diff --git a/docs/operator/CHANGELOG.md b/docs/operator/CHANGELOG.md
index d333d3eac..439aee76f 100644
--- a/docs/operator/CHANGELOG.md
+++ b/docs/operator/CHANGELOG.md
@@ -11,6 +11,14 @@ aliases:
- /operator/changelog/index.html
---
+- [api](https://docs.victoriametrics.com/operator/api): adds new fields `useVMConfigReloader`, `configReloaderImageTag`, `configReloaderResources` to to the `VMagent`, `VMAlert`, `VMAuth`, and `VMAlertmanager`.
+- [api](https://docs.victoriametrics.com/operator/api): adds underscore version of `host_aliases` setting, which has priority over `hostAliases`.
+- [api](https://docs.victoriametrics.com/operator/api): adds `useDefaultResources` setting to the all applications. It has priority over global operator setting.
+- [api](https://docs.victoriametrics.com/operator/api): adds `clusterDomainName` to the `VMCluster` and `VMAlertmanager`. It defines optional suffix for in-cluster addresses.
+- [api](https://docs.victoriametrics.com/operator/api): adds `disableSelfServiceScrape` setting to the all applications. It has priority over global operator setting.
+- [api](https://docs.victoriametrics.com/operator/api): Extends applications `securityContext` and apply security configuration parameters to the containers.
+- [api](https://docs.victoriametrics.com/operator): deletes unused env variables: `VM_DEFAULTLABELS`, `VM_PODWAITREADYINITDELAY`. Adds new variable `VM_APPREADYTIMEOUT`.
+- [vmalert](https://docs.victoriametrics.com/operator/resources/vmalert/): adds missing `hostAliases` fields to spec. See [this](https://github.com/VictoriaMetrics/operator/issues/1099) issue for details.
- [operator](https://docs.victoriametrics.com/operator/): updates default vm apps version to v1.103.0
- [vmsingle/vlogs](https://docs.victoriametrics.com/operator/resources): makes better compatible with argo-cd by adding ownerReference to PersistentVolumeClaim. See this [issue](https://github.com/VictoriaMetrics/operator/issues/1091) for details.
- [operator](https://docs.victoriametrics.com/operator/): reduces reconcile latency. See this [commit](2a9d09d0131cc10a0f9e32f0e2e054687ada78f7) for details.
diff --git a/docs/operator/api.md b/docs/operator/api.md
index f96c5404f..f050db77b 100644
--- a/docs/operator/api.md
+++ b/docs/operator/api.md
@@ -42,7 +42,7 @@ Package v1beta1 contains API Schema definitions for the victoriametrics v1beta1
#### APIServerConfig
-
+_Underlying type:_ _[struct{Host string "json:\"host\""; BasicAuth *BasicAuth "json:\"basicAuth,omitempty\""; BearerToken string "json:\"bearerToken,omitempty\""; BearerTokenFile string "json:\"bearerTokenFile,omitempty\""; TLSConfig *TLSConfig "json:\"tlsConfig,omitempty\""; Authorization *Authorization "json:\"authorization,omitempty\""}](#struct{host-string-"json:\"host\"";-basicauth-*basicauth-"json:\"basicauth,omitempty\"";-bearertoken-string-"json:\"bearertoken,omitempty\"";-bearertokenfile-string-"json:\"bearertokenfile,omitempty\"";-tlsconfig-*tlsconfig-"json:\"tlsconfig,omitempty\"";-authorization-*authorization-"json:\"authorization,omitempty\""})_
APIServerConfig defines a host and auth methods to access apiserver.
@@ -51,19 +51,11 @@ APIServerConfig defines a host and auth methods to access apiserver.
_Appears in:_
- [VMAgentSpec](#vmagentspec)
-| Field | Description | Scheme | Required |
-| --- | --- | --- | --- |
-| `authorization` | | _[Authorization](#authorization)_ | false |
-| `basicAuth` | BasicAuth allow an endpoint to authenticate over basic authentication | _[BasicAuth](#basicauth)_ | false |
-| `bearerToken` | Bearer token for accessing apiserver. | _string_ | false |
-| `bearerTokenFile` | File to read bearer token for accessing apiserver. | _string_ | false |
-| `host` | Host of apiserver.
A valid string consisting of a hostname or IP followed by an optional port number | _string_ | true |
-| `tlsConfig` | TLSConfig Config to use for accessing apiserver. | _[TLSConfig](#tlsconfig)_ | false |
#### AdditionalServiceSpec
-
+_Underlying type:_ _[struct{UseAsDefault bool "json:\"useAsDefault,omitempty\""; EmbeddedObjectMetadata "json:\"metadata,omitempty\""; Spec k8s.io/api/core/v1.ServiceSpec "json:\"spec\""}](#struct{useasdefault-bool-"json:\"useasdefault,omitempty\"";-embeddedobjectmetadata-"json:\"metadata,omitempty\"";-spec-k8sioapicorev1servicespec-"json:\"spec\""})_
ServiceSpec defines additional service for CRD with user-defined params.
by default, some of fields can be inherited from default service definition for the CRD:
@@ -79,33 +71,10 @@ _Appears in:_
- [VMAlertSpec](#vmalertspec)
- [VMAlertmanagerSpec](#vmalertmanagerspec)
- [VMAuthSpec](#vmauthspec)
-- [VMInsert](#vminsert)
-- [VMSelect](#vmselect)
- [VMSingleSpec](#vmsinglespec)
-- [VMStorage](#vmstorage)
-
-| Field | Description | Scheme | Required |
-| --- | --- | --- | --- |
-| `metadata` | Refer to Kubernetes API documentation for fields of `metadata`. | _[EmbeddedObjectMetadata](#embeddedobjectmetadata)_ | false |
-| `spec` | ServiceSpec describes the attributes that a user creates on a service.
More info: https://kubernetes.io/docs/concepts/services-networking/service/ | _[ServiceSpec](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.30/#servicespec-v1-core)_ | true |
-| `useAsDefault` | UseAsDefault applies changes from given service definition to the main object Service
Changing from headless service to clusterIP or loadbalancer may break cross-component communication | _boolean_ | false |
-
-
-#### AlertmanagerGossipConfig
-AlertmanagerGossipConfig defines Gossip TLS configuration for alertmanager
-
-
-
-_Appears in:_
-- [VMAlertmanagerSpec](#vmalertmanagerspec)
-
-| Field | Description | Scheme | Required |
-| --- | --- | --- | --- |
-| `tls_client_config` | TLSClientConfig defines client TLS configuration for alertmanager | _[TLSClientConfig](#tlsclientconfig)_ | true |
-| `tls_server_config` | TLSServerConfig defines server TLS configuration for alertmanager | _[TLSServerConfig](#tlsserverconfig)_ | true |
#### AlertmanagerHTTPConfig
@@ -125,22 +94,6 @@ _Appears in:_
| `http2` | HTTP2 enables HTTP/2 support. Note that HTTP/2 is only supported with TLS.
This can not be changed on the fly. | _boolean_ | true |
-#### AlertmanagerWebConfig
-
-
-
-AlertmanagerWebConfig defines web server configuration for alertmanager
-
-
-
-_Appears in:_
-- [VMAlertmanagerSpec](#vmalertmanagerspec)
-
-| Field | Description | Scheme | Required |
-| --- | --- | --- | --- |
-| `basic_auth_users` | BasicAuthUsers Usernames and hashed passwords that have full access to the web server
Passwords must be hashed with bcrypt | _object (keys:string, values:string)_ | true |
-| `http_server_config` | HTTPServerConfig defines http server configuration for alertmanager web server | _[AlertmanagerHTTPConfig](#alertmanagerhttpconfig)_ | true |
-| `tls_server_config` | TLSServerConfig defines server TLS configuration for alertmanager | _[TLSServerConfig](#tlsserverconfig)_ | true |
#### ArbitraryFSAccessThroughSMsConfig
@@ -180,7 +133,6 @@ _Appears in:_
- [KubernetesSDConfig](#kubernetessdconfig)
- [PodMetricsEndpoint](#podmetricsendpoint)
- [VMPodScrapeSpec](#vmpodscrapespec)
-- [VMServiceScrapeSpec](#vmservicescrapespec)
| Field | Description | Scheme | Required |
| --- | --- | --- | --- |
@@ -196,7 +148,6 @@ Authorization configures generic authorization params
_Appears in:_
-- [APIServerConfig](#apiserverconfig)
- [ConsulSDConfig](#consulsdconfig)
- [DigitalOceanSDConfig](#digitaloceansdconfig)
- [Endpoint](#endpoint)
@@ -250,22 +201,15 @@ BasicAuth allow an endpoint to authenticate over basic authentication
_Appears in:_
-- [APIServerConfig](#apiserverconfig)
- [ConsulSDConfig](#consulsdconfig)
- [Endpoint](#endpoint)
- [EndpointAuth](#endpointauth)
-- [HTTPAuth](#httpauth)
- [HTTPConfig](#httpconfig)
- [HTTPSDConfig](#httpsdconfig)
- [KubernetesSDConfig](#kubernetessdconfig)
- [PodMetricsEndpoint](#podmetricsendpoint)
- [ProxyAuth](#proxyauth)
- [TargetEndpoint](#targetendpoint)
-- [VMAgentRemoteWriteSpec](#vmagentremotewritespec)
-- [VMAlertDatasourceSpec](#vmalertdatasourcespec)
-- [VMAlertNotifierSpec](#vmalertnotifierspec)
-- [VMAlertRemoteReadSpec](#vmalertremotereadspec)
-- [VMAlertRemoteWriteSpec](#vmalertremotewritespec)
- [VMNodeScrapeSpec](#vmnodescrapespec)
- [VMProbeSpec](#vmprobespec)
- [VMScrapeConfigSpec](#vmscrapeconfigspec)
@@ -277,25 +221,6 @@ _Appears in:_
| `username` | Username defines reference for secret with username value
The secret needs to be in the same namespace as scrape object | _[SecretKeySelector](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.30/#secretkeyselector-v1-core)_ | false |
-#### BearerAuth
-
-
-
-BearerAuth defines auth with bearer token
-
-
-
-_Appears in:_
-- [HTTPAuth](#httpauth)
-- [VMAlertDatasourceSpec](#vmalertdatasourcespec)
-- [VMAlertNotifierSpec](#vmalertnotifierspec)
-- [VMAlertRemoteReadSpec](#vmalertremotereadspec)
-- [VMAlertRemoteWriteSpec](#vmalertremotewritespec)
-
-| Field | Description | Scheme | Required |
-| --- | --- | --- | --- |
-| `bearerTokenFile` | Path to bearer token file | _string_ | false |
-| `bearerTokenSecret` | Optional bearer auth token to use for -remoteWrite.url | _[SecretKeySelector](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.30/#secretkeyselector-v1-core)_ | false |
@@ -338,21 +263,105 @@ _Appears in:_
| `key_secret_ref` | Key defines reference for secret with certificate key content under given key
mutually exclusive with KeyFile | _[SecretKeySelector](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.30/#secretkeyselector-v1-core)_ | true |
-#### ConfigMapKeyReference
+#### CommonApplicationDeploymentParams
-ConfigMapKeyReference refers to a key in a ConfigMap.
+CommonApplicationDeploymentParams defines common params
+for deployment and statefulset specifications
_Appears in:_
+- [VLogsSpec](#vlogsspec)
+- [VMAgentSpec](#vmagentspec)
+- [VMAlertSpec](#vmalertspec)
- [VMAlertmanagerSpec](#vmalertmanagerspec)
+- [VMAuthSpec](#vmauthspec)
+- [VMSingleSpec](#vmsinglespec)
| Field | Description | Scheme | Required |
| --- | --- | --- | --- |
-| `key` | The ConfigMap key to refer to. | _string_ | true |
-| `name` | Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
TODO: Add other useful fields. apiVersion, kind, uid?
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. | _string_ | false |
+| `affinity` | Affinity If specified, the pod's scheduling constraints. | _[Affinity](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.30/#affinity-v1-core)_ | false |
+| `configMaps` | ConfigMaps is a list of ConfigMaps in the same namespace as the Application
object, which shall be mounted into the Application container
at /etc/vm/configs/CONFIGMAP_NAME folder | _string array_ | false |
+| `containers` | Containers property allows to inject additions sidecars or to patch existing containers.
It can be useful for proxies, backup, etc. | _[Container](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.30/#container-v1-core) array_ | false |
+| `dnsConfig` | Specifies the DNS parameters of a pod.
Parameters specified here will be merged to the generated DNS
configuration based on DNSPolicy. | _[PodDNSConfig](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.30/#poddnsconfig-v1-core)_ | false |
+| `dnsPolicy` | DNSPolicy sets DNS policy for the pod | _[DNSPolicy](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.30/#dnspolicy-v1-core)_ | false |
+| `extraArgs` | ExtraArgs that will be passed to the application container
for example remoteWrite.tmpDataPath: /tmp | _object (keys:string, values:string)_ | false |
+| `extraEnvs` | ExtraEnvs that will be passed to the application container | _[EnvVar](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.30/#envvar-v1-core) array_ | false |
+| `hostAliases` | HostAliases provides mapping for ip and hostname,
that would be propagated to pod,
cannot be used with HostNetwork. | _[HostAlias](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.30/#hostalias-v1-core) array_ | false |
+| `hostNetwork` | HostNetwork controls whether the pod may use the node network namespace | _boolean_ | false |
+| `host_aliases` | HostAliasesUnderScore provides mapping for ip and hostname,
that would be propagated to pod,
cannot be used with HostNetwork.
Has Priority over hostAliases field | _[HostAlias](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.30/#hostalias-v1-core) array_ | false |
+| `imagePullSecrets` | ImagePullSecrets An optional list of references to secrets in the same namespace
to use for pulling images from registries
see https://kubernetes.io/docs/concepts/containers/images/#referring-to-an-imagepullsecrets-on-a-pod | _[LocalObjectReference](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.30/#localobjectreference-v1-core) array_ | false |
+| `initContainers` | InitContainers allows adding initContainers to the pod definition.
Any errors during the execution of an initContainer will lead to a restart of the Pod.
More info: https://kubernetes.io/docs/concepts/workloads/pods/init-containers/ | _[Container](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.30/#container-v1-core) array_ | false |
+| `minReadySeconds` | MinReadySeconds defines a minim number os seconds to wait before starting update next pod
if previous in healthy state
Has no effect for VLogs and VMSingle | _integer_ | false |
+| `nodeSelector` | NodeSelector Define which Nodes the Pods are scheduled on. | _object (keys:string, values:string)_ | false |
+| `paused` | Paused If set to true all actions on the underlying managed objects are not
going to be performed, except for delete actions. | _boolean_ | false |
+| `priorityClassName` | PriorityClassName class assigned to the Pods | _string_ | false |
+| `readinessGates` | ReadinessGates defines pod readiness gates | _[PodReadinessGate](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.30/#podreadinessgate-v1-core) array_ | true |
+| `replicaCount` | ReplicaCount is the expected size of the Application. | _integer_ | false |
+| `revisionHistoryLimitCount` | The number of old ReplicaSets to retain to allow rollback in deployment or
maximum number of revisions that will be maintained in the Deployment revision history.
Has no effect at StatefulSets
Defaults to 10. | _integer_ | false |
+| `runtimeClassName` | RuntimeClassName - defines runtime class for kubernetes pod.
https://kubernetes.io/docs/concepts/containers/runtime-class/ | _string_ | false |
+| `schedulerName` | SchedulerName - defines kubernetes scheduler name | _string_ | false |
+| `secrets` | Secrets is a list of Secrets in the same namespace as the Application
object, which shall be mounted into the Application container
at /etc/vm/secrets/SECRET_NAME folder | _string array_ | false |
+| `securityContext` | SecurityContext holds pod-level security attributes and common container settings.
This defaults to the default PodSecurityContext. | _[SecurityContext](#securitycontext)_ | false |
+| `serviceAccountName` | ServiceAccountName is the name of the ServiceAccount to use to run the pods | _string_ | false |
+| `terminationGracePeriodSeconds` | TerminationGracePeriodSeconds period for container graceful termination | _[int64](#int64)_ | false |
+| `tolerations` | Tolerations If specified, the pod's tolerations. | _[Toleration](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.30/#toleration-v1-core) array_ | false |
+| `topologySpreadConstraints` | TopologySpreadConstraints embedded kubernetes pod configuration option,
controls how pods are spread across your cluster among failure-domains
such as regions, zones, nodes, and other user-defined topology domains
https://kubernetes.io/docs/concepts/workloads/pods/pod-topology-spread-constraints/ | _[TopologySpreadConstraint](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.30/#topologyspreadconstraint-v1-core) array_ | false |
+| `volumeMounts` | VolumeMounts allows configuration of additional VolumeMounts on the output Deployment/StatefulSet definition.
VolumeMounts specified will be appended to other VolumeMounts in the Application container | _[VolumeMount](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.30/#volumemount-v1-core) array_ | false |
+| `volumes` | Volumes allows configuration of additional volumes on the output Deployment/StatefulSet definition.
Volumes specified will be appended to other volumes that are generated.
/ +optional | _[Volume](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.30/#volume-v1-core) array_ | true |
+
+
+#### CommonConfigReloaderParams
+
+
+
+
+
+
+
+_Appears in:_
+- [VMAgentSpec](#vmagentspec)
+- [VMAlertSpec](#vmalertspec)
+- [VMAlertmanagerSpec](#vmalertmanagerspec)
+- [VMAuthSpec](#vmauthspec)
+
+| Field | Description | Scheme | Required |
+| --- | --- | --- | --- |
+| `configReloaderExtraArgs` | ConfigReloaderExtraArgs that will be passed to VMAuths config-reloader container
for example resyncInterval: "30s" | _object (keys:string, values:string)_ | false |
+| `configReloaderImageTag` | ConfigReloaderImageTag defines image:tag for config-reloader container | _string_ | true |
+| `configReloaderResources` | ConfigReloaderResources config-reloader container resource request and limits, https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/
if not defined default resources from operator config will be used | _[ResourceRequirements](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.30/#resourcerequirements-v1-core)_ | true |
+| `useVMConfigReloader` | UseVMConfigReloader replaces prometheus-like config-reloader
with vm one. It uses secrets watch instead of file watch
which greatly increases speed of config updates | _boolean_ | true |
+
+
+#### CommonDefaultableParams
+
+
+
+CommonDefaultableParams contains Application settings
+with known values populated from operator configuration
+
+
+
+_Appears in:_
+- [VLogsSpec](#vlogsspec)
+- [VMAgentSpec](#vmagentspec)
+- [VMAlertSpec](#vmalertspec)
+- [VMAlertmanagerSpec](#vmalertmanagerspec)
+- [VMAuthSpec](#vmauthspec)
+- [VMSingleSpec](#vmsinglespec)
+
+| Field | Description | Scheme | Required |
+| --- | --- | --- | --- |
+| `disableSelfServiceScrape` | DisableSelfServiceScrape controls creation of VMServiceScrape by operator
for the application.
Has priority over `VM_DISABLESELFSERVICESCRAPECREATION` operator env variable | _boolean_ | true |
+| `image` | Image - docker image settings
if no specified operator uses default version from operator config | _[Image](#image)_ | false |
+| `port` | Port listen address | _string_ | false |
+| `resources` | Resources container resource request and limits, https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/
if not defined default resources from operator config will be used | _[ResourceRequirements](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.30/#resourcerequirements-v1-core)_ | false |
+| `useDefaultResources` | UseDefaultResources controls resource settings
By default, operator sets built-in resource requirements | _boolean_ | false |
+| `useStrictSecurity` | UseStrictSecurity enables strict security mode for component
it restricts disk writes access
uses non-root user out of the box
drops not needed security permissions | _boolean_ | false |
+
+
#### ConsulSDConfig
@@ -389,6 +398,26 @@ _Appears in:_
| `tokenRef` | Consul ACL TokenRef, if not provided it will use the ACL from the local Consul Agent. | _[SecretKeySelector](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.30/#secretkeyselector-v1-core)_ | false |
+#### ContainerSecurityContext
+
+
+
+ContainerSecurityContext defines security context for each application container
+
+
+
+_Appears in:_
+- [SecurityContext](#securitycontext)
+
+| Field | Description | Scheme | Required |
+| --- | --- | --- | --- |
+| `allowPrivilegeEscalation` | AllowPrivilegeEscalation controls whether a process can gain more
privileges than its parent process. This bool directly controls if
the no_new_privs flag will be set on the container process.
AllowPrivilegeEscalation is true always when the container is:
1) run as Privileged
2) has CAP_SYS_ADMIN
Note that this field cannot be set when spec.os.name is windows. | _boolean_ | false |
+| `capabilities` | The capabilities to add/drop when running containers.
Defaults to the default set of capabilities granted by the container runtime.
Note that this field cannot be set when spec.os.name is windows. | _[Capabilities](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.30/#capabilities-v1-core)_ | false |
+| `privileged` | Run containers in privileged mode.
Processes in privileged containers are essentially equivalent to root on the host.
Note that this field cannot be set when spec.os.name is windows. | _boolean_ | false |
+| `procMount` | procMount denotes the type of proc mount to use for the containers.
The default is DefaultProcMount which uses the container runtime defaults for
readonly paths and masked paths.
This requires the ProcMountType feature flag to be enabled.
Note that this field cannot be set when spec.os.name is windows. | _[ProcMountType](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.30/#procmounttype-v1-core)_ | false |
+| `readOnlyRootFilesystem` | Whether this containers has a read-only root filesystem.
Default is false.
Note that this field cannot be set when spec.os.name is windows. | _boolean_ | false |
+
+
#### DNSSDConfig
@@ -454,21 +483,6 @@ _Appears in:_
| `webhook_url_secret` | URLSecret defines secret name and key at the CRD namespace.
It must contain the webhook URL.
one of `urlSecret` and `url` must be defined. | _[SecretKeySelector](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.30/#secretkeyselector-v1-core)_ | false |
-#### DiscoverySelector
-
-
-
-DiscoverySelector can be used at CRD components discovery
-
-
-
-_Appears in:_
-- [VMAlertNotifierSpec](#vmalertnotifierspec)
-
-| Field | Description | Scheme | Required |
-| --- | --- | --- | --- |
-| `labelSelector` | | _[LabelSelector](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.30/#labelselector-v1-meta)_ | true |
-| `namespaceSelector` | | _[NamespaceSelector](#namespaceselector)_ | true |
#### EC2Filter
@@ -541,30 +555,11 @@ _Appears in:_
| `to` | The email address to send notifications to. | _string_ | false |
-#### EmbeddedHPA
-
-
-
-EmbeddedHPA embeds HorizontalPodAutoScaler spec v2.
-https://kubernetes.io/docs/reference/kubernetes-api/workload-resources/horizontal-pod-autoscaler-v2/
-
-
-
-_Appears in:_
-- [VMInsert](#vminsert)
-- [VMSelect](#vmselect)
-
-| Field | Description | Scheme | Required |
-| --- | --- | --- | --- |
-| `behaviour` | | _[HorizontalPodAutoscalerBehavior](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.30/#horizontalpodautoscalerbehavior-v2beta2-autoscaling)_ | true |
-| `maxReplicas` | | _integer_ | true |
-| `metrics` | | _[MetricSpec](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.30/#metricspec-v2beta2-autoscaling) array_ | true |
-| `minReplicas` | | _integer_ | true |
#### EmbeddedIngress
-
+_Underlying type:_ _[struct{ClassName *string "json:\"class_name,omitempty\""; EmbeddedObjectMetadata "json:\",inline\""; TlsHosts []string "json:\"tlsHosts,omitempty\""; TlsSecretName string "json:\"tlsSecretName,omitempty\""; ExtraRules []k8s.io/api/networking/v1.IngressRule "json:\"extraRules,omitempty\""; ExtraTLS []k8s.io/api/networking/v1.IngressTLS "json:\"extraTls,omitempty\""; Host string "json:\"host,omitempty\""}](#struct{classname-*string-"json:\"class_name,omitempty\"";-embeddedobjectmetadata-"json:\",inline\"";-tlshosts-[]string-"json:\"tlshosts,omitempty\"";-tlssecretname-string-"json:\"tlssecretname,omitempty\"";-extrarules-[]k8sioapinetworkingv1ingressrule-"json:\"extrarules,omitempty\"";-extratls-[]k8sioapinetworkingv1ingresstls-"json:\"extratls,omitempty\"";-host-string-"json:\"host,omitempty\""})_
EmbeddedIngress describes ingress configuration options.
@@ -573,22 +568,11 @@ EmbeddedIngress describes ingress configuration options.
_Appears in:_
- [VMAuthSpec](#vmauthspec)
-| Field | Description | Scheme | Required |
-| --- | --- | --- | --- |
-| `annotations` | Annotations is an unstructured key value map stored with a resource that may be
set by external tools to store and retrieve arbitrary metadata. They are not
queryable and should be preserved when modifying objects.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations | _object (keys:string, values:string)_ | false |
-| `class_name` | ClassName defines ingress class name for VMAuth | _string_ | false |
-| `extraRules` | ExtraRules - additional rules for ingress,
must be checked for correctness by user. | _[IngressRule](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.30/#ingressrule-v1-networking) array_ | false |
-| `extraTls` | ExtraTLS - additional TLS configuration for ingress
must be checked for correctness by user. | _[IngressTLS](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.30/#ingresstls-v1-networking) array_ | false |
-| `host` | Host defines ingress host parameter for default rule
It will be used, only if TlsHosts is empty | _string_ | false |
-| `labels` | Labels Map of string keys and values that can be used to organize and categorize
(scope and select) objects. May match selectors of replication controllers
and services.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels | _object (keys:string, values:string)_ | false |
-| `name` | Name must be unique within a namespace. Is required when creating resources, although
some resources may allow a client to request the generation of an appropriate name
automatically. Name is primarily intended for creation idempotence and configuration
definition.
Cannot be updated.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names#names | _string_ | false |
-| `tlsHosts` | TlsHosts configures TLS access for ingress, tlsSecretName must be defined for it. | _string array_ | true |
-| `tlsSecretName` | TlsSecretName defines secretname at the VMAuth namespace with cert and key
https://kubernetes.io/docs/concepts/services-networking/ingress/#tls | _string_ | false |
#### EmbeddedObjectMetadata
-
+_Underlying type:_ _[struct{Name string "json:\"name,omitempty\" protobuf:\"bytes,1,opt,name=name\""; Labels map[string]string "json:\"labels,omitempty\" protobuf:\"bytes,11,rep,name=labels\""; Annotations map[string]string "json:\"annotations,omitempty\" protobuf:\"bytes,12,rep,name=annotations\""}](#struct{name-string-"json:\"name,omitempty\"-protobuf:\"bytes,1,opt,name=name\"";-labels-map[string]string-"json:\"labels,omitempty\"-protobuf:\"bytes,11,rep,name=labels\"";-annotations-map[string]string-"json:\"annotations,omitempty\"-protobuf:\"bytes,12,rep,name=annotations\""})_
EmbeddedObjectMetadata contains a subset of the fields included in k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta
Only fields which are relevant to embedded resources are included.
@@ -596,47 +580,21 @@ Only fields which are relevant to embedded resources are included.
_Appears in:_
-- [AdditionalServiceSpec](#additionalservicespec)
-- [EmbeddedIngress](#embeddedingress)
- [EmbeddedPersistentVolumeClaim](#embeddedpersistentvolumeclaim)
- [VLogsSpec](#vlogsspec)
- [VMAgentSpec](#vmagentspec)
- [VMAlertSpec](#vmalertspec)
- [VMAlertmanagerSpec](#vmalertmanagerspec)
- [VMAuthSpec](#vmauthspec)
-- [VMInsert](#vminsert)
-- [VMSelect](#vmselect)
- [VMSingleSpec](#vmsinglespec)
-- [VMStorage](#vmstorage)
-
-| Field | Description | Scheme | Required |
-| --- | --- | --- | --- |
-| `annotations` | Annotations is an unstructured key value map stored with a resource that may be
set by external tools to store and retrieve arbitrary metadata. They are not
queryable and should be preserved when modifying objects.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations | _object (keys:string, values:string)_ | false |
-| `labels` | Labels Map of string keys and values that can be used to organize and categorize
(scope and select) objects. May match selectors of replication controllers
and services.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels | _object (keys:string, values:string)_ | false |
-| `name` | Name must be unique within a namespace. Is required when creating resources, although
some resources may allow a client to request the generation of an appropriate name
automatically. Name is primarily intended for creation idempotence and configuration
definition.
Cannot be updated.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names#names | _string_ | false |
-
-
-#### EmbeddedPersistentVolumeClaim
-EmbeddedPersistentVolumeClaim is an embedded version of k8s.io/api/core/v1.PersistentVolumeClaim.
-It contains TypeMeta and a reduced ObjectMeta.
-
-
-
-_Appears in:_
-- [StorageSpec](#storagespec)
-
-| Field | Description | Scheme | Required |
-| --- | --- | --- | --- |
-| `metadata` | Refer to Kubernetes API documentation for fields of `metadata`. | _[EmbeddedObjectMetadata](#embeddedobjectmetadata)_ | false |
-| `spec` | Spec defines the desired characteristics of a volume requested by a pod author.
More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims | _[PersistentVolumeClaimSpec](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.30/#persistentvolumeclaimspec-v1-core)_ | false |
#### EmbeddedPodDisruptionBudgetSpec
-
+_Underlying type:_ _[struct{MinAvailable *k8s.io/apimachinery/pkg/util/intstr.IntOrString "json:\"minAvailable,omitempty\""; MaxUnavailable *k8s.io/apimachinery/pkg/util/intstr.IntOrString "json:\"maxUnavailable,omitempty\""; SelectorLabels map[string]string "json:\"selectorLabels,omitempty\""}](#struct{minavailable-*k8sioapimachinerypkgutilintstrintorstring-"json:\"minavailable,omitempty\"";-maxunavailable-*k8sioapimachinerypkgutilintstrintorstring-"json:\"maxunavailable,omitempty\"";-selectorlabels-map[string]string-"json:\"selectorlabels,omitempty\""})_
@@ -647,20 +605,12 @@ _Appears in:_
- [VMAlertSpec](#vmalertspec)
- [VMAlertmanagerSpec](#vmalertmanagerspec)
- [VMAuthSpec](#vmauthspec)
-- [VMInsert](#vminsert)
-- [VMSelect](#vmselect)
-- [VMStorage](#vmstorage)
-| Field | Description | Scheme | Required |
-| --- | --- | --- | --- |
-| `maxUnavailable` | An eviction is allowed if at most "maxUnavailable" pods selected by
"selector" are unavailable after the eviction, i.e. even in absence of
the evicted pod. For example, one can prevent all voluntary evictions
by specifying 0. This is a mutually exclusive setting with "minAvailable". | _[IntOrString](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.30/#intorstring-intstr-util)_ | false |
-| `minAvailable` | An eviction is allowed if at least "minAvailable" pods selected by
"selector" will still be available after the eviction, i.e. even in the
absence of the evicted pod. So for example you can prevent all voluntary
evictions by specifying "100%". | _[IntOrString](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.30/#intorstring-intstr-util)_ | false |
-| `selectorLabels` | replaces default labels selector generated by operator
it's useful when you need to create custom budget | _object (keys:string, values:string)_ | false |
#### EmbeddedProbes
-
+_Underlying type:_ _[struct{LivenessProbe *k8s.io/api/core/v1.Probe "json:\"livenessProbe,omitempty\""; ReadinessProbe *k8s.io/api/core/v1.Probe "json:\"readinessProbe,omitempty\""; StartupProbe *k8s.io/api/core/v1.Probe "json:\"startupProbe,omitempty\""}](#struct{livenessprobe-*k8sioapicorev1probe-"json:\"livenessprobe,omitempty\"";-readinessprobe-*k8sioapicorev1probe-"json:\"readinessprobe,omitempty\"";-startupprobe-*k8sioapicorev1probe-"json:\"startupprobe,omitempty\""})_
EmbeddedProbes - it allows to override some probe params.
its not necessary to specify all options,
@@ -674,56 +624,10 @@ _Appears in:_
- [VMAlertSpec](#vmalertspec)
- [VMAlertmanagerSpec](#vmalertmanagerspec)
- [VMAuthSpec](#vmauthspec)
-- [VMInsert](#vminsert)
-- [VMSelect](#vmselect)
- [VMSingleSpec](#vmsinglespec)
-- [VMStorage](#vmstorage)
-
-| Field | Description | Scheme | Required |
-| --- | --- | --- | --- |
-| `livenessProbe` | LivenessProbe that will be added CRD pod | _[Probe](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.30/#probe-v1-core)_ | false |
-| `readinessProbe` | ReadinessProbe that will be added CRD pod | _[Probe](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.30/#probe-v1-core)_ | false |
-| `startupProbe` | StartupProbe that will be added to CRD pod | _[Probe](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.30/#probe-v1-core)_ | false |
-
-
-#### Endpoint
-Endpoint defines a scrapeable endpoint serving metrics.
-
-
-
-_Appears in:_
-- [VMServiceScrapeSpec](#vmservicescrapespec)
-
-| Field | Description | Scheme | Required |
-| --- | --- | --- | --- |
-| `attach_metadata` | AttachMetadata configures metadata attaching from service discovery | _[AttachMetadata](#attachmetadata)_ | false |
-| `authorization` | Authorization with http header Authorization | _[Authorization](#authorization)_ | false |
-| `basicAuth` | BasicAuth allow an endpoint to authenticate over basic authentication | _[BasicAuth](#basicauth)_ | false |
-| `bearerTokenFile` | File to read bearer token for scraping targets. | _string_ | false |
-| `bearerTokenSecret` | Secret to mount to read bearer token for scraping targets. The secret
needs to be in the same namespace as the scrape object and accessible by
the victoria-metrics operator. | _[SecretKeySelector](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.30/#secretkeyselector-v1-core)_ | false |
-| `follow_redirects` | FollowRedirects controls redirects for scraping. | _boolean_ | false |
-| `honorLabels` | HonorLabels chooses the metric's labels on collisions with target labels. | _boolean_ | false |
-| `honorTimestamps` | HonorTimestamps controls whether vmagent respects the timestamps present in scraped data. | _boolean_ | false |
-| `interval` | Interval at which metrics should be scraped | _string_ | false |
-| `max_scrape_size` | MaxScrapeSize defines a maximum size of scraped data for a job | _string_ | false |
-| `metricRelabelConfigs` | MetricRelabelConfigs to apply to samples after scrapping. | _[RelabelConfig](#relabelconfig) array_ | false |
-| `oauth2` | OAuth2 defines auth configuration | _[OAuth2](#oauth2)_ | false |
-| `params` | Optional HTTP URL parameters | _object (keys:string, values:string array)_ | false |
-| `path` | HTTP path to scrape for metrics. | _string_ | false |
-| `port` | Name of the port exposed at Service. | _string_ | false |
-| `proxyURL` | ProxyURL eg http://proxyserver:2195 Directs scrapes to proxy through this endpoint. | _string_ | false |
-| `relabelConfigs` | RelabelConfigs to apply to samples during service discovery. | _[RelabelConfig](#relabelconfig) array_ | false |
-| `sampleLimit` | SampleLimit defines per-scrape limit on number of scraped samples that will be accepted. | _integer_ | false |
-| `scheme` | HTTP scheme to use for scraping. | _string_ | false |
-| `scrapeTimeout` | Timeout after which the scrape is ended | _string_ | false |
-| `scrape_interval` | ScrapeInterval is the same as Interval and has priority over it.
one of scrape_interval or interval can be used | _string_ | false |
-| `seriesLimit` | SeriesLimit defines per-scrape limit on number of unique time series
a single target can expose during all the scrapes on the time window of 24h. | _integer_ | false |
-| `targetPort` | TargetPort
Name or number of the pod port this endpoint refers to. Mutually exclusive with port. | _[IntOrString](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.30/#intorstring-intstr-util)_ | false |
-| `tlsConfig` | TLSConfig configuration to use when scraping the endpoint | _[TLSConfig](#tlsconfig)_ | false |
-| `vm_scrape_params` | VMScrapeParams defines VictoriaMetrics specific scrape parameters | _[VMScrapeParams](#vmscrapeparams)_ | false |
#### EndpointAuth
@@ -854,7 +758,7 @@ _Appears in:_
#### HTTPAuth
-
+_Underlying type:_ _[struct{BasicAuth *BasicAuth "json:\"basicAuth,omitempty\""; OAuth2 *OAuth2 "json:\"oauth2,omitempty\""; TLSConfig *TLSConfig "json:\"tlsConfig,omitempty\""; *BearerAuth "json:\",inline,omitempty\""; Headers []string "json:\"headers,omitempty\""}](#struct{basicauth-*basicauth-"json:\"basicauth,omitempty\"";-oauth2-*oauth2-"json:\"oauth2,omitempty\"";-tlsconfig-*tlsconfig-"json:\"tlsconfig,omitempty\"";-*bearerauth-"json:\",inline,omitempty\"";-headers-[]string-"json:\"headers,omitempty\""})_
HTTPAuth generic auth used with http protocols
@@ -862,16 +766,7 @@ HTTPAuth generic auth used with http protocols
_Appears in:_
- [VMAlertDatasourceSpec](#vmalertdatasourcespec)
-- [VMAlertNotifierSpec](#vmalertnotifierspec)
-- [VMAlertRemoteReadSpec](#vmalertremotereadspec)
-- [VMAlertRemoteWriteSpec](#vmalertremotewritespec)
-| Field | Description | Scheme | Required |
-| --- | --- | --- | --- |
-| `basicAuth` | | _[BasicAuth](#basicauth)_ | false |
-| `headers` | Headers allow configuring custom http headers
Must be in form of semicolon separated header with value
e.g.
headerName:headerValue
vmalert supports it since 1.79.0 version | _string array_ | false |
-| `oauth2` | | _[OAuth2](#oauth2)_ | false |
-| `tlsConfig` | | _[TLSConfig](#tlsconfig)_ | false |
#### HTTPConfig
@@ -932,29 +827,22 @@ _Appears in:_
#### Image
-
+_Underlying type:_ _[struct{Repository string "json:\"repository,omitempty\""; Tag string "json:\"tag,omitempty\""; PullPolicy k8s.io/api/core/v1.PullPolicy "json:\"pullPolicy,omitempty\""}](#struct{repository-string-"json:\"repository,omitempty\"";-tag-string-"json:\"tag,omitempty\"";-pullpolicy-k8sioapicorev1pullpolicy-"json:\"pullpolicy,omitempty\""})_
Image defines docker image settings
_Appears in:_
+- [CommonDefaultableParams](#commondefaultableparams)
- [VLogsSpec](#vlogsspec)
- [VMAgentSpec](#vmagentspec)
- [VMAlertSpec](#vmalertspec)
- [VMAlertmanagerSpec](#vmalertmanagerspec)
- [VMAuthSpec](#vmauthspec)
- [VMBackup](#vmbackup)
-- [VMInsert](#vminsert)
-- [VMSelect](#vmselect)
- [VMSingleSpec](#vmsinglespec)
-- [VMStorage](#vmstorage)
-| Field | Description | Scheme | Required |
-| --- | --- | --- | --- |
-| `pullPolicy` | PullPolicy describes how to pull docker image | _[PullPolicy](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.30/#pullpolicy-v1-core)_ | true |
-| `repository` | Repository contains name of docker image + it's repository if needed | _string_ | true |
-| `tag` | Tag contains desired docker image version | _string_ | true |
#### ImageConfig
@@ -1000,7 +888,7 @@ _Appears in:_
#### InsertPorts
-
+_Underlying type:_ _[struct{GraphitePort string "json:\"graphitePort,omitempty\""; InfluxPort string "json:\"influxPort,omitempty\""; OpenTSDBHTTPPort string "json:\"openTSDBHTTPPort,omitempty\""; OpenTSDBPort string "json:\"openTSDBPort,omitempty\""}](#struct{graphiteport-string-"json:\"graphiteport,omitempty\"";-influxport-string-"json:\"influxport,omitempty\"";-opentsdbhttpport-string-"json:\"opentsdbhttpport,omitempty\"";-opentsdbport-string-"json:\"opentsdbport,omitempty\""})_
@@ -1008,15 +896,8 @@ _Appears in:_
_Appears in:_
- [VMAgentSpec](#vmagentspec)
-- [VMInsert](#vminsert)
- [VMSingleSpec](#vmsinglespec)
-| Field | Description | Scheme | Required |
-| --- | --- | --- | --- |
-| `graphitePort` | GraphitePort listen port | _string_ | false |
-| `influxPort` | InfluxPort listen port | _string_ | false |
-| `openTSDBHTTPPort` | OpenTSDBHTTPPort for http connections. | _string_ | false |
-| `openTSDBPort` | OpenTSDBPort for tcp and udp listen | _string_ | false |
#### K8SSelectorConfig
@@ -1069,7 +950,7 @@ _Appears in:_
#### License
-
+_Underlying type:_ _[struct{Key *string "json:\"key,omitempty\""; KeyRef *k8s.io/api/core/v1.SecretKeySelector "json:\"keyRef,omitempty\""}](#struct{key-*string-"json:\"key,omitempty\"";-keyref-*k8sioapicorev1secretkeyselector-"json:\"keyref,omitempty\""})_
License holds license key for enterprise features.
Using license key is supported starting from VictoriaMetrics v1.94.0.
@@ -1084,10 +965,6 @@ _Appears in:_
- [VMClusterSpec](#vmclusterspec)
- [VMSingleSpec](#vmsinglespec)
-| Field | Description | Scheme | Required |
-| --- | --- | --- | --- |
-| `key` | Enterprise license key. This flag is available only in [VictoriaMetrics enterprise](https://docs.victoriametrics.com/enterprise).
To request a trial license, [go to](https://victoriametrics.com/products/enterprise/trial) | _string_ | true |
-| `keyRef` | KeyRef is reference to secret with license key for enterprise features. | _[SecretKeySelector](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.30/#secretkeyselector-v1-core)_ | true |
#### LinkConfig
@@ -1161,7 +1038,6 @@ _Appears in:_
- [DiscoverySelector](#discoveryselector)
- [ProbeTargetIngress](#probetargetingress)
- [VMPodScrapeSpec](#vmpodscrapespec)
-- [VMServiceScrapeSpec](#vmservicescrapespec)
| Field | Description | Scheme | Required |
| --- | --- | --- | --- |
@@ -1182,16 +1058,10 @@ _Appears in:_
- [DigitalOceanSDConfig](#digitaloceansdconfig)
- [Endpoint](#endpoint)
- [EndpointAuth](#endpointauth)
-- [HTTPAuth](#httpauth)
- [HTTPConfig](#httpconfig)
- [KubernetesSDConfig](#kubernetessdconfig)
- [PodMetricsEndpoint](#podmetricsendpoint)
- [TargetEndpoint](#targetendpoint)
-- [VMAgentRemoteWriteSpec](#vmagentremotewritespec)
-- [VMAlertDatasourceSpec](#vmalertdatasourcespec)
-- [VMAlertNotifierSpec](#vmalertnotifierspec)
-- [VMAlertRemoteReadSpec](#vmalertremotereadspec)
-- [VMAlertRemoteWriteSpec](#vmalertremotewritespec)
- [VMNodeScrapeSpec](#vmnodescrapespec)
- [VMProbeSpec](#vmprobespec)
- [VMScrapeConfigSpec](#vmscrapeconfigspec)
@@ -1479,7 +1349,6 @@ _Appears in:_
- [ProbeTargetIngress](#probetargetingress)
- [StreamAggrRule](#streamaggrrule)
- [TargetEndpoint](#targetendpoint)
-- [VMAgentRemoteWriteSpec](#vmagentremotewritespec)
- [VMAgentSpec](#vmagentspec)
- [VMNodeScrapeSpec](#vmnodescrapespec)
- [VMProbeSpec](#vmprobespec)
@@ -1604,6 +1473,8 @@ _Appears in:_
+
+
#### Sigv4Config
@@ -1792,7 +1663,7 @@ _Appears in:_
#### StorageSpec
-
+_Underlying type:_ _[struct{DisableMountSubPath bool "json:\"disableMountSubPath,omitempty\""; EmptyDir *k8s.io/api/core/v1.EmptyDirVolumeSource "json:\"emptyDir,omitempty\""; VolumeClaimTemplate EmbeddedPersistentVolumeClaim "json:\"volumeClaimTemplate,omitempty\""}](#struct{disablemountsubpath-bool-"json:\"disablemountsubpath,omitempty\"";-emptydir-*k8sioapicorev1emptydirvolumesource-"json:\"emptydir,omitempty\"";-volumeclaimtemplate-embeddedpersistentvolumeclaim-"json:\"volumeclaimtemplate,omitempty\""})_
StorageSpec defines the configured storage for a group Prometheus servers.
If neither `emptyDir` nor `volumeClaimTemplate` is specified, then by default an [EmptyDir](https://kubernetes.io/docs/concepts/storage/volumes/#emptydir) will be used.
@@ -1802,69 +1673,23 @@ If neither `emptyDir` nor `volumeClaimTemplate` is specified, then by default an
_Appears in:_
- [VMAgentSpec](#vmagentspec)
- [VMAlertmanagerSpec](#vmalertmanagerspec)
-- [VMSelect](#vmselect)
-- [VMStorage](#vmstorage)
-| Field | Description | Scheme | Required |
-| --- | --- | --- | --- |
-| `disableMountSubPath` | Deprecated: subPath usage will be disabled by default in a future release, this option will become unnecessary.
DisableMountSubPath allows to remove any subPath usage in volume mounts. | _boolean_ | false |
-| `emptyDir` | EmptyDirVolumeSource to be used by the Prometheus StatefulSets. If specified, used in place of any volumeClaimTemplate. More
info: https://kubernetes.io/docs/concepts/storage/volumes/#emptydir | _[EmptyDirVolumeSource](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.30/#emptydirvolumesource-v1-core)_ | false |
-| `volumeClaimTemplate` | A PVC spec to be used by the VMAlertManager StatefulSets. | _[EmbeddedPersistentVolumeClaim](#embeddedpersistentvolumeclaim)_ | false |
#### StreamAggrConfig
-
+_Underlying type:_ _[struct{Rules []StreamAggrRule "json:\"rules\""; RuleConfigMap *k8s.io/api/core/v1.ConfigMapKeySelector "json:\"configmap,omitempty\""; KeepInput bool "json:\"keepInput,omitempty\""; DropInput bool "json:\"dropInput,omitempty\""; DedupInterval string "json:\"dedupInterval,omitempty\""; DropInputLabels []string "json:\"dropInputLabels,omitempty\""; IgnoreFirstIntervals int "json:\"ignoreFirstIntervals,omitempty\""; IgnoreOldSamples bool "json:\"ignoreOldSamples,omitempty\""}](#struct{rules-[]streamaggrrule-"json:\"rules\"";-ruleconfigmap-*k8sioapicorev1configmapkeyselector-"json:\"configmap,omitempty\"";-keepinput-bool-"json:\"keepinput,omitempty\"";-dropinput-bool-"json:\"dropinput,omitempty\"";-dedupinterval-string-"json:\"dedupinterval,omitempty\"";-dropinputlabels-[]string-"json:\"dropinputlabels,omitempty\"";-ignorefirstintervals-int-"json:\"ignorefirstintervals,omitempty\"";-ignoreoldsamples-bool-"json:\"ignoreoldsamples,omitempty\""})_
StreamAggrConfig defines the stream aggregation config
_Appears in:_
-- [VMAgentRemoteWriteSpec](#vmagentremotewritespec)
- [VMAgentSpec](#vmagentspec)
- [VMSingleSpec](#vmsinglespec)
-| Field | Description | Scheme | Required |
-| --- | --- | --- | --- |
-| `configmap` | ConfigMap with stream aggregation rules | _[ConfigMapKeySelector](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.30/#configmapkeyselector-v1-core)_ | false |
-| `dedupInterval` | Allows setting different de-duplication intervals per each configured remote storage | _string_ | false |
-| `dropInput` | Allow drop all the input samples after the aggregation | _boolean_ | false |
-| `dropInputLabels` | labels to drop from samples for aggregator before stream de-duplication and aggregation | _string array_ | false |
-| `ignoreFirstIntervals` | | _integer_ | true |
-| `ignoreOldSamples` | IgnoreOldSamples instructs to ignore samples with old timestamps outside the current aggregation interval. | _boolean_ | false |
-| `keepInput` | Allows writing both raw and aggregate data | _boolean_ | false |
-| `rules` | Stream aggregation rules | _[StreamAggrRule](#streamaggrrule) array_ | false |
-#### StreamAggrRule
-
-
-
-StreamAggrRule defines the rule in stream aggregation config
-
-
-
-_Appears in:_
-- [StreamAggrConfig](#streamaggrconfig)
-
-| Field | Description | Scheme | Required |
-| --- | --- | --- | --- |
-| `by` | By is an optional list of labels for grouping input series.
See also Without.
If neither By nor Without are set, then the Outputs are calculated
individually per each input time series. | _string array_ | false |
-| `dedup_interval` | DedupInterval is an optional interval for deduplication. | _string_ | false |
-| `drop_input_labels` | DropInputLabels is an optional list with labels, which must be dropped before further processing of input samples.
Labels are dropped before de-duplication and aggregation. | _string_ | false |
-| `flush_on_shutdown` | FlushOnShutdown defines whether to flush the aggregation state on process termination
or config reload. Is `false` by default.
It is not recommended changing this setting, unless unfinished aggregations states
are preferred to missing data points. | _boolean_ | false |
-| `ignore_first_intervals` | | _integer_ | true |
-| `ignore_old_samples` | IgnoreOldSamples instructs to ignore samples with old timestamps outside the current aggregation interval. | _boolean_ | false |
-| `input_relabel_configs` | InputRelabelConfigs is an optional relabeling rules, which are applied on the input
before aggregation. | _[RelabelConfig](#relabelconfig) array_ | false |
-| `interval` | Interval is the interval between aggregations. | _string_ | true |
-| `keep_metric_names` | KeepMetricNames instructs to leave metric names as is for the output time series without adding any suffix. | _boolean_ | false |
-| `match` | Match is a label selector (or list of label selectors) for filtering time series for the given selector.
If the match isn't set, then all the input time series are processed. | _[StringOrArray](#stringorarray)_ | false |
-| `no_align_flush_to_interval` | NoAlignFlushToInterval disables aligning of flushes to multiples of Interval.
By default flushes are aligned to Interval. | _boolean_ | false |
-| `output_relabel_configs` | OutputRelabelConfigs is an optional relabeling rules, which are applied
on the aggregated output before being sent to remote storage. | _[RelabelConfig](#relabelconfig) array_ | false |
-| `outputs` | Outputs is a list of output aggregate functions to produce.
The following names are allowed:
- total - aggregates input counters
- increase - counts the increase over input counters
- count_series - counts the input series
- count_samples - counts the input samples
- sum_samples - sums the input samples
- last - the last biggest sample value
- min - the minimum sample value
- max - the maximum sample value
- avg - the average value across all the samples
- stddev - standard deviation across all the samples
- stdvar - standard variance across all the samples
- histogram_bucket - creates VictoriaMetrics histogram for input samples
- quantiles(phi1, ..., phiN) - quantiles' estimation for phi in the range [0..1]
The output time series will have the following names:
input_name:aggr__