diff --git a/api/operator/v1beta1/vmextra_types.go b/api/operator/v1beta1/vmextra_types.go index efb2d4cc4..891f60da5 100644 --- a/api/operator/v1beta1/vmextra_types.go +++ b/api/operator/v1beta1/vmextra_types.go @@ -1207,6 +1207,9 @@ type CommonConfigReloaderParams struct { // available since v0.57.0 version // +optional ConfigReloadAuthKeySecret *corev1.SecretKeySelector `json:"configReloadAuthKeySecret,omitempty"` + // ConfigReloaderEmptyDir sets emptyDir for reloader ephemeral volume, that is shared with main container + // +optional + ConfigReloaderEmptyDir *corev1.EmptyDirVolumeSource `json:"configReloaderEmptyDir,omitempty"` } // CommonApplicationDeploymentParams defines common params diff --git a/api/operator/v1beta1/zz_generated.deepcopy.go b/api/operator/v1beta1/zz_generated.deepcopy.go index da990529b..363e7bc50 100644 --- a/api/operator/v1beta1/zz_generated.deepcopy.go +++ b/api/operator/v1beta1/zz_generated.deepcopy.go @@ -536,6 +536,11 @@ func (in *CommonConfigReloaderParams) DeepCopyInto(out *CommonConfigReloaderPara *out = new(v1.SecretKeySelector) (*in).DeepCopyInto(*out) } + if in.ConfigReloaderEmptyDir != nil { + in, out := &in.ConfigReloaderEmptyDir, &out.ConfigReloaderEmptyDir + *out = new(v1.EmptyDirVolumeSource) + (*in).DeepCopyInto(*out) + } } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CommonConfigReloaderParams. diff --git a/config/crd/overlay/crd.yaml b/config/crd/overlay/crd.yaml index 0fc012eb8..9f7a6cef4 100644 --- a/config/crd/overlay/crd.yaml +++ b/config/crd/overlay/crd.yaml @@ -7928,6 +7928,31 @@ spec: - key type: object x-kubernetes-map-type: atomic + configReloaderEmptyDir: + description: ConfigReloaderEmptyDir sets emptyDir for reloader ephemeral + volume, that is shared with main container + properties: + medium: + description: |- + medium represents what type of storage medium should back this directory. + The default is "" which means to use the node's default medium. + Must be an empty string (default) or Memory. + More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir + type: string + sizeLimit: + anyOf: + - type: integer + - type: string + description: |- + sizeLimit is the total amount of local storage required for this EmptyDir volume. + The size limit is also applicable for memory medium. + The maximum usage on memory medium EmptyDir would be the minimum value between + the SizeLimit specified here and the sum of memory limits of all containers in a pod. + The default is nil which means that the limit is undefined. + More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object configReloaderExtraArgs: additionalProperties: type: string @@ -17686,6 +17711,31 @@ spec: - key type: object x-kubernetes-map-type: atomic + configReloaderEmptyDir: + description: ConfigReloaderEmptyDir sets emptyDir for reloader ephemeral + volume, that is shared with main container + properties: + medium: + description: |- + medium represents what type of storage medium should back this directory. + The default is "" which means to use the node's default medium. + Must be an empty string (default) or Memory. + More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir + type: string + sizeLimit: + anyOf: + - type: integer + - type: string + description: |- + sizeLimit is the total amount of local storage required for this EmptyDir volume. + The size limit is also applicable for memory medium. + The maximum usage on memory medium EmptyDir would be the minimum value between + the SizeLimit specified here and the sum of memory limits of all containers in a pod. + The default is nil which means that the limit is undefined. + More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object configReloaderExtraArgs: additionalProperties: type: string @@ -19756,6 +19806,31 @@ spec: - key type: object x-kubernetes-map-type: atomic + configReloaderEmptyDir: + description: ConfigReloaderEmptyDir sets emptyDir for reloader ephemeral + volume, that is shared with main container + properties: + medium: + description: |- + medium represents what type of storage medium should back this directory. + The default is "" which means to use the node's default medium. + Must be an empty string (default) or Memory. + More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir + type: string + sizeLimit: + anyOf: + - type: integer + - type: string + description: |- + sizeLimit is the total amount of local storage required for this EmptyDir volume. + The size limit is also applicable for memory medium. + The maximum usage on memory medium EmptyDir would be the minimum value between + the SizeLimit specified here and the sum of memory limits of all containers in a pod. + The default is nil which means that the limit is undefined. + More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object configReloaderExtraArgs: additionalProperties: type: string @@ -24509,6 +24584,31 @@ spec: - key type: object x-kubernetes-map-type: atomic + configReloaderEmptyDir: + description: ConfigReloaderEmptyDir sets emptyDir for reloader ephemeral + volume, that is shared with main container + properties: + medium: + description: |- + medium represents what type of storage medium should back this directory. + The default is "" which means to use the node's default medium. + Must be an empty string (default) or Memory. + More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir + type: string + sizeLimit: + anyOf: + - type: integer + - type: string + description: |- + sizeLimit is the total amount of local storage required for this EmptyDir volume. + The size limit is also applicable for memory medium. + The maximum usage on memory medium EmptyDir would be the minimum value between + the SizeLimit specified here and the sum of memory limits of all containers in a pod. + The default is nil which means that the limit is undefined. + More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object configReloaderExtraArgs: additionalProperties: type: string diff --git a/docs/CHANGELOG.md b/docs/CHANGELOG.md index 013172f72..a4e1aa003 100644 --- a/docs/CHANGELOG.md +++ b/docs/CHANGELOG.md @@ -27,6 +27,7 @@ aliases: * FEATURE: [vlagent](https://docs.victoriametrics.com/operator/resources/vlagent): support logs collection. See [#1501](https://github.com/VictoriaMetrics/operator/issues/1501). * FEATURE: [vmoperator](https://docs.victoriametrics.com/operator/): use `operator_bad_objects_total` metric with `object_namespace` and `crd` labels to track invalid objects managed by VMAgent, VMAuth, VMAlert and VMAlertmanager. Old `operator_alertmanager_bad_objects_count` and `operator_vmalert_bad_objects_count` are deprecated and will be removed in next releases. * FEATURE: [vmoperator](https://docs.victoriametrics.com/operator/): added HPA support for all cluster CR storage. See [#1678](https://github.com/VictoriaMetrics/operator/issues/1678). +* FEATURE: [vmoperator](https://docs.victoriametrics.com/operator/): added VM_CONFIG_RELOADER_EMPTY_DIR global variable and `spec.configReloaderEmptyDir` parameter that allows to set emptyDir volume section for configurations volume. See [#1711](https://github.com/VictoriaMetrics/operator/issues/1711). * BUGFIX: [vmoperator](https://docs.victoriametrics.com/operator/): fixed HPA cleanup logic for all cluster resources, before it was constantly recreated. Bug introduced in [this commit](https://github.com/VictoriaMetrics/operator/commit/983d1678c37497a7d03d2f57821219fd4975deec). * BUGFIX: [VMCluster](https://docs.victoriametrics.com/operator/resources/vmcluster/), [VLCluster](https://docs.victoriametrics.com/operator/resources/vlcluster/) and [VTCluster](https://docs.victoriametrics.com/operator/resources/vtcluster/): prevent cluster load balancer secret from infinite reconcile. diff --git a/docs/api.md b/docs/api.md index c8ab466da..e9a72ed6e 100644 --- a/docs/api.md +++ b/docs/api.md @@ -671,7 +671,6 @@ Appears in: [VMAnomalyMonitoringSpec](#vmanomalymonitoringspec) VMAnomalyMonitoringPushSpec defines metrics push configuration - VMAnomaly uses prometheus text exposition format Appears in: [VMAnomalyMonitoringSpec](#vmanomalymonitoringspec) @@ -1474,6 +1473,7 @@ Appears in: [VMAgentSpec](#vmagentspec), [VMAlertSpec](#vmalertspec), [VMAlertma | Field | Description | | --- | --- | | configReloadAuthKeySecret#
_[SecretKeySelector](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.30/#secretkeyselector-v1-core)_ | _(Optional)_
ConfigReloadAuthKeySecret defines optional secret reference authKey for /-/reload API requests.
Given secret reference will be added to the application and vm-config-reloader as volume
available since v0.57.0 version | +| configReloaderEmptyDir#
_[EmptyDirVolumeSource](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.30/#emptydirvolumesource-v1-core)_ | _(Optional)_
ConfigReloaderEmptyDir sets emptyDir for reloader ephemeral volume, that is shared with main container | | configReloaderExtraArgs#
_object (keys:string, values:string)_ | _(Optional)_
ConfigReloaderExtraArgs that will be passed to VMAuths config-reloader container
for example resyncInterval: "30s" | | configReloaderImage#
_string_ | _(Optional)_
ConfigReloaderImage defines image:tag for config-reloader container | | configReloaderImageTag#
_string_ | _(Optional)_
ConfigReloaderImageTag defines image:tag for config-reloader container
Deprecated: use configReloaderImage instead | @@ -1609,6 +1609,7 @@ Appears in: [VMAlertmanagerSpec](#vmalertmanagerspec) | Field | Description | | --- | --- | | key#
_string_ | _(Required)_
The ConfigMap key to refer to. | +| name#
_string_ | _(Optional)_
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names | #### ConsulSDConfig @@ -1817,7 +1818,6 @@ Appears in: [VLInsert](#vlinsert), [VLSelect](#vlselect), [VLStorage](#vlstorage EmbeddedHTTPRoute describes httproute configuration options. - Requires gateway-controller CRD installed and VM_GATEWAY_API_ENABLED=true env var See https://gateway-api.sigs.k8s.io/guides/#installing-a-gateway-controller @@ -1899,7 +1899,7 @@ Appears in: [VLAgentSpec](#vlagentspec), [VLInsert](#vlinsert), [VLSelect](#vlse | maxUnavailable#
_[IntOrString](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.30/#intorstring-intstr-util)_ | _(Optional)_
An eviction is allowed if at most "maxUnavailable" pods selected by
"selector" are unavailable after the eviction, i.e. even in absence of
the evicted pod. For example, one can prevent all voluntary evictions
by specifying 0. This is a mutually exclusive setting with "minAvailable". | | minAvailable#
_[IntOrString](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.30/#intorstring-intstr-util)_ | _(Optional)_
An eviction is allowed if at least "minAvailable" pods selected by
"selector" will still be available after the eviction, i.e. even in the
absence of the evicted pod. So for example you can prevent all voluntary
evictions by specifying "100%". | | selectorLabels#
_object (keys:string, values:string)_ | _(Optional)_
replaces default labels selector generated by operator
it's useful when you need to create custom budget | -| unhealthyPodEvictionPolicy#
_string_ | _(Optional)_
UnhealthyPodEvictionPolicy defines the criteria for when unhealthy pods

Valid policies are IfHealthyBudget and AlwaysAllow.
If no policy is specified, the default behavior will be used,
which corresponds to the IfHealthyBudget policy.
Available from operator v0.64.0 | +| unhealthyPodEvictionPolicy#
_string_ | _(Optional)_
UnhealthyPodEvictionPolicy defines the criteria for when unhealthy pods
Valid policies are IfHealthyBudget and AlwaysAllow.
If no policy is specified, the default behavior will be used,
which corresponds to the IfHealthyBudget policy.
Available from operator v0.64.0 | #### EmbeddedProbes @@ -2051,7 +2051,6 @@ The private IP address is used by default, but may be changed to the public IP address with relabeling. See [here](https://docs.victoriametrics.com/victoriametrics/sd_configs/#gce_sd_configs) - The GCE service discovery will load the Google Cloud credentials from the file specified by the GOOGLE_APPLICATION_CREDENTIALS environment variable. See https://cloud.google.com/kubernetes-engine/docs/tutorials/authenticating-to-cloud-platform @@ -2838,7 +2837,7 @@ Appears in: [CommonScrapeParams](#commonscrapeparams), [VMAgentSpec](#vmagentspe | basicAuth#
_[BasicAuth](#basicauth)_ | _(Optional)_
BasicAuth allow an endpoint to authenticate over basic authentication | | bearerTokenFile#
_string_ | _(Optional)_
File to read bearer token for scraping targets. | | bearerTokenSecret#
_[SecretKeySelector](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.30/#secretkeyselector-v1-core)_ | _(Optional)_
Secret to mount to read bearer token for scraping targets. The secret
needs to be in the same namespace as the scrape object and accessible by
the victoria-metrics operator. | -| default#
_boolean_ | _(Optional)_
default defines that the scrape applies to all scrape objects that
don't configure an explicit scrape class name.

Only one scrape class can be set as the default. | +| default#
_boolean_ | _(Optional)_
default defines that the scrape applies to all scrape objects that
don't configure an explicit scrape class name.
Only one scrape class can be set as the default. | | metricRelabelConfigs#
_[RelabelConfig](#relabelconfig) array_ | _(Optional)_
MetricRelabelConfigs to apply to samples after scrapping. | | name#
_string_ | _(Required)_
name of the scrape class. | | oauth2#
_[OAuth2](#oauth2)_ | _(Optional)_
OAuth2 defines auth configuration | @@ -3114,9 +3113,9 @@ Appears in: [StreamAggrConfig](#streamaggrconfig) | Field | Description | | --- | --- | -| by#
_string array_ | _(Optional)_
By is an optional list of labels for grouping input series.

See also Without.

If neither By nor Without are set, then the Outputs are calculated
individually per each input time series. | +| by#
_string array_ | _(Optional)_
By is an optional list of labels for grouping input series.
See also Without.
If neither By nor Without are set, then the Outputs are calculated
individually per each input time series. | | dedup_interval#
_string_ | _(Optional)_
DedupInterval is an optional interval for deduplication. | -| drop_input_labels#
_string_ | _(Optional)_
DropInputLabels is an optional list with labels, which must be dropped before further processing of input samples.

Labels are dropped before de-duplication and aggregation. | +| drop_input_labels#
_string_ | _(Optional)_
DropInputLabels is an optional list with labels, which must be dropped before further processing of input samples.
Labels are dropped before de-duplication and aggregation. | | enable_windows#
_boolean_ | _(Optional)_
EnableWindows enables aggregating data in separate windows | | flush_on_shutdown#
_boolean_ | _(Optional)_
FlushOnShutdown defines whether to flush the aggregation state on process termination
or config reload. Is `false` by default.
It is not recommended changing this setting, unless unfinished aggregations states
are preferred to missing data points. | | ignoreFirstSampleInterval#
_string_ | _(Required)_
IgnoreFirstSampleInterval sets interval for total and prometheus_total during which first samples will be ignored | @@ -3125,12 +3124,12 @@ Appears in: [StreamAggrConfig](#streamaggrconfig) | input_relabel_configs#
_[RelabelConfig](#relabelconfig) array_ | _(Optional)_
InputRelabelConfigs is an optional relabeling rules, which are applied on the input
before aggregation. | | interval#
_string_ | _(Required)_
Interval is the interval between aggregations. | | keep_metric_names#
_boolean_ | _(Optional)_
KeepMetricNames instructs to leave metric names as is for the output time series without adding any suffix. | -| match#
_[StringOrArray](#stringorarray)_ | _(Optional)_
Match is a label selector (or list of label selectors) for filtering time series for the given selector.

If the match isn't set, then all the input time series are processed. | +| match#
_[StringOrArray](#stringorarray)_ | _(Optional)_
Match is a label selector (or list of label selectors) for filtering time series for the given selector.
If the match isn't set, then all the input time series are processed. | | no_align_flush_to_interval#
_boolean_ | _(Optional)_
NoAlignFlushToInterval disables aligning of flushes to multiples of Interval.
By default flushes are aligned to Interval. | | output_relabel_configs#
_[RelabelConfig](#relabelconfig) array_ | _(Optional)_
OutputRelabelConfigs is an optional relabeling rules, which are applied
on the aggregated output before being sent to remote storage. | -| outputs#
_string array_ | _(Required)_
Outputs is a list of output aggregate functions to produce.

The following names are allowed:

- total - aggregates input counters
- increase - counts the increase over input counters
- count_series - counts the input series
- count_samples - counts the input samples
- sum_samples - sums the input samples
- last - the last biggest sample value
- min - the minimum sample value
- max - the maximum sample value
- avg - the average value across all the samples
- stddev - standard deviation across all the samples
- stdvar - standard variance across all the samples
- histogram_bucket - creates VictoriaMetrics histogram for input samples
- quantiles(phi1, ..., phiN) - quantiles' estimation for phi in the range [0..1]

The output time series will have the following names:

input_name:aggr__ | +| outputs#
_string array_ | _(Required)_
Outputs is a list of output aggregate functions to produce.
The following names are allowed:
- total - aggregates input counters
- increase - counts the increase over input counters
- count_series - counts the input series
- count_samples - counts the input samples
- sum_samples - sums the input samples
- last - the last biggest sample value
- min - the minimum sample value
- max - the maximum sample value
- avg - the average value across all the samples
- stddev - standard deviation across all the samples
- stdvar - standard variance across all the samples
- histogram_bucket - creates VictoriaMetrics histogram for input samples
- quantiles(phi1, ..., phiN) - quantiles' estimation for phi in the range [0..1]
The output time series will have the following names:
input_name:aggr__ | | staleness_interval#
_string_ | _(Optional)_
Staleness interval is interval after which the series state will be reset if no samples have been sent during it.
The parameter is only relevant for outputs: total, total_prometheus, increase, increase_prometheus and histogram_bucket. | -| without#
_string array_ | _(Optional)_
Without is an optional list of labels, which must be excluded when grouping input series.

See also By.

If neither By nor Without are set, then the Outputs are calculated
individually per each input time series. | +| without#
_string array_ | _(Optional)_
Without is an optional list of labels, which must be excluded when grouping input series.
See also By.
If neither By nor Without are set, then the Outputs are calculated
individually per each input time series. | #### StringOrArray @@ -3562,6 +3561,7 @@ Appears in: [VMAgent](#vmagent) | claimTemplates#
_[PersistentVolumeClaim](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.30/#persistentvolumeclaim-v1-core) array_ | _(Required)_
ClaimTemplates allows adding additional VolumeClaimTemplates for VMAgent in StatefulMode | | configMaps#
_string array_ | _(Optional)_
ConfigMaps is a list of ConfigMaps in the same namespace as the Application
object, which shall be mounted into the Application container
at /etc/vm/configs/CONFIGMAP_NAME folder | | configReloadAuthKeySecret#
_[SecretKeySelector](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.30/#secretkeyselector-v1-core)_ | _(Optional)_
ConfigReloadAuthKeySecret defines optional secret reference authKey for /-/reload API requests.
Given secret reference will be added to the application and vm-config-reloader as volume
available since v0.57.0 version | +| configReloaderEmptyDir#
_[EmptyDirVolumeSource](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.30/#emptydirvolumesource-v1-core)_ | _(Optional)_
ConfigReloaderEmptyDir sets emptyDir for reloader ephemeral volume, that is shared with main container | | configReloaderExtraArgs#
_object (keys:string, values:string)_ | _(Optional)_
ConfigReloaderExtraArgs that will be passed to VMAuths config-reloader container
for example resyncInterval: "30s" | | configReloaderImage#
_string_ | _(Optional)_
ConfigReloaderImage defines image:tag for config-reloader container | | configReloaderImageTag#
_string_ | _(Optional)_
ConfigReloaderImageTag defines image:tag for config-reloader container
Deprecated: use configReloaderImage instead | @@ -3767,6 +3767,7 @@ Appears in: [VMAlert](#vmalert) | affinity#
_[Affinity](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.30/#affinity-v1-core)_ | _(Optional)_
Affinity If specified, the pod's scheduling constraints. | | configMaps#
_string array_ | _(Optional)_
ConfigMaps is a list of ConfigMaps in the same namespace as the Application
object, which shall be mounted into the Application container
at /etc/vm/configs/CONFIGMAP_NAME folder | | configReloadAuthKeySecret#
_[SecretKeySelector](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.30/#secretkeyselector-v1-core)_ | _(Optional)_
ConfigReloadAuthKeySecret defines optional secret reference authKey for /-/reload API requests.
Given secret reference will be added to the application and vm-config-reloader as volume
available since v0.57.0 version | +| configReloaderEmptyDir#
_[EmptyDirVolumeSource](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.30/#emptydirvolumesource-v1-core)_ | _(Optional)_
ConfigReloaderEmptyDir sets emptyDir for reloader ephemeral volume, that is shared with main container | | configReloaderExtraArgs#
_object (keys:string, values:string)_ | _(Optional)_
ConfigReloaderExtraArgs that will be passed to VMAuths config-reloader container
for example resyncInterval: "30s" | | configReloaderImage#
_string_ | _(Optional)_
ConfigReloaderImage defines image:tag for config-reloader container | | configReloaderImageTag#
_string_ | _(Optional)_
ConfigReloaderImageTag defines image:tag for config-reloader container
Deprecated: use configReloaderImage instead | @@ -3905,6 +3906,7 @@ Appears in: [VMAlertmanager](#vmalertmanager) | configNamespaceSelector#
_[LabelSelector](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.30/#labelselector-v1-meta)_ | _(Optional)_
ConfigNamespaceSelector defines namespace selector for VMAlertmanagerConfig.
Works in combination with Selector.
NamespaceSelector nil - only objects at VMAlertmanager namespace.
Selector nil - only objects at NamespaceSelector namespaces.
If both nil - behaviour controlled by selectAllByDefault | | configRawYaml#
_string_ | _(Optional)_
ConfigRawYaml - raw configuration for alertmanager,
it helps it to start without secret.
priority -> hardcoded ConfigRaw -> ConfigRaw, provided by user -> ConfigSecret. | | configReloadAuthKeySecret#
_[SecretKeySelector](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.30/#secretkeyselector-v1-core)_ | _(Optional)_
ConfigReloadAuthKeySecret defines optional secret reference authKey for /-/reload API requests.
Given secret reference will be added to the application and vm-config-reloader as volume
available since v0.57.0 version | +| configReloaderEmptyDir#
_[EmptyDirVolumeSource](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.30/#emptydirvolumesource-v1-core)_ | _(Optional)_
ConfigReloaderEmptyDir sets emptyDir for reloader ephemeral volume, that is shared with main container | | configReloaderExtraArgs#
_object (keys:string, values:string)_ | _(Optional)_
ConfigReloaderExtraArgs that will be passed to VMAuths config-reloader container
for example resyncInterval: "30s" | | configReloaderImage#
_string_ | _(Optional)_
ConfigReloaderImage defines image:tag for config-reloader container | | configReloaderImageTag#
_string_ | _(Optional)_
ConfigReloaderImageTag defines image:tag for config-reloader container
Deprecated: use configReloaderImage instead | @@ -4077,6 +4079,7 @@ Appears in: [VMAuth](#vmauth) | affinity#
_[Affinity](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.30/#affinity-v1-core)_ | _(Optional)_
Affinity If specified, the pod's scheduling constraints. | | configMaps#
_string array_ | _(Optional)_
ConfigMaps is a list of ConfigMaps in the same namespace as the Application
object, which shall be mounted into the Application container
at /etc/vm/configs/CONFIGMAP_NAME folder | | configReloadAuthKeySecret#
_[SecretKeySelector](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.30/#secretkeyselector-v1-core)_ | _(Optional)_
ConfigReloadAuthKeySecret defines optional secret reference authKey for /-/reload API requests.
Given secret reference will be added to the application and vm-config-reloader as volume
available since v0.57.0 version | +| configReloaderEmptyDir#
_[EmptyDirVolumeSource](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.30/#emptydirvolumesource-v1-core)_ | _(Optional)_
ConfigReloaderEmptyDir sets emptyDir for reloader ephemeral volume, that is shared with main container | | configReloaderExtraArgs#
_object (keys:string, values:string)_ | _(Optional)_
ConfigReloaderExtraArgs that will be passed to VMAuths config-reloader container
for example resyncInterval: "30s" | | configReloaderImage#
_string_ | _(Optional)_
ConfigReloaderImage defines image:tag for config-reloader container | | configReloaderImageTag#
_string_ | _(Optional)_
ConfigReloaderImageTag defines image:tag for config-reloader container
Deprecated: use configReloaderImage instead | @@ -4090,7 +4093,7 @@ Appears in: [VMAuth](#vmauth) | dnsConfig#
_[PodDNSConfig](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.30/#poddnsconfig-v1-core)_ | _(Optional)_
Specifies the DNS parameters of a pod.
Parameters specified here will be merged to the generated DNS
configuration based on DNSPolicy. | | dnsPolicy#
_[DNSPolicy](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.30/#dnspolicy-v1-core)_ | _(Optional)_
DNSPolicy sets DNS policy for the pod | | drop_src_path_prefix_parts#
_integer_ | _(Optional)_
DropSrcPathPrefixParts is the number of `/`-delimited request path prefix parts to drop before proxying the request to backend.
See [here](https://docs.victoriametrics.com/victoriametrics/vmauth/#dropping-request-path-prefix) for more details. | -| dump_request_on_errors#
_boolean_ | _(Optional)_
DumpRequestOnErrors instructs vmauth to return detailed request params to the client
if routing rules don't allow to forward request to the backends.
Useful for debugging `src_hosts` and `src_headers` based routing rules

available since v1.107.0 vmauth version | +| dump_request_on_errors#
_boolean_ | _(Optional)_
DumpRequestOnErrors instructs vmauth to return detailed request params to the client
if routing rules don't allow to forward request to the backends.
Useful for debugging `src_hosts` and `src_headers` based routing rules
available since v1.107.0 vmauth version | | externalConfig#
_[ExternalConfig](#externalconfig)_ | _(Optional)_
ExternalConfig defines a source of external VMAuth configuration.
If it's defined, configuration for vmauth becomes unmanaged and operator'll not create any related secrets/config-reloaders | | extraArgs#
_object (keys:string, values:string)_ | _(Optional)_
ExtraArgs that will be passed to the application container
for example remoteWrite.tmpDataPath: /tmp | | extraEnvs#
_[EnvVar](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.30/#envvar-v1-core) array_ | _(Optional)_
ExtraEnvs that will be passed to the application container | @@ -4139,7 +4142,7 @@ Appears in: [VMAuth](#vmauth) | tlsConfig#
_[TLSConfig](#tlsconfig)_ | _(Optional)_
TLSConfig defines tls configuration for the backend connection | | tolerations#
_[Toleration](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.30/#toleration-v1-core) array_ | _(Optional)_
Tolerations If specified, the pod's tolerations. | | topologySpreadConstraints#
_[TopologySpreadConstraint](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.30/#topologyspreadconstraint-v1-core) array_ | _(Optional)_
TopologySpreadConstraints embedded kubernetes pod configuration option,
controls how pods are spread across your cluster among failure-domains
such as regions, zones, nodes, and other user-defined topology domains
https://kubernetes.io/docs/concepts/workloads/pods/pod-topology-spread-constraints/ | -| unauthorizedAccessConfig#
_[UnauthorizedAccessConfigURLMap](#unauthorizedaccessconfigurlmap) array_ | _(Required)_
UnauthorizedAccessConfig configures access for un authorized users

Deprecated: use unauthorizedUserAccessSpec instead
will be removed at v1.0 release | +| unauthorizedAccessConfig#
_[UnauthorizedAccessConfigURLMap](#unauthorizedaccessconfigurlmap) array_ | _(Required)_
UnauthorizedAccessConfig configures access for un authorized users
Deprecated: use unauthorizedUserAccessSpec instead
will be removed at v1.0 release | | unauthorizedUserAccessSpec#
_[VMAuthUnauthorizedUserAccessSpec](#vmauthunauthorizeduseraccessspec)_ | _(Optional)_
UnauthorizedUserAccessSpec defines unauthorized_user config section of vmauth config | | updateStrategy#
_[DeploymentStrategyType](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.30/#deploymentstrategytype-v1-apps)_ | _(Optional)_
UpdateStrategy - overrides default update strategy.
Available from operator v0.64.0 | | useDefaultResources#
_boolean_ | _(Optional)_
UseDefaultResources controls resource settings
By default, operator sets built-in resource requirements | @@ -4167,7 +4170,7 @@ Appears in: [VMAuthSpec](#vmauthspec) | default_url#
_string array_ | _(Required)_
DefaultURLs backend url for non-matching paths filter
usually used for default backend with error message | | discover_backend_ips#
_boolean_ | _(Required)_
DiscoverBackendIPs instructs discovering URLPrefix backend IPs via DNS. | | drop_src_path_prefix_parts#
_integer_ | _(Optional)_
DropSrcPathPrefixParts is the number of `/`-delimited request path prefix parts to drop before proxying the request to backend.
See [here](https://docs.victoriametrics.com/victoriametrics/vmauth/#dropping-request-path-prefix) for more details. | -| dump_request_on_errors#
_boolean_ | _(Optional)_
DumpRequestOnErrors instructs vmauth to return detailed request params to the client
if routing rules don't allow to forward request to the backends.
Useful for debugging `src_hosts` and `src_headers` based routing rules

available since v1.107.0 vmauth version | +| dump_request_on_errors#
_boolean_ | _(Optional)_
DumpRequestOnErrors instructs vmauth to return detailed request params to the client
if routing rules don't allow to forward request to the backends.
Useful for debugging `src_hosts` and `src_headers` based routing rules
available since v1.107.0 vmauth version | | headers#
_string array_ | _(Optional)_
Headers represent additional http headers, that vmauth uses
in form of ["header_key: header_value"]
multiple values for header key:
["header_key: value1,value2"]
it's available since 1.68.0 version of vmauth | | ip_filters#
_[VMUserIPFilters](#vmuseripfilters)_ | _(Optional)_
IPFilters defines per target src ip filters
supported only with enterprise version of [vmauth](https://docs.victoriametrics.com/victoriametrics/vmauth/#ip-filters) | | load_balancing_policy#
_string_ | _(Optional)_
LoadBalancingPolicy defines load balancing policy to use for backend urls.
Supported policies: least_loaded, first_available.
See [here](https://docs.victoriametrics.com/victoriametrics/vmauth/#load-balancing) for more details (default "least_loaded") | @@ -4968,7 +4971,7 @@ Appears in: [VMAuthSpec](#vmauthspec), [VMAuthUnauthorizedUserAccessSpec](#vmaut | default_url#
_string array_ | _(Required)_
DefaultURLs backend url for non-matching paths filter
usually used for default backend with error message | | discover_backend_ips#
_boolean_ | _(Required)_
DiscoverBackendIPs instructs discovering URLPrefix backend IPs via DNS. | | drop_src_path_prefix_parts#
_integer_ | _(Optional)_
DropSrcPathPrefixParts is the number of `/`-delimited request path prefix parts to drop before proxying the request to backend.
See [here](https://docs.victoriametrics.com/victoriametrics/vmauth/#dropping-request-path-prefix) for more details. | -| dump_request_on_errors#
_boolean_ | _(Optional)_
DumpRequestOnErrors instructs vmauth to return detailed request params to the client
if routing rules don't allow to forward request to the backends.
Useful for debugging `src_hosts` and `src_headers` based routing rules

available since v1.107.0 vmauth version | +| dump_request_on_errors#
_boolean_ | _(Optional)_
DumpRequestOnErrors instructs vmauth to return detailed request params to the client
if routing rules don't allow to forward request to the backends.
Useful for debugging `src_hosts` and `src_headers` based routing rules
available since v1.107.0 vmauth version | | headers#
_string array_ | _(Optional)_
Headers represent additional http headers, that vmauth uses
in form of ["header_key: header_value"]
multiple values for header key:
["header_key: value1,value2"]
it's available since 1.68.0 version of vmauth | | ip_filters#
_[VMUserIPFilters](#vmuseripfilters)_ | _(Optional)_
IPFilters defines per target src ip filters
supported only with enterprise version of [vmauth](https://docs.victoriametrics.com/victoriametrics/vmauth/#ip-filters) | | load_balancing_policy#
_string_ | _(Optional)_
LoadBalancingPolicy defines load balancing policy to use for backend urls.
Supported policies: least_loaded, first_available.
See [here](https://docs.victoriametrics.com/victoriametrics/vmauth/#load-balancing) for more details (default "least_loaded") | @@ -5008,7 +5011,7 @@ Appears in: [VMUser](#vmuser) | disable_secret_creation#
_boolean_ | _(Required)_
DisableSecretCreation skips related secret creation for vmuser | | discover_backend_ips#
_boolean_ | _(Required)_
DiscoverBackendIPs instructs discovering URLPrefix backend IPs via DNS. | | drop_src_path_prefix_parts#
_integer_ | _(Optional)_
DropSrcPathPrefixParts is the number of `/`-delimited request path prefix parts to drop before proxying the request to backend.
See [here](https://docs.victoriametrics.com/victoriametrics/vmauth/#dropping-request-path-prefix) for more details. | -| dump_request_on_errors#
_boolean_ | _(Optional)_
DumpRequestOnErrors instructs vmauth to return detailed request params to the client
if routing rules don't allow to forward request to the backends.
Useful for debugging `src_hosts` and `src_headers` based routing rules

available since v1.107.0 vmauth version | +| dump_request_on_errors#
_boolean_ | _(Optional)_
DumpRequestOnErrors instructs vmauth to return detailed request params to the client
if routing rules don't allow to forward request to the backends.
Useful for debugging `src_hosts` and `src_headers` based routing rules
available since v1.107.0 vmauth version | | generatePassword#
_boolean_ | _(Optional)_
GeneratePassword instructs operator to generate password for user
if spec.password if empty. | | headers#
_string array_ | _(Optional)_
Headers represent additional http headers, that vmauth uses
in form of ["header_key: header_value"]
multiple values for header key:
["header_key: value1,value2"]
it's available since 1.68.0 version of vmauth | | ip_filters#
_[VMUserIPFilters](#vmuseripfilters)_ | _(Optional)_
IPFilters defines per target src ip filters
supported only with enterprise version of [vmauth](https://docs.victoriametrics.com/victoriametrics/vmauth/#ip-filters) | diff --git a/docs/env.md b/docs/env.md index f4b012ab9..884811703 100644 --- a/docs/env.md +++ b/docs/env.md @@ -9,13 +9,14 @@ | WATCH_NAMESPACE: `-` #
Defines a list of namespaces to be watched by operator. Operator don't perform any cluster wide API calls if namespaces not empty. In case of empty list it performs only clusterwide api calls. | | VM_CONTAINERREGISTRY: `-` #
container registry name prefix, e.g. docker.io | | VM_CUSTOMCONFIGRELOADERIMAGE: `-` #
Deprecated: use VM_CONFIG_RELOADER_IMAGE instead | -| VM_CONFIG_RELOADER_IMAGE: `victoriametrics/operator:config-reloader-${VM_OPERATOR_VERSION}` # | | VM_PSPAUTOCREATEENABLED: `false` # | | VM_ENABLETCP6: `false` # | -| VM_CONFIG_RELOADER_LIMIT_CPU: `unlimited` #
defines global resource.limits.cpu for all config-reloader containers | +| VM_CONFIG_RELOADER_IMAGE: `victoriametrics/operator:config-reloader-${VM_OPERATOR_VERSION}` #
default image for all config-reloader containers | | VM_CONFIG_RELOADER_LIMIT_MEMORY: `unlimited` #
defines global resource.limits.memory for all config-reloader containers | -| VM_CONFIG_RELOADER_REQUEST_CPU: `10m` #
defines global resource.requests.cpu for all config-reloader containers | +| VM_CONFIG_RELOADER_LIMIT_CPU: `unlimited` #
defines global resource.limits.cpu for all config-reloader containers | | VM_CONFIG_RELOADER_REQUEST_MEMORY: `25Mi` #
defines global resource.requests.memory for all config-reloader containers | +| VM_CONFIG_RELOADER_REQUEST_CPU: `10m` #
defines global resource.requests.cpu for all config-reloader containers | +| VM_CONFIG_RELOADER_EMPTY_DIR: `{}` #
defines emptyDir configuration for config reloader volume | | VM_VLOGSDEFAULT_IMAGE: `victoriametrics/victoria-logs` # | | VM_VLOGSDEFAULT_VERSION: `${VM_LOGS_VERSION}` # | | VM_VLOGSDEFAULT_PORT: `9428` # | diff --git a/internal/config/config.go b/internal/config/config.go index 6ddbf08b1..2fd0a7012 100644 --- a/internal/config/config.go +++ b/internal/config/config.go @@ -1,6 +1,7 @@ package config import ( + "encoding/json" "fmt" "math/rand" "os" @@ -13,6 +14,7 @@ import ( "github.com/VictoriaMetrics/VictoriaMetrics/lib/buildinfo" "github.com/caarlos0/env/v11" "github.com/prometheus/client_golang/prometheus" + corev1 "k8s.io/api/core/v1" "k8s.io/apimachinery/pkg/api/resource" "sigs.k8s.io/controller-runtime/pkg/metrics" ) @@ -57,6 +59,19 @@ func getEnvOpts() env.Options { return envOpts } +// Resource is useful for generic resource building +// uses the same memory layout as resources at config +type Resource struct { + Limit struct { + Mem string + Cpu string + } + Request struct { + Mem string + Cpu string + } +} + // ApplicationDefaults is useful for generic default building // uses the same memory as application default at config type ApplicationDefaults struct { @@ -76,19 +91,6 @@ type ApplicationDefaults struct { } } -// Resource is useful for generic resource building -// uses the same memory layout as resources at config -type Resource struct { - Limit struct { - Mem string - Cpu string - } - Request struct { - Mem string - Cpu string - } -} - //genvars:true type BaseOperatorConf struct { MetricsVersion string `default:"${VM_METRICS_VERSION}" env:"VM_METRICS_VERSION,expand"` @@ -107,18 +109,31 @@ type BaseOperatorConf struct { ContainerRegistry string `default:"" env:"VM_CONTAINERREGISTRY"` // Deprecated: use VM_CONFIG_RELOADER_IMAGE instead CustomConfigReloaderImage string `env:"VM_CUSTOMCONFIGRELOADERIMAGE"` - ConfigReloaderImage string `default:"victoriametrics/operator:config-reloader-${VM_OPERATOR_VERSION}" env:"VM_CONFIG_RELOADER_IMAGE,expand"` PSPAutoCreateEnabled bool `default:"false" env:"VM_PSPAUTOCREATEENABLED"` EnableTCP6 bool `default:"false" env:"VM_ENABLETCP6"` - // defines global resource.limits.cpu for all config-reloader containers - ConfigReloaderLimitCPU string `default:"unlimited" env:"VM_CONFIG_RELOADER_LIMIT_CPU"` - // defines global resource.limits.memory for all config-reloader containers - ConfigReloaderLimitMemory string `default:"unlimited" env:"VM_CONFIG_RELOADER_LIMIT_MEMORY"` - // defines global resource.requests.cpu for all config-reloader containers - ConfigReloaderRequestCPU string `default:"10m" env:"VM_CONFIG_RELOADER_REQUEST_CPU"` - // defines global resource.requests.memory for all config-reloader containers - ConfigReloaderRequestMemory string `default:"25Mi" env:"VM_CONFIG_RELOADER_REQUEST_MEMORY"` + // defines global config reloader parameters + ConfigReloader struct { + // default image for all config-reloader containers + Image string `default:"victoriametrics/operator:config-reloader-${VM_OPERATOR_VERSION}" env:",expand"` + Resource struct { + Limit struct { + // defines global resource.limits.memory for all config-reloader containers + Mem string `default:"unlimited" env:"MEMORY"` + // defines global resource.limits.cpu for all config-reloader containers + Cpu string `default:"unlimited"` + } `prefix:"LIMIT_"` + Request struct { + // defines global resource.requests.memory for all config-reloader containers + Mem string `default:"25Mi" env:"MEMORY"` + // defines global resource.requests.cpu for all config-reloader containers + Cpu string `default:"10m"` + } `prefix:"REQUEST_"` + } + // defines emptyDir configuration for config reloader volume + EmptyDir string `default:"{}"` + emptyDir *corev1.EmptyDirVolumeSource `env:"-"` + } `prefix:"VM_CONFIG_RELOADER_"` VLogsDefault struct { Image string `default:"victoriametrics/victoria-logs"` @@ -533,8 +548,13 @@ func (boc *BaseOperatorConf) ResyncAfterDuration() time.Duration { return boc.ForceResyncInterval + time.Duration(p*float64(dv)) } +// ConfigReloaderEmptyDir returns emptyDir section for config reloader +func (boc *BaseOperatorConf) ConfigReloaderEmptyDir() *corev1.EmptyDirVolumeSource { + return boc.ConfigReloader.emptyDir +} + // Validate - validates config on best effort. -func (boc BaseOperatorConf) Validate() error { +func (boc BaseOperatorConf) validate() error { for _, ns := range boc.WatchNamespaces { if !validNamespaceRegex.MatchString(ns) { return fmt.Errorf("namespace=%q doesn't match regex=%q", ns, validNamespaceRegex.String()) @@ -564,28 +584,9 @@ func (boc BaseOperatorConf) Validate() error { return nil } - if boc.ConfigReloaderLimitMemory != UnLimitedResource { - if _, err := resource.ParseQuantity(boc.ConfigReloaderLimitMemory); err != nil { - return fmt.Errorf("cannot parse global config-reloader resource limit memory: %w", err) - } - } - if boc.ConfigReloaderLimitCPU != UnLimitedResource { - if _, err := resource.ParseQuantity(boc.ConfigReloaderLimitCPU); err != nil { - return fmt.Errorf("cannot parse global config-reloader resource limit cpu: %w", err) - } - } - - if len(boc.ConfigReloaderRequestMemory) > 0 && boc.ConfigReloaderRequestMemory != UnLimitedResource { - if _, err := resource.ParseQuantity(boc.ConfigReloaderRequestMemory); err != nil { - return fmt.Errorf("cannot parse global config-reloader resource request memory: %w", err) - } - } - if len(boc.ConfigReloaderRequestCPU) > 0 && boc.ConfigReloaderRequestCPU != UnLimitedResource { - if _, err := resource.ParseQuantity(boc.ConfigReloaderRequestCPU); err != nil { - return fmt.Errorf("cannot parse global config-reloader resource request cpu: %w", err) - } + if err := validateResource("config-reloader", Resource(boc.ConfigReloader.Resource)); err != nil { + return err } - if err := validateResource("vmagent", Resource(boc.VMAgentDefault.Resource)); err != nil { return err } @@ -654,9 +655,14 @@ func MustGetBaseConfig() *BaseOperatorConf { panic(err) } if c.CustomConfigReloaderImage != "" { - c.ConfigReloaderImage = c.CustomConfigReloaderImage + c.ConfigReloader.Image = c.CustomConfigReloaderImage + } + var emptyDir corev1.EmptyDirVolumeSource + if err := json.Unmarshal([]byte(c.ConfigReloader.EmptyDir), &emptyDir); err != nil { + panic(fmt.Errorf(`failed to parse VM_CONFIG_RELOADER_EMPTY_DIR value %q as JSON object for EmptyDirVolumeSource (example: {"medium":"Memory","sizeLimit":"1Gi"}): %w`, c.ConfigReloader.EmptyDir, err)) } - if err := c.Validate(); err != nil { + c.ConfigReloader.emptyDir = &emptyDir + if err := c.validate(); err != nil { panic(err) } opConf = &c diff --git a/internal/controller/operator/factory/build/defaults.go b/internal/controller/operator/factory/build/defaults.go index 46e5df262..cd5bb49cd 100644 --- a/internal/controller/operator/factory/build/defaults.go +++ b/internal/controller/operator/factory/build/defaults.go @@ -583,27 +583,15 @@ func addDefaultsToConfigReloader(common *vmv1beta1.CommonConfigReloaderParams, u if common.ConfigReloaderImageTag != "" { common.ConfigReloaderImage = common.ConfigReloaderImageTag } else { - common.ConfigReloaderImage = c.ConfigReloaderImage + common.ConfigReloaderImage = c.ConfigReloader.Image } } + if common.ConfigReloaderEmptyDir == nil { + common.ConfigReloaderEmptyDir = c.ConfigReloaderEmptyDir() + } common.ConfigReloaderImage = formatContainerImage(c.ContainerRegistry, common.ConfigReloaderImage) - common.ConfigReloaderResources = Resources(common.ConfigReloaderResources, config.Resource{ - Limit: struct { - Mem string - Cpu string - }{ - Cpu: c.ConfigReloaderLimitCPU, - Mem: c.ConfigReloaderLimitMemory, - }, - Request: struct { - Mem string - Cpu string - }{ - Cpu: c.ConfigReloaderRequestCPU, - Mem: c.ConfigReloaderRequestMemory, - }, - }, useDefaultResources) + common.ConfigReloaderResources = Resources(common.ConfigReloaderResources, config.Resource(c.ConfigReloader.Resource), useDefaultResources) } func addDefaultsToVMBackup(cr *vmv1beta1.VMBackup, useDefaultResources bool, appDefaults *config.ApplicationDefaults) { diff --git a/internal/controller/operator/factory/vmagent/vmagent.go b/internal/controller/operator/factory/vmagent/vmagent.go index fb5534832..2b5be47d9 100644 --- a/internal/controller/operator/factory/vmagent/vmagent.go +++ b/internal/controller/operator/factory/vmagent/vmagent.go @@ -566,7 +566,7 @@ func newPodSpec(cr *vmv1beta1.VMAgent, ac *build.AssetsCache) (*corev1.PodSpec, volumes = append(volumes, corev1.Volume{ Name: "config-out", VolumeSource: corev1.VolumeSource{ - EmptyDir: &corev1.EmptyDirVolumeSource{}, + EmptyDir: cr.Spec.ConfigReloaderEmptyDir, }, }) volumes = append(volumes, corev1.Volume{ diff --git a/internal/controller/operator/factory/vmalertmanager/statefulset.go b/internal/controller/operator/factory/vmalertmanager/statefulset.go index 2ec708707..362a51874 100644 --- a/internal/controller/operator/factory/vmalertmanager/statefulset.go +++ b/internal/controller/operator/factory/vmalertmanager/statefulset.go @@ -256,7 +256,7 @@ func makeStatefulSetSpec(cr *vmv1beta1.VMAlertmanager) (*appsv1.StatefulSetSpec, { Name: configVolumeName, VolumeSource: corev1.VolumeSource{ - EmptyDir: &corev1.EmptyDirVolumeSource{}, + EmptyDir: cr.Spec.ConfigReloaderEmptyDir, }, }, // use a different volume mount for the case of vm config-reloader diff --git a/internal/controller/operator/factory/vmauth/vmauth.go b/internal/controller/operator/factory/vmauth/vmauth.go index 764641709..5e40e17b2 100644 --- a/internal/controller/operator/factory/vmauth/vmauth.go +++ b/internal/controller/operator/factory/vmauth/vmauth.go @@ -305,7 +305,7 @@ func makeSpecForVMAuth(cr *vmv1beta1.VMAuth) (*corev1.PodTemplateSpec, error) { volumes = append(volumes, corev1.Volume{ Name: "config-out", VolumeSource: corev1.VolumeSource{ - EmptyDir: &corev1.EmptyDirVolumeSource{}, + EmptyDir: cr.Spec.ConfigReloaderEmptyDir, }, }) m := corev1.VolumeMount{