Skip to content

monitoring values.yaml📜

flux.enabled📜

Type: bool

Default value
false

flux.namespace📜

Type: string

Default value
"flux-system"

networkPolicies.enabled📜

Type: bool

Default value
true

networkPolicies.additionalPolicies📜

Type: list

Default value
[]

networkPolicies.egress.from.kube-prometheus-stack-prometheus-operator.to.definition.kubeAPI📜

Type: bool

Default value
true

Description: The operator must be able to read Prometheus/Alertmanager CRs from the k8s API

networkPolicies.egress.from.kube-state-metrics.to.definition.kubeAPI📜

Type: bool

Default value
true

Description: Kube-state-metrics derives its metrics from the k8s API

networkPolicies.egress.from.prometheus.to.definition.kubeAPI📜

Type: bool

Default value
true

Description: Prometheus must be able to read ServiceMonitor and PodMonitor resources from the k8s API

networkPolicies.egress.from.prometheus.to.k8s.*📜

Type: bool

Default value
true

Description: Prometheus must be able to scrape any workload in the cluster

networkPolicies.egress.from.admission-create-job.podSelector.matchLabels.app📜

Type: string

Default value
"kube-prometheus-stack-admission-create"

networkPolicies.egress.from.admission-create-job.metadata.annotations.”helm.sh/hook”📜

Type: string

Default value
"pre-install,pre-upgrade"

networkPolicies.egress.from.admission-create-job.metadata.annotations.”helm.sh/hook-delete-policy”📜

Type: string

Default value
"before-hook-creation,hook-succeeded"

networkPolicies.egress.from.admission-create-job.to.k8s.istio-system/istiod:15012📜

Type: bool

Default value
true

Description: Since this is a pre-install/pre-upgrade job, the default istio egress netpol may not be in effect at the time it runs

networkPolicies.egress.from.admission-create-job.to.definition.kubeAPI📜

Type: bool

Default value
true

Description: The admission create job needs to be able to create the admission webhooks for prometheus CRDs so it needs access to the k8s API

networkPolicies.egress.from.alertmanager.to.cidr.”0.0.0.0/0”📜

Type: bool

Default value
false

Description: Alertmanager can be configured to integrate with many external alerting systems, so we define this policy but set it to false; set it to true if you need this connectivity

openshift📜

Type: bool

Default value
false

bbtests.enabled📜

Type: bool

Default value
false

bbtests.cypress.artifacts📜

Type: bool

Default value
true

bbtests.cypress.envs.cypress_prometheus_url📜

Type: string

Default value
"http://monitoring-kube-prometheus-prometheus:9090"

bbtests.cypress.envs.cypress_alertmanager_url📜

Type: string

Default value
"http://monitoring-kube-prometheus-alertmanager:9093"

istio.enabled📜

Type: bool

Default value
false

istio.hardened.enabled📜

Type: bool

Default value
false

istio.hardened.outboundTrafficPolicyMode📜

Type: string

Default value
"REGISTRY_ONLY"

istio.hardened.customServiceEntries📜

Type: list

Default value
[]

istio.hardened.customAuthorizationPolicies📜

Type: list

Default value
[]

istio.hardened.clusterWideHardenedEnabled📜

Type: bool

Default value
false

istio.hardened.tempo.enabled📜

Type: bool

Default value
false

istio.hardened.tempo.namespaces[0]📜

Type: string

Default value
"tempo"

istio.hardened.tempo.principals[0]📜

Type: string

Default value
"cluster.local/ns/tempo/sa/tempo-tempo"

istio.hardened.loki.enabled📜

Type: bool

Default value
false

istio.hardened.loki.namespaces[0]📜

Type: string

Default value
"logging"

istio.hardened.loki.principals[0]📜

Type: string

Default value
"cluster.local/ns/logging/sa/logging-loki"

istio.hardened.alloy.enabled📜

Type: bool

Default value
false

istio.hardened.alloy.namespaces[0]📜

Type: string

Default value
"alloy"

istio.hardened.alloy.principals[0]📜

Type: string

Default value
"cluster.local/ns/alloy/sa/alloy-alloy-metrics"

istio.namespace📜

Type: string

Default value
"istio-system"

istio.prometheus.enabled📜

Type: bool

Default value
true

istio.prometheus.annotations📜

Type: object

Default value
{}

istio.prometheus.labels📜

Type: object

Default value
{}

istio.prometheus.gateways[0]📜

Type: string

Default value
"istio-system/main"

istio.prometheus.hosts[0]📜

Type: string

Default value
"prometheus.{{ .Values.domain }}"

istio.prometheus.service📜

Type: string

Default value
""

istio.prometheus.port📜

Type: string

Default value
""

istio.prometheus.namespace📜

Type: string

Default value
""

istio.prometheusRule.IstioSidecarMemModerate📜

Type: bool

Default value
true

istio.prometheusRule.IstioSidecarMemHigh📜

Type: bool

Default value
true

istio.prometheusRule.IstioConfigValidationFailed📜

Type: bool

Default value
true

istio.prometheusRule.Istio5XXResponseCode📜

Type: bool

Default value
true

istio.prometheusRule.IstioSidecarEndpointError📜

Type: bool

Default value
true

istio.prometheusRule.IstioSidecarListenerConflict📜

Type: bool

Default value
true

istio.alertmanager.enabled📜

Type: bool

Default value
true

istio.alertmanager.annotations📜

Type: object

Default value
{}

istio.alertmanager.labels📜

Type: object

Default value
{}

istio.alertmanager.gateways[0]📜

Type: string

Default value
"istio-system/main"

istio.alertmanager.hosts[0]📜

Type: string

Default value
"alertmanager.{{ .Values.domain }}"

istio.alertmanager.service📜

Type: string

Default value
""

istio.alertmanager.port📜

Type: string

Default value
""

istio.alertmanager.namespace📜

Type: string

Default value
""

istio.injection📜

Type: string

Default value
"disabled"

istio.mtls.mode📜

Type: string

Default value
"STRICT"

istio.console.enabled📜

Type: bool

Default value
false

kiali.enabled📜

Type: bool

Default value
false

sso.enabled📜

Type: bool

Default value
false

sso.selector.key📜

Type: string

Default value
"protect"

sso.selector.value📜

Type: string

Default value
"keycloak"

tempo.enabled📜

Type: bool

Default value
false

cleanUpgrade.enabled📜

Type: bool

Default value
false

cleanUpgrade.image.registry📜

Type: string

Default value
"registry1.dso.mil"

cleanUpgrade.image.repository📜

Type: string

Default value
"ironbank/big-bang/base"

cleanUpgrade.image.tag📜

Type: string

Default value
"2.1.0"

cleanUpgrade.image.sha📜

Type: string

Default value
""

cleanUpgrade.image.imagePullSecrets[0].name📜

Type: string

Default value
"private-registry"

cleanUpgrade.resources.requests.memory📜

Type: string

Default value
"256Mi"

cleanUpgrade.resources.requests.cpu📜

Type: string

Default value
"100m"

cleanUpgrade.resources.limits.memory📜

Type: string

Default value
"256Mi"

cleanUpgrade.resources.limits.cpu📜

Type: string

Default value
"100m"

cleanUpgrade.securityContext.runAsUser📜

Type: int

Default value
1000

cleanUpgrade.securityContext.runAsGroup📜

Type: int

Default value
1000

cleanUpgrade.securityContext.runAsNonRoot📜

Type: bool

Default value
true

cleanUpgrade.securityContext.allowPrivilegeEscalation📜

Type: bool

Default value
false

cleanUpgrade.securityContext.readOnlyRootFilesystem📜

Type: bool

Default value
true

cleanUpgrade.securityContext.capabilities.drop[0]📜

Type: string

Default value
"ALL"

blackboxExporter.enabled📜

Type: bool

Default value
false

blackboxExporter.nameOverride📜

Type: string

Default value
"prometheus-blackbox-exporter"

blackboxExporter.global.imageRegistry📜

Type: string

Default value
"registry1.dso.mil"

blackboxExporter.restartPolicy📜

Type: string

Default value
"Always"

blackboxExporter.kind📜

Type: string

Default value
"Deployment"

blackboxExporter.automountServiceAccountToken📜

Type: bool

Default value
false

blackboxExporter.revisionHistoryLimit📜

Type: int

Default value
10

blackboxExporter.hostNetwork📜

Type: bool

Default value
false

blackboxExporter.strategy.rollingUpdate.maxSurge📜

Type: int

Default value
1

blackboxExporter.strategy.rollingUpdate.maxUnavailable📜

Type: int

Default value
0

blackboxExporter.strategy.type📜

Type: string

Default value
"RollingUpdate"

blackboxExporter.image.registry📜

Type: string

Default value
"registry1.dso.mil"

blackboxExporter.image.repository📜

Type: string

Default value
"ironbank/opensource/prometheus/blackbox_exporter"

blackboxExporter.image.tag📜

Type: string

Default value
"v0.26.0"

blackboxExporter.image.pullSecrets[0]📜

Type: string

Default value
"private-registry"

blackboxExporter.securityContext.runAsUser📜

Type: int

Default value
1000

blackboxExporter.securityContext.runAsGroup📜

Type: int

Default value
1000

blackboxExporter.securityContext.readOnlyRootFilesystem📜

Type: bool

Default value
true

blackboxExporter.securityContext.runAsNonRoot📜

Type: bool

Default value
true

blackboxExporter.securityContext.allowPrivilegeEscalation📜

Type: bool

Default value
false

blackboxExporter.securityContext.capabilities.drop[0]📜

Type: string

Default value
"ALL"

blackboxExporter.livenessProbe.httpGet.path📜

Type: string

Default value
"/-/healthy"

blackboxExporter.livenessProbe.httpGet.port📜

Type: string

Default value
"http"

blackboxExporter.livenessProbe.failureThreshold📜

Type: int

Default value
3

blackboxExporter.readinessProbe.httpGet.path📜

Type: string

Default value
"/-/healthy"

blackboxExporter.readinessProbe.httpGet.port📜

Type: string

Default value
"http"

blackboxExporter.configExistingSecretName📜

Type: string

Default value
""

blackboxExporter.secretConfig📜

Type: bool

Default value
false

blackboxExporter.config.modules.http_2xx.prober📜

Type: string

Default value
"http"

blackboxExporter.config.modules.http_2xx.timeout📜

Type: string

Default value
"5s"

blackboxExporter.config.modules.http_2xx.http.valid_http_versions[0]📜

Type: string

Default value
"HTTP/1.1"

blackboxExporter.config.modules.http_2xx.http.valid_http_versions[1]📜

Type: string

Default value
"HTTP/2.0"

blackboxExporter.config.modules.http_2xx.http.follow_redirects📜

Type: bool

Default value
true

blackboxExporter.config.modules.http_2xx.http.preferred_ip_protocol📜

Type: string

Default value
"ip4"

blackboxExporter.service.annotations📜

Type: object

Default value
{}

blackboxExporter.service.labels📜

Type: object

Default value
{}

blackboxExporter.service.type📜

Type: string

Default value
"ClusterIP"

blackboxExporter.service.port📜

Type: int

Default value
9115

blackboxExporter.service.ipDualStack.enabled📜

Type: bool

Default value
false

blackboxExporter.service.ipDualStack.ipFamilies[0]📜

Type: string

Default value
"IPv6"

blackboxExporter.service.ipDualStack.ipFamilies[1]📜

Type: string

Default value
"IPv4"

blackboxExporter.service.ipDualStack.ipFamilyPolicy📜

Type: string

Default value
"PreferDualStack"

blackboxExporter.containerPort📜

Type: int

Default value
9115

blackboxExporter.replicas📜

Type: int

Default value
1

blackboxExporter.serviceMonitor.selfMonitor.enabled📜

Type: bool

Default value
false

blackboxExporter.serviceMonitor.selfMonitor.additionalMetricsRelabels📜

Type: object

Default value
{}

blackboxExporter.serviceMonitor.selfMonitor.additionalRelabeling📜

Type: list

Default value
[]

blackboxExporter.serviceMonitor.selfMonitor.labels📜

Type: object

Default value
{}

blackboxExporter.serviceMonitor.selfMonitor.path📜

Type: string

Default value
"/metrics"

blackboxExporter.serviceMonitor.selfMonitor.scheme📜

Type: string

Default value
"http"

blackboxExporter.serviceMonitor.selfMonitor.tlsConfig📜

Type: object

Default value
{}

blackboxExporter.serviceMonitor.selfMonitor.interval📜

Type: string

Default value
"30s"

blackboxExporter.serviceMonitor.selfMonitor.scrapeTimeout📜

Type: string

Default value
"30s"

blackboxExporter.serviceMonitor.enabled📜

Type: bool

Default value
false

blackboxExporter.configReloader.enabled📜

Type: bool

Default value
false

blackboxExporter.configReloader.containerPort📜

Type: int

Default value
8080

blackboxExporter.configReloader.config.logFormat📜

Type: string

Default value
"logfmt"

blackboxExporter.configReloader.config.logLevel📜

Type: string

Default value
"info"

blackboxExporter.configReloader.config.watchInterval📜

Type: string

Default value
"1m"

blackboxExporter.configReloader.image.registry📜

Type: string

Default value
"registry1.dso.mil"

blackboxExporter.configReloader.image.repository📜

Type: string

Default value
"ironbank/opensource/prometheus-operator/prometheus-config-reloader"

blackboxExporter.configReloader.image.tag📜

Type: string

Default value
"v0.83.0"

blackboxExporter.configReloader.image.pullPolicy📜

Type: string

Default value
"IfNotPresent"

blackboxExporter.configReloader.image.digest📜

Type: string

Default value
""

blackboxExporter.configReloader.image.imagePullSecrets[0].name📜

Type: string

Default value
"private-registry"

blackboxExporter.configReloader.securityContext.runAsUser📜

Type: int

Default value
1000

blackboxExporter.configReloader.securityContext.runAsGroup📜

Type: int

Default value
1000

blackboxExporter.configReloader.securityContext.readOnlyRootFilesystem📜

Type: bool

Default value
true

blackboxExporter.configReloader.securityContext.runAsNonRoot📜

Type: bool

Default value
true

blackboxExporter.configReloader.securityContext.allowPrivilegeEscalation📜

Type: bool

Default value
false

blackboxExporter.configReloader.securityContext.capabilities.drop[0]📜

Type: string

Default value
"ALL"

blackboxExporter.configReloader.resources.limits.memory📜

Type: string

Default value
"50Mi"

blackboxExporter.configReloader.resources.requests.cpu📜

Type: string

Default value
"10m"

blackboxExporter.configReloader.resources.requests.memory📜

Type: string

Default value
"20Mi"

blackboxExporter.configReloader.service.port📜

Type: int

Default value
8080

blackboxExporter.configReloader.serviceMonitor.selfMonitor.additionalMetricsRelabels📜

Type: object

Default value
{}

blackboxExporter.configReloader.serviceMonitor.selfMonitor.additionalRelabeling📜

Type: list

Default value
[]

blackboxExporter.configReloader.serviceMonitor.selfMonitor.path📜

Type: string

Default value
"/metrics"

blackboxExporter.configReloader.serviceMonitor.selfMonitor.scheme📜

Type: string

Default value
"http"

blackboxExporter.configReloader.serviceMonitor.selfMonitor.tlsConfig📜

Type: object

Default value
{}

blackboxExporter.configReloader.serviceMonitor.selfMonitor.interval📜

Type: string

Default value
"30s"

blackboxExporter.configReloader.serviceMonitor.selfMonitor.scrapeTimeout📜

Type: string

Default value
"30s"

snmpExporter.enabled📜

Type: bool

Default value
false

snmpExporter.image.repository📜

Type: string

Default value
"registry1.dso.mil/ironbank/opensource/prometheus/snmp_exporter"

snmpExporter.image.tag📜

Type: string

Default value
"v0.29.0"

snmpExporter.image.imagePullSecrets[0].name📜

Type: string

Default value
"private-registry"

snmpExporter.configmapReload.image.repository📜

Type: string

Default value
"registry1.dso.mil/ironbank/opensource/prometheus-operator/prometheus-config-reloader"

snmpExporter.configmapReload.image.tag📜

Type: string

Default value
"v0.83.0"

snmpExporter.configmapReload.image.imagePullSecrets[0].name📜

Type: string

Default value
"private-registry"

snmpExporter.securityContext.runAsNonRoot📜

Type: bool

Default value
true

snmpExporter.securityContext.runAsUser📜

Type: int

Default value
1001

snmpExporter.securityContext.runAsGroup📜

Type: int

Default value
1001

snmpExporter.securityContext.fsGroup📜

Type: int

Default value
1001

snmpExporter.containerSecurityContext.runAsGroup📜

Type: int

Default value
1001

snmpExporter.containerSecurityContext.runAsNonRoot📜

Type: bool

Default value
true

snmpExporter.containerSecurityContext.runAsUser📜

Type: int

Default value
1001

snmpExporter.containerSecurityContext.capabilities.drop[0]📜

Type: string

Default value
"ALL"

snmpExporter.serviceMonitor.enabled📜

Type: bool

Default value
true