image: repository: bitnami/kube-state-metrics pullPolicy: IfNotPresent tag: 2.10.1@sha256:9e8a6bbd41c9a5624051d3da5647c3b19e1fec939b9b727e6e24de2035b4b265 service: main: ports: main: protocol: http port: 8080 selfmonitor: enabled: true ports: selfmonitor: enabled: true protocol: http port: 8081 workload: main: podSpec: containers: main: args: - --resources=certificatesigningrequests - --resources=configmaps - --resources=cronjobs - --resources=daemonsets - --resources=deployments - --resources=endpoints - --resources=horizontalpodautoscalers - --resources=ingresses - --resources=jobs - --resources=limitranges - --resources=mutatingwebhookconfigurations - --resources=namespaces - --resources=networkpolicies - --resources=nodes - --resources=persistentvolumeclaims - --resources=persistentvolumes - --resources=poddisruptionbudgets - --resources=pods - --resources=replicasets - --resources=replicationcontrollers - --resources=resourcequotas - --resources=secrets - --resources=services - --resources=statefulsets - --resources=storageclasses # - --resources=verticalpodautoscalers - --resources=validatingwebhookconfigurations - --resources=volumeattachments probes: liveness: path: /healthz port: main readiness: path: /healthz port: main startup: type: tcp port: main podOptions: automountServiceAccountToken: true serviceAccount: main: enabled: true primary: true rbac: main: enabled: true primary: true clusterWide: true rules: - apiGroups: - certificates.k8s.io resources: - certificatesigningrequests verbs: - list - watch - apiGroups: - "" resources: - configmaps verbs: - list - watch - apiGroups: - batch resources: - cronjobs verbs: - list - watch - apiGroups: - extensions - apps resources: - daemonsets verbs: - list - watch - apiGroups: - extensions - apps resources: - deployments verbs: - list - watch - apiGroups: - "" resources: - endpoints verbs: - list - watch - apiGroups: - autoscaling resources: - horizontalpodautoscalers verbs: - list - watch - apiGroups: - extensions - networking.k8s.io resources: - ingresses verbs: - list - watch - apiGroups: - batch resources: - jobs verbs: - list - watch - apiGroups: - "" resources: - limitranges verbs: - list - watch - apiGroups: - admissionregistration.k8s.io resources: - mutatingwebhookconfigurations verbs: - list - watch - apiGroups: - "" resources: - namespaces verbs: - list - watch - apiGroups: - networking.k8s.io resources: - networkpolicies verbs: - list - watch - apiGroups: - "" resources: - nodes verbs: - list - watch - apiGroups: - "" resources: - persistentvolumeclaims verbs: - list - watch - apiGroups: - "" resources: - persistentvolumes verbs: - list - watch - apiGroups: - policy resources: - poddisruptionbudgets verbs: - list - watch - apiGroups: - "" resources: - pods verbs: - list - watch - apiGroups: - extensions - apps resources: - replicasets verbs: - list - watch - apiGroups: - "" resources: - replicationcontrollers verbs: - list - watch - apiGroups: - "" resources: - resourcequotas verbs: - list - watch - apiGroups: - "" resources: - secrets verbs: - list - watch - apiGroups: - "" resources: - services verbs: - list - watch - apiGroups: - apps resources: - statefulsets verbs: - list - watch - apiGroups: - storage.k8s.io resources: - storageclasses verbs: - list - watch - apiGroups: - autoscaling.k8s.io resources: - verticalpodautoscalers verbs: - list - watch - apiGroups: - admissionregistration.k8s.io resources: - validatingwebhookconfigurations verbs: - list - watch - apiGroups: - storage.k8s.io resources: - volumeattachments verbs: - list - watch - apiGroups: ["discovery.k8s.io"] resources: - endpointslices verbs: ["list", "watch"] metrics: main: # -- Enable and configure a Prometheus serviceMonitor for the chart under this key. # @default -- See values.yaml enabled: true type: "servicemonitor" endpoints: - port: main - port: selfmonitor # -- Enable and configure Prometheus Rules for the chart under this key. # @default -- See values.yaml prometheusRule: enabled: false labels: {} # -- Configure additionial rules for the chart under this key. # @default -- See prometheusrules.yaml rules: [] # - alert: UnifiPollerAbsent # annotations: # description: Unifi Poller has disappeared from Prometheus service discovery. # summary: Unifi Poller is down. # expr: | # absent(up{job=~".*unifi-poller.*"} == 1) # for: 5m # labels: # severity: critical portal: open: enabled: false