prometheus-adapter
Helm chart
Request a free trial
Contact our team to test out this Helm chart and related images for free. Please also indicate any other images you would like to evaluate.
Tag:
1
affinity: {}
2
topologySpreadConstraints: []
3
# Override the name of the chart
4
nameOverride: ""
5
# Override the full name of the release
6
fullnameOverride: ""
7
image:
8
repository: cgr.dev/chainguard-private/prometheus-adapter
9
# if not set appVersion field from Chart.yaml is used
10
tag: latest@sha256:105f5295fda94de97a2b98143490cc4c0ac6b1db240947a88c5c04255accdeed
11
pullPolicy: IfNotPresent
12
pullSecrets: []
13
# - foo
14
logLevel: 4
15
metricsRelistInterval: 1m
16
listenPort: 6443
17
nodeSelector: {}
18
priorityClassName: ""
19
## Override the release namespace (for multi-namespace deployments in combined charts)
20
namespaceOverride: ""
21
## Additional annotations to add to all resources
22
customAnnotations: {}
23
# role: custom-metrics
24
25
## Additional labels to add to all resources
26
customLabels: {}
27
# monitoring: prometheus-adapter
28
29
# Url to access prometheus
30
prometheus:
31
# Value is templated
32
url: http://prometheus.default.svc
33
port: 9090
34
path: ""
35
replicas: 1
36
# k8s 1.21 needs fsGroup to be set for non root deployments
37
# ref: https://github.com/kubernetes/kubernetes/issues/70679
38
podSecurityContext:
39
fsGroup: 10001
40
# SecurityContext of the container
41
# ref. https://kubernetes.io/docs/tasks/configure-pod-container/security-context
42
securityContext:
43
allowPrivilegeEscalation: false
44
capabilities:
45
drop: ["ALL"]
46
readOnlyRootFilesystem: true
47
runAsNonRoot: true
48
runAsUser: 10001
49
seccompProfile:
50
type: RuntimeDefault
51
rbac:
52
# Specifies whether RBAC resources should be created
53
create: true
54
# Specifies if a Cluster Role should be used for the Auth Reader
55
useAuthReaderClusterRole: false
56
externalMetrics:
57
resources: ["*"]
58
customMetrics:
59
resources: ["*"]
60
# If false then the user will opt out of automounting API credentials.
61
automountServiceAccountToken: true
62
serviceAccount:
63
# Specifies whether a service account should be created
64
create: true
65
# The name of the service account to use.
66
# If not set and create is true, a name is generated using the fullname template
67
name:
68
# ServiceAccount annotations.
69
# Use case: AWS EKS IAM roles for service accounts
70
# ref: https://docs.aws.amazon.com/eks/latest/userguide/specify-service-account-role.html
71
annotations: {}
72
# If false then the user will opt out of automounting API credentials.
73
automountServiceAccountToken: true
74
# Custom DNS configuration to be added to prometheus-adapter pods
75
dnsConfig: {}
76
# nameservers:
77
# - 1.2.3.4
78
# searches:
79
# - ns1.svc.cluster-domain.example
80
# - my.dns.search.suffix
81
# options:
82
# - name: ndots
83
# value: "2"
84
# - name: edns0
85
86
resources: {}
87
# requests:
88
# cpu: 100m
89
# memory: 128Mi
90
# limits:
91
# cpu: 100m
92
# memory: 128Mi
93
94
# Configure liveness probe
95
# https://kubernetes.io/docs/reference/kubernetes-api/workload-resources/pod-v1/#Probe
96
livenessProbe:
97
httpGet:
98
path: /healthz
99
port: https
100
scheme: HTTPS
101
initialDelaySeconds: 30
102
timeoutSeconds: 5
103
# Configure readiness probe
104
readinessProbe:
105
httpGet:
106
path: /healthz
107
port: https
108
scheme: HTTPS
109
initialDelaySeconds: 30
110
timeoutSeconds: 5
111
# Configure startup probe
112
# Use if prometheus-adapter takes a long time to finish startup e.g. polling a lot of API versions in cluster
113
startupProbe: {}
114
rules:
115
default: true
116
custom: []
117
# - seriesQuery: '{__name__=~"^some_metric_count$"}'
118
# resources:
119
# template: <<.Resource>>
120
# name:
121
# matches: ""
122
# as: "my_custom_metric"
123
# metricsQuery: sum(<<.Series>>{<<.LabelMatchers>>}) by (<<.GroupBy>>)
124
125
# Mounts a configMap with pre-generated rules for use. Overrides the
126
# default, custom, external and resource entries
127
existing:
128
external: []
129
# resource:
130
# cpu:
131
# containerQuery: |
132
# sum by (<<.GroupBy>>) (
133
# rate(container_cpu_usage_seconds_total{container!="",<<.LabelMatchers>>}[3m])
134
# )
135
# nodeQuery: |
136
# sum by (<<.GroupBy>>) (
137
# rate(node_cpu_seconds_total{mode!="idle",mode!="iowait",mode!="steal",<<.LabelMatchers>>}[3m])
138
# )
139
# resources:
140
# overrides:
141
# node:
142
# resource: node
143
# namespace:
144
# resource: namespace
145
# pod:
146
# resource: pod
147
# containerLabel: container
148
# memory:
149
# containerQuery: |
150
# sum by (<<.GroupBy>>) (
151
# avg_over_time(container_memory_working_set_bytes{container!="",<<.LabelMatchers>>}[3m])
152
# )
153
# nodeQuery: |
154
# sum by (<<.GroupBy>>) (
155
# avg_over_time(node_memory_MemTotal_bytes{<<.LabelMatchers>>}[3m])
156
# -
157
# avg_over_time(node_memory_MemAvailable_bytes{<<.LabelMatchers>>}[3m])
158
# )
159
# resources:
160
# overrides:
161
# node:
162
# resource: node
163
# namespace:
164
# resource: namespace
165
# pod:
166
# resource: pod
167
# containerLabel: container
168
# window: 3m
169
service:
170
annotations: {}
171
port: 443
172
type: ClusterIP
173
# clusterIP: 1.2.3.4
174
ipDualStack:
175
enabled: false
176
ipFamilies: ["IPv6", "IPv4"]
177
ipFamilyPolicy: "PreferDualStack"
178
tls:
179
enable: false
180
ca: |-
181
# Public CA file that signed the APIService
182
key: |-
183
# Private key of the APIService
184
certificate: |-
185
# Public key of the APIService
186
# Set environment variables from secrets, configmaps or by setting them as name/value
187
env: []
188
# - name: TMP_DIR
189
# value: /tmp
190
# - name: PASSWORD
191
# valueFrom:
192
# secretKeyRef:
193
# name: mysecret
194
# key: password
195
# optional: false
196
197
# Any extra arguments
198
extraArguments: []
199
# - --tls-private-key-file=/etc/tls/tls.key
200
# - --tls-cert-file=/etc/tls/tls.crt
201
202
# Additional containers to add to the pod
203
extraContainers: []
204
# Any extra volumes
205
extraVolumes: []
206
# - name: example-name
207
# hostPath:
208
# path: /path/on/host
209
# type: DirectoryOrCreate
210
# - name: ssl-certs
211
# hostPath:
212
# path: /etc/ssl/certs/ca-bundle.crt
213
# type: File
214
215
# Any extra volume mounts
216
extraVolumeMounts: []
217
# - name: example-name
218
# mountPath: /path/in/container
219
# - name: ssl-certs
220
# mountPath: /etc/ssl/certs/ca-certificates.crt
221
# readOnly: true
222
223
tolerations: []
224
# Labels added to the pod
225
podLabels: {}
226
# Annotations added to the pod
227
podAnnotations: {}
228
# Annotations added to the deployment
229
deploymentAnnotations: {}
230
hostNetwork:
231
# Specifies if prometheus-adapter should be started in hostNetwork mode.
232
#
233
# You would require this enabled if you use alternate overlay networking for pods and
234
# API server unable to communicate with metrics-server. As an example, this is required
235
# if you use Weave network on EKS. See also dnsPolicy
236
enabled: false
237
# When hostNetwork is enabled, you probably want to set this to ClusterFirstWithHostNet
238
# dnsPolicy: ClusterFirstWithHostNet
239
240
# Deployment strategy type
241
strategy:
242
type: RollingUpdate
243
rollingUpdate:
244
maxUnavailable: 25%
245
maxSurge: 25%
246
podDisruptionBudget:
247
# Specifies if PodDisruptionBudget should be enabled
248
# When enabled, minAvailable or maxUnavailable should also be defined.
249
enabled: false
250
minAvailable:
251
maxUnavailable: 1
252
# See https://kubernetes.io/docs/tasks/run-application/configure-pdb/#unhealthy-pod-eviction-policy for possible values
253
unhealthyPodEvictionPolicy:
254
certManager:
255
enabled: false
256
caCertDuration: 43800h0m0s
257
certDuration: 8760h0m0s
258
# -- Set the revisionHistoryLimit on the Certificates. See
259
# https://cert-manager.io/docs/reference/api-docs/#cert-manager.io/v1.CertificateSpec
260
# Defaults to nil.
261
caCertRevisionHistoryLimit:
262
certRevisionHistoryLimit:
263
## Extra manifests to deploy as an array
264
extraManifests: []
265
# - apiVersion: v1
266
# kind: ConfigMap
267
# metadata:
268
# labels:
269
# name: prometheus-extra
270
# data:
271
# extra-data: "value"
272
273
# Optional: set revisionHistoryLimit for the Deployment
274
revisionHistoryLimit: 10
275
The trusted source for open source
Talk to an expertCustomers
© 2026 Chainguard, Inc. All Rights Reserved.
Chainguard® and the Chainguard logo are registered trademarks of Chainguard, Inc. in the United States and/or other countries.
The other respective trademarks mentioned on this page are owned by the respective companies and use of them does not imply any affiliation or endorsement.
Chainguard® and the Chainguard logo are registered trademarks of Chainguard, Inc. in the United States and/or other countries.
The other respective trademarks mentioned on this page are owned by the respective companies and use of them does not imply any affiliation or endorsement.