DirectorySecurity AdvisoriesPricing
/
Sign in
Directory
prometheus-alertmanager logoHELM

prometheus-alertmanager

Helm chart
Last changed
Request a free trial

Contact our team to test out this Helm chart and related images for free. Please also indicate any other images you would like to evaluate.

Overview
Chart versions
Default values
Chart metadata
Images

Tag:
1
# yaml-language-server: $schema=values.schema.json
2
# Default values for alertmanager.
3
# This is a YAML-formatted file.
4
# Declare variables to be passed into your templates.
5
6
replicaCount: 1
7
# Number of old history to retain to allow rollback
8
# Default Kubernetes value is set to 10
9
revisionHistoryLimit: 10
10
image:
11
repository: cgr.dev/chainguard-private/prometheus-alertmanager
12
pullPolicy: IfNotPresent
13
# Overrides the image tag whose default is the chart appVersion.
14
tag: latest
15
# Full external URL where alertmanager is reachable, used for backlinks.
16
baseURL: ""
17
extraArgs: {}
18
## Additional Alertmanager Secret mounts
19
# Defines additional mounts with secrets. Secrets must be manually created in the namespace.
20
extraSecretMounts: []
21
# - name: secret-files
22
# mountPath: /etc/secrets
23
# subPath: ""
24
# secretName: alertmanager-secret-files
25
# readOnly: true
26
27
imagePullSecrets: []
28
nameOverride: ""
29
fullnameOverride: ""
30
## namespaceOverride overrides the namespace which the resources will be deployed in
31
namespaceOverride: ""
32
automountServiceAccountToken: true
33
## Running within a user namespace.
34
# Kubernetes server must be at or later than version v1.25.
35
# Kubernetes v1.25 through to v1.27 recognise UserNamespacesStatelessPodsSupport.
36
# Kubernetes v1.28 through to v1.32 need to enable the UserNamespacesSupport feature gate.
37
hostUsers: false
38
serviceAccount:
39
# Specifies whether a service account should be created
40
create: true
41
# Annotations to add to the service account
42
annotations: {}
43
# The name of the service account to use.
44
# If not set and create is true, a name is generated using the fullname template
45
name: ""
46
# Sets priorityClassName in alertmanager pod
47
priorityClassName: ""
48
# Sets schedulerName in alertmanager pod
49
schedulerName: ""
50
podSecurityContext:
51
fsGroup: 65534
52
dnsConfig: {}
53
# nameservers:
54
# - 1.2.3.4
55
# searches:
56
# - ns1.svc.cluster-domain.example
57
# - my.dns.search.suffix
58
# options:
59
# - name: ndots
60
# value: "2"
61
# - name: edns0
62
hostAliases: []
63
# - ip: "127.0.0.1"
64
# hostnames:
65
# - "foo.local"
66
# - "bar.local"
67
# - ip: "10.1.2.3"
68
# hostnames:
69
# - "foo.remote"
70
# - "bar.remote"
71
securityContext:
72
# capabilities:
73
# drop:
74
# - ALL
75
# readOnlyRootFilesystem: true
76
runAsUser: 65534
77
runAsNonRoot: true
78
runAsGroup: 65534
79
additionalPeers: []
80
## Additional InitContainers to initialize the pod
81
##
82
extraInitContainers: []
83
## Additional containers to add to the stateful set. This will allow to setup sidecarContainers like a proxy to integrate
84
## alertmanager with an external tool like teams that has not direct integration.
85
##
86
extraContainers: []
87
containerPortName: &containerPortName http
88
livenessProbe:
89
httpGet:
90
path: /
91
port: *containerPortName
92
readinessProbe:
93
httpGet:
94
path: /
95
port: *containerPortName
96
service:
97
annotations: {}
98
labels: {}
99
type: ClusterIP
100
port: 9093
101
clusterPort: 9094
102
loadBalancerIP: "" # Assign ext IP when Service type is LoadBalancer
103
loadBalancerSourceRanges: [] # Only allow access to loadBalancerIP from these IPs
104
# if you want to force a specific nodePort. Must be use with service.type=NodePort
105
# nodePort:
106
107
# Optionally specify extra list of additional ports exposed on both services
108
extraPorts: []
109
# ip dual stack
110
ipDualStack:
111
enabled: false
112
ipFamilies: ["IPv6", "IPv4"]
113
ipFamilyPolicy: "PreferDualStack"
114
# Configuration for creating a separate Service for each statefulset Alertmanager replica
115
#
116
servicePerReplica:
117
enabled: false
118
annotations: {}
119
# Loadbalancer source IP ranges
120
# Only used if servicePerReplica.type is "LoadBalancer"
121
loadBalancerSourceRanges: []
122
# Denotes if this Service desires to route external traffic to node-local or cluster-wide endpoints
123
#
124
externalTrafficPolicy: Cluster
125
# Service type
126
#
127
type: ClusterIP
128
ingress:
129
enabled: false
130
className: ""
131
labels: {}
132
annotations: {}
133
# kubernetes.io/ingress.class: nginx
134
# kubernetes.io/tls-acme: "true"
135
hosts:
136
- host: alertmanager.domain.com
137
paths:
138
- path: /
139
pathType: ImplementationSpecific
140
tls: []
141
# - secretName: chart-example-tls
142
# hosts:
143
# - alertmanager.domain.com
144
# Configuration for creating an Ingress that will map to each Alertmanager replica service
145
# alertmanager.servicePerReplica must be enabled
146
#
147
ingressPerReplica:
148
enabled: false
149
# className for the ingresses
150
#
151
className: ""
152
annotations: {}
153
labels: {}
154
# Final form of the hostname for each per replica ingress is
155
# {{ ingressPerReplica.hostPrefix }}-{{ $replicaNumber }}.{{ ingressPerReplica.hostDomain }}
156
#
157
# Prefix for the per replica ingress that will have `-$replicaNumber`
158
# appended to the end
159
hostPrefix: "alertmanager"
160
# Domain that will be used for the per replica ingress
161
hostDomain: "domain.com"
162
# Paths to use for ingress rules
163
#
164
paths:
165
- /
166
# PathType for ingress rules
167
#
168
pathType: ImplementationSpecific
169
# Secret name containing the TLS certificate for alertmanager per replica ingress
170
# Secret must be manually created in the namespace
171
tlsSecretName: ""
172
# Separated secret for each per replica Ingress. Can be used together with cert-manager
173
#
174
tlsSecretPerReplica:
175
enabled: false
176
# Final form of the secret for each per replica ingress is
177
# {{ tlsSecretPerReplica.prefix }}-{{ $replicaNumber }}
178
#
179
prefix: "alertmanager"
180
resources: {}
181
# We usually recommend not to specify default resources and to leave this as a conscious
182
# choice for the user. This also increases chances charts run on environments with little
183
# resources, such as Minikube. If you do want to specify resources, uncomment the following
184
# lines, adjust them as necessary, and remove the curly braces after 'resources:'.
185
# limits:
186
# cpu: 100m
187
# memory: 128Mi
188
# requests:
189
# cpu: 10m
190
# memory: 32Mi
191
192
nodeSelector: {}
193
tolerations: []
194
affinity: {}
195
## Pod anti-affinity can prevent the scheduler from placing Alertmanager replicas on the same node.
196
## The default value "soft" means that the scheduler should *prefer* to not schedule two replica pods onto the same node but no guarantee is provided.
197
## The value "hard" means that the scheduler is *required* to not schedule two replica pods onto the same node.
198
## The value "" will disable pod anti-affinity so that no anti-affinity rules will be configured.
199
##
200
podAntiAffinity: ""
201
## If anti-affinity is enabled sets the topologyKey to use for anti-affinity.
202
## This can be changed to, for example, failure-domain.beta.kubernetes.io/zone
203
##
204
podAntiAffinityTopologyKey: kubernetes.io/hostname
205
## Topology spread constraints rely on node labels to identify the topology domain(s) that each Node is in.
206
## Ref: https://kubernetes.io/docs/concepts/workloads/pods/pod-topology-spread-constraints/
207
topologySpreadConstraints: []
208
# - maxSkew: 1
209
# topologyKey: failure-domain.beta.kubernetes.io/zone
210
# whenUnsatisfiable: DoNotSchedule
211
# labelSelector:
212
# matchLabels:
213
# app.kubernetes.io/instance: alertmanager
214
215
statefulSet:
216
annotations: {}
217
## Minimum number of seconds for which a newly created pod should be ready without any of its container crashing for it to
218
## be considered available. Defaults to 0 (pod will be considered available as soon as it is ready).
219
## This is an alpha field from kubernetes 1.22 until 1.24 which requires enabling the StatefulSetMinReadySeconds
220
## feature gate.
221
## Ref: https://kubernetes.io/docs/concepts/workloads/controllers/statefulset/#minimum-ready-seconds
222
minReadySeconds: 0
223
podAnnotations: {}
224
podLabels: {}
225
# Ref: https://kubernetes.io/docs/tasks/run-application/configure-pdb/
226
podDisruptionBudget: {}
227
# maxUnavailable: 1
228
# minAvailable: 1
229
230
command: []
231
persistence:
232
## If true, storage will create or use Persistence Volume
233
## If false, storage will use emptyDir
234
##
235
enabled: true
236
## Custom annotations for the PVC created by the alertmanager StatefulSet.
237
## Useful for configuring storage provider options such as disk type, KMS encryption keys, or custom volume name prefixes.
238
annotations: {}
239
## Custom labels for the PVC created by the alertmanager StatefulSet.
240
## Useful for selecting, grouping, and organizing so that they can be queried or targeted in deployments, policies, etc.
241
labels: {}
242
## Persistent Volume Storage Class
243
## If defined, storageClassName: <storageClass>
244
## If set to "-", storageClassName: "", which disables dynamic provisioning
245
## If undefined (the default) or set to null, no storageClassName spec is
246
## set, choosing the default provisioner.
247
##
248
# storageClass: "-"
249
accessModes:
250
- ReadWriteOnce
251
size: 50Mi
252
## Configure emptyDir volume
253
##
254
emptyDir: {}
255
configAnnotations: {}
256
## For example if you want to provide private data from a secret vault
257
## https://github.com/banzaicloud/bank-vaults/tree/main/charts/vault-secrets-webhook
258
## P.s.: Add option `configMapMutation: true` for vault-secrets-webhook
259
# vault.security.banzaicloud.io/vault-role: "admin"
260
# vault.security.banzaicloud.io/vault-addr: "https://vault.vault.svc.cluster.local:8200"
261
# vault.security.banzaicloud.io/vault-skip-verify: "true"
262
# vault.security.banzaicloud.io/vault-path: "kubernetes"
263
## Example for inject secret
264
# slack_api_url: '${vault:secret/data/slack-hook-alerts#URL}'
265
266
config:
267
enabled: true
268
global: {}
269
# slack_api_url: ''
270
271
templates:
272
- '/etc/alertmanager/*.tmpl'
273
receivers:
274
- name: default-receiver
275
# slack_configs:
276
# - channel: '@you'
277
# send_resolved: true
278
route:
279
group_wait: 10s
280
group_interval: 5m
281
receiver: default-receiver
282
repeat_interval: 3h
283
## Monitors ConfigMap changes and POSTs to a URL
284
## Ref: https://github.com/prometheus-operator/prometheus-operator/tree/main/cmd/prometheus-config-reloader
285
##
286
configmapReload:
287
## If false, the configmap-reload container will not be deployed
288
##
289
enabled: false
290
## configmap-reload container name
291
##
292
name: configmap-reload
293
## configmap-reload container image
294
##
295
image:
296
repository: cgr.dev/chainguard-private/prometheus-config-reloader
297
tag: latest
298
pullPolicy: IfNotPresent
299
# containerPort: 9533
300
301
## configmap-reload resource requests and limits
302
## Ref: http://kubernetes.io/docs/user-guide/compute-resources/
303
##
304
resources: {}
305
livenessProbe: {}
306
# httpGet:
307
# path: /healthz
308
# port: 8080
309
# scheme: HTTP
310
readinessProbe: {}
311
# httpGet:
312
# path: /healthz
313
# port: 8080
314
# scheme: HTTP
315
316
extraArgs: {}
317
## Optionally specify extra list of additional volumeMounts
318
extraVolumeMounts: []
319
# - name: extras
320
# mountPath: /usr/share/extras
321
# readOnly: true
322
323
## Optionally specify extra environment variables to add to alertmanager container
324
extraEnv: []
325
# - name: FOO
326
# value: BAR
327
328
securityContext: {}
329
# capabilities:
330
# drop:
331
# - ALL
332
# readOnlyRootFilesystem: true
333
# runAsUser: 65534
334
# runAsNonRoot: true
335
# runAsGroup: 65534
336
templates: {}
337
# alertmanager.tmpl: |-
338
339
## Optionally specify extra list of additional volumeMounts
340
extraVolumeMounts: []
341
# - name: extras
342
# mountPath: /usr/share/extras
343
# readOnly: true
344
345
## Optionally specify extra list of additional volumes
346
extraVolumes: []
347
# - name: extras
348
# emptyDir: {}
349
350
## Optionally specify extra environment variables to add to alertmanager container
351
extraEnv: []
352
# - name: FOO
353
# value: BAR
354
355
testFramework:
356
enabled: false
357
annotations:
358
"helm.sh/hook": test-success
359
# "helm.sh/hook-delete-policy": "before-hook-creation,hook-succeeded"
360
# --- Vertical Pod Autoscaler
361
verticalPodAutoscaler:
362
# -- Use VPA for alertmanager
363
enabled: false
364
# recommenders:
365
# - name: 'alternative'
366
# updatePolicy:
367
# updateMode: "Auto"
368
# minReplicas: 1
369
# resourcePolicy:
370
# containerPolicies:
371
# - containerName: '*'
372
# minAllowed:
373
# cpu: 100m
374
# memory: 128Mi
375
# maxAllowed:
376
# cpu: 1
377
# memory: 500Mi
378
# controlledResources: ["cpu", "memory"]
379
# --- Extra Pod Configs
380
extraPodConfigs: {}
381
# dnsPolicy: ClusterFirstWithHostNet
382
# hostNetwork: true
383

The trusted source for open source

Talk to an expert
PrivacyTerms

Product

Chainguard ContainersChainguard LibrariesChainguard VMsIntegrationsPricing

Solutions

FedRAMPPCI DSSCMMC 2.0Golden ImagesCVE RemediationPublic Sector

Customers

Customer StoriesChainguard Reviews

Resources

Events & WebinarsSupply Chain Security 101Chainguard CoursesDocumentationTrust CenterChainguard Slack Community

Company

About UsBlogPartnersNewsroomCareersLegal
© 2026 Chainguard, Inc. All Rights Reserved.
Chainguard® and the Chainguard logo are registered trademarks of Chainguard, Inc. in the United States and/or other countries.
The other respective trademarks mentioned on this page are owned by the respective companies and use of them does not imply any affiliation or endorsement.