.WithKind("VMRule"),
39 | func() *v1beta1.VMRule { return &v1beta1.VMRule{} },
40 | func() *v1beta1.VMRuleList { return &v1beta1.VMRuleList{} },
41 | func(dst, src *v1beta1.VMRuleList) { dst.ListMeta = src.ListMeta },
42 | func(list *v1beta1.VMRuleList) []*v1beta1.VMRule { return gentype.ToPointerSlice(list.Items) },
43 | func(list *v1beta1.VMRuleList, items []*v1beta1.VMRule) { list.Items = gentype.FromPointerSlice(items) },
44 | ),
45 | fake,
46 | }
47 | }
48 |
--------------------------------------------------------------------------------
/api/client/versioned/typed/operator/v1beta1/fake/fake_vmsingle.go:
--------------------------------------------------------------------------------
1 | /*
2 |
3 |
4 | Licensed under the Apache License, Version 2.0 (the "License");
5 | you may not use this file except in compliance with the License.
6 | You may obtain a copy of the License at
7 |
8 | http://www.apache.org/licenses/LICENSE-2.0
9 |
10 | Unless required by applicable law or agreed to in writing, software
11 | distributed under the License is distributed on an "AS IS" BASIS,
12 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 | See the License for the specific language governing permissions and
14 | limitations under the License.
15 | */
16 | // Code generated by client-gen-v0.32. DO NOT EDIT.
17 |
18 | package fake
19 |
20 | import (
21 | operatorv1beta1 "github.com/VictoriaMetrics/operator/api/client/versioned/typed/operator/v1beta1"
22 | v1beta1 "github.com/VictoriaMetrics/operator/api/operator/v1beta1"
23 | gentype "k8s.io/client-go/gentype"
24 | )
25 |
26 | // fakeVMSingles implements VMSingleInterface
27 | type fakeVMSingles struct {
28 | *gentype.FakeClientWithList[*v1beta1.VMSingle, *v1beta1.VMSingleList]
29 | Fake *FakeOperatorV1beta1
30 | }
31 |
32 | func newFakeVMSingles(fake *FakeOperatorV1beta1, namespace string) operatorv1beta1.VMSingleInterface {
33 | return &fakeVMSingles{
34 | gentype.NewFakeClientWithList[*v1beta1.VMSingle, *v1beta1.VMSingleList](
35 | fake.Fake,
36 | namespace,
37 | v1beta1.SchemeGroupVersion.WithResource("vmsingles"),
38 | v1beta1.SchemeGroupVersion.WithKind("VMSingle"),
39 | func() *v1beta1.VMSingle { return &v1beta1.VMSingle{} },
40 | func() *v1beta1.VMSingleList { return &v1beta1.VMSingleList{} },
41 | func(dst, src *v1beta1.VMSingleList) { dst.ListMeta = src.ListMeta },
42 | func(list *v1beta1.VMSingleList) []*v1beta1.VMSingle { return gentype.ToPointerSlice(list.Items) },
43 | func(list *v1beta1.VMSingleList, items []*v1beta1.VMSingle) {
44 | list.Items = gentype.FromPointerSlice(items)
45 | },
46 | ),
47 | fake,
48 | }
49 | }
50 |
--------------------------------------------------------------------------------
/api/client/versioned/typed/operator/v1beta1/fake/fake_vmuser.go:
--------------------------------------------------------------------------------
1 | /*
2 |
3 |
4 | Licensed under the Apache License, Version 2.0 (the "License");
5 | you may not use this file except in compliance with the License.
6 | You may obtain a copy of the License at
7 |
8 | http://www.apache.org/licenses/LICENSE-2.0
9 |
10 | Unless required by applicable law or agreed to in writing, software
11 | distributed under the License is distributed on an "AS IS" BASIS,
12 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 | See the License for the specific language governing permissions and
14 | limitations under the License.
15 | */
16 | // Code generated by client-gen-v0.32. DO NOT EDIT.
17 |
18 | package fake
19 |
20 | import (
21 | operatorv1beta1 "github.com/VictoriaMetrics/operator/api/client/versioned/typed/operator/v1beta1"
22 | v1beta1 "github.com/VictoriaMetrics/operator/api/operator/v1beta1"
23 | gentype "k8s.io/client-go/gentype"
24 | )
25 |
26 | // fakeVMUsers implements VMUserInterface
27 | type fakeVMUsers struct {
28 | *gentype.FakeClientWithList[*v1beta1.VMUser, *v1beta1.VMUserList]
29 | Fake *FakeOperatorV1beta1
30 | }
31 |
32 | func newFakeVMUsers(fake *FakeOperatorV1beta1, namespace string) operatorv1beta1.VMUserInterface {
33 | return &fakeVMUsers{
34 | gentype.NewFakeClientWithList[*v1beta1.VMUser, *v1beta1.VMUserList](
35 | fake.Fake,
36 | namespace,
37 | v1beta1.SchemeGroupVersion.WithResource("vmusers"),
38 | v1beta1.SchemeGroupVersion.WithKind("VMUser"),
39 | func() *v1beta1.VMUser { return &v1beta1.VMUser{} },
40 | func() *v1beta1.VMUserList { return &v1beta1.VMUserList{} },
41 | func(dst, src *v1beta1.VMUserList) { dst.ListMeta = src.ListMeta },
42 | func(list *v1beta1.VMUserList) []*v1beta1.VMUser { return gentype.ToPointerSlice(list.Items) },
43 | func(list *v1beta1.VMUserList, items []*v1beta1.VMUser) { list.Items = gentype.FromPointerSlice(items) },
44 | ),
45 | fake,
46 | }
47 | }
48 |
--------------------------------------------------------------------------------
/api/client/versioned/typed/operator/v1beta1/generated_expansion.go:
--------------------------------------------------------------------------------
1 | /*
2 |
3 |
4 | Licensed under the Apache License, Version 2.0 (the "License");
5 | you may not use this file except in compliance with the License.
6 | You may obtain a copy of the License at
7 |
8 | http://www.apache.org/licenses/LICENSE-2.0
9 |
10 | Unless required by applicable law or agreed to in writing, software
11 | distributed under the License is distributed on an "AS IS" BASIS,
12 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 | See the License for the specific language governing permissions and
14 | limitations under the License.
15 | */
16 | // Code generated by client-gen-v0.32. DO NOT EDIT.
17 |
18 | package v1beta1
19 |
20 | type VLogsExpansion interface{}
21 |
22 | type VMAgentExpansion interface{}
23 |
24 | type VMAlertExpansion interface{}
25 |
26 | type VMAlertmanagerExpansion interface{}
27 |
28 | type VMAlertmanagerConfigExpansion interface{}
29 |
30 | type VMAuthExpansion interface{}
31 |
32 | type VMClusterExpansion interface{}
33 |
34 | type VMNodeScrapeExpansion interface{}
35 |
36 | type VMPodScrapeExpansion interface{}
37 |
38 | type VMProbeExpansion interface{}
39 |
40 | type VMRuleExpansion interface{}
41 |
42 | type VMScrapeConfigExpansion interface{}
43 |
44 | type VMServiceScrapeExpansion interface{}
45 |
46 | type VMSingleExpansion interface{}
47 |
48 | type VMStaticScrapeExpansion interface{}
49 |
50 | type VMUserExpansion interface{}
51 |
--------------------------------------------------------------------------------
/api/operator/v1/common.go:
--------------------------------------------------------------------------------
1 | package v1
2 |
3 | import (
4 | "fmt"
5 |
6 | corev1 "k8s.io/api/core/v1"
7 | )
8 |
9 | const (
10 | healthPath = "/health"
11 | metricPath = "/metrics"
12 | )
13 |
14 | func prefixedName(name, prefix string) string {
15 | return fmt.Sprintf("%s-%s", prefix, name)
16 | }
17 |
18 | // TLSServerConfig defines VictoriaMetrics TLS configuration for the application's server
19 | type TLSServerConfig struct {
20 | // CertSecretRef defines reference for secret with certificate content under given key
21 | // mutually exclusive with CertFile
22 | // +optional
23 | CertSecret *corev1.SecretKeySelector `json:"certSecret,omitempty"`
24 | // CertFile defines path to the pre-mounted file with certificate
25 | // mutually exclusive with CertSecretRef
26 | // +optional
27 | CertFile string `json:"certFile,omitempty"`
28 | // Key defines reference for secret with certificate key content under given key
29 | // mutually exclusive with KeyFile
30 | // +optional
31 | KeySecret *corev1.SecretKeySelector `json:"keySecret,omitempty"`
32 | // KeyFile defines path to the pre-mounted file with certificate key
33 | // mutually exclusive with KeySecretRef
34 | // +optional
35 | KeyFile string `json:"keyFile,omitempty"`
36 | }
37 |
--------------------------------------------------------------------------------
/api/operator/v1/groupversion_info.go:
--------------------------------------------------------------------------------
1 | /*
2 |
3 |
4 | Licensed under the Apache License, Version 2.0 (the "License");
5 | you may not use this file except in compliance with the License.
6 | You may obtain a copy of the License at
7 |
8 | http://www.apache.org/licenses/LICENSE-2.0
9 |
10 | Unless required by applicable law or agreed to in writing, software
11 | distributed under the License is distributed on an "AS IS" BASIS,
12 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 | See the License for the specific language governing permissions and
14 | limitations under the License.
15 | */
16 |
17 | // Package v1 contains API Schema definitions for the operator v1 API group
18 | // +kubebuilder:object:generate=true
19 | // +groupName=operator.victoriametrics.com
20 | package v1
21 |
22 | import (
23 | "k8s.io/apimachinery/pkg/runtime/schema"
24 | "sigs.k8s.io/controller-runtime/pkg/scheme"
25 | )
26 |
27 | var (
28 | // GroupVersion is group version used to register these objects
29 | GroupVersion = schema.GroupVersion{Group: "operator.victoriametrics.com", Version: "v1"}
30 |
31 | // SchemeBuilder is used to add go types to the GroupVersionKind scheme
32 | SchemeBuilder = &scheme.Builder{GroupVersion: GroupVersion}
33 |
34 | // AddToScheme adds the types in this group-version to the given scheme.
35 | AddToScheme = SchemeBuilder.AddToScheme
36 |
37 | // SchemeGroupVersion is group version used to register these objects
38 | SchemeGroupVersion = schema.GroupVersion{Group: "operator.victoriametrics.com", Version: "v1"}
39 | )
40 |
41 | // Resource takes an unqualified resource and returns a Group qualified GroupResource
42 | func Resource(resource string) schema.GroupResource {
43 | return SchemeGroupVersion.WithResource(resource).GroupResource()
44 | }
45 |
--------------------------------------------------------------------------------
/api/operator/v1beta1/groupversion_info.go:
--------------------------------------------------------------------------------
1 | /*
2 |
3 |
4 | Licensed under the Apache License, Version 2.0 (the "License");
5 | you may not use this file except in compliance with the License.
6 | You may obtain a copy of the License at
7 |
8 | http://www.apache.org/licenses/LICENSE-2.0
9 |
10 | Unless required by applicable law or agreed to in writing, software
11 | distributed under the License is distributed on an "AS IS" BASIS,
12 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 | See the License for the specific language governing permissions and
14 | limitations under the License.
15 | */
16 |
17 | // Package v1beta1 contains API Schema definitions for the victoriametrics v1beta1 API group
18 | // +kubebuilder:object:generate=true
19 | // +groupName=operator.victoriametrics.com
20 | package v1beta1
21 |
22 | import (
23 | "k8s.io/apimachinery/pkg/runtime/schema"
24 | "sigs.k8s.io/controller-runtime/pkg/scheme"
25 | )
26 |
27 | var (
28 | // GroupVersion is group version used to register these objects
29 | GroupVersion = schema.GroupVersion{Group: "operator.victoriametrics.com", Version: "v1beta1"}
30 |
31 | // SchemeBuilder is used to add go types to the GroupVersionKind scheme
32 | SchemeBuilder = &scheme.Builder{GroupVersion: GroupVersion}
33 |
34 | // AddToScheme adds the types in this group-version to the given scheme.
35 | AddToScheme = SchemeBuilder.AddToScheme
36 | )
37 |
38 | // Resource takes an unqualified resource and returns a Group qualified GroupResource
39 | func Resource(resource string) schema.GroupResource {
40 | return SchemeGroupVersion.WithResource(resource).GroupResource()
41 | }
42 |
--------------------------------------------------------------------------------
/api/operator/v1beta1/v1beta1_test.go:
--------------------------------------------------------------------------------
1 | package v1beta1
2 |
3 | import (
4 | "testing"
5 |
6 | . "github.com/onsi/ginkgo/v2"
7 | . "github.com/onsi/gomega"
8 | )
9 |
10 | func TestValidation(t *testing.T) {
11 | RegisterFailHandler(Fail)
12 | RunSpecs(t, "validation")
13 | }
14 |
--------------------------------------------------------------------------------
/api/operator/v1beta1/vmagent_types_test.go:
--------------------------------------------------------------------------------
1 | package v1beta1
2 |
3 | import (
4 | "testing"
5 | )
6 |
7 | func TestVMAgent_Validate(t *testing.T) {
8 |
9 | tests := []struct {
10 | name string
11 | spec VMAgentSpec
12 | wantErr bool
13 | }{
14 | {
15 | name: "wo remotewrite",
16 | spec: VMAgentSpec{},
17 | wantErr: true,
18 | },
19 | {
20 | name: "rw empty url",
21 | spec: VMAgentSpec{RemoteWrite: []VMAgentRemoteWriteSpec{
22 | {},
23 | }},
24 | wantErr: true,
25 | },
26 | {
27 | name: "bad inline cfg",
28 | spec: VMAgentSpec{
29 | RemoteWrite: []VMAgentRemoteWriteSpec{{URL: "http://some-rw"}},
30 | InlineScrapeConfig: "some; none yaml formatted string",
31 | },
32 | wantErr: true,
33 | },
34 | {
35 | name: "valid inline cfg",
36 | spec: VMAgentSpec{
37 | RemoteWrite: []VMAgentRemoteWriteSpec{{URL: "http://some-rw"}},
38 | InlineScrapeConfig: `key: value`,
39 | },
40 | },
41 | {
42 | name: "valid relabeling",
43 | spec: VMAgentSpec{
44 | RemoteWrite: []VMAgentRemoteWriteSpec{{URL: "http://some-rw"}},
45 | InlineRelabelConfig: []*RelabelConfig{
46 | {
47 | Action: "drop",
48 | SourceLabels: []string{"src_id"},
49 | },
50 | },
51 | },
52 | },
53 | {
54 | name: "relabeling with if array",
55 | spec: VMAgentSpec{
56 | RemoteWrite: []VMAgentRemoteWriteSpec{{URL: "http://some-rw"}},
57 | InlineRelabelConfig: []*RelabelConfig{
58 | {
59 | Action: "drop_metrics",
60 | If: []string{
61 | "{job=~\"aaa.*\"}",
62 | "{job=~\"bbb.*\"}",
63 | },
64 | },
65 | },
66 | },
67 | },
68 | }
69 | for _, tt := range tests {
70 | t.Run(tt.name, func(t *testing.T) {
71 | r := &VMAgent{
72 | Spec: tt.spec,
73 | }
74 | if err := r.Validate(); (err != nil) != tt.wantErr {
75 | t.Errorf("Validate() error = %v, wantErr %v", err, tt.wantErr)
76 | }
77 | })
78 | }
79 | }
80 |
--------------------------------------------------------------------------------
/api/operator/v1beta1/vmalert_types_test.go:
--------------------------------------------------------------------------------
1 | package v1beta1
2 |
3 | import (
4 | "testing"
5 | )
6 |
7 | func TestVMAlert_Validate(t *testing.T) {
8 | tests := []struct {
9 | name string
10 | spec VMAlertSpec
11 | wantErr bool
12 | }{
13 | {
14 | name: "wo datasource",
15 | spec: VMAlertSpec{
16 | Notifier: &VMAlertNotifierSpec{
17 | URL: "some-url",
18 | },
19 | },
20 | wantErr: true,
21 | },
22 | {
23 | name: "with notifier blackhole",
24 | spec: VMAlertSpec{
25 | Datasource: VMAlertDatasourceSpec{URL: "http://some-url"},
26 | CommonApplicationDeploymentParams: CommonApplicationDeploymentParams{
27 | ExtraArgs: map[string]string{"notifier.blackhole": "true"},
28 | },
29 | },
30 | wantErr: false,
31 | },
32 | {
33 | name: "wo notifier url",
34 | spec: VMAlertSpec{
35 | Datasource: VMAlertDatasourceSpec{URL: "some-url"},
36 | Notifier: &VMAlertNotifierSpec{},
37 | },
38 | wantErr: true,
39 | },
40 | }
41 | for _, tt := range tests {
42 | t.Run(tt.name, func(t *testing.T) {
43 | r := &VMAlert{
44 | Spec: tt.spec,
45 | }
46 | if err := r.Validate(); (err != nil) != tt.wantErr {
47 | t.Errorf("Validate() error = %v, wantErr %v", err, tt.wantErr)
48 | }
49 | })
50 | }
51 | }
52 |
--------------------------------------------------------------------------------
/api/operator/v1beta1/vmalertmanager_types_test.go:
--------------------------------------------------------------------------------
1 | package v1beta1
2 |
3 | import (
4 | . "github.com/onsi/ginkgo/v2"
5 | . "github.com/onsi/gomega"
6 | metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
7 | )
8 |
9 | var _ = Describe("VMAlertmanager Webhook", func() {
10 | var am *VMAlertmanager
11 | BeforeEach(func() {
12 | am = &VMAlertmanager{
13 | ObjectMeta: metav1.ObjectMeta{
14 | Name: "test-suite",
15 | Namespace: "test",
16 | },
17 | Spec: VMAlertmanagerSpec{},
18 | }
19 | })
20 | Context("When creating VMAlertmanager under Validating Webhook", func() {
21 | It("Should deny config file with bad syntax", func() {
22 | am.Spec.ConfigRawYaml = `
23 | global:
24 | resolve_timeout: 10m
25 | group_wait: 1s
26 | `
27 | Expect(am.Validate()).NotTo(Succeed())
28 | })
29 |
30 | It("Should allow with correct config syntax", func() {
31 | am.Spec.ConfigRawYaml = `
32 | global:
33 | resolve_timeout: 5m
34 | route:
35 | group_wait: 10s
36 | group_interval: 2m
37 | group_by: ["alertgroup", "resource_id"]
38 | repeat_interval: 12h
39 | receiver: 'blackhole'
40 | receivers:
41 | # by default route to dev/null
42 | - name: blackhole
43 | `
44 | Expect(am.Validate()).To(Succeed())
45 | })
46 | })
47 |
48 | Context("When creating VMAlertmanager under Conversion Webhook", func() {
49 | It("Should get the converted version of VMAlertmanager", func() {
50 | // TODO(user): Add your logic here
51 | })
52 | })
53 | })
54 |
--------------------------------------------------------------------------------
/api/operator/v1beta1/vmalertmanagerconfig_test.go:
--------------------------------------------------------------------------------
1 | package v1beta1
2 |
--------------------------------------------------------------------------------
/cmd/config-reloader/README.md:
--------------------------------------------------------------------------------
1 | ### Config-reloader
2 |
3 |
4 | It's alternative version of `prometheus-config-reloader`.
5 | The main difference is ability to read secret directly from kubernetes and write it to local file system.
6 | It should speed-up config reloading process and makes it more predictable.
--------------------------------------------------------------------------------
/cmd/main.go:
--------------------------------------------------------------------------------
1 | /*
2 |
3 |
4 | Licensed under the Apache License, Version 2.0 (the "License");
5 | you may not use this file except in compliance with the License.
6 | You may obtain a copy of the License at
7 |
8 | http://www.apache.org/licenses/LICENSE-2.0
9 |
10 | Unless required by applicable law or agreed to in writing, software
11 | distributed under the License is distributed on an "AS IS" BASIS,
12 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 | See the License for the specific language governing permissions and
14 | limitations under the License.
15 | */
16 |
17 | package main
18 |
19 | import (
20 | "context"
21 | "os"
22 |
23 | ctrl "sigs.k8s.io/controller-runtime"
24 | "sigs.k8s.io/controller-runtime/pkg/manager/signals"
25 |
26 | "github.com/VictoriaMetrics/operator/internal/manager"
27 | )
28 |
29 | var (
30 | setupLog = ctrl.Log.WithName("setup")
31 | )
32 |
33 | func main() {
34 | ctx, cancel := context.WithCancel(context.Background())
35 | stop := signals.SetupSignalHandler()
36 | go func() {
37 | <-stop.Done()
38 | cancel()
39 | }()
40 |
41 | err := manager.RunManager(ctx)
42 | if err != nil {
43 | setupLog.Error(err, "cannot setup manager")
44 | os.Exit(1)
45 | }
46 | setupLog.Info("stopped")
47 | }
48 |
--------------------------------------------------------------------------------
/codespell/Dockerfile:
--------------------------------------------------------------------------------
1 | FROM python:3
2 |
3 | WORKDIR /opt/node
4 | RUN pip install codespell
5 | WORKDIR /vm
6 | ENTRYPOINT ["codespell"]
7 |
--------------------------------------------------------------------------------
/codespell/Makefile:
--------------------------------------------------------------------------------
1 | # These commands must be run from the VictoriaMetrics repository root.
2 |
3 | # Builds spellcheck image.
4 | codespell:
5 | @-docker build codespell -t codespell
6 |
7 | # Runs cspell container commands.
8 | codespell-check: codespell
9 | @-docker run \
10 | --mount type=bind,src="$(PWD)",dst=/vm \
11 | --rm \
12 | codespell -w \
13 | --ignore-words=/vm/codespell/stopwords \
14 | --skip='*/node_modules/*,*/vmdocs/*,*/vendor/*,*.js,*.pb.go,*.qtpl.go' /vm
15 |
--------------------------------------------------------------------------------
/codespell/stopwords:
--------------------------------------------------------------------------------
1 | notin
2 | afterall
3 | statics
4 |
--------------------------------------------------------------------------------
/config/base/kustomization.yaml:
--------------------------------------------------------------------------------
1 | namespace: vm
2 | namePrefix: vm-
3 | resources:
4 | - ../default
5 |
--------------------------------------------------------------------------------
/config/certmanager/certificate-metrics.yaml:
--------------------------------------------------------------------------------
1 | # The following manifests contain a self-signed issuer CR and a metrics certificate CR.
2 | # More document can be found at https://docs.cert-manager.io
3 | apiVersion: cert-manager.io/v1
4 | kind: Certificate
5 | metadata:
6 | labels:
7 | app.kubernetes.io/name: vm-operator
8 | app.kubernetes.io/instance: vm-metrics-cert
9 | app.kubernetes.io/component: certificate
10 | app.kubernetes.io/created-by: vm-operator
11 | app.kubernetes.io/part-of: vm-operator
12 | app.kubernetes.io/managed-by: kustomize
13 | name: metrics-certs
14 | namespace: vm
15 | spec:
16 | dnsNames:
17 | # SERVICE_NAME and SERVICE_NAMESPACE will be substituted by kustomize
18 | # replacements in the config/default/kustomization.yaml file.
19 | - SERVICE_NAME.SERVICE_NAMESPACE.svc
20 | - SERVICE_NAME.SERVICE_NAMESPACE.svc.cluster.local
21 | issuerRef:
22 | kind: Issuer
23 | name: selfsigned-issuer
24 | secretName: metrics-server-cert
25 |
--------------------------------------------------------------------------------
/config/certmanager/certificate-webhook.yaml:
--------------------------------------------------------------------------------
1 | # The following manifests contain a self-signed issuer CR and a certificate CR.
2 | # More document can be found at https://docs.cert-manager.io
3 | apiVersion: cert-manager.io/v1
4 | kind: Certificate
5 | metadata:
6 | labels:
7 | app.kubernetes.io/name: vm-operator
8 | app.kubernetes.io/instance: vm-serving-cert
9 | app.kubernetes.io/component: certificate
10 | app.kubernetes.io/created-by: vm-operator
11 | app.kubernetes.io/part-of: vm-operator
12 | app.kubernetes.io/managed-by: kustomize
13 | name: serving-cert # this name should match the one appeared in kustomizeconfig.yaml
14 | namespace: system
15 | spec:
16 | # SERVICE_NAME and SERVICE_NAMESPACE will be substituted by kustomize
17 | # replacements in the config/default/kustomization.yaml file.
18 | dnsNames:
19 | - SERVICE_NAME.SERVICE_NAMESPACE.svc
20 | - SERVICE_NAME.SERVICE_NAMESPACE.svc.cluster.local
21 | issuerRef:
22 | kind: Issuer
23 | name: selfsigned-issuer
24 | secretName: webhook-server-cert
25 |
--------------------------------------------------------------------------------
/config/certmanager/issuer.yaml:
--------------------------------------------------------------------------------
1 | # The following manifest contains a self-signed issuer CR.
2 | # More information can be found at https://docs.cert-manager.io
3 | # WARNING: Targets CertManager v1.0. Check https://cert-manager.io/docs/installation/upgrading/ for breaking changes.
4 | apiVersion: cert-manager.io/v1
5 | kind: Issuer
6 | metadata:
7 | labels:
8 | app.kubernetes.io/name: vm-operator
9 | app.kubernetes.io/managed-by: kustomize
10 | name: selfsigned-issuer
11 | namespace: vm
12 | spec:
13 | selfSigned: {}
14 |
--------------------------------------------------------------------------------
/config/certmanager/kustomization.yaml:
--------------------------------------------------------------------------------
1 | resources:
2 | - issuer.yaml
3 | - certificate-metrics.yaml
4 | - certificate-webhook.yaml
5 | configurations:
6 | - kustomizeconfig.yaml
7 |
--------------------------------------------------------------------------------
/config/certmanager/kustomizeconfig.yaml:
--------------------------------------------------------------------------------
1 | # This configuration is for teaching kustomize how to update name ref and var substitution
2 | nameReference:
3 | - kind: Issuer
4 | group: cert-manager.io
5 | fieldSpecs:
6 | - kind: Certificate
7 | group: cert-manager.io
8 | path: spec/issuerRef/name
9 |
--------------------------------------------------------------------------------
/config/crd/kustomizeconfig.yaml:
--------------------------------------------------------------------------------
1 | # This file is for teaching kustomize how to substitute name and namespace reference in CRD
2 | nameReference:
3 | - kind: Service
4 | version: v1
5 | fieldSpecs:
6 | - kind: CustomResourceDefinition
7 | group: apiextensions.k8s.io
8 | path: spec/conversion/webhookClientConfig/service/name
9 | namespace:
10 | - kind: CustomResourceDefinition
11 | group: apiextensions.k8s.io
12 | path: spec/conversion/webhookClientConfig/service/namespace
13 | create: false
14 | varReference:
15 | - path: metadata/annotations
16 |
--------------------------------------------------------------------------------
/config/crd/overlay/kustomization.yaml:
--------------------------------------------------------------------------------
1 | resources:
2 | - crd.yaml
3 |
--------------------------------------------------------------------------------
/config/crd/patches/cainjection_in_operator_vlogs.yaml:
--------------------------------------------------------------------------------
1 | # The following patch adds a directive for certmanager to inject CA into the CRD
2 | apiVersion: apiextensions.k8s.io/v1
3 | kind: CustomResourceDefinition
4 | metadata:
5 | annotations:
6 | cert-manager.io/inject-ca-from: CERTIFICATE_NAMESPACE/CERTIFICATE_NAME
7 | name: vlogs.operator.victoriametrics.com
8 |
--------------------------------------------------------------------------------
/config/crd/patches/cainjection_in_operator_vmagents.yaml:
--------------------------------------------------------------------------------
1 | # The following patch adds a directive for certmanager to inject CA into the CRD
2 | apiVersion: apiextensions.k8s.io/v1
3 | kind: CustomResourceDefinition
4 | metadata:
5 | annotations:
6 | cert-manager.io/inject-ca-from: CERTIFICATE_NAMESPACE/CERTIFICATE_NAME
7 | name: vmagents.operator.victoriametrics.com
8 |
--------------------------------------------------------------------------------
/config/crd/patches/cainjection_in_operator_vmalertmanagerconfigs.yaml:
--------------------------------------------------------------------------------
1 | # The following patch adds a directive for certmanager to inject CA into the CRD
2 | apiVersion: apiextensions.k8s.io/v1
3 | kind: CustomResourceDefinition
4 | metadata:
5 | annotations:
6 | cert-manager.io/inject-ca-from: CERTIFICATE_NAMESPACE/CERTIFICATE_NAME
7 | name: vmalertmanagerconfigs.operator.victoriametrics.com
8 |
--------------------------------------------------------------------------------
/config/crd/patches/cainjection_in_operator_vmalertmanagers.yaml:
--------------------------------------------------------------------------------
1 | # The following patch adds a directive for certmanager to inject CA into the CRD
2 | apiVersion: apiextensions.k8s.io/v1
3 | kind: CustomResourceDefinition
4 | metadata:
5 | annotations:
6 | cert-manager.io/inject-ca-from: CERTIFICATE_NAMESPACE/CERTIFICATE_NAME
7 | name: vmalertmanagers.operator.victoriametrics.com
8 |
--------------------------------------------------------------------------------
/config/crd/patches/cainjection_in_operator_vmalerts.yaml:
--------------------------------------------------------------------------------
1 | # The following patch adds a directive for certmanager to inject CA into the CRD
2 | apiVersion: apiextensions.k8s.io/v1
3 | kind: CustomResourceDefinition
4 | metadata:
5 | annotations:
6 | cert-manager.io/inject-ca-from: CERTIFICATE_NAMESPACE/CERTIFICATE_NAME
7 | name: vmalerts.operator.victoriametrics.com
8 |
--------------------------------------------------------------------------------
/config/crd/patches/cainjection_in_operator_vmauths.yaml:
--------------------------------------------------------------------------------
1 | # The following patch adds a directive for certmanager to inject CA into the CRD
2 | apiVersion: apiextensions.k8s.io/v1
3 | kind: CustomResourceDefinition
4 | metadata:
5 | annotations:
6 | cert-manager.io/inject-ca-from: CERTIFICATE_NAMESPACE/CERTIFICATE_NAME
7 | name: vmauths.operator.victoriametrics.com
8 |
--------------------------------------------------------------------------------
/config/crd/patches/cainjection_in_operator_vmclusters.yaml:
--------------------------------------------------------------------------------
1 | # The following patch adds a directive for certmanager to inject CA into the CRD
2 | apiVersion: apiextensions.k8s.io/v1
3 | kind: CustomResourceDefinition
4 | metadata:
5 | annotations:
6 | cert-manager.io/inject-ca-from: CERTIFICATE_NAMESPACE/CERTIFICATE_NAME
7 | name: vmclusters.operator.victoriametrics.com
8 |
--------------------------------------------------------------------------------
/config/crd/patches/cainjection_in_operator_vmrules.yaml:
--------------------------------------------------------------------------------
1 | # The following patch adds a directive for certmanager to inject CA into the CRD
2 | apiVersion: apiextensions.k8s.io/v1
3 | kind: CustomResourceDefinition
4 | metadata:
5 | annotations:
6 | cert-manager.io/inject-ca-from: CERTIFICATE_NAMESPACE/CERTIFICATE_NAME
7 | name: vmrules.operator.victoriametrics.com
8 |
--------------------------------------------------------------------------------
/config/crd/patches/cainjection_in_operator_vmsingles.yaml:
--------------------------------------------------------------------------------
1 | # The following patch adds a directive for certmanager to inject CA into the CRD
2 | apiVersion: apiextensions.k8s.io/v1
3 | kind: CustomResourceDefinition
4 | metadata:
5 | annotations:
6 | cert-manager.io/inject-ca-from: CERTIFICATE_NAMESPACE/CERTIFICATE_NAME
7 | name: vmsingles.operator.victoriametrics.com
8 |
--------------------------------------------------------------------------------
/config/crd/patches/cainjection_in_operator_vmusers.yaml:
--------------------------------------------------------------------------------
1 | # The following patch adds a directive for certmanager to inject CA into the CRD
2 | apiVersion: apiextensions.k8s.io/v1
3 | kind: CustomResourceDefinition
4 | metadata:
5 | annotations:
6 | cert-manager.io/inject-ca-from: CERTIFICATE_NAMESPACE/CERTIFICATE_NAME
7 | name: vmusers.operator.victoriametrics.com
8 |
--------------------------------------------------------------------------------
/config/crd/patches/operator.victoriametrics.com_vlogs.yaml:
--------------------------------------------------------------------------------
1 | - op: add
2 | path: /spec/versions/0/schema/openAPIV3Schema/properties/spec/x-kubernetes-preserve-unknown-fields
3 | value: true
4 | - op: remove
5 | path: /spec/versions/0/schema/openAPIV3Schema/properties/spec/properties
6 |
--------------------------------------------------------------------------------
/config/crd/patches/webhook_in_operator_vlogs.yaml:
--------------------------------------------------------------------------------
1 | # The following patch enables a conversion webhook for the CRD
2 | apiVersion: apiextensions.k8s.io/v1
3 | kind: CustomResourceDefinition
4 | metadata:
5 | name: vlogs.operator.victoriametrics.com
6 | spec:
7 | conversion:
8 | strategy: Webhook
9 | webhook:
10 | clientConfig:
11 | service:
12 | namespace: system
13 | name: webhook-service
14 | path: /convert
15 | conversionReviewVersions:
16 | - v1
17 |
--------------------------------------------------------------------------------
/config/crd/patches/webhook_in_operator_vmagents.yaml:
--------------------------------------------------------------------------------
1 | # The following patch enables a conversion webhook for the CRD
2 | apiVersion: apiextensions.k8s.io/v1
3 | kind: CustomResourceDefinition
4 | metadata:
5 | name: vmagents.operator.victoriametrics.com
6 | spec:
7 | conversion:
8 | strategy: Webhook
9 | webhook:
10 | clientConfig:
11 | service:
12 | namespace: vm
13 | name: webhook-service
14 | path: /convert
15 | conversionReviewVersions:
16 | - v1
17 |
--------------------------------------------------------------------------------
/config/crd/patches/webhook_in_operator_vmalertmanagerconfigs.yaml:
--------------------------------------------------------------------------------
1 | # The following patch enables a conversion webhook for the CRD
2 | apiVersion: apiextensions.k8s.io/v1
3 | kind: CustomResourceDefinition
4 | metadata:
5 | name: vmalertmanagerconfigs.operator.victoriametrics.com
6 | spec:
7 | conversion:
8 | strategy: Webhook
9 | webhook:
10 | clientConfig:
11 | service:
12 | namespace: vm
13 | name: webhook-service
14 | path: /convert
15 | conversionReviewVersions:
16 | - v1
17 |
--------------------------------------------------------------------------------
/config/crd/patches/webhook_in_operator_vmalertmanagers.yaml:
--------------------------------------------------------------------------------
1 | # The following patch enables a conversion webhook for the CRD
2 | apiVersion: apiextensions.k8s.io/v1
3 | kind: CustomResourceDefinition
4 | metadata:
5 | name: vmalertmanagers.operator.victoriametrics.com
6 | spec:
7 | conversion:
8 | strategy: Webhook
9 | webhook:
10 | clientConfig:
11 | service:
12 | namespace: vm
13 | name: webhook-service
14 | path: /convert
15 | conversionReviewVersions:
16 | - v1
17 |
--------------------------------------------------------------------------------
/config/crd/patches/webhook_in_operator_vmalerts.yaml:
--------------------------------------------------------------------------------
1 | # The following patch enables a conversion webhook for the CRD
2 | apiVersion: apiextensions.k8s.io/v1
3 | kind: CustomResourceDefinition
4 | metadata:
5 | name: vmalerts.operator.victoriametrics.com
6 | spec:
7 | conversion:
8 | strategy: Webhook
9 | webhook:
10 | clientConfig:
11 | service:
12 | namespace: vm
13 | name: webhook-service
14 | path: /convert
15 | conversionReviewVersions:
16 | - v1
17 |
--------------------------------------------------------------------------------
/config/crd/patches/webhook_in_operator_vmauths.yaml:
--------------------------------------------------------------------------------
1 | # The following patch enables a conversion webhook for the CRD
2 | apiVersion: apiextensions.k8s.io/v1
3 | kind: CustomResourceDefinition
4 | metadata:
5 | name: vmauths.operator.victoriametrics.com
6 | spec:
7 | conversion:
8 | strategy: Webhook
9 | webhook:
10 | clientConfig:
11 | service:
12 | namespace: system
13 | name: webhook-service
14 | path: /convert
15 | conversionReviewVersions:
16 | - v1
17 |
--------------------------------------------------------------------------------
/config/crd/patches/webhook_in_operator_vmclusters.yaml:
--------------------------------------------------------------------------------
1 | # The following patch enables a conversion webhook for the CRD
2 | apiVersion: apiextensions.k8s.io/v1
3 | kind: CustomResourceDefinition
4 | metadata:
5 | name: vmclusters.operator.victoriametrics.com
6 | spec:
7 | conversion:
8 | strategy: Webhook
9 | webhook:
10 | clientConfig:
11 | service:
12 | namespace: vm
13 | name: webhook-service
14 | path: /convert
15 | conversionReviewVersions:
16 | - v1
17 |
--------------------------------------------------------------------------------
/config/crd/patches/webhook_in_operator_vmrules.yaml:
--------------------------------------------------------------------------------
1 | # The following patch enables a conversion webhook for the CRD
2 | apiVersion: apiextensions.k8s.io/v1
3 | kind: CustomResourceDefinition
4 | metadata:
5 | name: vmrules.operator.victoriametrics.com
6 | spec:
7 | conversion:
8 | strategy: Webhook
9 | webhook:
10 | clientConfig:
11 | service:
12 | namespace: vm
13 | name: webhook-service
14 | path: /convert
15 | conversionReviewVersions:
16 | - v1
17 |
--------------------------------------------------------------------------------
/config/crd/patches/webhook_in_operator_vmsingles.yaml:
--------------------------------------------------------------------------------
1 | # The following patch enables a conversion webhook for the CRD
2 | apiVersion: apiextensions.k8s.io/v1
3 | kind: CustomResourceDefinition
4 | metadata:
5 | name: vmsingles.operator.victoriametrics.com
6 | spec:
7 | conversion:
8 | strategy: Webhook
9 | webhook:
10 | clientConfig:
11 | service:
12 | namespace: vm
13 | name: webhook-service
14 | path: /convert
15 | conversionReviewVersions:
16 | - v1
17 |
--------------------------------------------------------------------------------
/config/crd/patches/webhook_in_operator_vmusers.yaml:
--------------------------------------------------------------------------------
1 | # The following patch enables a conversion webhook for the CRD
2 | apiVersion: apiextensions.k8s.io/v1
3 | kind: CustomResourceDefinition
4 | metadata:
5 | name: vmusers.operator.victoriametrics.com
6 | spec:
7 | conversion:
8 | strategy: Webhook
9 | webhook:
10 | clientConfig:
11 | service:
12 | namespace: vm
13 | name: webhook-service
14 | path: /convert
15 | conversionReviewVersions:
16 | - v1
17 |
--------------------------------------------------------------------------------
/config/default-with-webhook/manager_metrics_patch.yaml:
--------------------------------------------------------------------------------
1 | - op: add
2 | path: /spec/template/spec/containers/0/args/0
3 | value: --metrics-bind-address=:8443
4 | - op: add
5 | path: /spec/template/spec/containers/0/volumeMounts/-
6 | value:
7 | mountPath: /tmp/k8s-metrics-server/metrics-certs
8 | name: metrics-certs
9 | readOnly: true
10 | - op: add
11 | path: /spec/template/spec/containers/0/args/-
12 | value: --tls.certDir=/tmp/k8s-metrics-server/metrics-certs
13 | - op: add
14 | path: /spec/template/spec/volumes/-
15 | value:
16 | name: metrics-certs
17 | secret:
18 | secretName: metrics-server-cert
19 | optional: false
20 | items:
21 | - key: ca.crt
22 | path: ca.crt
23 | - key: tls.crt
24 | path: tls.crt
25 | - key: tls.key
26 | path: tls.key
27 |
--------------------------------------------------------------------------------
/config/default-with-webhook/manager_webhook_patch.yaml:
--------------------------------------------------------------------------------
1 | - op: add
2 | path: /spec/template/spec/containers/0/args/-
3 | value: --webhook.enable
4 | - op: add
5 | path: /spec/template/spec/containers/0/ports/-
6 | value:
7 | containerPort: 9443
8 | name: webhook-server
9 | protocol: TCP
10 | - op: add
11 | path: /spec/template/spec/containers/0/args/-
12 | value: --webhook.certDir=/tmp/k8s-webhook-server/serving-certs
13 | - op: add
14 | path: /spec/template/spec/containers/0/volumeMounts/-
15 | value:
16 | mountPath: /tmp/k8s-webhook-server/serving-certs
17 | name: webhook-certs
18 | readOnly: true
19 | - op: add
20 | path: /spec/template/spec/volumes/-
21 | value:
22 | name: webhook-certs
23 | secret:
24 | secretName: webhook-server-cert
25 |
--------------------------------------------------------------------------------
/config/default-with-webhook/webhookcainjection_patch.yaml:
--------------------------------------------------------------------------------
1 | ---
2 | apiVersion: admissionregistration.k8s.io/v1
3 | kind: ValidatingWebhookConfiguration
4 | metadata:
5 | labels:
6 | app.kubernetes.io/name: validatingwebhookconfiguration
7 | app.kubernetes.io/instance: validating-webhook-configuration
8 | app.kubernetes.io/component: webhook
9 | app.kubernetes.io/created-by: vm-operator
10 | app.kubernetes.io/part-of: vm-operator
11 | app.kubernetes.io/managed-by: kustomize
12 | name: validating-webhook-configuration
13 | annotations:
14 | cert-manager.io/inject-ca-from: CERTIFICATE_NAMESPACE/CERTIFICATE_NAME
15 |
--------------------------------------------------------------------------------
/config/default/kustomization.yaml:
--------------------------------------------------------------------------------
1 | namespace: vm
2 | resources:
3 | - ../crd/overlay
4 | - ../rbac
5 | - ../manager
6 | - ../network-policy
7 | - metrics_service.yaml
8 | patches:
9 | - path: manager_metrics_patch.yaml
10 | target:
11 | kind: Deployment
12 |
--------------------------------------------------------------------------------
/config/default/manager_metrics_patch.yaml:
--------------------------------------------------------------------------------
1 | # This patch adds the args to allow exposing the metrics endpoint securely
2 | - op: add
3 | path: /spec/template/spec/containers/0/args/-
4 | value: --metrics-bind-address=:8080
5 |
--------------------------------------------------------------------------------
/config/default/metrics_service.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: v1
2 | kind: Service
3 | metadata:
4 | labels:
5 | # deprecated, could not be removed because of deployment match selector immutability
6 | control-plane: vm-operator
7 |
8 | app.kubernetes.io/instance: default
9 | app.kubernetes.io/name: victoria-metrics-operator
10 | app.kubernetes.io/managed-by: kustomize
11 | name: operator-metrics-service
12 | namespace: vm
13 | spec:
14 | ports:
15 | - name: http
16 | port: 8080
17 | protocol: TCP
18 | targetPort: 8080
19 | selector:
20 | control-plane: vm-operator
21 |
--------------------------------------------------------------------------------
/config/examples/kustomization.yaml:
--------------------------------------------------------------------------------
1 | ## This file is auto-generated, do not modify ##
2 | resources:
3 | - vmagent_rbac.yaml
4 | - vmagent.yaml
5 | - vmalert.yaml
6 | - vmalertmanager.yaml
7 | - vmpodscrape.yaml
8 | - vmrule.yaml
9 | - vmservicescrape.yaml
10 | - vmsingle.yaml
11 | - vmsingle_with_pvc.yaml
12 | - vmcluster.yaml
13 | - vmprobe.yaml
14 | - vmuser_cluster_tenant.yaml
15 | - vmauth.yaml
16 | - vmnodescrape.yaml
17 | - vmalertmanager_config.yaml
18 | - vmstaticscrape.yaml
19 | - vmscrapeconfig.yaml
20 | - vlogs.yaml
21 |
--------------------------------------------------------------------------------
/config/examples/vlcluster.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: operator.victoriametrics.com/v1
2 | kind: VLCluster
3 | metadata:
4 | labels:
5 | app.kubernetes.io/name: victoriametrics-operator
6 | app.kubernetes.io/managed-by: kustomize
7 | name: example
8 | spec:
9 | vlinsert:
10 | replicaCount: 1
11 | vlselect:
12 | replicaCount: 1
13 | vlstorage:
14 | retentionPeriod: "1y"
15 | replicaCount: 2
16 | storage:
17 | volumeClaimTemplate:
18 | spec:
19 | resources:
20 | requests:
21 | storage: 50Gi
22 | requestsLoadBalancer:
23 | enabled: true
24 | spec: {}
25 |
--------------------------------------------------------------------------------
/config/examples/vlogs.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: operator.victoriametrics.com/v1beta1
2 | kind: VLogs
3 | metadata:
4 | name: example
5 | spec:
6 | # Add fields here
7 | retentionPeriod: "2"
8 |
--------------------------------------------------------------------------------
/config/examples/vlsingle.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: operator.victoriametrics.com/v1
2 | kind: VLSingle
3 | metadata:
4 | labels:
5 | app.kubernetes.io/name: victoriametrics-operator
6 | app.kubernetes.io/managed-by: kustomize
7 | name: sample
8 | spec:
9 | retentionPeriod: 1y
10 | retentionMaxDiskSpaceUsageBytes: 20GB
11 | storage:
12 | resources:
13 | requests:
14 | storage: 50Gi
15 |
--------------------------------------------------------------------------------
/config/examples/vmagent-stream-aggr.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: operator.victoriametrics.com/v1beta1
2 | kind: VMAgent
3 | metadata:
4 | name: stream-aggregation
5 | spec:
6 | selectAllByDefault: true
7 | image:
8 | tag: v1.89.1
9 | replicaCount: 1
10 | resources:
11 | limits:
12 | cpu: "500m"
13 | memory: "750Mi"
14 | requests:
15 | cpu: "150m"
16 | memory: "250Mi"
17 | remoteWrite:
18 | - url: "http://vmsingle-example-vmsingle.default.svc:8429/api/v1/write"
19 | streamAggrConfig:
20 | rules:
21 | - match: '{__name__=~"request_duration_seconds|response_size_bytes"}'
22 | interval: 30s
23 | outputs: ["quantiles(0.50, 0.99)"]
24 |
--------------------------------------------------------------------------------
/config/examples/vmagent.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: operator.victoriametrics.com/v1beta1
2 | kind: VMAgent
3 | metadata:
4 | name: sample
5 | spec:
6 | selectAllByDefault: true
7 | replicaCount: 1
8 | resources:
9 | requests:
10 | cpu: "50m"
11 | memory: "350Mi"
12 | limits:
13 | cpu: "500m"
14 | memory: "850Mi"
15 | extraArgs:
16 | memory.allowedPercent: "40"
17 | remoteWrite:
18 | - url: "http://vmsingle-dc-1.default.svc:8429/api/v1/write"
19 | maxDiskUsage: 10GB
20 | - url: "http://vmsingle-dc-2.default.svc:8429/api/v1/write"
21 | maxDiskUsage: 15GB
22 | - url: "http://vminsert-main.default.svc:8480/insert/1:1/prometheus/api/v1/write"
23 | remoteWriteSettings:
24 | # ~ 5GB in bytes
25 | maxDiskUsagePerURL: 5GB
26 |
--------------------------------------------------------------------------------
/config/examples/vmagent_daemonset.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: operator.victoriametrics.com/v1beta1
2 | kind: VMAgent
3 | metadata:
4 | name: per-node
5 | spec:
6 | selectAllByDefault: true
7 | resources:
8 | requests:
9 | cpu: "50m"
10 | memory: "350Mi"
11 | limits:
12 | cpu: "500m"
13 | memory: "850Mi"
14 | daemonSetMode: true
15 | useVMConfigReloader: true
16 | remoteWrite:
17 | - url: "http://vmsingle-dc-1.default.svc:8429/api/v1/write"
18 | maxDiskUsage: 5GB
19 | remoteWriteSettings:
20 | tmpDataPath: "/opt/queue"
21 | volumes:
22 | - name: persistent-queue
23 | hostPath:
24 | path: /opt/mnt/vmagent-queue
25 | volumeMounts:
26 | - mountPath: /opt/queue
27 | name: persistent-queue
28 |
--------------------------------------------------------------------------------
/config/examples/vmagent_ingest_only.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: operator.victoriametrics.com/v1beta1
2 | kind: VMAgent
3 | metadata:
4 | name: ingest-only
5 | spec:
6 | selectAllByDefault: false
7 | ingestOnlyMode: true
8 | remoteWrite:
9 | - url: http://vmsingle-example:8429/api/v1/write
10 | ---
11 | apiVersion: operator.victoriametrics.com/v1beta1
12 | kind: VMAgent
13 | metadata:
14 | name: ingest-only-stateful
15 | spec:
16 | selectAllByDefault: false
17 | statefulMode: true
18 | ingestOnlyMode: true
19 | remoteWrite:
20 | - url: http://vmsingle-example:8429/api/v1/write
21 | inlineUrlRelabelConfig:
22 | - target_label: my_label
23 | replacement: "test"
24 | streamAggrConfig:
25 | rules:
26 | - match: 'http_request_duration_seconds_bucket'
27 | interval: 5m
28 | without: [instance]
29 | outputs: [total]
30 |
--------------------------------------------------------------------------------
/config/examples/vmagent_rbac.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: v1
2 | kind: ServiceAccount
3 | metadata:
4 | name: vmagent
5 | namespace: vm
6 | ---
7 | apiVersion: rbac.authorization.k8s.io/v1
8 | kind: ClusterRole
9 | metadata:
10 | name: vmagent
11 | rules:
12 | - apiGroups: ["", "networking.k8s.io", "extensions", "discovery.k8s.io"]
13 | resources:
14 | - nodes
15 | - nodes/metrics
16 | - services
17 | - endpoints
18 | - endpointslices
19 | - pods
20 | - ingresses
21 | verbs: ["get", "list", "watch"]
22 | - apiGroups: [""]
23 | resources:
24 | - namespaces
25 | - configmaps
26 | verbs: ["get"]
27 | - nonResourceURLs: ["/metrics", "/metrics/resources","/metrics/slis"]
28 | verbs: ["get"]
29 | - apiGroups:
30 | - route.openshift.io
31 | - image.openshift.io
32 | resources:
33 | - routers/metrics
34 | - registry/metrics
35 | verbs:
36 | - get
37 | ---
38 | apiVersion: rbac.authorization.k8s.io/v1
39 | kind: ClusterRoleBinding
40 | metadata:
41 | name: vmagent
42 | roleRef:
43 | apiGroup: rbac.authorization.k8s.io
44 | kind: ClusterRole
45 | name: vmagent
46 | subjects:
47 | - kind: ServiceAccount
48 | name: vmagent
49 | namespace: vm
50 | ---
51 |
52 |
--------------------------------------------------------------------------------
/config/examples/vmagent_reloadauth.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: operator.victoriametrics.com/v1beta1
2 | kind: VMAgent
3 | metadata:
4 | name: example-reload-auth
5 | spec:
6 | selectAllByDefault: true
7 | replicaCount: 1
8 | useVMConfigReloader: true
9 | configReloaderImageTag: victoriametrics/operator:config-reloader-v0.57.0
10 | configReloadAuthKeySecret:
11 | name: reload-key
12 | key: RELOAD_AUTH_KEY
13 | remoteWrite:
14 | - url: "http://vmsingle-example-vmsingle-pvc.default.svc:8429/api/v1/write"
15 | ---
16 | apiVersion: v1
17 | kind: Secret
18 | metadata:
19 | name: reload-key
20 | stringData:
21 | RELOAD_AUTH_KEY: some-secret-key-value
22 |
--------------------------------------------------------------------------------
/config/examples/vmagent_shard_vmauth_routing.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: operator.victoriametrics.com/v1beta1
2 | kind: VMAgent
3 | metadata:
4 | name: main
5 | spec:
6 | selectAllByDefault: true
7 | replicaCount: 1
8 | statefulMode: true
9 | shardCount: 2
10 | extraArgs:
11 | # adjust template domain name if needed
12 | promscrape.cluster.memberURLTemplate: 'http://localhost:8427/vmagent/shard/%d/targets'
13 | remoteWrite:
14 | - url: "http://vmsingle-vms-victoria-metrics-k8s-stack.default.svc:8429/api/v1/write"
15 | ---
16 | apiVersion: operator.victoriametrics.com/v1beta1
17 | kind: VMAuth
18 | metadata:
19 | name: expose-vmagent-ui
20 | spec:
21 | selectAllByDefault: false
22 | useCustomConfigRealoder: false
23 | unauthorizedUserAccessSpec:
24 | url_map:
25 | # manually keep in sync shardCount and url_map entries per shard
26 | - src_paths: ["/vmagent/shard/0/.*"]
27 | url_prefix: http://vmagent-main-0-0.vmagent-main.default.svc:8429
28 | drop_src_path_prefix_parts: 3
29 | - src_paths: ["/vmagent/shard/1/.*"]
30 | url_prefix: http://vmagent-main-1-0.vmagent-main.default.svc:8429
31 | drop_src_path_prefix_parts: 3
32 | - src_paths: ["/.*"]
33 | url_prefix:
34 | - http://vmagent-main.default.svc:8429
35 |
--------------------------------------------------------------------------------
/config/examples/vmagent_stateful_with_sharding.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: operator.victoriametrics.com/v1beta1
2 | kind: VMAgent
3 | metadata:
4 | name: example-vmagent-persisted
5 | spec:
6 | selectAllByDefault: true
7 | scrapeInterval: 30s
8 | # 3 shards with 2 replicas at each shard
9 | shardCount: 3
10 | replicaCount: 2
11 | # or RollingUpdate
12 | statefulRollingUpdateStrategy: OnDelete
13 | statefulMode: true
14 | statefulStorage:
15 | volumeClaimTemplate:
16 | spec:
17 | resources:
18 | requests:
19 | storage: 50Gi
20 | resources:
21 | limits:
22 | cpu: "500m"
23 | memory: "750Mi"
24 | requests:
25 | cpu: "500m"
26 | memory: "750Mi"
27 | remoteWrite:
28 | - url: "http://vmsingle-example-vmsingle.default.svc:8429/api/v1/write"
29 |
--------------------------------------------------------------------------------
/config/examples/vmalert.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: operator.victoriametrics.com/v1beta1
2 | kind: VMAlert
3 | metadata:
4 | name: example-vmalert
5 | spec:
6 | # Add fields here
7 | replicaCount: 1
8 | datasource:
9 | url: "http://vmsingle-example-vmsingle-pvc.default.svc:8429"
10 | notifier:
11 | url: "http://vmalertmanager-example-alertmanager.default.svc:9093"
12 | evaluationInterval: "30s"
13 | selectAllByDefault: true
14 |
--------------------------------------------------------------------------------
/config/examples/vmalertmanager.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: v1
2 | kind: Secret
3 | metadata:
4 | name: vmalertmanager-example-alertmanager
5 | labels:
6 | app: vm-operator
7 | type: Opaque
8 | stringData:
9 | alertmanager.yaml: |
10 | global:
11 | resolve_timeout: 5m
12 | route:
13 | group_by: ['job']
14 | group_wait: 30s
15 | group_interval: 5m
16 | repeat_interval: 12h
17 | receiver: 'webhook'
18 | receivers:
19 | - name: 'webhook'
20 | webhook_configs:
21 | - url: 'http://alertmanagerwh:30500/'
22 | ---
23 | apiVersion: operator.victoriametrics.com/v1beta1
24 | kind: VMAlertmanager
25 | metadata:
26 | name: example-alertmanager
27 | spec:
28 | replicaCount: 2
29 | configSecret: vmalertmanager-example-alertmanager
30 | selectAllByDefault: true
31 | storage:
32 | volumeClaimTemplate:
33 | spec:
34 | resources:
35 | requests:
36 | storage: 2Gi
37 |
38 |
--------------------------------------------------------------------------------
/config/examples/vmalertmanager_config-full.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: operator.victoriametrics.com/v1beta1
2 | kind: VMAlertmanagerConfig
3 | metadata:
4 | name: example-full
5 | namespace: vm
6 | spec:
7 | inhibit_rules:
8 | - equal:
9 | - job = "vmalertmanager"
10 | target_matchers:
11 | - instance != "prod"
12 | source_matchers:
13 | - pod = "alertmanager-1"
14 | route:
15 | routes:
16 | - receiver: webhook
17 | continue: true
18 | receiver: email
19 | group_by: ["job"]
20 | continue: false
21 | matchers:
22 | - job = "alertmanager"
23 | group_wait: 30s
24 | group_interval: 45s
25 | repeat_interval: 1h
26 | mute_time_intervals:
27 | - name: base
28 | time_intervals:
29 | - times:
30 | - start_time: 11:05
31 | end_time: 11:15
32 | - start_time: 12:35
33 | end_time: 13:45
34 | weekdays: ["monday:wednesday"]
35 | days_of_month: ["-3:-1"]
36 | months: ["1", "july"]
37 | years: ["2021"]
38 | receivers:
39 | - name: webhook
40 | webhook_configs:
41 | - url: http://some-other-wh-2
42 | - name: email
43 | email_configs:
44 | - to: some-email@example.com
45 | from: alerting@example.com
46 | smarthost: example.com:25
47 | text: ALARM
48 | webhook_configs:
49 | - url: http://some-other-wh
50 | pagerduty_configs: []
51 | pushover_configs: []
52 | slack_configs: []
53 | opsgenie_configs: []
54 | victorops_configs: []
55 | wechat_configs: []
56 |
--------------------------------------------------------------------------------
/config/examples/vmalertmanager_config.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: operator.victoriametrics.com/v1beta1
2 | kind: VMAlertmanagerConfig
3 | metadata:
4 | name: example-email-web
5 | spec:
6 | route:
7 | receiver: email
8 | group_interval: 1m
9 | routes:
10 | - receiver: email
11 | receivers:
12 | - name: email
13 | email_configs:
14 | - to: some-email@example.com
15 | from: alerting@example.com
16 | smarthost: example.com:25
17 | text: ALARM
18 | webhook_configs:
19 | - url: http://some-other-wh
20 |
--------------------------------------------------------------------------------
/config/examples/vmauth.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: operator.victoriametrics.com/v1beta1
2 | kind: VMAuth
3 | metadata:
4 | name: vmauth-sample
5 | spec:
6 | selectAllByDefault: true
7 | # userSelector:
8 | # matchLabels:
9 | # managed-by: vm-operator
10 | # matchExpressions:
11 | # - operator: Exists
12 | # key: name
13 | # userNamespaceSelector:
14 | # matchLabels:
15 | # managed-by: vm-operator
16 | # matchExpressions:
17 | # - operator: Exists
18 | # key: name
19 | image:
20 | repository: victoriametrics/vmauth
21 | pullPolicy: IfNotPresent
22 | replicaCount: 1
23 | resources:
24 | requests:
25 | cpu: "250m"
26 | memory: "350Mi"
27 | limits:
28 | cpu: "500m"
29 | memory: "850Mi"
30 |
--------------------------------------------------------------------------------
/config/examples/vmauth_cert_manager.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: operator.victoriametrics.com/v1beta1
2 | kind: VMAuth
3 | metadata:
4 | name: router-main
5 | spec:
6 | podMetadata:
7 | labels:
8 | component: vmauth
9 | userSelector: {}
10 | userNamespaceSelector: {}
11 | replicaCount: 2
12 | resources:
13 | requests:
14 | cpu: "250m"
15 | memory: "350Mi"
16 | limits:
17 | cpu: "500m"
18 | memory: "850Mi"
19 | ingress:
20 | tlsSecretName: vmauth-tls
21 | annotations:
22 | cert-manager.io/cluster-issuer: base
23 | class_name: nginx
24 | tlsHosts:
25 | - vm-access.example.com
26 |
--------------------------------------------------------------------------------
/config/examples/vmauth_unmanaged.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: operator.victoriametrics.com/v1beta1
2 | kind: VMAuth
3 | metadata:
4 | name: with-external-config
5 | spec:
6 | configSecret: "external-auth"
7 | ---
8 | apiVersion: v1
9 | kind: Secret
10 | metadata:
11 | name: "external-auth"
12 | stringData:
13 | config.yaml: |
14 | unauthorized_user:
15 | url_prefix: "http://backend/"
16 |
--------------------------------------------------------------------------------
/config/examples/vmauth_with_unauthorized_access.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: operator.victoriametrics.com/v1beta1
2 | kind: VMAuth
3 | metadata:
4 | name: vmauth-sample
5 | spec:
6 | userSelector: {}
7 | userNamespaceSelector: {}
8 | image:
9 | repository: victoriametrics/vmauth
10 | #tag: v1.91.0-enterprise
11 | pullPolicy: IfNotPresent
12 | replicaCount: 1
13 | resources:
14 | requests:
15 | cpu: "250m"
16 | memory: "350Mi"
17 | limits:
18 | cpu: "500m"
19 | memory: "850Mi"
20 | unauthorizedUserAccessSpec:
21 | url_map:
22 | - src_paths:
23 | - /*
24 | url_prefix:
25 | - http://vmsingle:8429/
26 | - http://vmsingle-2:8429/
27 |
--------------------------------------------------------------------------------
/config/examples/vmcluster.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: operator.victoriametrics.com/v1beta1
2 | kind: VMCluster
3 | metadata:
4 | name: example-vmcluster-persistent
5 | spec:
6 | retentionPeriod: "4"
7 | replicationFactor: 2
8 | vmstorage:
9 | replicaCount: 2
10 | storageDataPath: "/vm-data"
11 | storage:
12 | volumeClaimTemplate:
13 | spec:
14 | resources:
15 | requests:
16 | storage: 10Gi
17 | resources:
18 | limits:
19 | cpu: "1"
20 | memory: 1500Mi
21 | vmselect:
22 | replicaCount: 2
23 | cacheMountPath: "/select-cache"
24 | storage:
25 | volumeClaimTemplate:
26 | spec:
27 | resources:
28 | requests:
29 | storage: 2Gi
30 | resources:
31 | limits:
32 | cpu: "1"
33 | memory: "1000Mi"
34 | requests:
35 | cpu: "0.5"
36 | memory: "500Mi"
37 | vminsert:
38 | replicaCount: 2
39 | resources:
40 | limits:
41 | cpu: "1"
42 | memory: 1000Mi
43 | requests:
44 | cpu: "0.5"
45 | memory: "500Mi"
46 |
--------------------------------------------------------------------------------
/config/examples/vmcluster_loadbalancer.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: operator.victoriametrics.com/v1beta1
2 | kind: VMCluster
3 | metadata:
4 | name: with-balanacer
5 | spec:
6 | retentionPeriod: "4"
7 | replicationFactor: 1
8 | requestsLoadBalancer:
9 | enabled: true
10 | spec:
11 | replicaCount: 2
12 | resources:
13 | limits:
14 | cpu: "0.5"
15 | memory: "512Mi"
16 | requests:
17 | cpu: "0.2"
18 | memory: "256Mi"
19 |
20 | vmstorage:
21 | replicaCount: 2
22 | storageDataPath: "/vm-data"
23 | storage:
24 | volumeClaimTemplate:
25 | spec:
26 | resources:
27 | requests:
28 | storage: 10Gi
29 | resources:
30 | limits:
31 | cpu: "1"
32 | memory: 1500Mi
33 | vmselect:
34 | replicaCount: 2
35 | resources:
36 | limits:
37 | cpu: "1"
38 | memory: "1000Mi"
39 | requests:
40 | cpu: "0.5"
41 | memory: "500Mi"
42 | vminsert:
43 | replicaCount: 2
44 | resources:
45 | limits:
46 | cpu: "1"
47 | memory: 1000Mi
48 | requests:
49 | cpu: "0.5"
50 | memory: "500Mi"
51 |
--------------------------------------------------------------------------------
/config/examples/vmcluster_storage_class_unexpandable.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: operator.victoriametrics.com/v1beta1
2 | kind: VMCluster
3 | metadata:
4 | name: example-vmcluster-persistent
5 | spec:
6 | retentionPeriod: "4"
7 | replicationFactor: 2
8 | vmstorage:
9 | replicaCount: 2
10 | storageDataPath: "/vm-data"
11 | storage:
12 | volumeClaimTemplate:
13 | metadata:
14 | annotations:
15 | operator.victoriametrics.com/pvc-allow-volume-expansion: "false"
16 | spec:
17 | storageClassName: sc-immutable
18 | resources:
19 | requests:
20 | storage: 10Gi
21 | vmselect:
22 | replicaCount: 2
23 | cacheMountPath: "/select-cache"
24 | storage:
25 | volumeClaimTemplate:
26 | metadata:
27 | annotations:
28 | operator.victoriametrics.com/pvc-allow-volume-expansion: "false"
29 | spec:
30 | storageClassName: sc-mutable
31 | resources:
32 | requests:
33 | storage: 2Gi
34 | vminsert:
35 | replicaCount: 2
36 |
--------------------------------------------------------------------------------
/config/examples/vmcluster_with_additional_claim.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: operator.victoriametrics.com/v1beta1
2 | kind: VMCluster
3 | metadata:
4 | name: example-vmcluster-persistent
5 | spec:
6 | retentionPeriod: "4"
7 | replicationFactor: 2
8 | vmstorage:
9 | replicaCount: 2
10 | containers:
11 | - name: my-custom-backup-image
12 | volumeMounts:
13 | - name: vmbackup-dir
14 | mountPath: /opt/backups
15 | claimTemplates:
16 | - matedata:
17 | name: vmbackup-dir
18 | spec:
19 | resources:
20 | requests:
21 | storage: 50Gi
22 | storageDataPath: "/vm-data"
23 | storage:
24 | volumeClaimTemplate:
25 | spec:
26 | resources:
27 | requests:
28 | storage: 10Gi
29 | resources:
30 | limits:
31 | cpu: "1"
32 | memory: 1500Mi
33 | vmselect:
34 | replicaCount: 2
35 | claimTemplates: []
36 | cacheMountPath: "/select-cache"
37 | storage:
38 | volumeClaimTemplate:
39 | spec:
40 | resources:
41 | requests:
42 | storage: 2Gi
43 | resources:
44 | limits:
45 | cpu: "1"
46 | memory: "1000Mi"
47 | requests:
48 | cpu: "0.5"
49 | memory: "500Mi"
50 | vminsert:
51 | replicaCount: 2
52 | resources:
53 | limits:
54 | cpu: "1"
55 | memory: 1000Mi
56 | requests:
57 | cpu: "0.5"
58 | memory: "500Mi"
59 |
--------------------------------------------------------------------------------
/config/examples/vmcluster_with_backuper.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: v1
2 | kind: Secret
3 | metadata:
4 | name: remote-storage-keys
5 | labels:
6 | app: vm-operator
7 | type: Opaque
8 | stringData:
9 | credentials.json: |-
10 | {
11 | "type": "service_account",
12 | "project_id": "project-id",
13 | "private_key_id": "key-id",
14 | "private_key": "-----BEGIN PRIVATE KEY-----\nprivate-key\n-----END PRIVATE KEY-----\n",
15 | "client_email": "service-account-email",
16 | "client_id": "client-id",
17 | "auth_uri": "https://accounts.google.com/o/oauth2/auth",
18 | "token_uri": "https://accounts.google.com/o/oauth2/token",
19 | "auth_provider_x509_cert_url": "https://www.googleapis.com/oauth2/v1/certs",
20 | "client_x509_cert_url": "https://www.googleapis.com/robot/v1/metadata/x509/service-account-email"
21 | }
22 | ---
23 | apiVersion: operator.victoriametrics.com/v1beta1
24 | kind: VMCluster
25 | metadata:
26 | name: example-vmcluster-persistent
27 | spec:
28 | # Add fields here
29 | retentionPeriod: "4"
30 | replicationFactor: 2
31 | vmstorage:
32 | replicaCount: 2
33 | storageDataPath: "/vm-data"
34 | storage:
35 | volumeClaimTemplate:
36 | spec:
37 | resources:
38 | requests:
39 | storage: 10Gi
40 | resources:
41 | limits:
42 | cpu: "0.5"
43 | memory: 500Mi
44 | vmBackup:
45 | acceptEULA: true
46 | destination: "gcs://bucket/path/to/backup/dir"
47 | concurrency: 5
48 | credentialsSecret:
49 | name: remote-storage-keys
50 | key: credentials.json
51 | vmselect:
52 | replicaCount: 2
53 | cacheMountPath: "/select-cache"
54 | storage:
55 | volumeClaimTemplate:
56 | spec:
57 | resources:
58 | requests:
59 | storage: 2Gi
60 | resources:
61 | limits:
62 | cpu: "0.3"
63 | memory: "300Mi"
64 | vminsert:
65 | replicaCount: 2
66 |
--------------------------------------------------------------------------------
/config/examples/vmcluster_with_service_override.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: operator.victoriametrics.com/v1beta1
2 | kind: VMCluster
3 | metadata:
4 | name: example-service-change
5 | spec:
6 | retentionPeriod: "4"
7 | replicationFactor: 2
8 | vmstorage:
9 | replicaCount: 2
10 | containers:
11 | - name: my-side-car
12 | ports:
13 | - name: extra-port
14 | containerPort: 8055
15 | serviceSpec:
16 | # expose additional port with default service
17 | useAsDefault: true
18 | spec:
19 | ports:
20 | - name: extra-port
21 | port: 8055
22 | storageDataPath: "/vm-data"
23 | storage:
24 | volumeClaimTemplate:
25 | spec:
26 | resources:
27 | requests:
28 | storage: 10Gi
29 | resources:
30 | limits:
31 | cpu: "1"
32 | memory: 1500Mi
33 | vmselect:
34 | replicaCount: 2
35 | cacheMountPath: "/select-cache"
36 | storage:
37 | volumeClaimTemplate:
38 | spec:
39 | resources:
40 | requests:
41 | storage: 2Gi
42 | vminsert:
43 | replicaCount: 2
44 | serviceSpec:
45 | metadata:
46 | annotations:
47 | my-cloud-provide-annotation: value
48 | useAsDefault: true
49 | spec:
50 | type: LoadBalancer
51 | resources:
52 | limits:
53 | cpu: "1"
54 | memory: 1000Mi
55 | requests:
56 | cpu: "0.5"
57 | memory: "500Mi"
58 |
--------------------------------------------------------------------------------
/config/examples/vmnodescrape.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: operator.victoriametrics.com/v1beta1
2 | kind: VMNodeScrape
3 | metadata:
4 | name: cadvisor-metrics
5 | spec:
6 | scheme: "https"
7 | interval: "10s"
8 | scrapeTimeout: "2s"
9 | selector: {}
10 | tlsConfig:
11 | insecureSkipVerify: true
12 | caFile: "/var/run/secrets/kubernetes.io/serviceaccount/ca.crt"
13 | bearerTokenFile: "/var/run/secrets/kubernetes.io/serviceaccount/token"
14 | relabelConfigs:
15 | - action: labelmap
16 | regex: __meta_kubernetes_node_label_(.+)
17 | - targetLabel: __address__
18 | replacement: kubernetes.default.svc:443
19 | - sourceLabels: [__meta_kubernetes_node_name]
20 | regex: (.+)
21 | targetLabel: __metrics_path__
22 | replacement: /api/v1/nodes/$1/proxy/metrics/cadvisor
23 |
--------------------------------------------------------------------------------
/config/examples/vmpodscrape-full.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: operator.victoriametrics.com/v1beta1
2 | kind: VMPodScrape
3 | metadata:
4 | name: example-pod-scrape
5 | spec:
6 | jobLabel: job
7 | podTargetLabels: ["app"]
8 | podMetricsEndpoints:
9 | - port: metrics
10 | scheme: http
11 | targetPort: metrics
12 | path: /metrics
13 | interval: 20s
14 | scrapeTimeout: 2s
15 | honorLabels: false
16 | honorTimestamps: false
17 | relabelConfigs:
18 | - sourceLabels: ["__address__"]
19 | targetLabel: addr
20 | metricRelabelConfigs:
21 | - sourceLabels: ["__address__"]
22 | targetLabel: addr
23 | namespaceSelector:
24 | any: false
25 | matchNames: ["kube-system"]
26 | selector:
27 | matchLabels:
28 | monitored-by: vm-operator
29 | app.kubernetes.io/name: example-application
30 |
--------------------------------------------------------------------------------
/config/examples/vmpodscrape.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: operator.victoriametrics.com/v1beta1
2 | kind: VMPodScrape
3 | metadata:
4 | name: example-pod-scrape
5 | spec:
6 | podMetricsEndpoints:
7 | - port: metrics
8 | scheme: http
9 | selector:
10 | matchLabels:
11 | monitored-by: vm-operator
12 | app.kubernetes.io/name: example-application
13 |
--------------------------------------------------------------------------------
/config/examples/vmpodscrape_sd.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: operator.victoriametrics.com/v1beta1
2 | kind: VMPodScrape
3 | metadata:
4 | name: annotations-discovery
5 | spec:
6 | # use well-known kubernetes label for job
7 | # otherwise any discovered target will have annotations-discovery as a job
8 | jobLabel: "app.kubernetes.io/name"
9 | podMetricsEndpoints:
10 | - relabelConfigs:
11 | # Skip scrape for init containers
12 | - action: drop
13 | source_labels: [__meta_kubernetes_pod_container_init]
14 | regex: "true"
15 | # Match container port with port from annotation
16 | - action: keep_if_equal
17 | source_labels:
18 | [__meta_kubernetes_pod_annotation_prometheus_io_port, __meta_kubernetes_pod_container_port_number]
19 | # Check if scrape is enabled
20 | - source_labels: [__meta_kubernetes_pod_annotation_prometheus_io_scrape]
21 | action: keep
22 | regex: "true"
23 | # Set scrape path
24 | - source_labels: [__meta_kubernetes_pod_annotation_prometheus_io_path]
25 | action: replace
26 | target_label: __metrics_path__
27 | - source_labels: [__meta_kubernetes_pod_node_name]
28 | action: replace
29 | target_label: node
30 | namespaceSelector: {} # You need to specify namespaceSelector here
31 | selector: {} # You need to specify selector here
32 |
--------------------------------------------------------------------------------
/config/examples/vmprobe.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: operator.victoriametrics.com/v1beta1
2 | kind: VMProbe
3 | metadata:
4 | name: probe-agent
5 | spec:
6 | jobName: static-probe
7 | vmProberSpec:
8 | # by default scheme http, and path is /probe
9 | url: prometheus-blackbox-exporter.default.svc:9115
10 | module: http_2xx
11 | targets:
12 | staticConfig:
13 | targets:
14 | - vmagent-example-vmagent.default.svc:8429/health
15 | interval: 2s
16 |
--------------------------------------------------------------------------------
/config/examples/vmrule.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: operator.victoriametrics.com/v1beta1
2 | kind: VMRule
3 | metadata:
4 | name: example-vmrule
5 | spec:
6 | groups:
7 | - name: kafka
8 | rules:
9 | - alert: coordinator down
10 | expr: ml_app_gauge{exec_context="consumer_group_state"} == 0
11 | for: 60s
12 | labels:
13 | severity: critical
14 | job: "{{ $labels.job }}"
15 | annotations:
16 | value: "{{ $value }}"
17 | description: 'kafka coorinator is down'
18 |
--------------------------------------------------------------------------------
/config/examples/vmscrapeconfig.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: operator.victoriametrics.com/v1beta1
2 | kind: VMScrapeConfig
3 | metadata:
4 | name: mongodb
5 | spec:
6 | consulSDConfigs:
7 | - server: https://consul-dns:8500
8 | services:
9 | - mongodb
10 | relabelConfigs:
11 | - action: replace
12 | sourceLabels:
13 | - __meta_consul_service
14 | targetLabel: job
15 |
--------------------------------------------------------------------------------
/config/examples/vmservicescrape-full.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: operator.victoriametrics.com/v1beta1
2 | kind: VMServiceScrape
3 | metadata:
4 | name: example-scrape
5 | spec:
6 | discoveryRole: "endpoints"
7 | jobLabel: job
8 | targetLabels: []
9 | podTargetLabels: []
10 | endpoints:
11 | - port: http
12 | targetPort: http
13 | path: /metrics
14 | scheme: http
15 | scrapeTimeout: 2s
16 | metricRelabelConfigs:
17 | - sourceLabels: ["__address__"]
18 | targetLabel: addr
19 | relabelConfigs:
20 | - sourceLabels: ["__address__"]
21 | regex: .+:(.+)
22 | replacement: $1
23 | targetLabel: addr_port
24 | namespaceSelector:
25 | any: false
26 | matchNames: ["kube-system"]
27 | selector:
28 | matchLabels:
29 | app.kubernetes.io/name: example-application
30 | monitored-by: vm-operator
31 |
--------------------------------------------------------------------------------
/config/examples/vmservicescrape-metrics-server.yml:
--------------------------------------------------------------------------------
1 | # Scrape Metrics Server
2 | # Cluster-wide aggregator of resource usage data.
3 | # https://github.com/kubernetes-sigs/metrics-server
4 | ---
5 | apiVersion: operator.victoriametrics.com/v1beta1
6 | kind: VMServiceScrape
7 | metadata:
8 | name: metrics-server
9 | namespace: vm
10 | spec:
11 | namespaceSelector:
12 | matchNames:
13 | - kube-system
14 | selector:
15 | matchLabels:
16 | kubernetes.io/name: Metrics-server
17 | endpoints:
18 | - port: 443
19 | scheme: https
20 | tlsConfig:
21 | insecureSkipVerify: true
22 | caFile: /var/run/secrets/kubernetes.io/serviceaccount/ca.crt
23 | bearerTokenFile: /var/run/secrets/kubernetes.io/serviceaccount/token
24 | ---
25 | apiVersion: rbac.authorization.k8s.io/v1
26 | kind: ClusterRole
27 | metadata:
28 | name: view-metrics
29 | rules:
30 | - apiGroups:
31 | - metrics.k8s.io
32 | resources:
33 | - pods
34 | - nodes
35 | verbs:
36 | - get
37 | - list
38 | - watch
39 | - nonResourceURLs: ["/metrics","/metrics/slis"]
40 | verbs: ["get"]
41 | ---
42 | apiVersion: rbac.authorization.k8s.io/v1
43 | kind: ClusterRoleBinding
44 | metadata:
45 | name: view-metrics
46 | roleRef:
47 | apiGroup: rbac.authorization.k8s.io
48 | kind: ClusterRole
49 | name: view-metrics
50 | subjects:
51 | - apiGroup: rbac.authorization.k8s.io
52 | kind: User
53 | name: system:serviceaccount:vm:vmagent
54 |
--------------------------------------------------------------------------------
/config/examples/vmservicescrape.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: operator.victoriametrics.com/v1beta1
2 | kind: VMServiceScrape
3 | metadata:
4 | name: example-scrape
5 | spec:
6 | endpoints:
7 | - port: http
8 | namespaceSelector: {}
9 | selector:
10 | matchLabels:
11 | app.kubernetes.io/name: example-application
12 | monitored-by: vm-operator
13 |
--------------------------------------------------------------------------------
/config/examples/vmservicescrape_oauth2_tls.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: operator.victoriametrics.com/v1beta1
2 | kind: VMServiceScrape
3 | metadata:
4 | name: oauth2-service
5 | spec:
6 | endpoints:
7 | - port: http
8 | oauth2:
9 | client_secret:
10 | key: CLIENT_SECRET
11 | name: oauth2-auth
12 | client_id:
13 | secret:
14 | key: CLIENT_ID
15 | name: oauth2-auth
16 | token_url: "http://oauth2-token.example.com/issue"
17 | tls_config:
18 | insecure_skip_verify: false
19 | ca:
20 | secret:
21 | key: CA
22 | name: oauth2-tls-access
23 | cert:
24 | secret:
25 | key: CERT
26 | name: oauth2-tls-access
27 | key_secret:
28 | key: CERT_KEY
29 | name: oauth2-tls-access
30 | namespaceSelector: {}
31 | selector:
32 | matchLabels:
33 | app.kubernetes.io/name: example-application
34 | monitored-by: vm-operator
35 | ---
36 | apiVersion: v1
37 | kind: Secret
38 | metadata:
39 | name: oauth2-tls-access
40 | stringData:
41 | CA: ca data
42 | CERT: cert data
43 | CERT_KEY: key data
44 | ---
45 | apiVersion: v1
46 | kind: Secret
47 | metadata:
48 | name: oauth2-auth
49 | stringData:
50 | CLIENT_SECRET: some-secret
51 | CLIENT_ID: some-id
52 |
--------------------------------------------------------------------------------
/config/examples/vmservicescrape_service_sd.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: operator.victoriametrics.com/v1beta1
2 | kind: VMServiceScrape
3 | metadata:
4 | name: annotations-discovery
5 | spec:
6 | # use well-known kubernetes label for job
7 | # otherwise any discovered target will have annotations-discovery as a job
8 | jobLabel: "app.kubernetes.io/name"
9 | endpoints:
10 | - relabelConfigs:
11 | # Skip scrape for init containers
12 | - action: drop
13 | source_labels: [__meta_kubernetes_pod_container_init]
14 | regex: "true"
15 | # Match container port with port from annotation
16 | - action: keep_if_equal
17 | source_labels:
18 | [__meta_kubernetes_service_annotation_prometheus_io_port, __meta_kubernetes_pod_container_port_number]
19 | # Check if scrape is enabled
20 | - source_labels: [__meta_kubernetes_service_annotation_prometheus_io_scrape]
21 | action: keep
22 | regex: "true"
23 | # Set scrape path
24 | - source_labels: [__meta_kubernetes_service_annotation_prometheus_io_path]
25 | action: replace
26 | target_label: __metrics_path__
27 | - source_labels: [__meta_kubernetes_pod_node_name]
28 | action: replace
29 | target_label: node
30 | namespaceSelector: {} # You need to specify namespaceSelector here
31 | selector: {} # You need to specify selector here
32 |
33 |
--------------------------------------------------------------------------------
/config/examples/vmsingle-stream-aggr.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: operator.victoriametrics.com/v1beta1
2 | kind: VMSingle
3 | metadata:
4 | name: streaming-aggr
5 | spec:
6 | image:
7 | tag: v1.89.1
8 | retentionPeriod: "1"
9 | streamAggrConfig:
10 | keepInput: false
11 | dedupInterval: 1m
12 | rules:
13 | - match: '{__name__=~"request_duration_seconds|response_size_bytes"}'
14 | interval: 30s
15 | outputs: ["quantiles(0.50, 0.99)"]
16 |
--------------------------------------------------------------------------------
/config/examples/vmsingle.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: operator.victoriametrics.com/v1beta1
2 | kind: VMSingle
3 | metadata:
4 | name: example-vmsingle
5 | spec:
6 | # Add fields here
7 | retentionPeriod: "1"
8 |
--------------------------------------------------------------------------------
/config/examples/vmsingle_with_backuper.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: v1
2 | kind: Secret
3 | metadata:
4 | name: remote-storage-keys
5 | labels:
6 | app: vm-operator
7 | type: Opaque
8 | stringData:
9 | credentials: |-
10 | [default]
11 | aws_access_key_id = your_access_key_id
12 | aws_secret_access_key = your_secret_access_key
13 | ---
14 | apiVersion: operator.victoriametrics.com/v1beta1
15 | kind: VMSingle
16 | metadata:
17 | name: example-vmsingle
18 | spec:
19 | # Add fields here
20 | retentionPeriod: "1"
21 | vmBackup:
22 | acceptEULA: true
23 | destination: "s3://bucket/path/to/backup/dir"
24 | credentialsSecret:
25 | name: remote-storage-keys
26 | key: credentials
27 |
--------------------------------------------------------------------------------
/config/examples/vmsingle_with_pvc.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: operator.victoriametrics.com/v1beta1
2 | kind: VMSingle
3 | metadata:
4 | name: example-vmsingle-pvc
5 | spec:
6 | # Add fields here
7 | retentionPeriod: "1"
8 | removePvcAfterDelete: true
9 | storage:
10 | accessModes:
11 | - ReadWriteOnce
12 | resources:
13 | requests:
14 | storage: 1Gi
15 |
--------------------------------------------------------------------------------
/config/examples/vmstaticscrape.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: operator.victoriametrics.com/v1beta1
2 | kind: VMStaticScrape
3 | metadata:
4 | name: vmstaticscrape-sample
5 | spec:
6 | jobName: static
7 | targetEndpoints:
8 | - targets: ["192.168.0.1:9100", "196.168.0.50:9100"]
9 | labels:
10 | env: dev
11 | project: operator
12 |
--------------------------------------------------------------------------------
/config/examples/vmuser_cluster_ref.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: operator.victoriametrics.com/v1beta1
2 | kind: VMUser
3 | metadata:
4 | name: cluster-access-ro
5 | namespace: default
6 | spec:
7 | username: simple-user
8 | password: simple-password
9 | disable_secret_creation: true
10 | targetRefs:
11 | - crd:
12 | kind: VMCluster/vmselect
13 | name: main
14 | namespace: default
15 | paths: ["/select.*"]
16 | ---
17 | apiVersion: operator.victoriametrics.com/v1beta1
18 | kind: VMUser
19 | metadata:
20 | name: cluster-access-rw
21 | namespace: default
22 | spec:
23 | username: simple-user
24 | password: simple-password-2
25 | disable_secret_creation: true
26 | targetRefs:
27 | - crd:
28 | kind: VMCluster/vminsert
29 | name: main
30 | namespace: default
31 | paths: ["/insert.*"]
32 | - crd:
33 | kind: VMCluster/vmselect
34 | name: main
35 | namespace: default
36 | paths: [".*"]
37 | ---
38 | apiVersion: operator.victoriametrics.com/v1beta1
39 | kind: VMCluster
40 | metadata:
41 | name: main
42 | namespace: default
43 | spec:
44 | retentionPeriod: "4"
45 | replicationFactor: 1
46 | vminsert:
47 | replicaCount: 1
48 | vmselect:
49 | replicaCount: 1
50 | vmstorage:
51 | replicaCount: 1
52 |
--------------------------------------------------------------------------------
/config/examples/vmuser_cluster_tenant.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: operator.victoriametrics.com/v1beta1
2 | kind: VMUser
3 | metadata:
4 | name: vmuser-tenant-1
5 | spec:
6 | bearerToken: some-token
7 | targetRefs:
8 | - crd:
9 | kind: VMCluster/vminsert
10 | name: test-persistent
11 | namespace: vm
12 | target_path_suffix: "/insert/1"
13 | - crd:
14 | kind: VMCluster/vmselect
15 | name: test-persistent
16 | namespace: vm
17 | target_path_suffix: "/select/1"
18 | - static:
19 | url: http://vmselect-test-persistent.default.svc:8481/
20 | paths:
21 | - /internal/resetRollupResultCache
22 |
--------------------------------------------------------------------------------
/config/examples/vmuser_with_ip_filters.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: operator.victoriametrics.com/v1beta1
2 | kind: VMUser
3 | metadata:
4 | name: vmuser-enterprise-1
5 | spec:
6 | bearerToken: some-token
7 | targetRefs:
8 | - static:
9 | urls:
10 | - http://vmselect-test-persistent-0.vmselect-test-persistent.default.svc:8481/
11 | - http://vmselect-test-persistent-0.vmselect-test-persistent.default.svc:8481/
12 | paths:
13 | - /internal/resetRollupResultCache
14 | ip_filters:
15 | deny_list:
16 | - 192.168.0.0/16
17 | allow_list:
18 | - 127.0.0.1
19 | - 10.0.0.0/8
20 | default_url:
21 | - http://error-backend-0:8088/handle_error
22 | - http://error-backend-1:8088/handle_error
23 |
--------------------------------------------------------------------------------
/config/examples/vmusers.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: operator.victoriametrics.com/v1beta1
2 | kind: VMUser
3 | metadata:
4 | name: vmuser-sample
5 | spec:
6 | username: simple-user
7 | password: simple-password
8 | targetRefs:
9 | - static:
10 | url: http://vmsingle-sample.default.svc:8429
11 | paths: ["/"]
12 | - crd:
13 | kind: VMAgent
14 | name: sample
15 | namespace: default
16 | paths: ["/targets", "/api/v1/targets", "/api/v1/write"]
17 | ---
18 | apiVersion: operator.victoriametrics.com/v1beta1
19 | kind: VMUser
20 | metadata:
21 | name: vmuser-sample-1
22 | spec:
23 | username: simple-user-1
24 | targetRefs:
25 | - static:
26 | url: http://vmsingle-sample.default.svc:8429
27 | paths: ["/"]
28 | - crd:
29 | kind: VMAgent
30 | name: sample
31 | namespace: default
32 | paths: ["/targets", "/api/v1/targets", "/api/v1/write"]
33 | ---
34 | apiVersion: operator.victoriametrics.com/v1beta1
35 | kind: VMUser
36 | metadata:
37 | name: vmuser-sample-2
38 | spec:
39 | bearerToken: access-token
40 | targetRefs:
41 | - static:
42 | url: http://vmsingle-sample.default.svc:8429
43 | paths: ["/"]
44 | - crd:
45 | kind: VMAgent
46 | name: sample
47 | namespace: default
48 | paths: ["/targets", "/api/v1/targets", "/api/v1/write"]
49 | ---
50 | apiVersion: v1
51 | data:
52 | password: YXNmYXNm
53 | kind: Secret
54 | metadata:
55 | name: user-password
56 | type: Opaque
57 | ---
58 | apiVersion: operator.victoriametrics.com/v1beta1
59 | kind: VMUser
60 | metadata:
61 | name: vmuser-sample-2
62 | spec:
63 | passwordRef:
64 | name: user-password
65 | key: password
66 | targetRefs:
67 | - static:
68 | url: http://vmsingle-sample.default.svc:8429
69 | paths: ["/"]
70 | - crd:
71 | kind: VMAgent
72 | name: sample
73 | namespace: default
74 | paths: ["/targets", "/api/v1/targets", "/api/v1/write"]
75 |
--------------------------------------------------------------------------------
/config/kind/kustomization.yaml:
--------------------------------------------------------------------------------
1 | resources:
2 | - ../default-with-webhook
3 |
4 | patches:
5 | - target:
6 | group: apiextensions.k8s.io
7 | version: v1
8 | kind: CustomResourceDefinition
9 | name: v.*
10 | patch: |-
11 | apiVersion: apiextensions.k8s.io/v1
12 | kind: CustomResourceDefinition
13 | metadata:
14 | name: v.*
15 | $patch: delete
16 |
--------------------------------------------------------------------------------
/config/manager/kustomization.yaml:
--------------------------------------------------------------------------------
1 | resources:
2 | - manager.yaml
3 |
--------------------------------------------------------------------------------
/config/manifests/ci.yaml:
--------------------------------------------------------------------------------
1 | ---
2 | packagemanifestClusterVersionLabel: auto
3 | addReviewers: true
4 | reviewers:
5 | - f41gh7
6 | - AndrewChubatiuk
7 | - Haleygo
8 | - victoriametrics-bot
9 | updateGraph: replaces-mode
10 | fbc:
11 | enabled: true
12 | catalog_mapping:
13 | - template_name: v4.12-v4.16.yaml
14 | catalog_names:
15 | - "v4.12"
16 | - "v4.13"
17 | - "v4.14"
18 | - "v4.15"
19 | - "v4.16"
20 | type: olm.template.basic
21 | - template_name: v4.17-v4.18.yaml
22 | catalog_names:
23 | - "v4.17"
24 | - "v4.18"
25 | type: olm.template.basic
26 |
--------------------------------------------------------------------------------
/config/manifests/kustomization.yaml:
--------------------------------------------------------------------------------
1 | resources:
2 | - ../examples
3 | - ../default-with-webhook
4 | - scorecard.yaml
5 | patches:
6 | - patch: |-
7 | $patch: delete
8 | apiVersion: v1
9 | kind: ServiceAccount
10 | metadata:
11 | name: vmagent
12 | namespace: vm
13 | - patch: |-
14 | $patch: delete
15 | apiVersion: rbac.authorization.k8s.io/v1
16 | kind: ClusterRole
17 | metadata:
18 | name: vmagent
19 | - patch: |-
20 | $patch: delete
21 | apiVersion: v1
22 | kind: Secret
23 | metadata:
24 | name: vmalertmanager-example-alertmanager
25 | - patch: |-
26 | $patch: delete
27 | kind: ClusterRoleBinding
28 | apiVersion: rbac.authorization.k8s.io/v1
29 | metadata:
30 | name: vmagent
31 |
--------------------------------------------------------------------------------
/config/manifests/release-config.yaml:
--------------------------------------------------------------------------------
1 | catalog_templates:
2 | - template_name: v4.12-v4.16.yaml
3 | channels: [beta]
4 | - template_name: v4.17-v4.18.yaml
5 | channels: [beta]
6 |
--------------------------------------------------------------------------------
/config/manifests/scorecard.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: scorecard.operatorframework.io/v1alpha3
2 | kind: Configuration
3 | metadata:
4 | name: config
5 | stages:
6 | - parallel: true
7 | tests:
8 | - entrypoint:
9 | - scorecard-test
10 | - basic-check-spec
11 | image: quay.io/operator-framework/scorecard-test:v1.35.0
12 | labels:
13 | suite: basic
14 | test: basic-check-spec-test
15 | storage:
16 | spec:
17 | mountPath: {}
18 | - entrypoint:
19 | - scorecard-test
20 | - olm-bundle-validation
21 | image: quay.io/operator-framework/scorecard-test:v1.35.0
22 | labels:
23 | suite: olm
24 | test: olm-bundle-validation-test
25 | storage:
26 | spec:
27 | mountPath: {}
28 | - entrypoint:
29 | - scorecard-test
30 | - olm-crds-have-validation
31 | image: quay.io/operator-framework/scorecard-test:v1.35.0
32 | labels:
33 | suite: olm
34 | test: olm-crds-have-validation-test
35 | storage:
36 | spec:
37 | mountPath: {}
38 | - entrypoint:
39 | - scorecard-test
40 | - olm-spec-descriptors
41 | image: quay.io/operator-framework/scorecard-test:v1.35.0
42 | labels:
43 | suite: olm
44 | test: olm-spec-descriptors-test
45 | storage:
46 | spec:
47 | mountPath: {}
48 | - entrypoint:
49 | - scorecard-test
50 | - olm-status-descriptors
51 | image: quay.io/operator-framework/scorecard-test:v1.35.0
52 | labels:
53 | suite: olm
54 | test: olm-status-descriptors-test
55 | storage:
56 | spec:
57 | mountPath: {}
58 | storage:
59 | spec:
60 | mountPath: {}
61 |
--------------------------------------------------------------------------------
/config/network-policy/allow-metrics-traffic.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: networking.k8s.io/v1
2 | kind: NetworkPolicy
3 | metadata:
4 | labels:
5 | app.kubernetes.io/name: test
6 | app.kubernetes.io/managed-by: kustomize
7 | name: allow-metrics-traffic
8 | namespace: system
9 | spec:
10 | podSelector:
11 | matchLabels:
12 | control-plane: controller-manager
13 | app.kubernetes.io/name: test
14 | policyTypes:
15 | - Ingress
16 | ingress:
17 | - from:
18 | - namespaceSelector:
19 | matchLabels:
20 | metrics: enabled
21 | ports:
22 | - port: 8443
23 | protocol: TCP
24 |
--------------------------------------------------------------------------------
/config/network-policy/allow-webhook-traffic.yaml:
--------------------------------------------------------------------------------
1 | # This NetworkPolicy allows ingress traffic to your webhook server running
2 | # as part of the controller-manager from specific namespaces and pods. CR(s) which uses webhooks
3 | # will only work when applied in namespaces labeled with 'webhook: enabled'
4 | apiVersion: networking.k8s.io/v1
5 | kind: NetworkPolicy
6 | metadata:
7 | labels:
8 | app.kubernetes.io/name: vm-operator
9 | app.kubernetes.io/managed-by: kustomize
10 | name: allow-webhook-traffic
11 | namespace: system
12 | spec:
13 | podSelector:
14 | matchLabels:
15 | control-plane: controller-manager
16 | app.kubernetes.io/name: vm-operator
17 | policyTypes:
18 | - Ingress
19 | ingress:
20 | # This allows ingress traffic from any namespace with the label webhook: enabled
21 | - from:
22 | - namespaceSelector:
23 | matchLabels:
24 | webhook: enabled # Only from namespaces with this label
25 | ports:
26 | - port: 443
27 | protocol: TCP
28 |
--------------------------------------------------------------------------------
/config/network-policy/kustomization.yaml:
--------------------------------------------------------------------------------
1 | resources:
2 | - allow-webhook-traffic.yaml
3 | - allow-metrics-traffic.yaml
4 |
--------------------------------------------------------------------------------
/config/olm/kind.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: kind.x-k8s.io/v1alpha4
2 | kind: Cluster
3 | containerdConfigPatches:
4 | - |-
5 | [plugins."io.containerd.grpc.v1.cri".registry]
6 | config_path = "/etc/containerd/certs.d"
7 |
--------------------------------------------------------------------------------
/config/olm/kustomization.yaml:
--------------------------------------------------------------------------------
1 | resources:
2 | - olm.yaml
3 | namespace: vm
4 | replacements:
5 | - source:
6 | fieldPath: .metadata.namespace
7 | group: operators.coreos.com
8 | kind: OperatorGroup
9 | name: operator
10 | version: v1
11 | targets:
12 | - fieldPaths:
13 | - .spec.targetNamespaces.0
14 | options:
15 | create: true
16 | select:
17 | kind: OperatorGroup
18 | - fieldPaths:
19 | - .spec.sourceNamespace
20 | options:
21 | create: true
22 | select:
23 | kind: Subscription
24 | - source:
25 | fieldPath: .metadata.annotations.local-registry
26 | group: operators.coreos.com
27 | kind: OperatorGroup
28 | name: operator
29 | version: v1
30 | targets:
31 | - fieldPaths:
32 | - .data.localRegistryHosting\.v1
33 | options:
34 | create: true
35 | delimiter: '"'
36 | index: 1
37 | select:
38 | kind: ConfigMap
39 | name: local-registry-hosting
40 | namespace: kube-public
41 | version: v1
42 | - fieldPaths:
43 | - .spec.image
44 | options:
45 | create: true
46 | delimiter: /
47 | select:
48 | kind: CatalogSource
49 | - source:
50 | fieldPath: .metadata.annotations.local-test-image
51 | group: operators.coreos.com
52 | kind: CatalogSource
53 | version: v1alpha1
54 | targets:
55 | - fieldPaths:
56 | - .spec.image
57 | options:
58 | create: true
59 | delimiter: /
60 | index: 2
61 | select:
62 | kind: CatalogSource
63 |
--------------------------------------------------------------------------------
/config/olm/olm.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: operators.coreos.com/v1
2 | kind: OperatorGroup
3 | metadata:
4 | name: operator
5 | namespace: default
6 | spec:
7 | targetNamespaces:
8 | - default
9 | ---
10 | apiVersion: operators.coreos.com/v1alpha1
11 | kind: CatalogSource
12 | metadata:
13 | name: operator
14 | namespace: default
15 | spec:
16 | sourceType: grpc
17 | image: docker.io/victoriametrics/operator:v0.0.0
18 | ---
19 | apiVersion: operators.coreos.com/v1alpha1
20 | kind: Subscription
21 | metadata:
22 | name: operator
23 | namespace: default
24 | spec:
25 | channel: beta
26 | name: victoriametrics-operator
27 | source: operator
28 | sourceNamespace: default
29 | ---
30 | apiVersion: v1
31 | kind: ConfigMap
32 | metadata:
33 | name: local-registry-hosting
34 | namespace: kube-public
35 | data:
36 | localRegistryHosting.v1: |
37 | host: "localhost:LOCAL_REGISTRY_PORT"
38 | help: "https://kind.sigs.k8s.io/docs/user/local-registry/"
39 |
--------------------------------------------------------------------------------
/config/rbac/leader_election_role.yaml:
--------------------------------------------------------------------------------
1 | # permissions to do leader election.
2 | apiVersion: rbac.authorization.k8s.io/v1
3 | kind: Role
4 | metadata:
5 | name: leader-election-role
6 | namespace: vm
7 | rules:
8 | - apiGroups:
9 | - ""
10 | resources:
11 | - configmaps
12 | verbs:
13 | - get
14 | - list
15 | - watch
16 | - create
17 | - update
18 | - patch
19 | - delete
20 | - apiGroups:
21 | - ""
22 | resources:
23 | - configmaps/status
24 | verbs:
25 | - get
26 | - update
27 | - patch
28 | - apiGroups:
29 | - ""
30 | resources:
31 | - events
32 | verbs:
33 | - create
34 | - patch
35 | - apiGroups:
36 | - coordination.k8s.io
37 | verbs:
38 | - create
39 | - get
40 | - update
41 | resources:
42 | - leases
43 |
--------------------------------------------------------------------------------
/config/rbac/leader_election_role_binding.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: rbac.authorization.k8s.io/v1
2 | kind: RoleBinding
3 | metadata:
4 | name: leader-election-rolebinding
5 | namespace: vm
6 | roleRef:
7 | apiGroup: rbac.authorization.k8s.io
8 | kind: Role
9 | name: leader-election-role
10 | subjects:
11 | - kind: ServiceAccount
12 | name: operator
13 | namespace: vm
14 |
--------------------------------------------------------------------------------
/config/rbac/operator_vlcluster_editor_role.yaml:
--------------------------------------------------------------------------------
1 | # permissions for end users to edit vlclusters.
2 | apiVersion: rbac.authorization.k8s.io/v1
3 | kind: ClusterRole
4 | metadata:
5 | labels:
6 | app.kubernetes.io/name: victoriametrics-operator
7 | app.kubernetes.io/managed-by: kustomize
8 | name: operator-vlcluster-editor-role
9 | rules:
10 | - apiGroups:
11 | - operator.victoriametrics.com
12 | resources:
13 | - vlclusters
14 | verbs:
15 | - create
16 | - delete
17 | - get
18 | - list
19 | - patch
20 | - update
21 | - watch
22 | - apiGroups:
23 | - operator.victoriametrics.com
24 | resources:
25 | - vlclusters/status
26 | verbs:
27 | - get
28 |
--------------------------------------------------------------------------------
/config/rbac/operator_vlcluster_viewer_role.yaml:
--------------------------------------------------------------------------------
1 | # permissions for end users to view vlclusters.
2 | apiVersion: rbac.authorization.k8s.io/v1
3 | kind: ClusterRole
4 | metadata:
5 | labels:
6 | app.kubernetes.io/name: victoriametrics-operator
7 | app.kubernetes.io/managed-by: kustomize
8 | name: operator-vlcluster-viewer-role
9 | rules:
10 | - apiGroups:
11 | - operator.victoriametrics.com
12 | resources:
13 | - vlclusters
14 | verbs:
15 | - get
16 | - list
17 | - watch
18 | - apiGroups:
19 | - operator.victoriametrics.com
20 | resources:
21 | - vlclusters/status
22 | verbs:
23 | - get
24 |
--------------------------------------------------------------------------------
/config/rbac/operator_vlogs_editor_role.yaml:
--------------------------------------------------------------------------------
1 | # permissions for end users to edit vlogs.
2 | apiVersion: rbac.authorization.k8s.io/v1
3 | kind: ClusterRole
4 | metadata:
5 | labels:
6 | app.kubernetes.io/name: vm-operator
7 | app.kubernetes.io/managed-by: kustomize
8 | name: operator-vlogs-editor-role
9 | rules:
10 | - apiGroups:
11 | - operator.victoriametrics.com
12 | resources:
13 | - vlogs
14 | verbs:
15 | - create
16 | - delete
17 | - get
18 | - list
19 | - patch
20 | - update
21 | - watch
22 | - apiGroups:
23 | - operator.victoriametrics.com
24 | resources:
25 | - vlogs/status
26 | verbs:
27 | - get
28 |
--------------------------------------------------------------------------------
/config/rbac/operator_vlogs_viewer_role.yaml:
--------------------------------------------------------------------------------
1 | # permissions for end users to view vlogs.
2 | apiVersion: rbac.authorization.k8s.io/v1
3 | kind: ClusterRole
4 | metadata:
5 | labels:
6 | app.kubernetes.io/name: vm-operator
7 | app.kubernetes.io/managed-by: kustomize
8 | name: operator-vlogs-viewer-role
9 | rules:
10 | - apiGroups:
11 | - operator.victoriametrics.com
12 | resources:
13 | - vlogs
14 | verbs:
15 | - get
16 | - list
17 | - watch
18 | - apiGroups:
19 | - operator.victoriametrics.com
20 | resources:
21 | - vlogs/status
22 | verbs:
23 | - get
24 |
--------------------------------------------------------------------------------
/config/rbac/operator_vlsingle_editor_role.yaml:
--------------------------------------------------------------------------------
1 | # permissions for end users to edit vlsingles.
2 | apiVersion: rbac.authorization.k8s.io/v1
3 | kind: ClusterRole
4 | metadata:
5 | labels:
6 | app.kubernetes.io/name: victoriametrics-operator
7 | app.kubernetes.io/managed-by: kustomize
8 | name: operator-vlsingle-editor-role
9 | rules:
10 | - apiGroups:
11 | - operator.victoriametrics.com
12 | resources:
13 | - vlsingles
14 | verbs:
15 | - create
16 | - delete
17 | - get
18 | - list
19 | - patch
20 | - update
21 | - watch
22 | - apiGroups:
23 | - operator.victoriametrics.com
24 | resources:
25 | - vlsingles/status
26 | verbs:
27 | - get
28 |
--------------------------------------------------------------------------------
/config/rbac/operator_vlsingle_viewer_role.yaml:
--------------------------------------------------------------------------------
1 | # permissions for end users to view vlsingles.
2 | apiVersion: rbac.authorization.k8s.io/v1
3 | kind: ClusterRole
4 | metadata:
5 | labels:
6 | app.kubernetes.io/name: victoriametrics-operator
7 | app.kubernetes.io/managed-by: kustomize
8 | name: operator-vlsingle-viewer-role
9 | rules:
10 | - apiGroups:
11 | - operator.victoriametrics.com
12 | resources:
13 | - vlsingles
14 | verbs:
15 | - get
16 | - list
17 | - watch
18 | - apiGroups:
19 | - operator.victoriametrics.com
20 | resources:
21 | - vlsingles/status
22 | verbs:
23 | - get
24 |
--------------------------------------------------------------------------------
/config/rbac/operator_vmagent_editor_role.yaml:
--------------------------------------------------------------------------------
1 | # permissions for end users to edit vmagents.
2 | apiVersion: rbac.authorization.k8s.io/v1
3 | kind: ClusterRole
4 | metadata:
5 | labels:
6 | app.kubernetes.io/name: vm-operator
7 | app.kubernetes.io/managed-by: kustomize
8 | name: operator-vmagent-editor
9 | rules:
10 | - apiGroups:
11 | - operator.victoriametrics.com
12 | resources:
13 | - vmagents
14 | verbs:
15 | - create
16 | - delete
17 | - get
18 | - list
19 | - patch
20 | - update
21 | - watch
22 | - deletecollection
23 | - apiGroups:
24 | - operator.victoriametrics.com
25 | resources:
26 | - vmagents/status
27 | verbs:
28 | - get
29 |
--------------------------------------------------------------------------------
/config/rbac/operator_vmagent_viewer_role.yaml:
--------------------------------------------------------------------------------
1 | # permissions for end users to view vmagents.
2 | apiVersion: rbac.authorization.k8s.io/v1
3 | kind: ClusterRole
4 | metadata:
5 | labels:
6 | app.kubernetes.io/name: vm-operator
7 | app.kubernetes.io/managed-by: kustomize
8 | name: operator-vmagent-viewer
9 | rules:
10 | - apiGroups:
11 | - operator.victoriametrics.com
12 | resources:
13 | - vmagents
14 | verbs:
15 | - get
16 | - list
17 | - watch
18 | - apiGroups:
19 | - operator.victoriametrics.com
20 | resources:
21 | - vmagents/status
22 | verbs:
23 | - get
24 |
--------------------------------------------------------------------------------
/config/rbac/operator_vmalert_editor_role.yaml:
--------------------------------------------------------------------------------
1 | # permissions for end users to edit vmalerts.
2 | apiVersion: rbac.authorization.k8s.io/v1
3 | kind: ClusterRole
4 | metadata:
5 | labels:
6 | app.kubernetes.io/name: vm-operator
7 | app.kubernetes.io/managed-by: kustomize
8 | name: operator-vmalert-editor
9 | rules:
10 | - apiGroups:
11 | - operator.victoriametrics.com
12 | resources:
13 | - vmalerts
14 | verbs:
15 | - create
16 | - delete
17 | - get
18 | - list
19 | - patch
20 | - update
21 | - watch
22 | - deletecollection
23 | - apiGroups:
24 | - operator.victoriametrics.com
25 | resources:
26 | - vmalerts/status
27 | verbs:
28 | - get
29 |
--------------------------------------------------------------------------------
/config/rbac/operator_vmalert_viewer_role.yaml:
--------------------------------------------------------------------------------
1 | # permissions for end users to view vmalerts.
2 | apiVersion: rbac.authorization.k8s.io/v1
3 | kind: ClusterRole
4 | metadata:
5 | labels:
6 | app.kubernetes.io/name: vm-operator
7 | app.kubernetes.io/managed-by: kustomize
8 | name: operator-vmalert-viewer
9 | rules:
10 | - apiGroups:
11 | - operator.victoriametrics.com
12 | resources:
13 | - vmalerts
14 | verbs:
15 | - get
16 | - list
17 | - watch
18 | - apiGroups:
19 | - operator.victoriametrics.com
20 | resources:
21 | - vmalerts/status
22 | verbs:
23 | - get
24 |
--------------------------------------------------------------------------------
/config/rbac/operator_vmalertmanager_editor_role.yaml:
--------------------------------------------------------------------------------
1 | # permissions for end users to edit vmalertmanagers.
2 | apiVersion: rbac.authorization.k8s.io/v1
3 | kind: ClusterRole
4 | metadata:
5 | labels:
6 | app.kubernetes.io/name: vm-operator
7 | app.kubernetes.io/managed-by: kustomize
8 | name: operator-vmalertmanager-editor
9 | rules:
10 | - apiGroups:
11 | - operator.victoriametrics.com
12 | resources:
13 | - vmalertmanagers
14 | verbs:
15 | - create
16 | - delete
17 | - get
18 | - list
19 | - patch
20 | - update
21 | - watch
22 | - deletecollection
23 | - apiGroups:
24 | - operator.victoriametrics.com
25 | resources:
26 | - vmalertmanagers/status
27 | verbs:
28 | - get
29 |
--------------------------------------------------------------------------------
/config/rbac/operator_vmalertmanager_viewer_role.yaml:
--------------------------------------------------------------------------------
1 | # permissions for end users to view vmalertmanagers.
2 | apiVersion: rbac.authorization.k8s.io/v1
3 | kind: ClusterRole
4 | metadata:
5 | labels:
6 | app.kubernetes.io/name: vm-operator
7 | app.kubernetes.io/managed-by: kustomize
8 | name: operator-vmalertmanager-viewer
9 | rules:
10 | - apiGroups:
11 | - operator.victoriametrics.com
12 | resources:
13 | - vmalertmanagers
14 | verbs:
15 | - get
16 | - list
17 | - watch
18 | - apiGroups:
19 | - operator.victoriametrics.com
20 | resources:
21 | - vmalertmanagers/status
22 | verbs:
23 | - get
24 |
--------------------------------------------------------------------------------
/config/rbac/operator_vmalertmanagerconfig_editor_role.yaml:
--------------------------------------------------------------------------------
1 | # permissions for end users to edit vmalertmanagerconfigs.
2 | apiVersion: rbac.authorization.k8s.io/v1
3 | kind: ClusterRole
4 | metadata:
5 | labels:
6 | app.kubernetes.io/name: vm-operator
7 | app.kubernetes.io/managed-by: kustomize
8 | name: operator-vmalertmanagerconfig-editor
9 | rules:
10 | - apiGroups:
11 | - operator.victoriametrics.com
12 | resources:
13 | - vmalertmanagerconfigs
14 | verbs:
15 | - create
16 | - delete
17 | - get
18 | - list
19 | - patch
20 | - update
21 | - watch
22 | - apiGroups:
23 | - operator.victoriametrics.com
24 | resources:
25 | - vmalertmanagerconfigs/status
26 | verbs:
27 | - get
28 |
--------------------------------------------------------------------------------
/config/rbac/operator_vmalertmanagerconfig_viewer_role.yaml:
--------------------------------------------------------------------------------
1 | # permissions for end users to view vmalertmanagerconfigs.
2 | apiVersion: rbac.authorization.k8s.io/v1
3 | kind: ClusterRole
4 | metadata:
5 | labels:
6 | app.kubernetes.io/name: vm-operator
7 | app.kubernetes.io/managed-by: kustomize
8 | name: operator-vmalertmanagerconfig-viewer
9 | rules:
10 | - apiGroups:
11 | - operator.victoriametrics.com
12 | resources:
13 | - vmalertmanagerconfigs
14 | verbs:
15 | - get
16 | - list
17 | - watch
18 | - apiGroups:
19 | - operator.victoriametrics.com
20 | resources:
21 | - vmalertmanagerconfigs/status
22 | verbs:
23 | - get
24 |
--------------------------------------------------------------------------------
/config/rbac/operator_vmauth_editor_role.yaml:
--------------------------------------------------------------------------------
1 | # permissions for end users to edit vmauths.
2 | apiVersion: rbac.authorization.k8s.io/v1
3 | kind: ClusterRole
4 | metadata:
5 | labels:
6 | app.kubernetes.io/name: vm-operator
7 | app.kubernetes.io/managed-by: kustomize
8 | name: operator-vmauth-editor
9 | rules:
10 | - apiGroups:
11 | - operator.victoriametrics.com
12 | resources:
13 | - vmauths
14 | verbs:
15 | - create
16 | - delete
17 | - get
18 | - list
19 | - patch
20 | - update
21 | - watch
22 | - apiGroups:
23 | - operator.victoriametrics.com
24 | resources:
25 | - vmauths/status
26 | verbs:
27 | - get
28 |
--------------------------------------------------------------------------------
/config/rbac/operator_vmauth_viewer_role.yaml:
--------------------------------------------------------------------------------
1 | # permissions for end users to view vmauths.
2 | apiVersion: rbac.authorization.k8s.io/v1
3 | kind: ClusterRole
4 | metadata:
5 | labels:
6 | app.kubernetes.io/name: vm-operator
7 | app.kubernetes.io/managed-by: kustomize
8 | name: operator-vmauth-viewer
9 | rules:
10 | - apiGroups:
11 | - operator.victoriametrics.com
12 | resources:
13 | - vmauths
14 | verbs:
15 | - get
16 | - list
17 | - watch
18 | - apiGroups:
19 | - operator.victoriametrics.com
20 | resources:
21 | - vmauths/status
22 | verbs:
23 | - get
24 |
--------------------------------------------------------------------------------
/config/rbac/operator_vmcluster_editor_role.yaml:
--------------------------------------------------------------------------------
1 | # permissions for end users to edit vmclusters.
2 | apiVersion: rbac.authorization.k8s.io/v1
3 | kind: ClusterRole
4 | metadata:
5 | labels:
6 | app.kubernetes.io/name: vm-operator
7 | app.kubernetes.io/managed-by: kustomize
8 | name: operator-vmcluster-editor
9 | rules:
10 | - apiGroups:
11 | - operator.victoriametrics.com
12 | resources:
13 | - vmclusters
14 | verbs:
15 | - create
16 | - delete
17 | - get
18 | - list
19 | - patch
20 | - update
21 | - watch
22 | - apiGroups:
23 | - operator.victoriametrics.com
24 | resources:
25 | - vmclusters/status
26 | verbs:
27 | - get
28 |
--------------------------------------------------------------------------------
/config/rbac/operator_vmcluster_viewer_role.yaml:
--------------------------------------------------------------------------------
1 | # permissions for end users to view vmclusters.
2 | apiVersion: rbac.authorization.k8s.io/v1
3 | kind: ClusterRole
4 | metadata:
5 | labels:
6 | app.kubernetes.io/name: vm-operator
7 | app.kubernetes.io/managed-by: kustomize
8 | name: operator-vmcluster-viewer
9 | rules:
10 | - apiGroups:
11 | - operator.victoriametrics.com
12 | resources:
13 | - vmclusters
14 | verbs:
15 | - get
16 | - list
17 | - watch
18 | - apiGroups:
19 | - operator.victoriametrics.com
20 | resources:
21 | - vmclusters/status
22 | verbs:
23 | - get
24 |
--------------------------------------------------------------------------------
/config/rbac/operator_vmnodescrape_editor_role.yaml:
--------------------------------------------------------------------------------
1 | # permissions for end users to edit vmnodescrapes.
2 | apiVersion: rbac.authorization.k8s.io/v1
3 | kind: ClusterRole
4 | metadata:
5 | labels:
6 | app.kubernetes.io/name: vm-operator
7 | app.kubernetes.io/managed-by: kustomize
8 | name: operator-vmnodescrape-editor
9 | rules:
10 | - apiGroups:
11 | - operator.victoriametrics.com
12 | resources:
13 | - vmnodescrapes
14 | verbs:
15 | - create
16 | - delete
17 | - get
18 | - list
19 | - patch
20 | - update
21 | - watch
22 | - deletecollection
23 | - apiGroups:
24 | - operator.victoriametrics.com
25 | resources:
26 | - vmnodescrapes/status
27 | verbs:
28 | - get
29 |
--------------------------------------------------------------------------------
/config/rbac/operator_vmnodescrape_viewer_role.yaml:
--------------------------------------------------------------------------------
1 | # permissions for end users to view vmnodescrapes.
2 | apiVersion: rbac.authorization.k8s.io/v1
3 | kind: ClusterRole
4 | metadata:
5 | labels:
6 | app.kubernetes.io/name: vm-operator
7 | app.kubernetes.io/managed-by: kustomize
8 | name: operator-vmnodescrape-viewer
9 | rules:
10 | - apiGroups:
11 | - operator.victoriametrics.com
12 | resources:
13 | - vmnodescrapes
14 | verbs:
15 | - get
16 | - list
17 | - watch
18 | - apiGroups:
19 | - operator.victoriametrics.com
20 | resources:
21 | - vmnodescrapes/status
22 | verbs:
23 | - get
24 |
--------------------------------------------------------------------------------
/config/rbac/operator_vmpodscrape_editor_role.yaml:
--------------------------------------------------------------------------------
1 | # permissions for end users to edit vmpodscrapes.
2 | apiVersion: rbac.authorization.k8s.io/v1
3 | kind: ClusterRole
4 | metadata:
5 | labels:
6 | app.kubernetes.io/name: vm-operator
7 | app.kubernetes.io/managed-by: kustomize
8 | name: operator-vmpodscrape-editor
9 | rules:
10 | - apiGroups:
11 | - operator.victoriametrics.com
12 | resources:
13 | - vmpodscrapes
14 | verbs:
15 | - create
16 | - delete
17 | - get
18 | - list
19 | - patch
20 | - update
21 | - watch
22 | - deletecollection
23 | - apiGroups:
24 | - operator.victoriametrics.com
25 | resources:
26 | - vmpodscrapes/status
27 | verbs:
28 | - get
29 |
--------------------------------------------------------------------------------
/config/rbac/operator_vmpodscrape_viewer_role.yaml:
--------------------------------------------------------------------------------
1 | # permissions for end users to view vmpodscrapes.
2 | apiVersion: rbac.authorization.k8s.io/v1
3 | kind: ClusterRole
4 | metadata:
5 | labels:
6 | app.kubernetes.io/name: vm-operator
7 | app.kubernetes.io/managed-by: kustomize
8 | name: operator-vmpodscrape-viewer
9 | rules:
10 | - apiGroups:
11 | - operator.victoriametrics.com
12 | resources:
13 | - vmpodscrapes
14 | verbs:
15 | - get
16 | - list
17 | - watch
18 | - apiGroups:
19 | - operator.victoriametrics.com
20 | resources:
21 | - vmpodscrapes/status
22 | verbs:
23 | - get
24 |
--------------------------------------------------------------------------------
/config/rbac/operator_vmprobe_editor_role.yaml:
--------------------------------------------------------------------------------
1 | # permissions for end users to edit vmprobes.
2 | apiVersion: rbac.authorization.k8s.io/v1
3 | kind: ClusterRole
4 | metadata:
5 | labels:
6 | app.kubernetes.io/name: vm-operator
7 | app.kubernetes.io/managed-by: kustomize
8 | name: operator-vmprobe-editor
9 | rules:
10 | - apiGroups:
11 | - operator.victoriametrics.com
12 | resources:
13 | - vmprobes
14 | verbs:
15 | - create
16 | - delete
17 | - get
18 | - list
19 | - patch
20 | - update
21 | - watch
22 | - deletecollection
23 | - apiGroups:
24 | - operator.victoriametrics.com
25 | resources:
26 | - vmprobes/status
27 | verbs:
28 | - get
29 |
--------------------------------------------------------------------------------
/config/rbac/operator_vmprobe_viewer_role.yaml:
--------------------------------------------------------------------------------
1 | # permissions for end users to view vmprobes.
2 | apiVersion: rbac.authorization.k8s.io/v1
3 | kind: ClusterRole
4 | metadata:
5 | labels:
6 | app.kubernetes.io/name: vm-operator
7 | app.kubernetes.io/managed-by: kustomize
8 | name: operator-vmprobe-viewer
9 | rules:
10 | - apiGroups:
11 | - operator.victoriametrics.com
12 | resources:
13 | - vmprobes
14 | verbs:
15 | - get
16 | - list
17 | - watch
18 | - apiGroups:
19 | - operator.victoriametrics.com
20 | resources:
21 | - vmprobes/status
22 | verbs:
23 | - get
24 |
--------------------------------------------------------------------------------
/config/rbac/operator_vmrule_editor_role.yaml:
--------------------------------------------------------------------------------
1 | # permissions for end users to edit vmrules.
2 | apiVersion: rbac.authorization.k8s.io/v1
3 | kind: ClusterRole
4 | metadata:
5 | labels:
6 | app.kubernetes.io/name: vm-operator
7 | app.kubernetes.io/managed-by: kustomize
8 | name: operator-vmrule-editor
9 | rules:
10 | - apiGroups:
11 | - operator.victoriametrics.com
12 | resources:
13 | - vmrules
14 | verbs:
15 | - create
16 | - delete
17 | - get
18 | - list
19 | - patch
20 | - update
21 | - watch
22 | - deletecollection
23 | - apiGroups:
24 | - operator.victoriametrics.com
25 | resources:
26 | - vmrules/status
27 | verbs:
28 | - get
29 |
--------------------------------------------------------------------------------
/config/rbac/operator_vmrule_viewer_role.yaml:
--------------------------------------------------------------------------------
1 | # permissions for end users to view vmrules.
2 | apiVersion: rbac.authorization.k8s.io/v1
3 | kind: ClusterRole
4 | metadata:
5 | labels:
6 | app.kubernetes.io/name: vm-operator
7 | app.kubernetes.io/managed-by: kustomize
8 | name: operator-vmrule-viewer
9 | rules:
10 | - apiGroups:
11 | - operator.victoriametrics.com
12 | resources:
13 | - vmrules
14 | verbs:
15 | - get
16 | - list
17 | - watch
18 | - apiGroups:
19 | - operator.victoriametrics.com
20 | resources:
21 | - vmrules/status
22 | verbs:
23 | - get
24 |
--------------------------------------------------------------------------------
/config/rbac/operator_vmscrapeconfig_editor_role.yaml:
--------------------------------------------------------------------------------
1 | # permissions for end users to edit vmscrapeconfigs.
2 | apiVersion: rbac.authorization.k8s.io/v1
3 | kind: ClusterRole
4 | metadata:
5 | labels:
6 | app.kubernetes.io/name: vm-operator
7 | app.kubernetes.io/managed-by: kustomize
8 | name: operator-vmscrapeconfig-editor-role
9 | rules:
10 | - apiGroups:
11 | - operator.victoriametrics.com
12 | resources:
13 | - vmscrapeconfigs
14 | verbs:
15 | - create
16 | - delete
17 | - get
18 | - list
19 | - patch
20 | - update
21 | - watch
22 | - apiGroups:
23 | - operator.victoriametrics.com
24 | resources:
25 | - vmscrapeconfigs/status
26 | verbs:
27 | - get
28 |
--------------------------------------------------------------------------------
/config/rbac/operator_vmscrapeconfig_viewer_role.yaml:
--------------------------------------------------------------------------------
1 | # permissions for end users to view vmscrapeconfigs.
2 | apiVersion: rbac.authorization.k8s.io/v1
3 | kind: ClusterRole
4 | metadata:
5 | labels:
6 | app.kubernetes.io/name: vm-operator
7 | app.kubernetes.io/managed-by: kustomize
8 | name: operator-vmscrapeconfig-viewer-role
9 | rules:
10 | - apiGroups:
11 | - operator.victoriametrics.com
12 | resources:
13 | - vmscrapeconfigs
14 | verbs:
15 | - get
16 | - list
17 | - watch
18 | - apiGroups:
19 | - operator.victoriametrics.com
20 | resources:
21 | - vmscrapeconfigs/status
22 | verbs:
23 | - get
24 |
--------------------------------------------------------------------------------
/config/rbac/operator_vmservicescrape_editor_role.yaml:
--------------------------------------------------------------------------------
1 | # permissions for end users to edit vmservicescrapes.
2 | apiVersion: rbac.authorization.k8s.io/v1
3 | kind: ClusterRole
4 | metadata:
5 | labels:
6 | app.kubernetes.io/name: vm-operator
7 | app.kubernetes.io/managed-by: kustomize
8 | name: operator-vmservicescrape-editor
9 | rules:
10 | - apiGroups:
11 | - operator.victoriametrics.com
12 | resources:
13 | - vmservicescrapes
14 | verbs:
15 | - create
16 | - delete
17 | - get
18 | - list
19 | - patch
20 | - update
21 | - watch
22 | - deletecollection
23 | - apiGroups:
24 | - operator.victoriametrics.com
25 | resources:
26 | - vmservicescrapes/status
27 | verbs:
28 | - get
29 |
--------------------------------------------------------------------------------
/config/rbac/operator_vmservicescrape_viewer_role.yaml:
--------------------------------------------------------------------------------
1 | # permissions for end users to view vmservicescrapes.
2 | apiVersion: rbac.authorization.k8s.io/v1
3 | kind: ClusterRole
4 | metadata:
5 | labels:
6 | app.kubernetes.io/name: vm-operator
7 | app.kubernetes.io/managed-by: kustomize
8 | name: operator-vmservicescrape-viewer
9 | rules:
10 | - apiGroups:
11 | - operator.victoriametrics.com
12 | resources:
13 | - vmservicescrapes
14 | verbs:
15 | - get
16 | - list
17 | - watch
18 | - apiGroups:
19 | - operator.victoriametrics.com
20 | resources:
21 | - vmservicescrapes/status
22 | verbs:
23 | - get
24 |
--------------------------------------------------------------------------------
/config/rbac/operator_vmsingle_editor_role.yaml:
--------------------------------------------------------------------------------
1 | # permissions for end users to edit vmsingles.
2 | apiVersion: rbac.authorization.k8s.io/v1
3 | kind: ClusterRole
4 | metadata:
5 | labels:
6 | app.kubernetes.io/name: vm-operator
7 | app.kubernetes.io/managed-by: kustomize
8 | name: operator-vmsingle-editor
9 | rules:
10 | - apiGroups:
11 | - operator.victoriametrics.com
12 | resources:
13 | - vmsingles
14 | verbs:
15 | - create
16 | - delete
17 | - get
18 | - list
19 | - patch
20 | - update
21 | - watch
22 | - deletecollection
23 | - apiGroups:
24 | - operator.victoriametrics.com
25 | resources:
26 | - vmsingles/status
27 | verbs:
28 | - get
29 |
--------------------------------------------------------------------------------
/config/rbac/operator_vmsingle_viewer_role.yaml:
--------------------------------------------------------------------------------
1 | # permissions for end users to view vmsingles.
2 | apiVersion: rbac.authorization.k8s.io/v1
3 | kind: ClusterRole
4 | metadata:
5 | labels:
6 | app.kubernetes.io/name: vm-operator
7 | app.kubernetes.io/managed-by: kustomize
8 | name: operator-vmsingle-viewer
9 | rules:
10 | - apiGroups:
11 | - operator.victoriametrics.com
12 | resources:
13 | - vmsingles
14 | verbs:
15 | - get
16 | - list
17 | - watch
18 | - apiGroups:
19 | - operator.victoriametrics.com
20 | resources:
21 | - vmsingles/status
22 | verbs:
23 | - get
24 |
--------------------------------------------------------------------------------
/config/rbac/operator_vmstaticscrape_editor_role.yaml:
--------------------------------------------------------------------------------
1 | # permissions for end users to edit vmstaticscrapes.
2 | apiVersion: rbac.authorization.k8s.io/v1
3 | kind: ClusterRole
4 | metadata:
5 | labels:
6 | app.kubernetes.io/name: vm-operator
7 | app.kubernetes.io/managed-by: kustomize
8 | name: operator-vmstaticscrape-editor
9 | rules:
10 | - apiGroups:
11 | - operator.victoriametrics.com
12 | resources:
13 | - vmstaticscrapes
14 | verbs:
15 | - create
16 | - delete
17 | - get
18 | - list
19 | - patch
20 | - update
21 | - watch
22 | - deletecollection
23 | - apiGroups:
24 | - operator.victoriametrics.com
25 | resources:
26 | - vmstaticscrapes/status
27 | verbs:
28 | - get
29 |
--------------------------------------------------------------------------------
/config/rbac/operator_vmstaticscrape_viewer_role.yaml:
--------------------------------------------------------------------------------
1 | # permissions for end users to view vmstaticscrapes.
2 | apiVersion: rbac.authorization.k8s.io/v1
3 | kind: ClusterRole
4 | metadata:
5 | labels:
6 | app.kubernetes.io/name: vm-operator
7 | app.kubernetes.io/managed-by: kustomize
8 | name: operator-vmstaticscrape-viewer
9 | rules:
10 | - apiGroups:
11 | - operator.victoriametrics.com
12 | resources:
13 | - vmstaticscrapes
14 | verbs:
15 | - get
16 | - list
17 | - watch
18 | - apiGroups:
19 | - operator.victoriametrics.com
20 | resources:
21 | - vmstaticscrapes/status
22 | verbs:
23 | - get
24 |
--------------------------------------------------------------------------------
/config/rbac/operator_vmuser_editor_role.yaml:
--------------------------------------------------------------------------------
1 | # permissions for end users to edit vmusers.
2 | apiVersion: rbac.authorization.k8s.io/v1
3 | kind: ClusterRole
4 | metadata:
5 | labels:
6 | app.kubernetes.io/name: vm-operator
7 | app.kubernetes.io/managed-by: kustomize
8 | name: operator-vmuser-editor
9 | rules:
10 | - apiGroups:
11 | - operator.victoriametrics.com
12 | resources:
13 | - vmusers
14 | verbs:
15 | - create
16 | - delete
17 | - get
18 | - list
19 | - patch
20 | - update
21 | - watch
22 | - apiGroups:
23 | - operator.victoriametrics.com
24 | resources:
25 | - vmusers/status
26 | verbs:
27 | - get
28 |
--------------------------------------------------------------------------------
/config/rbac/operator_vmuser_viewer_role.yaml:
--------------------------------------------------------------------------------
1 | # permissions for end users to view vmusers.
2 | apiVersion: rbac.authorization.k8s.io/v1
3 | kind: ClusterRole
4 | metadata:
5 | labels:
6 | app.kubernetes.io/name: vm-operator
7 | app.kubernetes.io/managed-by: kustomize
8 | name: operator-vmuser-viewer
9 | rules:
10 | - apiGroups:
11 | - operator.victoriametrics.com
12 | resources:
13 | - vmusers
14 | verbs:
15 | - get
16 | - list
17 | - watch
18 | - apiGroups:
19 | - operator.victoriametrics.com
20 | resources:
21 | - vmusers/status
22 | verbs:
23 | - get
24 |
--------------------------------------------------------------------------------
/config/rbac/role_binding.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: rbac.authorization.k8s.io/v1
2 | kind: ClusterRoleBinding
3 | metadata:
4 | name: operator
5 | roleRef:
6 | apiGroup: rbac.authorization.k8s.io
7 | kind: ClusterRole
8 | name: operator
9 | subjects:
10 | - kind: ServiceAccount
11 | name: operator
12 | namespace: vm
13 |
--------------------------------------------------------------------------------
/config/rbac/service_account.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: v1
2 | kind: ServiceAccount
3 | metadata:
4 | labels:
5 | app.kubernetes.io/name: vm-operator
6 | app.kubernetes.io/managed-by: kustomize
7 | name: operator
8 | namespace: vm
9 |
--------------------------------------------------------------------------------
/config/samples/kustomization.yaml:
--------------------------------------------------------------------------------
1 | ## This file is auto-generated, do not modify ##
2 | resources:
3 | - operator_v1beta1_vmagent.yaml
4 | - operator_v1beta1_vmalert.yaml
5 | - operator_v1beta1_vmalertmanager.yaml
6 | - operator_v1beta1_vmpodscrape.yaml
7 | - operator_v1beta1_vmrule.yaml
8 | - operator_v1beta1_vmservicescrape.yaml
9 | - operator_v1beta1_vmsingle.yaml
10 | - operator_v1beta1_vmcluster.yaml
11 | - operator_v1beta1_vmprobe.yaml
12 | - operator_v1beta1_vmnodescrape.yaml
13 | - operator_v1beta1_vmstaticscrape.yaml
14 | - operator_v1beta1_vmuser.yaml
15 | - operator_v1beta1_vmauth.yaml
16 | - operator_v1beta1_vmalertmanagerconfig.yaml
17 |
--------------------------------------------------------------------------------
/config/samples/operator_v1_vlcluster.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: operator.victoriametrics.com/v1
2 | kind: VLCluster
3 | metadata:
4 | labels:
5 | app.kubernetes.io/name: victoriametrics-operator
6 | app.kubernetes.io/managed-by: kustomize
7 | name: vlcluster-sample
8 | spec:
9 | vlinsert:
10 | replicaCount: 1
11 | vlselect:
12 | replicaCount: 1
13 | vlstorage:
14 | retentionPeriod: "1y"
15 | replicaCount: 2
16 | requestsLoadBalancer:
17 | enabled: true
18 | spec: {}
19 |
--------------------------------------------------------------------------------
/config/samples/operator_v1_vlsingle.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: operator.victoriametrics.com/v1
2 | kind: VLSingle
3 | metadata:
4 | labels:
5 | app.kubernetes.io/name: victoriametrics-operator
6 | app.kubernetes.io/managed-by: kustomize
7 | name: vlsingle-sample
8 | spec:
9 | retentionPeriod: 1y
10 | storage:
11 | resources:
12 | requests:
13 | storage: 50Gi
14 |
--------------------------------------------------------------------------------
/config/samples/operator_v1beta1_vlogs.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: operator.victoriametrics.com/v1beta1
2 | kind: VLogs
3 | metadata:
4 | labels:
5 | app.kubernetes.io/name: vm-operator
6 | app.kubernetes.io/managed-by: kustomize
7 | name: vlogs-sample
8 | spec:
9 | # TODO(user): Add fields here
10 |
--------------------------------------------------------------------------------
/config/samples/operator_v1beta1_vmagent.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: operator.victoriametrics.com/v1beta1
2 | kind: VMAgent
3 | metadata:
4 | labels:
5 | app.kubernetes.io/name: vm-operator
6 | app.kubernetes.io/managed-by: kustomize
7 | name: vmagent-sample
8 | spec:
9 |
10 | # TODO(user): Add fields here
11 |
--------------------------------------------------------------------------------
/config/samples/operator_v1beta1_vmalert.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: operator.victoriametrics.com/v1beta1
2 | kind: VMAlert
3 | metadata:
4 | labels:
5 | app.kubernetes.io/name: vm-operator
6 | app.kubernetes.io/managed-by: kustomize
7 | name: vmalert-sample
8 | spec:
9 |
10 | # TODO(user): Add fields here
11 |
--------------------------------------------------------------------------------
/config/samples/operator_v1beta1_vmalertmanager.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: operator.victoriametrics.com/v1beta1
2 | kind: VMAlertmanager
3 | metadata:
4 | labels:
5 | app.kubernetes.io/name: vm-operator
6 | app.kubernetes.io/managed-by: kustomize
7 | name: vmalertmanager-sample
8 | spec:
9 |
10 | # TODO(user): Add fields here
11 |
--------------------------------------------------------------------------------
/config/samples/operator_v1beta1_vmalertmanagerconfig.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: operator.victoriametrics.com/v1beta1
2 | kind: VMAlertmanagerConfig
3 | metadata:
4 | labels:
5 | app.kubernetes.io/name: vm-operator
6 | app.kubernetes.io/managed-by: kustomize
7 | name: vmalertmanagerconfig-sample
8 | spec:
9 | # Add fields here
10 | route:
11 | receiver: base
12 | group_interval: 1m
13 | receivers:
14 | - name: base
15 | webhook_configs:
16 | - url: http://some-url
17 |
--------------------------------------------------------------------------------
/config/samples/operator_v1beta1_vmauth.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: operator.victoriametrics.com/v1beta1
2 | kind: VMAuth
3 | metadata:
4 | labels:
5 | app.kubernetes.io/name: vm-operator
6 | app.kubernetes.io/managed-by: kustomize
7 | name: vmauth-sample
8 | spec:
9 | selectAllByDefault: true
10 | replicaCount: 1
11 | resources:
12 | requests:
13 | cpu: "250m"
14 | memory: "350Mi"
15 | limits:
16 | cpu: "500m"
17 | memory: "850Mi"
18 |
--------------------------------------------------------------------------------
/config/samples/operator_v1beta1_vmcluster.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: operator.victoriametrics.com/v1beta1
2 | kind: VMCluster
3 | metadata:
4 | labels:
5 | app.kubernetes.io/name: vm-operator
6 | app.kubernetes.io/managed-by: kustomize
7 | name: vmcluster-sample
8 | spec:
9 |
10 | # TODO(user): Add fields here
11 |
--------------------------------------------------------------------------------
/config/samples/operator_v1beta1_vmnodescrape.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: operator.victoriametrics.com/v1beta1
2 | kind: VMNodeScrape
3 | metadata:
4 | labels:
5 | app.kubernetes.io/name: vm-operator
6 | app.kubernetes.io/managed-by: kustomize
7 | name: vmnodescrape-sample
8 | spec:
9 | port: "9100"
10 | scheme: http
11 | jobLabel: beta.kubernetes.io/os
12 | targetLabels: [beta.kubernetes.io/os]
13 | path: /metrics
14 | selector:
15 | matchLabels:
16 | role: node-exporter
17 | interval: "10s"
18 | scrapeTimeout: "2s"
19 | tlsConfig:
20 | insecureSkipVerify: true
21 | caFile: /var/run/secrets/kubernetes.io/serviceaccount/ca.crt
22 | bearerTokenFile: /var/run/secrets/kubernetes.io/serviceaccount/token
23 | relabelConfigs:
24 | - sourceLabels:
25 | - node
26 | targetLabel: kubernetes_io_node1
27 |
--------------------------------------------------------------------------------
/config/samples/operator_v1beta1_vmpodscrape.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: operator.victoriametrics.com/v1beta1
2 | kind: VMPodScrape
3 | metadata:
4 | labels:
5 | app.kubernetes.io/name: vm-operator
6 | app.kubernetes.io/managed-by: kustomize
7 | name: vmpodscrape-sample
8 | spec:
9 |
10 | # TODO(user): Add fields here
11 |
--------------------------------------------------------------------------------
/config/samples/operator_v1beta1_vmprobe.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: operator.victoriametrics.com/v1beta1
2 | kind: VMProbe
3 | metadata:
4 | labels:
5 | app.kubernetes.io/name: vm-operator
6 | app.kubernetes.io/managed-by: kustomize
7 | name: probe-agent
8 | spec:
9 | jobName: static-probe
10 | vmProberSpec:
11 | # by default scheme http, and path is /probe
12 | url: prometheus-blackbox-exporter.default.svc:9115
13 | module: http_2xx
14 | targets:
15 | staticConfig:
16 | targets:
17 | - vmagent-example-vmagent.default.svc:8429/health
18 | interval: 2s
19 |
--------------------------------------------------------------------------------
/config/samples/operator_v1beta1_vmrule.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: operator.victoriametrics.com/v1beta1
2 | kind: VMRule
3 | metadata:
4 | labels:
5 | app.kubernetes.io/name: vm-operator
6 | app.kubernetes.io/managed-by: kustomize
7 | name: vmrule-sample
8 | spec:
9 |
10 | # TODO(user): Add fields here
11 |
--------------------------------------------------------------------------------
/config/samples/operator_v1beta1_vmscrapeconfig.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: operator.victoriametrics.com/v1beta1
2 | kind: VMScrapeConfig
3 | metadata:
4 | labels:
5 | app.kubernetes.io/name: vm-operator
6 | app.kubernetes.io/managed-by: kustomize
7 | name: example-scrape-consul
8 | annotations:
9 | scrape: annotation
10 | spec:
11 | staticConfigs: []
12 | fileSDConfigs: []
13 | httpSDConfigs: []
14 | kubernetesSDConfigs: []
15 | consulSDConfigs:
16 | - server: http://consul.consul.svc:8081
17 | dnsSDConfigs: []
18 | ec2SDConfigs: []
19 | azureSDConfigs: []
20 | gceSDConfigs: []
21 | openstackSDConfigs: []
22 | digitalOceanSDConfigs: []
23 | relabelConfigs: []
24 | metricRelabelConfigs: []
25 | metricsPath: null
26 | scrapeInterval: "10s"
27 | scrapeTimeout: "30s"
28 | seriesLimit: 0
29 | sampleLimit: 0
30 | tlsConfig: null
31 | oauth2: null
32 | authorization: null
33 | basicAuth: null
34 | proxyURL: null
35 | follow_redirects: null
36 | vm_scrape_params: null
37 |
--------------------------------------------------------------------------------
/config/samples/operator_v1beta1_vmservicescrape.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: operator.victoriametrics.com/v1beta1
2 | kind: VMServiceScrape
3 | metadata:
4 | labels:
5 | app.kubernetes.io/name: vm-operator
6 | app.kubernetes.io/managed-by: kustomize
7 | name: vmservicescrape-sample
8 | spec:
9 |
10 | # TODO(user): Add fields here
11 |
--------------------------------------------------------------------------------
/config/samples/operator_v1beta1_vmsingle.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: operator.victoriametrics.com/v1beta1
2 | kind: VMSingle
3 | metadata:
4 | labels:
5 | app.kubernetes.io/name: vm-operator
6 | app.kubernetes.io/managed-by: kustomize
7 | name: vmsingle-sample
8 | spec:
9 |
10 | # TODO(user): Add fields here
11 |
--------------------------------------------------------------------------------
/config/samples/operator_v1beta1_vmstaticscrape.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: operator.victoriametrics.com/v1beta1
2 | kind: VMStaticScrape
3 | metadata:
4 | labels:
5 | app.kubernetes.io/name: vm-operator
6 | app.kubernetes.io/managed-by: kustomize
7 | name: vmstaticscrape-sample
8 | spec:
9 | jobName: static
10 | targetEndpoints:
11 | - targets:
12 | - 192.168.0.1:9100
13 | - 196.168.0.50:9100
14 | labels:
15 | env: dev
16 | project: vm-operator
17 | relabelConfigs:
18 | - target_label: namespace
19 | replacement: default
20 | - targets:
21 | - secure-target-1:6443
22 | labels:
23 | env: secure
24 | scheme: https
25 | tlsConfig:
26 | insecureSkipVerify: true
27 | caFile: /var/run/secrets/kubernetes.io/serviceaccount/ca.crt
28 | bearerTokenFile: /var/run/secrets/kubernetes.io/serviceaccount/token
29 | - targets:
30 | - basic-auth:8080
31 | params:
32 | select: [param1]
33 | interval: 10s
34 | scrapeTimeout: 20s
35 | basicAuth:
36 | username:
37 | name: bau-secret
38 | key: user
39 | password:
40 | name: bau-secret
41 | key: password
42 |
--------------------------------------------------------------------------------
/config/samples/operator_v1beta1_vmuser.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: operator.victoriametrics.com/v1beta1
2 | kind: VMUser
3 | metadata:
4 | labels:
5 | app.kubernetes.io/name: vm-operator
6 | app.kubernetes.io/managed-by: kustomize
7 | name: vmuser-sample
8 | spec:
9 | username: simple-user
10 | password: simple-password
11 | targetRefs:
12 | - static:
13 | url: http://vmsingle-sample.default.svc:8429
14 | paths: ["/"]
15 | - static:
16 | url: http://vmagent-sample.default.svc:8429
17 | paths: ["/targets", "/api/v1/targets", "/api/v1/write"]
18 |
--------------------------------------------------------------------------------
/config/webhook/kustomization.yaml:
--------------------------------------------------------------------------------
1 | resources:
2 | - manifests.yaml
3 | - service.yaml
4 | configurations:
5 | - kustomizeconfig.yaml
6 |
--------------------------------------------------------------------------------
/config/webhook/kustomizeconfig.yaml:
--------------------------------------------------------------------------------
1 | # the following config is for teaching kustomize where to look at when substituting vars.
2 | # It requires kustomize v2.1.0 or newer to work properly.
3 | nameReference:
4 | - kind: Service
5 | version: v1
6 | fieldSpecs:
7 | - kind: MutatingWebhookConfiguration
8 | group: admissionregistration.k8s.io
9 | path: webhooks/clientConfig/service/name
10 | - kind: ValidatingWebhookConfiguration
11 | group: admissionregistration.k8s.io
12 | path: webhooks/clientConfig/service/name
13 | namespace:
14 | - kind: MutatingWebhookConfiguration
15 | group: admissionregistration.k8s.io
16 | path: webhooks/clientConfig/service/namespace
17 | create: false
18 | - kind: ValidatingWebhookConfiguration
19 | group: admissionregistration.k8s.io
20 | path: webhooks/clientConfig/service/namespace
21 | create: true
22 | varReference:
23 | - path: metadata/annotations
24 |
--------------------------------------------------------------------------------
/config/webhook/service.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: v1
2 | kind: Service
3 | metadata:
4 | name: webhook-service
5 | namespace: vm
6 | spec:
7 | ports:
8 | - port: 443
9 | targetPort: 9443
10 | selector:
11 | app.kubernetes.io/instance: default
12 | app.kubernetes.io/name: victoria-metrics-operator
13 |
--------------------------------------------------------------------------------
/docs/Makefile:
--------------------------------------------------------------------------------
1 | UID := "$(shell id -u)"
2 | PLATFORM := $(shell uname -m)
3 | DOCKER_PLATFORM := "linux/$(if $(findstring $(PLATFORM),arm64),arm64,amd64)"
4 |
5 | REPODIR := $(dir $(realpath $(lastword $(MAKEFILE_LIST))))
6 | WORKDIR := $(REPODIR)/..
7 |
8 | CONTAINER_TOOL ?= docker
9 |
10 | # These commands must be run from the repository root
11 |
12 |
13 | docs-image:
14 | if [ ! -d $(WORKDIR)/vmdocs ]; then \
15 | git clone --depth 1 git@github.com:VictoriaMetrics/vmdocs $(WORKDIR)/vmdocs; \
16 | fi; \
17 | cd $(WORKDIR)/vmdocs && \
18 | git checkout main && \
19 | git pull origin main && \
20 | cd .. && \
21 | docker build \
22 | -t vmdocs-docker-package \
23 | --build-arg UID=$(UID) \
24 | --platform $(DOCKER_PLATFORM) \
25 | vmdocs
26 |
27 | docs-debug: docs docs-image
28 | $(CONTAINER_TOOL) run \
29 | --rm \
30 | --name vmdocs \
31 | -p 1313:1313 \
32 | -v ./docs:/opt/docs/content/operator vmdocs-docker-package
33 |
34 | docs-images-to-webp: docs-image
35 | $(CONTAINER_TOOL) run \
36 | --rm \
37 | --platform $(DOCKER_PLATFORM) \
38 | --entrypoint /usr/bin/find \
39 | --name vmdocs \
40 | -v ./docs:/opt/docs/content/operator vmdocs-docker-package \
41 | content/operator \
42 | -regex ".*\.\(png\|jpg\|jpeg\)" \
43 | -exec sh -c 'cwebp -preset drawing -m 6 -o $$(echo {} | cut -f-1 -d.).webp {} && rm -rf {}' {} \;
44 |
--------------------------------------------------------------------------------
/docs/README_operator-workflow.webp:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/VictoriaMetrics/operator/61a2bd7b15daf87ccfaca9378dd04a865acb81bb/docs/README_operator-workflow.webp
--------------------------------------------------------------------------------
/docs/_index.md:
--------------------------------------------------------------------------------
1 | ---
2 | weight: 0
3 | title: Kubernetes Operator
4 | menu:
5 | docs:
6 | weight: 30
7 | identifier: operator
8 | pageRef: /operator/
9 | aliases:
10 | - /operator/
11 | - /operator/index.html
12 | tags:
13 | - kubernetes
14 | - logs
15 | - metrics
16 | ---
17 | {{% content "README.md" %}}
18 |
--------------------------------------------------------------------------------
/docs/config.yaml:
--------------------------------------------------------------------------------
1 | render:
2 | kubernetesVersion: '1.30'
3 |
4 | processor:
5 | ignoreTypes:
6 | - ".*List$"
7 | ignoreFields:
8 | - "status$"
9 | - "TypeMeta$"
10 |
11 | customMarkers:
12 | - name: optional
13 | target: field
14 |
--------------------------------------------------------------------------------
/docs/integrations/_index.md:
--------------------------------------------------------------------------------
1 | ---
2 | weight: 0
3 | title: Integrations
4 | menu:
5 | docs:
6 | identifier: operator-integrations
7 | parent: operator
8 | weight: 15
9 | ---
10 |
11 | Comprehensive Kubernetes guides for deploying and using VictoriaMetrics alongside [Grafana](https://grafana.com/) and [Istio](https://istio.io/).
12 | How to migrate from [Prometheus](https://prometheus.io/) to VictoriaMetrics.
13 |
14 | * [Prometheus](https://docs.victoriametrics.com/operator/integrations/prometheus/).
15 | * [Grafana](https://docs.victoriametrics.com/operator/integrations/grafana).
16 | * [Istio](https://docs.victoriametrics.com/operator/integrations/istio).
17 |
18 | If you think the community would benefit from new integrations or detailed guides, please submit [a feature request on GitHub](https://github.com/VictoriaMetrics/operator/issues).
19 |
--------------------------------------------------------------------------------
/docs/integrations/grafana.md:
--------------------------------------------------------------------------------
1 | ---
2 | weight: 1
3 | title: Grafana
4 | menu:
5 | docs:
6 | parent: operator-integrations
7 | weight: 1
8 | ---
9 |
10 | Content coming soon.
11 |
12 | This chapter will explain how to integrate Grafana with the VictoriaMetrics Operator. It will guide you through:
13 | - Installing the VictoriaMetrics data source for Grafana
14 | - Setting up official VictoriaMetrics dashboards
15 | - Connecting Grafana to the operator-managed storage
16 | - Visualizing metrics and configuring alerting with the operator’s ecosystem
17 |
18 |
--------------------------------------------------------------------------------
/docs/logo.webp:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/VictoriaMetrics/operator/61a2bd7b15daf87ccfaca9378dd04a865acb81bb/docs/logo.webp
--------------------------------------------------------------------------------
/docs/logo_white.webp:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/VictoriaMetrics/operator/61a2bd7b15daf87ccfaca9378dd04a865acb81bb/docs/logo_white.webp
--------------------------------------------------------------------------------
/docs/migration_prometheus-conversion.webp:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/VictoriaMetrics/operator/61a2bd7b15daf87ccfaca9378dd04a865acb81bb/docs/migration_prometheus-conversion.webp
--------------------------------------------------------------------------------
/docs/monitoring_operator-dashboard.webp:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/VictoriaMetrics/operator/61a2bd7b15daf87ccfaca9378dd04a865acb81bb/docs/monitoring_operator-dashboard.webp
--------------------------------------------------------------------------------
/docs/resources/README_cr-relations.webp:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/VictoriaMetrics/operator/61a2bd7b15daf87ccfaca9378dd04a865acb81bb/docs/resources/README_cr-relations.webp
--------------------------------------------------------------------------------
/docs/resources/_index.md:
--------------------------------------------------------------------------------
1 | ---
2 | weight: 14
3 | title: Custom resources
4 | menu:
5 | docs:
6 | identifier: operator-cr
7 | parent: operator
8 | weight: 14
9 | aliases:
10 | - /operator/resources/
11 | - /operator/resources/index.html
12 | tags:
13 | - kubernetes
14 | - logs
15 | - metrics
16 | ---
17 | {{% content "README.md" %}}
18 |
--------------------------------------------------------------------------------
/docs/resources/vmcluster_default_balancer.webp:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/VictoriaMetrics/operator/61a2bd7b15daf87ccfaca9378dd04a865acb81bb/docs/resources/vmcluster_default_balancer.webp
--------------------------------------------------------------------------------
/docs/resources/vmcluster_with_balancer.webp:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/VictoriaMetrics/operator/61a2bd7b15daf87ccfaca9378dd04a865acb81bb/docs/resources/vmcluster_with_balancer.webp
--------------------------------------------------------------------------------
/docs/resources/vmscrapeconfig.md:
--------------------------------------------------------------------------------
1 | ---
2 | weight: 11
3 | title: VMScrapeConfig
4 | menu:
5 | docs:
6 | identifier: operator-cr-vmscrapeconfig
7 | parent: operator-cr
8 | weight: 11
9 | aliases:
10 | - /operator/resources/vmscrapeconfig/
11 | - /operator/resources/vmscrapeconfig/index.html
12 | tags:
13 | - kubernetes
14 | - metrics
15 | ---
16 | The `VMScrapeConfig` CRD allows to define a scrape config using [any of the service discovery options supported in victoriametrics](https://docs.victoriametrics.com/sd_configs).
17 |
18 | `VMScrapeConfig` object generates part of [VMAgent](https://docs.victoriametrics.com/vmagent) configuration with Prometheus-compatible scrape targets.
19 |
20 | ## Specification
21 |
22 | You can see the full actual specification of the `VMScrapeConfig` resource in
23 | the **[API docs -> VMScrapeConfig](https://docs.victoriametrics.com/operator/api#vmscrapeconfig)**.
24 |
25 | Also, you can check out the [examples](#examples) section.
26 |
27 | ## Migration from Prometheus
28 |
29 | The `VMScrapeConfig` CRD from VictoriaMetrics Operator is a drop-in replacement
30 | for the Prometheus `ScrapeConfig` from prometheus-operator.
31 |
32 | More details about migration from prometheus-operator you can read in [this doc](https://docs.victoriametrics.com/operator/migration).
33 |
34 | ## Examples
35 |
36 | ```yaml
37 | apiVersion: operator.victoriametrics.com/v1beta1
38 | kind: VMScrapeConfig
39 | metadata:
40 | name: mongodb
41 | spec:
42 | consulSDConfigs:
43 | - server: https://consul-dns:8500
44 | services:
45 | - mongodb
46 | relabelConfigs:
47 | - action: replace
48 | sourceLabels:
49 | - __meta_consul_service
50 | targetLabel: job
51 | ```
52 |
--------------------------------------------------------------------------------
/docs/resources/vmstaticscrape.md:
--------------------------------------------------------------------------------
1 | ---
2 | weight: 14
3 | title: VMStaticScrape
4 | menu:
5 | docs:
6 | identifier: operator-cr-vmstaticscrape
7 | parent: operator-cr
8 | weight: 14
9 | aliases:
10 | - /operator/resources/vmstaticscrape/
11 | - /operator/resources/vmstaticscrape/index.html
12 | tags:
13 | - kubernetes
14 | - metrics
15 | ---
16 | The `VMStaticScrape` CRD provides mechanism for scraping metrics from static targets, configured by CRD targets.
17 |
18 | `VMStaticScrape` object generates part of [VMAgent](https://docs.victoriametrics.com/operator/resources/vmagent)
19 | configuration with [static "service discovery"](https://docs.victoriametrics.com/sd_configs#static_configs).
20 | It has various options for scraping configuration of target (with basic auth,tls access, by specific port name etc.).
21 |
22 | By specifying configuration at CRD, operator generates config
23 | for [VMAgent](https://docs.victoriametrics.com/operator/resources/vmagent) and syncs it.
24 | It's useful for external targets management, when service-discovery is not available.
25 | `VMAgent` `staticScrapeSelector` must match `VMStaticScrape` labels.
26 |
27 | More information about selectors you can find in [this doc](https://docs.victoriametrics.com/operator/resources/vmagent#scraping).
28 |
29 | ## Specification
30 |
31 | You can see the full actual specification of the `VMStaticScrape` resource in
32 | the **[API docs -> VMStaticScrape](https://docs.victoriametrics.com/operator/api#vmstaticscrape)**.
33 |
34 | Also, you can check out the [examples](#examples) section.
35 |
36 | ## Examples
37 |
38 | ```yaml
39 | apiVersion: operator.victoriametrics.com/v1beta1
40 | kind: VMStaticScrape
41 | metadata:
42 | name: vmstaticscrape-sample
43 | spec:
44 | jobName: static
45 | targetEndpoints:
46 | - targets: ["192.168.0.1:9100", "196.168.0.50:9100"]
47 | labels:
48 | env: dev
49 | project: operator
50 | ```
51 |
--------------------------------------------------------------------------------
/docs/templates/api/details.tpl:
--------------------------------------------------------------------------------
1 | {{- define "gvDetails" -}}
2 | {{- $gv := . -}}
3 |
4 | ## {{ $gv.GroupVersionString }}
5 |
6 | {{ $gv.Doc }}
7 |
8 | {{- if $gv.Kinds }}
9 | ### Resource Types
10 | {{- range $gv.SortedKinds }}
11 | - {{ $gv.TypeForKind . | markdownRenderTypeLink }}
12 | {{- end }}
13 | {{ end }}
14 |
15 | {{ range $gv.SortedTypes }}
16 | {{ template "type" . }}
17 | {{ end }}
18 |
19 | {{- end -}}
20 |
--------------------------------------------------------------------------------
/docs/templates/api/list.tpl:
--------------------------------------------------------------------------------
1 | {{- define "gvList" -}}
2 | {{- $groupVersions := . -}}
3 | ---
4 | weight: 12
5 | title: API Docs
6 | menu:
7 | docs:
8 | parent: operator
9 | weight: 12
10 | aliases:
11 | - /operator/api/
12 | - /operator/api/index.html
13 | - /operator/api.html
14 | tags:
15 | - kubernetes
16 | - logs
17 | - metrics
18 | ---
19 |
20 |
21 | ## Packages
22 | {{- range $groupVersions }}
23 | - {{ markdownRenderGVLink . }}
24 | {{- end }}
25 |
26 | {{ range $groupVersions }}
27 | {{ template "gvDetails" . }}
28 | {{ end }}
29 |
30 | {{- end -}}
31 |
--------------------------------------------------------------------------------
/docs/templates/api/members.tpl:
--------------------------------------------------------------------------------
1 | {{- define "type_members" -}}
2 | {{- $field := . -}}
3 | {{- if eq $field.Name "metadata" -}}
4 | Refer to Kubernetes API documentation for fields of `metadata`.
5 | {{- else -}}
6 | {{ markdownRenderFieldDoc $field.Doc }}
7 | {{- end -}}
8 | {{- end -}}
9 |
--------------------------------------------------------------------------------
/docs/templates/api/type.tpl:
--------------------------------------------------------------------------------
1 | {{- define "type" -}}
2 | {{- $type := . -}}
3 | {{- if markdownShouldRenderType $type -}}
4 |
5 | #### {{ $type.Name }}
6 |
7 | {{ if $type.IsAlias }}_Underlying type:_ _{{ markdownRenderTypeLink $type.UnderlyingType }}_{{ end }}
8 |
9 | {{ $type.Doc }}
10 |
11 | {{ if $type.Validation -}}
12 | _Validation:_
13 | {{- range $type.Validation }}
14 | - {{ . }}
15 | {{- end }}
16 | {{- end }}
17 |
18 | {{- if $type.References -}}
19 | Appears in: {{ range $i, $ref := $type.SortedReferences }}{{ if $i }}, {{ end }}{{ markdownRenderTypeLink $ref }}{{- end }}
20 | {{- end }}
21 |
22 | {{ if $type.Members -}}
23 | | Field | Description |
24 | | --- | --- |
25 | {{ if $type.GVK -}}
26 | | apiVersion
_string_ | (Required)
`{{ $type.GVK.Group }}/{{ $type.GVK.Version }}` |
27 | | kind
_string_ | (Required)
`{{ $type.GVK.Kind }}` |
28 | {{ end -}}
29 | {{- $members := default dict -}}
30 | {{- range $member := $type.Members -}}
31 | {{- $_ := set $members $member.Name $member }}
32 | {{- end -}}
33 | {{- $memberKeys := (keys $members | sortAlpha) -}}
34 | {{ range $memberKeys -}}
35 | {{- $member := index $members . -}}
36 | {{- $id := lower (printf "%s-%s" $type.Name $member.Name) -}}
37 | | {{ $member.Name }}#
_{{ markdownRenderType $member.Type }}_ | {{ if $member.Markers.optional }}_(Optional)_
{{else}}_(Required)_
{{ end }}{{ template "type_members" $member }} |
38 | {{ end -}}
39 |
40 | {{- end -}}
41 | {{- end -}}
42 | {{- end -}}
43 |
--------------------------------------------------------------------------------
/docs/vars.md:
--------------------------------------------------------------------------------
1 | ---
2 | weight: 11
3 | title: Variables
4 | menu: false
5 | aliases:
6 | - /operator/vars/
7 | - /operator/vars/index.html
8 | - /operator/vars.html
9 | ---
10 |
11 | The page is deprecated. The content has been moved to [operator/configuration/#environment-variables](https://docs.victoriametrics.com/operator/configuration/#environment-variables).
12 |
--------------------------------------------------------------------------------
/hack/boilerplate.go.txt:
--------------------------------------------------------------------------------
1 | /*
2 |
3 |
4 | Licensed under the Apache License, Version 2.0 (the "License");
5 | you may not use this file except in compliance with the License.
6 | You may obtain a copy of the License at
7 |
8 | http://www.apache.org/licenses/LICENSE-2.0
9 |
10 | Unless required by applicable law or agreed to in writing, software
11 | distributed under the License is distributed on an "AS IS" BASIS,
12 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 | See the License for the specific language governing permissions and
14 | limitations under the License.
15 | */
--------------------------------------------------------------------------------
/internal/.DS_Store:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/VictoriaMetrics/operator/61a2bd7b15daf87ccfaca9378dd04a865acb81bb/internal/.DS_Store
--------------------------------------------------------------------------------
/internal/controller/operator/factory/build/build.go:
--------------------------------------------------------------------------------
1 | package build
2 |
3 | import (
4 | "fmt"
5 |
6 | vmv1beta1 "github.com/VictoriaMetrics/operator/api/operator/v1beta1"
7 | metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
8 | "sigs.k8s.io/controller-runtime/pkg/client"
9 | )
10 |
11 | // MustSkipRuntimeValidation defines whether runtime object validation must be skipped
12 | // the most usual case for it, if webhook validation is configured
13 | var MustSkipRuntimeValidation bool
14 |
15 | // SetSkipRuntimeValidation configures MustSkipRuntimeValidation param
16 | func SetSkipRuntimeValidation(mustSkip bool) {
17 | MustSkipRuntimeValidation = mustSkip
18 | }
19 |
20 | type builderOpts interface {
21 | client.Object
22 | PrefixedName() string
23 | AnnotationsFiltered() map[string]string
24 | AllLabels() map[string]string
25 | SelectorLabels() map[string]string
26 | AsOwner() []metav1.OwnerReference
27 | GetNamespace() string
28 | GetAdditionalService() *vmv1beta1.AdditionalServiceSpec
29 | }
30 |
31 | // PodDNSAddress formats pod dns address with optional domain name
32 | func PodDNSAddress(baseName string, podIndex int32, namespace string, portName string, domain string) string {
33 | // The default DNS search path is .svc.
34 | if domain == "" {
35 | return fmt.Sprintf("%s-%d.%s.%s:%s,", baseName, podIndex, baseName, namespace, portName)
36 | }
37 | return fmt.Sprintf("%s-%d.%s.%s.svc.%s:%s,", baseName, podIndex, baseName, namespace, domain, portName)
38 | }
39 |
--------------------------------------------------------------------------------
/internal/controller/operator/factory/build/daemonset.go:
--------------------------------------------------------------------------------
1 | package build
2 |
3 | import (
4 | vmv1beta1 "github.com/VictoriaMetrics/operator/api/operator/v1beta1"
5 |
6 | appsv1 "k8s.io/api/apps/v1"
7 | "k8s.io/utils/ptr"
8 | )
9 |
10 | // DeploymentAddCommonParams adds common params for all deployments
11 | func DaemonSetAddCommonParams(dst *appsv1.DaemonSet, useStrictSecurity bool, params *vmv1beta1.CommonApplicationDeploymentParams) {
12 | dst.Spec.Template.Spec.Affinity = params.Affinity
13 | dst.Spec.Template.Spec.Tolerations = params.Tolerations
14 | dst.Spec.Template.Spec.SchedulerName = params.SchedulerName
15 | dst.Spec.Template.Spec.RuntimeClassName = params.RuntimeClassName
16 | dst.Spec.Template.Spec.HostAliases = params.HostAliases
17 | if len(params.HostAliasesUnderScore) > 0 {
18 | dst.Spec.Template.Spec.HostAliases = params.HostAliasesUnderScore
19 | }
20 | dst.Spec.Template.Spec.PriorityClassName = params.PriorityClassName
21 | dst.Spec.Template.Spec.HostNetwork = params.HostNetwork
22 | dst.Spec.Template.Spec.DNSPolicy = params.DNSPolicy
23 | dst.Spec.Template.Spec.DNSConfig = params.DNSConfig
24 | dst.Spec.Template.Spec.NodeSelector = params.NodeSelector
25 | dst.Spec.Template.Spec.SecurityContext = AddStrictSecuritySettingsToPod(params.SecurityContext, useStrictSecurity)
26 | dst.Spec.Template.Spec.TerminationGracePeriodSeconds = params.TerminationGracePeriodSeconds
27 | dst.Spec.Template.Spec.TopologySpreadConstraints = params.TopologySpreadConstraints
28 | dst.Spec.Template.Spec.ImagePullSecrets = params.ImagePullSecrets
29 | dst.Spec.Template.Spec.TerminationGracePeriodSeconds = params.TerminationGracePeriodSeconds
30 | dst.Spec.Template.Spec.ReadinessGates = params.ReadinessGates
31 | dst.Spec.MinReadySeconds = params.MinReadySeconds
32 | dst.Spec.RevisionHistoryLimit = params.RevisionHistoryLimitCount
33 | if params.DisableAutomountServiceAccountToken {
34 | dst.Spec.Template.Spec.AutomountServiceAccountToken = ptr.To(false)
35 | }
36 | }
37 |
--------------------------------------------------------------------------------
/internal/controller/operator/factory/build/deployment.go:
--------------------------------------------------------------------------------
1 | package build
2 |
3 | import (
4 | vmv1beta1 "github.com/VictoriaMetrics/operator/api/operator/v1beta1"
5 |
6 | appsv1 "k8s.io/api/apps/v1"
7 | "k8s.io/utils/ptr"
8 | )
9 |
10 | // DeploymentAddCommonParams adds common params for all deployments
11 | func DeploymentAddCommonParams(dst *appsv1.Deployment, useStrictSecurity bool, params *vmv1beta1.CommonApplicationDeploymentParams) {
12 | dst.Spec.Template.Spec.Affinity = params.Affinity
13 | dst.Spec.Template.Spec.Tolerations = params.Tolerations
14 | dst.Spec.Template.Spec.SchedulerName = params.SchedulerName
15 | dst.Spec.Template.Spec.RuntimeClassName = params.RuntimeClassName
16 | dst.Spec.Template.Spec.HostAliases = params.HostAliases
17 | if len(params.HostAliasesUnderScore) > 0 {
18 | dst.Spec.Template.Spec.HostAliases = params.HostAliasesUnderScore
19 | }
20 | dst.Spec.Template.Spec.PriorityClassName = params.PriorityClassName
21 | dst.Spec.Template.Spec.HostNetwork = params.HostNetwork
22 | dst.Spec.Template.Spec.DNSPolicy = params.DNSPolicy
23 | dst.Spec.Template.Spec.DNSConfig = params.DNSConfig
24 | dst.Spec.Template.Spec.NodeSelector = params.NodeSelector
25 | dst.Spec.Template.Spec.SecurityContext = AddStrictSecuritySettingsToPod(params.SecurityContext, useStrictSecurity)
26 | dst.Spec.Template.Spec.TerminationGracePeriodSeconds = params.TerminationGracePeriodSeconds
27 | dst.Spec.Template.Spec.TopologySpreadConstraints = params.TopologySpreadConstraints
28 | dst.Spec.Template.Spec.ImagePullSecrets = params.ImagePullSecrets
29 | dst.Spec.Template.Spec.TerminationGracePeriodSeconds = params.TerminationGracePeriodSeconds
30 | dst.Spec.Template.Spec.ReadinessGates = params.ReadinessGates
31 | dst.Spec.MinReadySeconds = params.MinReadySeconds
32 | dst.Spec.Replicas = params.ReplicaCount
33 | dst.Spec.RevisionHistoryLimit = params.RevisionHistoryLimitCount
34 | if params.DisableAutomountServiceAccountToken {
35 | dst.Spec.Template.Spec.AutomountServiceAccountToken = ptr.To(false)
36 | }
37 | }
38 |
--------------------------------------------------------------------------------
/internal/controller/operator/factory/build/hpa.go:
--------------------------------------------------------------------------------
1 | package build
2 |
3 | import (
4 | autoscalingv2 "k8s.io/api/autoscaling/v2"
5 | metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
6 |
7 | vmv1beta1 "github.com/VictoriaMetrics/operator/api/operator/v1beta1"
8 | )
9 |
10 | // HPA creates HorizontalPodAutoscaler object
11 | func HPA(opts builderOpts, targetRef autoscalingv2.CrossVersionObjectReference, spec *vmv1beta1.EmbeddedHPA) *autoscalingv2.HorizontalPodAutoscaler {
12 | return &autoscalingv2.HorizontalPodAutoscaler{
13 | ObjectMeta: metav1.ObjectMeta{
14 | Name: targetRef.Name,
15 | Namespace: opts.GetNamespace(),
16 | Annotations: opts.AnnotationsFiltered(),
17 | Labels: opts.AllLabels(),
18 | OwnerReferences: opts.AsOwner(),
19 | },
20 | Spec: autoscalingv2.HorizontalPodAutoscalerSpec{
21 | MaxReplicas: spec.MaxReplicas,
22 | MinReplicas: spec.MinReplicas,
23 | ScaleTargetRef: targetRef,
24 | Metrics: spec.Metrics,
25 | Behavior: spec.Behaviour,
26 | },
27 | }
28 | }
29 |
--------------------------------------------------------------------------------
/internal/controller/operator/factory/build/hpa_test.go:
--------------------------------------------------------------------------------
1 | package build
2 |
3 | // TODO create test for HPA
4 |
--------------------------------------------------------------------------------
/internal/controller/operator/factory/build/pdb.go:
--------------------------------------------------------------------------------
1 | package build
2 |
3 | import (
4 | policyv1 "k8s.io/api/policy/v1"
5 | metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
6 |
7 | vmv1beta1 "github.com/VictoriaMetrics/operator/api/operator/v1beta1"
8 | )
9 |
10 | // PodDisruptionBudget creates object for given CRD
11 | func PodDisruptionBudget(cr builderOpts, spec *vmv1beta1.EmbeddedPodDisruptionBudgetSpec) *policyv1.PodDisruptionBudget {
12 | return &policyv1.PodDisruptionBudget{
13 | ObjectMeta: metav1.ObjectMeta{
14 | Name: cr.PrefixedName(),
15 | Annotations: cr.AnnotationsFiltered(),
16 | Labels: cr.AllLabels(),
17 | OwnerReferences: cr.AsOwner(),
18 | Namespace: cr.GetNamespace(),
19 | },
20 | Spec: policyv1.PodDisruptionBudgetSpec{
21 | MinAvailable: spec.MinAvailable,
22 | MaxUnavailable: spec.MaxUnavailable,
23 | Selector: &metav1.LabelSelector{
24 | MatchLabels: spec.SelectorLabelsWithDefaults(cr.SelectorLabels()),
25 | },
26 | },
27 | }
28 | }
29 |
--------------------------------------------------------------------------------
/internal/controller/operator/factory/build/pdb_test.go:
--------------------------------------------------------------------------------
1 | package build
2 |
3 | // TODO create test for pdb
4 |
--------------------------------------------------------------------------------
/internal/controller/operator/factory/build/service_account_test.go:
--------------------------------------------------------------------------------
1 | package build
2 |
3 | // TODO create test for ServiceAccount
4 |
--------------------------------------------------------------------------------
/internal/controller/operator/factory/build/statefulset.go:
--------------------------------------------------------------------------------
1 | package build
2 |
3 | import (
4 | vmv1beta1 "github.com/VictoriaMetrics/operator/api/operator/v1beta1"
5 |
6 | appsv1 "k8s.io/api/apps/v1"
7 | "k8s.io/utils/ptr"
8 | )
9 |
10 | // StatefulSetAddCommonParams adds common params to given statefulset
11 | func StatefulSetAddCommonParams(dst *appsv1.StatefulSet, useStrictSecurity bool, params *vmv1beta1.CommonApplicationDeploymentParams) {
12 | dst.Spec.Template.Spec.Affinity = params.Affinity
13 | dst.Spec.Template.Spec.Tolerations = params.Tolerations
14 | dst.Spec.Template.Spec.SchedulerName = params.SchedulerName
15 | dst.Spec.Template.Spec.RuntimeClassName = params.RuntimeClassName
16 | dst.Spec.Template.Spec.HostAliases = params.HostAliases
17 | if len(params.HostAliasesUnderScore) > 0 {
18 | dst.Spec.Template.Spec.HostAliases = params.HostAliasesUnderScore
19 | }
20 | dst.Spec.Template.Spec.PriorityClassName = params.PriorityClassName
21 | dst.Spec.Template.Spec.HostNetwork = params.HostNetwork
22 | dst.Spec.Template.Spec.DNSPolicy = params.DNSPolicy
23 | dst.Spec.Template.Spec.DNSConfig = params.DNSConfig
24 | dst.Spec.Template.Spec.NodeSelector = params.NodeSelector
25 | dst.Spec.Template.Spec.SecurityContext = AddStrictSecuritySettingsToPod(params.SecurityContext, useStrictSecurity)
26 | dst.Spec.Template.Spec.TerminationGracePeriodSeconds = params.TerminationGracePeriodSeconds
27 | dst.Spec.Template.Spec.TopologySpreadConstraints = params.TopologySpreadConstraints
28 | dst.Spec.Template.Spec.ImagePullSecrets = params.ImagePullSecrets
29 | dst.Spec.Template.Spec.TerminationGracePeriodSeconds = params.TerminationGracePeriodSeconds
30 | dst.Spec.Template.Spec.ReadinessGates = params.ReadinessGates
31 | dst.Spec.MinReadySeconds = params.MinReadySeconds
32 | dst.Spec.Replicas = params.ReplicaCount
33 | dst.Spec.RevisionHistoryLimit = params.RevisionHistoryLimitCount
34 | if params.DisableAutomountServiceAccountToken {
35 | dst.Spec.Template.Spec.AutomountServiceAccountToken = ptr.To(false)
36 | }
37 | }
38 |
--------------------------------------------------------------------------------
/internal/controller/operator/factory/finalize/vlogs.go:
--------------------------------------------------------------------------------
1 | package finalize
2 |
3 | import (
4 | "context"
5 |
6 | vmv1beta1 "github.com/VictoriaMetrics/operator/api/operator/v1beta1"
7 | appsv1 "k8s.io/api/apps/v1"
8 | corev1 "k8s.io/api/core/v1"
9 | "sigs.k8s.io/controller-runtime/pkg/client"
10 | )
11 |
12 | // OnVLogsDelete deletes all vlogs related resources
13 | func OnVLogsDelete(ctx context.Context, rclient client.Client, crd *vmv1beta1.VLogs) error {
14 | // check deployment
15 | if err := removeFinalizeObjByName(ctx, rclient, &appsv1.Deployment{}, crd.PrefixedName(), crd.Namespace); err != nil {
16 | return err
17 | }
18 | // check service
19 | if err := removeFinalizeObjByName(ctx, rclient, &corev1.Service{}, crd.PrefixedName(), crd.Namespace); err != nil {
20 | return err
21 | }
22 | if crd.Spec.Storage != nil {
23 | if err := removeFinalizeObjByNameWithOwnerReference(ctx, rclient, &corev1.PersistentVolumeClaim{}, crd.PrefixedName(), crd.Namespace, crd.Spec.RemovePvcAfterDelete); err != nil {
24 | return err
25 | }
26 | }
27 | if crd.Spec.ServiceSpec != nil {
28 | if err := removeFinalizeObjByName(ctx, rclient, &corev1.Service{}, crd.Spec.ServiceSpec.NameOrDefault(crd.PrefixedName()), crd.Namespace); err != nil {
29 | return err
30 | }
31 | }
32 | if err := deleteSA(ctx, rclient, crd); err != nil {
33 | return err
34 | }
35 |
36 | return removeFinalizeObjByName(ctx, rclient, crd, crd.Name, crd.Namespace)
37 | }
38 |
--------------------------------------------------------------------------------
/internal/controller/operator/factory/finalize/vlsingle.go:
--------------------------------------------------------------------------------
1 | package finalize
2 |
3 | import (
4 | "context"
5 |
6 | vmv1 "github.com/VictoriaMetrics/operator/api/operator/v1"
7 | appsv1 "k8s.io/api/apps/v1"
8 | corev1 "k8s.io/api/core/v1"
9 | "sigs.k8s.io/controller-runtime/pkg/client"
10 | )
11 |
12 | // OnVLSingleDelete deletes all vlogs related resources
13 | func OnVLSingleDelete(ctx context.Context, rclient client.Client, crd *vmv1.VLSingle) error {
14 | // check deployment
15 | if err := removeFinalizeObjByName(ctx, rclient, &appsv1.Deployment{}, crd.PrefixedName(), crd.Namespace); err != nil {
16 | return err
17 | }
18 | // check service
19 | if err := removeFinalizeObjByName(ctx, rclient, &corev1.Service{}, crd.PrefixedName(), crd.Namespace); err != nil {
20 | return err
21 | }
22 | if crd.Spec.Storage != nil {
23 | if err := removeFinalizeObjByName(ctx, rclient, &corev1.PersistentVolumeClaim{}, crd.PrefixedName(), crd.Namespace); err != nil {
24 | return err
25 | }
26 | }
27 | if crd.Spec.ServiceSpec != nil {
28 | if err := removeFinalizeObjByName(ctx, rclient, &corev1.Service{}, crd.Spec.ServiceSpec.NameOrDefault(crd.PrefixedName()), crd.Namespace); err != nil {
29 | return err
30 | }
31 | }
32 | if err := deleteSA(ctx, rclient, crd); err != nil {
33 | return err
34 | }
35 |
36 | return removeFinalizeObjByName(ctx, rclient, crd, crd.Name, crd.Namespace)
37 | }
38 |
--------------------------------------------------------------------------------
/internal/controller/operator/factory/finalize/vmalertmanager.go:
--------------------------------------------------------------------------------
1 | package finalize
2 |
3 | import (
4 | "context"
5 |
6 | vmv1beta1 "github.com/VictoriaMetrics/operator/api/operator/v1beta1"
7 | appsv1 "k8s.io/api/apps/v1"
8 | corev1 "k8s.io/api/core/v1"
9 | "sigs.k8s.io/controller-runtime/pkg/client"
10 | )
11 |
12 | // OnVMAlertManagerDelete deletes all alertmanager related resources
13 | func OnVMAlertManagerDelete(ctx context.Context, rclient client.Client, crd *vmv1beta1.VMAlertmanager) error {
14 | // check deployment
15 | if err := removeFinalizeObjByName(ctx, rclient, &appsv1.StatefulSet{}, crd.PrefixedName(), crd.Namespace); err != nil {
16 | return err
17 | }
18 | // check service
19 | if err := removeFinalizeObjByName(ctx, rclient, &corev1.Service{}, crd.PrefixedName(), crd.Namespace); err != nil {
20 | return err
21 | }
22 | if crd.Spec.ServiceSpec != nil {
23 | if err := removeFinalizeObjByName(ctx, rclient, &corev1.Service{}, crd.Spec.ServiceSpec.NameOrDefault(crd.PrefixedName()), crd.Namespace); err != nil {
24 | return err
25 | }
26 | }
27 |
28 | // check config secret finalizer.
29 | if err := removeFinalizeObjByName(ctx, rclient, &corev1.Secret{}, crd.ConfigSecretName(), crd.Namespace); err != nil {
30 | return err
31 | }
32 | if len(crd.Spec.ConfigSecret) > 0 {
33 | // execute it for backward-compatibility
34 | if err := removeFinalizeObjByName(ctx, rclient, &corev1.Secret{}, crd.Spec.ConfigSecret, crd.Namespace); err != nil {
35 | return err
36 | }
37 | }
38 |
39 | // check PDB
40 | if crd.Spec.PodDisruptionBudget != nil {
41 | if err := finalizePBD(ctx, rclient, crd); err != nil {
42 | return err
43 | }
44 | }
45 |
46 | if err := deleteSA(ctx, rclient, crd); err != nil {
47 | return err
48 | }
49 | if err := removeConfigReloaderRole(ctx, rclient, crd); err != nil {
50 | return err
51 | }
52 |
53 | return removeFinalizeObjByName(ctx, rclient, crd, crd.Name, crd.Namespace)
54 | }
55 |
--------------------------------------------------------------------------------
/internal/controller/operator/factory/finalize/vmsingle.go:
--------------------------------------------------------------------------------
1 | package finalize
2 |
3 | import (
4 | "context"
5 |
6 | vmv1beta1 "github.com/VictoriaMetrics/operator/api/operator/v1beta1"
7 | appsv1 "k8s.io/api/apps/v1"
8 | corev1 "k8s.io/api/core/v1"
9 | "sigs.k8s.io/controller-runtime/pkg/client"
10 | )
11 |
12 | // OnVMSingleDelete deletes all vmsingle related resources
13 | func OnVMSingleDelete(ctx context.Context, rclient client.Client, crd *vmv1beta1.VMSingle) error {
14 | // check deployment
15 | if err := removeFinalizeObjByName(ctx, rclient, &appsv1.Deployment{}, crd.PrefixedName(), crd.Namespace); err != nil {
16 | return err
17 | }
18 | // check service
19 | if err := removeFinalizeObjByName(ctx, rclient, &corev1.Service{}, crd.PrefixedName(), crd.Namespace); err != nil {
20 | return err
21 | }
22 | if crd.Spec.Storage != nil {
23 | if err := removeFinalizeObjByNameWithOwnerReference(ctx, rclient, &corev1.PersistentVolumeClaim{}, crd.PrefixedName(), crd.Namespace, crd.Spec.RemovePvcAfterDelete); err != nil {
24 | return err
25 | }
26 | }
27 | if crd.Spec.ServiceSpec != nil {
28 | if err := removeFinalizeObjByName(ctx, rclient, &corev1.Service{}, crd.Spec.ServiceSpec.NameOrDefault(crd.PrefixedName()), crd.Namespace); err != nil {
29 | return err
30 | }
31 | }
32 | if err := removeFinalizeObjByName(ctx, rclient, &corev1.ConfigMap{}, crd.StreamAggrConfigName(), crd.Namespace); err != nil {
33 | return err
34 | }
35 | if err := deleteSA(ctx, rclient, crd); err != nil {
36 | return err
37 | }
38 |
39 | return removeFinalizeObjByName(ctx, rclient, crd, crd.Name, crd.Namespace)
40 | }
41 |
--------------------------------------------------------------------------------
/internal/controller/operator/factory/finalize/vmuser.go:
--------------------------------------------------------------------------------
1 | package finalize
2 |
3 | import (
4 | "context"
5 |
6 | "github.com/VictoriaMetrics/operator/api/operator/v1beta1"
7 | corev1 "k8s.io/api/core/v1"
8 | "sigs.k8s.io/controller-runtime/pkg/client"
9 | )
10 |
11 | // OnVMUserDelete deletes all vmuser related resources
12 | func OnVMUserDelete(ctx context.Context, rclient client.Client, crd *v1beta1.VMUser) error {
13 | if err := removeFinalizeObjByName(ctx, rclient, &corev1.Secret{}, crd.SecretName(), crd.Namespace); err != nil {
14 | return err
15 | }
16 |
17 | if err := removeFinalizeObjByName(ctx, rclient, crd, crd.Name, crd.Namespace); err != nil {
18 | return err
19 | }
20 | return nil
21 | }
22 |
--------------------------------------------------------------------------------
/internal/controller/operator/factory/k8stools/placeholders.go:
--------------------------------------------------------------------------------
1 | package k8stools
2 |
3 | import (
4 | "encoding/json"
5 | "fmt"
6 | "strings"
7 | )
8 |
9 | // RenderPlaceholders replaces placeholders at resource with given values
10 | // placeholder must be in %NAME% format
11 | // resource must be reference to json serializable struct
12 | func RenderPlaceholders[T any](resource *T, placeholders map[string]string) (*T, error) {
13 | if resource == nil || len(placeholders) == 0 {
14 | return resource, nil
15 | }
16 |
17 | data, err := json.Marshal(resource)
18 | if err != nil {
19 | return nil, fmt.Errorf("failed to marshal resource for filling placeholders: %w", err)
20 | }
21 |
22 | strData := string(data)
23 | for p, value := range placeholders {
24 | if !strings.HasPrefix(p, "%") || !strings.HasSuffix(p, "%") {
25 | return nil, fmt.Errorf("incorrect placeholder name format: '%v', placeholder must be in '%%NAME%%' format", p)
26 | }
27 | strData = strings.ReplaceAll(strData, p, value)
28 | }
29 |
30 | var result *T
31 | err = json.Unmarshal([]byte(strData), &result)
32 | if err != nil {
33 | return nil, fmt.Errorf("failed to unmarshal resource after filling placeholders: %w", err)
34 | }
35 |
36 | return result, nil
37 | }
38 |
--------------------------------------------------------------------------------
/internal/controller/operator/factory/k8stools/version.go:
--------------------------------------------------------------------------------
1 | package k8stools
2 |
3 | import (
4 | "fmt"
5 | "strconv"
6 | "strings"
7 |
8 | "k8s.io/apimachinery/pkg/version"
9 | )
10 |
11 | var (
12 | // ServerMajorVersion defines major number for current kubernetes API server version
13 | ServerMajorVersion uint64
14 | // ServerMinorVersion defines minor number for current kubernetes API server version
15 | ServerMinorVersion uint64
16 | )
17 |
18 | // SetKubernetesVersionWithDefaults parses kubernetes version response with given default versions
19 | func SetKubernetesVersionWithDefaults(vi *version.Info, defaultMinor, defaultMajor uint64) error {
20 | var warnMessage string
21 | minor := strings.Trim(vi.Minor, "+")
22 | v, err := strconv.ParseUint(minor, 10, 64)
23 | if err != nil {
24 | v = defaultMinor
25 | warnMessage = fmt.Sprintf("cannot parse minor kubernetes version response: %s, err: %s, using default: %d\n", vi.Minor, err, defaultMinor)
26 | }
27 | ServerMinorVersion = v
28 | major := strings.Trim(vi.Major, "+")
29 | v, err = strconv.ParseUint(major, 10, 64)
30 | if err != nil {
31 | v = defaultMajor
32 | warnMessage += fmt.Sprintf("cannot parse major kubernetes version response: %s, err: %s, using default: %d\n", vi.Major, err, defaultMajor)
33 | }
34 | ServerMajorVersion = v
35 | if len(warnMessage) > 0 {
36 | return fmt.Errorf("%s", warnMessage)
37 | }
38 | return nil
39 | }
40 |
41 | // IsFSGroupChangePolicySupported checks if `fsGroupChangePolicy` is supported,
42 | // Supported since 1.20
43 | // https://kubernetes.io/blog/2020/12/14/kubernetes-release-1.20-fsgroupchangepolicy-fsgrouppolicy/#allow-users-to-skip-recursive-permission-changes-on-mount
44 | func IsFSGroupChangePolicySupported() bool {
45 | if ServerMajorVersion == 1 && ServerMinorVersion >= 20 {
46 | return true
47 | }
48 | return false
49 | }
50 |
--------------------------------------------------------------------------------
/internal/controller/operator/factory/k8stools/version_test.go:
--------------------------------------------------------------------------------
1 | package k8stools
2 |
--------------------------------------------------------------------------------
/internal/controller/operator/factory/limiter/limiter.go:
--------------------------------------------------------------------------------
1 | package limiter
2 |
3 | import (
4 | "sync"
5 | "time"
6 |
7 | "github.com/prometheus/client_golang/prometheus"
8 | "sigs.k8s.io/controller-runtime/pkg/metrics"
9 | )
10 |
11 | // RateLimiter limits reconcile callback calls
12 | type RateLimiter struct {
13 | mu sync.Mutex
14 | budget int64
15 | limit int64
16 | deadline time.Time
17 | throttled prometheus.Counter
18 | }
19 |
20 | // NewRateLimiter returns limiter with limit per 2 seconds
21 | func NewRateLimiter(limiterName string, limit int64) *RateLimiter {
22 | collector := prometheus.NewCounter(prometheus.CounterOpts{
23 | Name: "operator_reconcile_throttled_events_total",
24 | Help: "number of throttled reconciliation events",
25 | ConstLabels: map[string]string{"controller": limiterName},
26 | })
27 | r := metrics.Registry
28 | r.MustRegister(collector)
29 | return &RateLimiter{
30 | limit: limit,
31 | throttled: collector,
32 | }
33 | }
34 |
35 | // MustThrottleReconcile registers reconcile event and checks if it must be throttled
36 | func (rt *RateLimiter) MustThrottleReconcile() bool {
37 | rt.mu.Lock()
38 | defer rt.mu.Unlock()
39 | if rt.budget <= 0 {
40 | if d := time.Until(rt.deadline); d > 0 {
41 | rt.throttled.Inc()
42 | return true
43 | }
44 | rt.deadline = time.Now().Add(time.Second * 2)
45 | rt.budget += rt.limit
46 | }
47 | rt.budget--
48 | return false
49 | }
50 |
--------------------------------------------------------------------------------
/internal/controller/operator/factory/reconcile/configmap.go:
--------------------------------------------------------------------------------
1 | package reconcile
2 |
3 | import (
4 | "context"
5 | "fmt"
6 |
7 | corev1 "k8s.io/api/core/v1"
8 | "k8s.io/apimachinery/pkg/api/equality"
9 | "k8s.io/apimachinery/pkg/api/errors"
10 | metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
11 | "k8s.io/apimachinery/pkg/types"
12 | "sigs.k8s.io/controller-runtime/pkg/client"
13 |
14 | vmv1beta1 "github.com/VictoriaMetrics/operator/api/operator/v1beta1"
15 | "github.com/VictoriaMetrics/operator/internal/controller/operator/factory/logger"
16 | )
17 |
18 | // ConfigMap reconciles configmap object
19 | func ConfigMap(ctx context.Context, rclient client.Client, newCM *corev1.ConfigMap, prevCMMEta *metav1.ObjectMeta) error {
20 | var currentCM corev1.ConfigMap
21 | if err := rclient.Get(ctx, types.NamespacedName{Namespace: newCM.Namespace, Name: newCM.Name}, ¤tCM); err != nil {
22 | if errors.IsNotFound(err) {
23 | logger.WithContext(ctx).Info(fmt.Sprintf("creating new ConfigMap %s", newCM.Name))
24 | return rclient.Create(ctx, newCM)
25 | }
26 | }
27 | var prevAnnotations map[string]string
28 | if prevCMMEta != nil {
29 | prevAnnotations = prevCMMEta.Annotations
30 | }
31 | if equality.Semantic.DeepEqual(newCM.Data, currentCM.Data) &&
32 | equality.Semantic.DeepEqual(newCM.Labels, currentCM.Labels) &&
33 | isAnnotationsEqual(currentCM.Annotations, newCM.Annotations, prevAnnotations) {
34 | return nil
35 | }
36 |
37 | vmv1beta1.AddFinalizer(newCM, ¤tCM)
38 | cloneSignificantMetadata(newCM, ¤tCM)
39 | newCM.Annotations = mergeAnnotations(currentCM.Annotations, newCM.Annotations, prevAnnotations)
40 |
41 | logger.WithContext(ctx).Info(fmt.Sprintf("updating ConfigMap %s configuration", newCM.Name))
42 |
43 | return rclient.Update(ctx, newCM)
44 | }
45 |
--------------------------------------------------------------------------------
/internal/controller/operator/factory/reconcile/secret.go:
--------------------------------------------------------------------------------
1 | package reconcile
2 |
3 | import (
4 | "context"
5 | "fmt"
6 |
7 | corev1 "k8s.io/api/core/v1"
8 | "k8s.io/apimachinery/pkg/api/equality"
9 | "k8s.io/apimachinery/pkg/api/errors"
10 | metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
11 | "k8s.io/apimachinery/pkg/types"
12 | "sigs.k8s.io/controller-runtime/pkg/client"
13 |
14 | "github.com/VictoriaMetrics/operator/internal/controller/operator/factory/finalize"
15 | "github.com/VictoriaMetrics/operator/internal/controller/operator/factory/logger"
16 | )
17 |
18 | // Secret reconciles secret object
19 | func Secret(ctx context.Context, rclient client.Client, newS *corev1.Secret, prevMeta *metav1.ObjectMeta) error {
20 | var currentS corev1.Secret
21 |
22 | if err := rclient.Get(ctx, types.NamespacedName{Namespace: newS.Namespace, Name: newS.Name}, ¤tS); err != nil {
23 | if errors.IsNotFound(err) {
24 | logger.WithContext(ctx).Info(fmt.Sprintf("creating new Secret %s", newS.Name))
25 | return rclient.Create(ctx, newS)
26 | }
27 | return err
28 | }
29 | if err := finalize.FreeIfNeeded(ctx, rclient, ¤tS); err != nil {
30 | return err
31 | }
32 | var prevAnnotations map[string]string
33 | if prevMeta != nil {
34 | prevAnnotations = prevMeta.Annotations
35 | }
36 |
37 | if equality.Semantic.DeepEqual(newS.Data, currentS.Data) &&
38 | equality.Semantic.DeepEqual(newS.Labels, currentS.Labels) &&
39 | isAnnotationsEqual(currentS.Annotations, newS.Annotations, prevAnnotations) {
40 | return nil
41 | }
42 |
43 | newS.Annotations = mergeAnnotations(currentS.Annotations, newS.Annotations, prevAnnotations)
44 | cloneSignificantMetadata(newS, ¤tS)
45 |
46 | logger.WithContext(ctx).Info(fmt.Sprintf("updating configuration Secret %s", newS.Name))
47 |
48 | return rclient.Update(ctx, newS)
49 | }
50 |
--------------------------------------------------------------------------------
/test/e2e/childobjects/suite_test.go:
--------------------------------------------------------------------------------
1 | package childobjects
2 |
3 | import (
4 | "fmt"
5 | "strings"
6 | "testing"
7 |
8 | . "github.com/onsi/ginkgo/v2"
9 | . "github.com/onsi/gomega"
10 | "sigs.k8s.io/controller-runtime/pkg/client"
11 |
12 | v1beta1vm "github.com/VictoriaMetrics/operator/api/operator/v1beta1"
13 | "github.com/VictoriaMetrics/operator/test/e2e/suite"
14 | )
15 |
16 | const eventualDeletionTimeout = 20
17 | const eventualReadyTimeout = 60
18 |
19 | func TestAPIs(t *testing.T) {
20 | RegisterFailHandler(Fail)
21 |
22 | RunSpecs(t, "e2e Controller Child objects")
23 | }
24 |
25 | var k8sClient client.Client
26 | var _ = SynchronizedBeforeSuite(
27 | func() {
28 | suite.InitOperatorProcess()
29 | },
30 | func() {
31 | k8sClient = suite.GetClient()
32 | })
33 |
34 | var _ = SynchronizedAfterSuite(
35 | func() {
36 | suite.StopClient()
37 | },
38 | func() {
39 | suite.ShutdownOperatorProcess()
40 | })
41 |
42 | func expectConditionOkFor(conds []v1beta1vm.Condition, typeCondtains string) error {
43 | for _, cond := range conds {
44 | if strings.Contains(cond.Type, typeCondtains) {
45 | if cond.Status == "True" {
46 | return nil
47 | }
48 | return fmt.Errorf("unexpected status=%q for type=%q with message=%q", cond.Status, cond.Type, cond.Message)
49 | }
50 | }
51 | return fmt.Errorf("expected condition not found")
52 | }
53 |
--------------------------------------------------------------------------------
/test/e2e/childobjects/vmscrapes_test.go:
--------------------------------------------------------------------------------
1 | package childobjects
2 |
3 | // TODO: @f41gh7 add tests
4 |
--------------------------------------------------------------------------------
/test/e2e/e2e_test.go:
--------------------------------------------------------------------------------
1 | /*
2 | Copyright 2024.
3 |
4 | Licensed under the Apache License, Version 2.0 (the "License");
5 | you may not use this file except in compliance with the License.
6 | You may obtain a copy of the License at
7 |
8 | http://www.apache.org/licenses/LICENSE-2.0
9 |
10 | Unless required by applicable law or agreed to in writing, software
11 | distributed under the License is distributed on an "AS IS" BASIS,
12 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 | See the License for the specific language governing permissions and
14 | limitations under the License.
15 | */
16 |
17 | package e2e
18 |
19 | import (
20 | "fmt"
21 | "testing"
22 | "time"
23 |
24 | . "github.com/onsi/ginkgo/v2"
25 | . "github.com/onsi/gomega"
26 | "sigs.k8s.io/controller-runtime/pkg/client"
27 |
28 | "github.com/VictoriaMetrics/operator/test/e2e/suite"
29 | )
30 |
31 | var (
32 | eventualDeploymentAppReadyTimeout = 60 * time.Second
33 | eventualStatefulsetAppReadyTimeout = 80 * time.Second
34 | eventualDeletionTimeout = 45 * time.Second
35 | eventualDeploymentPodTimeout = 12 * time.Second
36 | eventualExpandingTimeout = 12 * time.Second
37 | )
38 |
39 | // Run e2e tests using the Ginkgo runner.
40 | func TestE2E(t *testing.T) {
41 | RegisterFailHandler(Fail)
42 | fmt.Fprintf(GinkgoWriter, "Starting vm-operator suite\n")
43 | RunSpecs(t, "e2e suite")
44 | }
45 |
46 | var (
47 | _ = SynchronizedBeforeSuite(
48 | func() {
49 | suite.InitOperatorProcess()
50 | },
51 | func() {
52 | k8sClient = suite.GetClient()
53 | },
54 | )
55 |
56 | _ = SynchronizedAfterSuite(
57 | func() {
58 | suite.StopClient()
59 | },
60 | func() {
61 | suite.ShutdownOperatorProcess()
62 | },
63 | )
64 |
65 | //_ = AfterSuite()
66 |
67 | k8sClient client.Client
68 | )
69 |
--------------------------------------------------------------------------------
/test/e2e/suite/utils.go:
--------------------------------------------------------------------------------
1 | package suite
2 |
3 | import (
4 | "context"
5 | "encoding/json"
6 | "fmt"
7 | "strings"
8 |
9 | "k8s.io/apimachinery/pkg/types"
10 | "sigs.k8s.io/controller-runtime/pkg/client"
11 |
12 | operator "github.com/VictoriaMetrics/operator/api/operator/v1beta1"
13 | )
14 |
15 | // ExpectObjectStatus perform assert on given object status
16 | //
17 | //nolint:dupl,lll
18 | func ExpectObjectStatus(ctx context.Context,
19 | rclient client.Client,
20 | object client.Object,
21 | name types.NamespacedName,
22 | status operator.UpdateStatus) error {
23 | if err := rclient.Get(ctx, name, object); err != nil {
24 | return err
25 | }
26 | jsD, err := json.Marshal(object)
27 | if err != nil {
28 | return err
29 | }
30 | type objectStatus struct {
31 | Status struct {
32 | operator.StatusMetadata `json:",inline"`
33 | } `json:"status"`
34 | }
35 | var obs objectStatus
36 | if err := json.Unmarshal(jsD, &obs); err != nil {
37 | return err
38 | }
39 | if object.GetGeneration() > obs.Status.ObservedGeneration {
40 | return fmt.Errorf("expected generation: %d be greater than: %d", obs.Status.ObservedGeneration, object.GetGeneration())
41 | }
42 | if obs.Status.UpdateStatus != status {
43 | var conds []string
44 | for _, cond := range obs.Status.Conditions {
45 | conds = append(conds, fmt.Sprintf("type=%s,message=%q,generation=%d,status=%q", cond.Type, cond.Message, cond.ObservedGeneration, cond.Status))
46 | }
47 | return fmt.Errorf("not expected object status=%q, reason=%q,conditions=%s", obs.Status.UpdateStatus, obs.Status.Reason, strings.Join(conds, ","))
48 | }
49 |
50 | return nil
51 | }
52 |
--------------------------------------------------------------------------------
/test/e2e/watchnamespace/suite_test.go:
--------------------------------------------------------------------------------
1 | package watchnamespace
2 |
3 | import (
4 | "context"
5 | "os"
6 | "testing"
7 |
8 | "github.com/VictoriaMetrics/operator/internal/config"
9 | "github.com/VictoriaMetrics/operator/test/e2e/suite"
10 | . "github.com/onsi/ginkgo/v2"
11 | . "github.com/onsi/gomega"
12 | corev1 "k8s.io/api/core/v1"
13 | "k8s.io/apimachinery/pkg/api/errors"
14 | metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
15 | "sigs.k8s.io/controller-runtime/pkg/client"
16 | )
17 |
18 | // These tests use Ginkgo (BDD-style Go testing framework). Refer to
19 | // http://onsi.github.io/ginkgo/ to learn more about Ginkgo.
20 |
21 | const excludedNamespace = "test-excluded"
22 | const includedNamespace = "default"
23 |
24 | func TestAPIs(t *testing.T) {
25 | RegisterFailHandler(Fail)
26 |
27 | RunSpecs(t, "e2e Controller WATCH_NAMESPACE Suite")
28 | }
29 |
30 | var k8sClient client.Client
31 | var _ = SynchronizedBeforeSuite(
32 | func() {
33 | Expect(os.Setenv(config.WatchNamespaceEnvVar, "default")).NotTo(HaveOccurred())
34 | suite.InitOperatorProcess()
35 | },
36 | func() {
37 | k8sClient = suite.GetClient()
38 | testNamespace := corev1.Namespace{
39 | ObjectMeta: metav1.ObjectMeta{
40 | Name: excludedNamespace,
41 | },
42 | }
43 | err := k8sClient.Create(context.Background(), &testNamespace)
44 | Expect(err == nil || errors.IsAlreadyExists(err)).To(BeTrue(), "got unexpected namespace creation error: %v", err)
45 | })
46 |
47 | var _ = SynchronizedAfterSuite(
48 | func() {
49 | suite.StopClient()
50 | },
51 | func() {
52 | suite.ShutdownOperatorProcess()
53 | })
54 |
--------------------------------------------------------------------------------