From b5e213d49ec7829bbdc64663ae39230c168905e9 Mon Sep 17 00:00:00 2001
From: Celene Chang <celene@datadoghq.com>
Date: Wed, 16 Feb 2022 11:32:27 -0500
Subject: [PATCH] [kubelet/kubernetes_state] add spec.yaml files
---
kubelet/assets/configuration/spec.yaml | 52 ++
.../kubelet/data/conf.yaml.example | 529 +++++++++++++++++-
kubelet/manifest.json | 5 +-
.../assets/configuration/spec.yaml | 77 +++
.../kubernetes_state/data/auto_conf.yaml | 30 +-
.../kubernetes_state/data/conf.yaml.example | 526 +++++++++++++++--
kubernetes_state/manifest.json | 5 +-
7 files changed, 1140 insertions(+), 84 deletions(-)
create mode 100644 kubelet/assets/configuration/spec.yaml
create mode 100644 kubernetes_state/assets/configuration/spec.yaml
diff --git a/kubelet/assets/configuration/spec.yaml b/kubelet/assets/configuration/spec.yaml
new file mode 100644
index 00000000000000..330e54e2d64cd8
--- /dev/null
+++ b/kubelet/assets/configuration/spec.yaml
@@ -0,0 +1,52 @@
+name: Kubelet
+files:
+- name: kubelet.yaml
+ options:
+ - template: init_config
+ options:
+ - template: init_config/openmetrics_legacy
+ - template: instances
+ options:
+ - name: cadvisor_metrics_endpoint
+ description: |
+ 1.7.6+ clusters expose container metrics in the prometheus format.
+ This is the default setting. See next section for legacy clusters.
+
+ URL of the cadvisor metrics prometheus endpoint.
+ Pass an empty string, or set the cadvisor_port option to disable cadvisor metrics collection.
+ example: http://10.8.0.1:10255/metrics/cadvisor
+ display_priority: 1
+ - name: kubelet_metrics_endpoint
+ description: |
+ URL of the kubelet metrics prometheus endpoint
+ Pass an empty string to disable kubelet metrics collection.
+ example: http://10.8.0.1:10255/metrics
+ display_priority: 1
+ - name: cadvisor_port
+ description: |
+ Metric collection for legacy (< 1.7.6) clusters via the kubelet's cadvisor port.
+ This port is closed by default on k8s 1.7+ and OpenShift, enable it
+ via the `--cadvisor-port=4194` kubelet option.
+
+ Port to connect to, uncomment and set accordingly to enable collection.
+ example: 4194
+ display_priority: 1
+ - name: enabled_rates
+ description: |
+ Allow list of rate type metrics to collect from cadvisor.
+ example:
+ - cpu.*
+ - network.*
+ display_priority: 1
+ - name: enabled_gauges
+ description: |
+ Allow list of gauge type metrics to collect from cadvisor.
+ example:
+ - filesystem.*
+ display_priority: 1
+ - template: instances/openmetrics_legacy
+ overrides:
+ prometheus_url.hidden: true
+ prometheus_metrics_prefix.hidden: true
+ min_collection_interval.value.example: 20
+ min_collection_interval.enabled: true
diff --git a/kubelet/datadog_checks/kubelet/data/conf.yaml.example b/kubelet/datadog_checks/kubelet/data/conf.yaml.example
index a7f9a2448727e0..1d0b3f15e749d1 100644
--- a/kubelet/datadog_checks/kubelet/data/conf.yaml.example
+++ b/kubelet/datadog_checks/kubelet/data/conf.yaml.example
@@ -1,62 +1,537 @@
+## All options defined here are available to all instances.
+#
init_config:
-instances:
+ ## @param proxy - mapping - optional
+ ## Set HTTP or HTTPS proxies for all instances. Use the `no_proxy` list
+ ## to specify hosts that must bypass proxies.
+ ##
+ ## The SOCKS protocol is also supported like so:
+ ##
+ ## socks5://user:pass@host:port
+ ##
+ ## Using the scheme `socks5` causes the DNS resolution to happen on the
+ ## client, rather than on the proxy server. This is in line with `curl`,
+ ## which uses the scheme to decide whether to do the DNS resolution on
+ ## the client or proxy. If you want to resolve the domains on the proxy
+ ## server, use `socks5h` as the scheme.
+ #
+ # proxy:
+ # http: http://<PROXY_SERVER_FOR_HTTP>:<PORT>
+ # https: https://<PROXY_SERVER_FOR_HTTPS>:<PORT>
+ # no_proxy:
+ # - <HOSTNAME_1>
+ # - <HOSTNAME_2>
- -
- ## @param tags - list of key:value element - optional
- ## List of tags to attach to every metric, event and service check emitted by this integration.
+ ## @param skip_proxy - boolean - optional - default: false
+ ## If set to `true`, this makes the check bypass any proxy
+ ## settings enabled and attempt to reach services directly.
+ #
+ # skip_proxy: false
+
+ ## @param timeout - number - optional - default: 10
+ ## The timeout for connecting to services.
+ #
+ # timeout: 10
+
+ ## @param service - string - optional
+ ## Attach the tag `service:<SERVICE>` to every metric, event, and service check emitted by this integration.
##
- ## Learn more about tagging: https://docs.datadoghq.com/tagging/
+ ## Additionally, this sets the default `service` for every log source.
#
- # tags:
- # - <KEY_1>:<VALUE_1>
- # - <KEY_2>:<VALUE_2>
+ # service: <SERVICE>
+## Every instance is scheduled independent of the others.
+#
+instances:
+
+ -
## 1.7.6+ clusters expose container metrics in the prometheus format.
## This is the default setting. See next section for legacy clusters.
-
- ## @param cadvisor_metrics_endpoint - string - optional
- ## url of the cadvisor metrics prometheus endpoint.
+ ##
+ ## URL of the cadvisor metrics prometheus endpoint.
## Pass an empty string, or set the cadvisor_port option to disable cadvisor metrics collection.
#
# cadvisor_metrics_endpoint: http://10.8.0.1:10255/metrics/cadvisor
- ## @param kubelet_metrics_endpoint - string - optional
- ## url of the kubelet metrics prometheus endpoint
- ## Pass an empty string to disable kubelet metrics collection
+ ## URL of the kubelet metrics prometheus endpoint
+ ## Pass an empty string to disable kubelet metrics collection.
#
# kubelet_metrics_endpoint: http://10.8.0.1:10255/metrics
- ## @param send_histograms_buckets - boolean - optional
- ## The histogram buckets can be noisy and generate a lot of tags.
- ## send_histograms_buckets controls whether or not you want to pull them.
- #
- # send_histograms_buckets: true
-
## Metric collection for legacy (< 1.7.6) clusters via the kubelet's cadvisor port.
## This port is closed by default on k8s 1.7+ and OpenShift, enable it
## via the `--cadvisor-port=4194` kubelet option.
-
- ## @param cadvisor_port - integer - optional
+ ##
## Port to connect to, uncomment and set accordingly to enable collection.
#
# cadvisor_port: 4194
- ## @param enabled_rates - list of string - optional
- ## Whitelist of rate type metrics to collect from cadvisor, these are the default
+ ## Allow list of rate type metrics to collect from cadvisor.
#
# enabled_rates:
# - cpu.*
# - network.*
- ## @param enabled_gauges - list of string - optional
- ## Whitelist of gauge type metrics to collect from cadvisor, these are the default
+ ## Allow list of gauge type metrics to collect from cadvisor.
#
# enabled_gauges:
# - filesystem.*
- ## @param min_collection_interval - integer - optional - default: 15
+ ## @param health_service_check - boolean - optional - default: true
+ ## Send a service check reporting about the health of the Prometheus endpoint.
+ ## The service check is named <NAMESPACE>.prometheus.health
+ #
+ # health_service_check: true
+
+ ## @param label_to_hostname - string - optional
+ ## Override the hostname with the value of one label.
+ #
+ # label_to_hostname: <LABEL>
+
+ ## @param label_joins - mapping - optional
+ ## Allows targeting a metric to retrieve its label with a 1:1 mapping.
+ #
+ # label_joins:
+ # target_metric:
+ # label_to_match: <MATCHED_LABEL>
+ # labels_to_get:
+ # - <EXTRA_LABEL_1>
+ # - <EXTRA_LABEL_2>
+
+ ## @param labels_mapper - mapping - optional
+ ## The label mapper allows you to rename labels.
+ ## Format is <LABEL_TO_RENAME>: <NEW_LABEL_NAME>
+ #
+ # labels_mapper:
+ # flavor: origin
+
+ ## @param type_overrides - mapping - optional
+ ## Override a type in the Prometheus payload or type an untyped metric (ignored by default).
+ ## Supported <METRIC_TYPE> are `gauge`, `counter`, `histogram`, and `summary`.
+ ## The "*" wildcard can be used to match multiple metric names.
+ #
+ # type_overrides:
+ # <METRIC_NAME>: <METRIC_TYPE>
+
+ ## @param send_histograms_buckets - boolean - optional - default: true
+ ## Set send_histograms_buckets to true to send the histograms bucket.
+ #
+ # send_histograms_buckets: true
+
+ ## @param send_distribution_buckets - boolean - optional - default: false
+ ## Set `send_distribution_buckets` to `true` to send histograms as Datadog distribution metrics.
+ ##
+ ## Learn more about distribution metrics: https://docs.datadoghq.com/developers/metrics/distributions/
+ #
+ # send_distribution_buckets: false
+
+ ## @param send_monotonic_counter - boolean - optional - default: true
+ ## Set send_monotonic_counter to true to send counters as monotonic counter.
+ #
+ # send_monotonic_counter: true
+
+ ## @param send_distribution_counts_as_monotonic - boolean - optional - default: false
+ ## If set to true, sends histograms and summary counters as monotonic counters (instead of gauges).
+ #
+ # send_distribution_counts_as_monotonic: false
+
+ ## @param send_distribution_sums_as_monotonic - boolean - optional - default: false
+ ## If set to true, sends histograms and summary sums as monotonic counters (instead of gauges).
+ #
+ # send_distribution_sums_as_monotonic: false
+
+ ## @param use_process_start_time - boolean - optional - default: false
+ ## Whether to enable a heuristic for reporting counter values on the first scrape. When true,
+ ## the first time an endpoint is scraped, check `process_start_time_seconds` to decide whether zero
+ ## initial value can be assumed for counters. This requires keeping metrics in memory until the entire
+ ## response is received.
+ #
+ # use_process_start_time: false
+
+ ## @param exclude_labels - list of strings - optional
+ ## A list of labels to be excluded. May be used in conjunction with `include_labels`.
+ ## Labels defined in `excluded labels` will take precedence in case of overlap.
+ #
+ # exclude_labels:
+ # - timestamp
+
+ ## @param include_labels - list of strings - optional
+ ## A list of labels to include. May be used in conjunction with `exclude_labels`.
+ ## Labels defined in `excluded labels` will take precedence in case of overlap.
+ #
+ # include_labels: []
+
+ ## @param bearer_token_auth - boolean or string - optional - default: false
+ ## If set to true, adds a bearer token authentication header.
+ ## If set to 'tls_only', only adds a bearer token authentication header if the endpoint is secure https.
+ ## Note: If bearer_token_path is not set, the default path is /var/run/secrets/kubernetes.io/serviceaccount/token.
+ #
+ # bearer_token_auth: false
+
+ ## @param bearer_token_path - string - optional
+ ## The path to a Kubernetes service account bearer token file. Make sure the file exists and is mounted correctly.
+ ## Note: bearer_token_auth should be set to true to enable adding the token to HTTP headers for authentication.
+ #
+ # bearer_token_path: <TOKEN_PATH>
+
+ ## @param ignore_metrics - list of strings - optional
+ ## A list of metrics to ignore, the "*" wildcard can be used to match multiple metric names.
+ ## The wildcard matching is done via fnmatch, it locates a match anywhere in the string.
+ #
+ # ignore_metrics:
+ # - <IGNORED_METRIC_NAME>
+ # - <SUBSTRING_*>
+ # - <*_SUBSTRING>
+
+ ## @param ignore_metrics_by_labels - mapping - optional
+ ## A mapping of labels where metrics with matching label key and values are ignored.
+ ## Use the "*" wildcard to match all label values.
+ #
+ # ignore_metrics_by_labels:
+ # <KEY_1>:
+ # - <LABEL_1>
+ # - <LABEL_2>
+ # <KEY_2>:
+ # - '*'
+
+ ## @param ignore_tags - list of strings - optional
+ ## A list of regular expressions used to ignore tags added by autodiscovery and entries in the `tags` option.
+ #
+ # ignore_tags:
+ # - <FULL:TAG>
+ # - <TAG_PREFIX:.*>
+ # - <TAG_SUFFIX$>
+
+ ## @param proxy - mapping - optional
+ ## This overrides the `proxy` setting in `init_config`.
+ ##
+ ## Set HTTP or HTTPS proxies for this instance. Use the `no_proxy` list
+ ## to specify hosts that must bypass proxies.
+ ##
+ ## The SOCKS protocol is also supported, for example:
+ ##
+ ## socks5://user:pass@host:port
+ ##
+ ## Using the scheme `socks5` causes the DNS resolution to happen on the
+ ## client, rather than on the proxy server. This is in line with `curl`,
+ ## which uses the scheme to decide whether to do the DNS resolution on
+ ## the client or proxy. If you want to resolve the domains on the proxy
+ ## server, use `socks5h` as the scheme.
+ #
+ # proxy:
+ # http: http://<PROXY_SERVER_FOR_HTTP>:<PORT>
+ # https: https://<PROXY_SERVER_FOR_HTTPS>:<PORT>
+ # no_proxy:
+ # - <HOSTNAME_1>
+ # - <HOSTNAME_2>
+
+ ## @param skip_proxy - boolean - optional - default: false
+ ## This overrides the `skip_proxy` setting in `init_config`.
+ ##
+ ## If set to `true`, this makes the check bypass any proxy
+ ## settings enabled and attempt to reach services directly.
+ #
+ # skip_proxy: false
+
+ ## @param auth_type - string - optional - default: basic
+ ## The type of authentication to use. The available types (and related options) are:
+ ##
+ ## - basic
+ ## |__ username
+ ## |__ password
+ ## |__ use_legacy_auth_encoding
+ ## - digest
+ ## |__ username
+ ## |__ password
+ ## - ntlm
+ ## |__ ntlm_domain
+ ## |__ password
+ ## - kerberos
+ ## |__ kerberos_auth
+ ## |__ kerberos_cache
+ ## |__ kerberos_delegate
+ ## |__ kerberos_force_initiate
+ ## |__ kerberos_hostname
+ ## |__ kerberos_keytab
+ ## |__ kerberos_principal
+ ## - aws
+ ## |__ aws_region
+ ## |__ aws_host
+ ## |__ aws_service
+ ##
+ ## The `aws` auth type relies on boto3 to automatically gather AWS credentials, for example: from `.aws/credentials`.
+ ## Details: https://boto3.amazonaws.com/v1/documentation/api/latest/guide/configuration.html#configuring-credentials
+ #
+ # auth_type: basic
+
+ ## @param use_legacy_auth_encoding - boolean - optional - default: true
+ ## When `auth_type` is set to `basic`, this determines whether to encode as `latin1` rather than `utf-8`.
+ #
+ # use_legacy_auth_encoding: true
+
+ ## @param username - string - optional
+ ## The username to use if services are behind basic or digest auth.
+ #
+ # username: <USERNAME>
+
+ ## @param password - string - optional
+ ## The password to use if services are behind basic or NTLM auth.
+ #
+ # password: <PASSWORD>
+
+ ## @param ntlm_domain - string - optional
+ ## If your services use NTLM authentication, specify
+ ## the domain used in the check. For NTLM Auth, append
+ ## the username to domain, not as the `username` parameter.
+ #
+ # ntlm_domain: <NTLM_DOMAIN>\<USERNAME>
+
+ ## @param kerberos_auth - string - optional - default: disabled
+ ## If your services use Kerberos authentication, you can specify the Kerberos
+ ## strategy to use between:
+ ##
+ ## - required
+ ## - optional
+ ## - disabled
+ ##
+ ## See https://github.com/requests/requests-kerberos#mutual-authentication
+ #
+ # kerberos_auth: disabled
+
+ ## @param kerberos_cache - string - optional
+ ## Sets the KRB5CCNAME environment variable.
+ ## It should point to a credential cache with a valid TGT.
+ #
+ # kerberos_cache: <KERBEROS_CACHE>
+
+ ## @param kerberos_delegate - boolean - optional - default: false
+ ## Set to `true` to enable Kerberos delegation of credentials to a server that requests delegation.
+ ##
+ ## See https://github.com/requests/requests-kerberos#delegation
+ #
+ # kerberos_delegate: false
+
+ ## @param kerberos_force_initiate - boolean - optional - default: false
+ ## Set to `true` to preemptively initiate the Kerberos GSS exchange and
+ ## present a Kerberos ticket on the initial request (and all subsequent).
+ ##
+ ## See https://github.com/requests/requests-kerberos#preemptive-authentication
+ #
+ # kerberos_force_initiate: false
+
+ ## @param kerberos_hostname - string - optional
+ ## Override the hostname used for the Kerberos GSS exchange if its DNS name doesn't
+ ## match its Kerberos hostname, for example: behind a content switch or load balancer.
+ ##
+ ## See https://github.com/requests/requests-kerberos#hostname-override
+ #
+ # kerberos_hostname: <KERBEROS_HOSTNAME>
+
+ ## @param kerberos_principal - string - optional
+ ## Set an explicit principal, to force Kerberos to look for a
+ ## matching credential cache for the named user.
+ ##
+ ## See https://github.com/requests/requests-kerberos#explicit-principal
+ #
+ # kerberos_principal: <KERBEROS_PRINCIPAL>
+
+ ## @param kerberos_keytab - string - optional
+ ## Set the path to your Kerberos key tab file.
+ #
+ # kerberos_keytab: <KEYTAB_FILE_PATH>
+
+ ## @param auth_token - mapping - optional
+ ## This allows for the use of authentication information from dynamic sources.
+ ## Both a reader and writer must be configured.
+ ##
+ ## The available readers are:
+ ##
+ ## - type: file
+ ## path (required): The absolute path for the file to read from.
+ ## pattern: A regular expression pattern with a single capture group used to find the
+ ## token rather than using the entire file, for example: Your secret is (.+)
+ ##
+ ## The available writers are:
+ ##
+ ## - type: header
+ ## name (required): The name of the field, for example: Authorization
+ ## value: The template value, for example `Bearer <TOKEN>`. The default is: <TOKEN>
+ ## placeholder: The substring in `value` to replace by the token, defaults to: <TOKEN>
+ #
+ # auth_token:
+ # reader:
+ # type: <READER_TYPE>
+ # <OPTION_1>: <VALUE_1>
+ # <OPTION_2>: <VALUE_2>
+ # writer:
+ # type: <WRITER_TYPE>
+ # <OPTION_1>: <VALUE_1>
+ # <OPTION_2>: <VALUE_2>
+
+ ## @param aws_region - string - optional
+ ## If your services require AWS Signature Version 4 signing, set the region.
+ ##
+ ## See https://docs.aws.amazon.com/general/latest/gr/signature-version-4.html
+ #
+ # aws_region: <AWS_REGION>
+
+ ## @param aws_host - string - optional
+ ## If your services require AWS Signature Version 4 signing, set the host.
+ ## This only needs the hostname and does not require the protocol (HTTP, HTTPS, and more).
+ ## For example, if connecting to https://us-east-1.amazonaws.com/, set `aws_host` to `us-east-1.amazonaws.com`.
+ ##
+ ## Note: This setting is not necessary for official integrations.
+ ##
+ ## See https://docs.aws.amazon.com/general/latest/gr/signature-version-4.html
+ #
+ # aws_host: <AWS_HOST>
+
+ ## @param aws_service - string - optional
+ ## If your services require AWS Signature Version 4 signing, set the service code. For a list
+ ## of available service codes, see https://docs.aws.amazon.com/general/latest/gr/rande.html
+ ##
+ ## Note: This setting is not necessary for official integrations.
+ ##
+ ## See https://docs.aws.amazon.com/general/latest/gr/signature-version-4.html
+ #
+ # aws_service: <AWS_SERVICE>
+
+ ## @param tls_verify - boolean - optional - default: true
+ ## Instructs the check to validate the TLS certificate of services.
+ #
+ # tls_verify: true
+
+ ## @param tls_use_host_header - boolean - optional - default: false
+ ## If a `Host` header is set, this enables its use for SNI (matching against the TLS certificate CN or SAN).
+ #
+ # tls_use_host_header: false
+
+ ## @param tls_ignore_warning - boolean - optional - default: false
+ ## If `tls_verify` is disabled, security warnings are logged by the check.
+ ## Disable those by setting `tls_ignore_warning` to true.
+ ##
+ ## Note: `tls_ignore_warning` set to true is currently only reliable if used by one instance of one integration.
+ ## If enabled for multiple instances, spurious warnings might still appear even if `tls_ignore_warning` is set
+ ## to true.
+ #
+ # tls_ignore_warning: false
+
+ ## @param tls_cert - string - optional
+ ## The path to a single file in PEM format containing a certificate as well as any
+ ## number of CA certificates needed to establish the certificate's authenticity for
+ ## use when connecting to services. It may also contain an unencrypted private key to use.
+ #
+ # tls_cert: <CERT_PATH>
+
+ ## @param tls_private_key - string - optional
+ ## The unencrypted private key to use for `tls_cert` when connecting to services. This is
+ ## required if `tls_cert` is set and it does not already contain a private key.
+ #
+ # tls_private_key: <PRIVATE_KEY_PATH>
+
+ ## @param tls_ca_cert - string - optional
+ ## The path to a file of concatenated CA certificates in PEM format or a directory
+ ## containing several CA certificates in PEM format. If a directory, the directory
+ ## must have been processed using the c_rehash utility supplied with OpenSSL. See:
+ ## https://www.openssl.org/docs/manmaster/man3/SSL_CTX_load_verify_locations.html
+ #
+ # tls_ca_cert: <CA_CERT_PATH>
+
+ ## @param tls_protocols_allowed - list of strings - optional
+ ## The expected versions of TLS/SSL when fetching intermediate certificates.
+ ## Only `SSLv3`, `TLSv1.2`, `TLSv1.3` are allowed by default. The possible values are:
+ ## SSLv3
+ ## TLSv1
+ ## TLSv1.1
+ ## TLSv1.2
+ ## TLSv1.3
+ #
+ # tls_protocols_allowed:
+ # - SSLv3
+ # - TLSv1.2
+ # - TLSv1.3
+
+ ## @param headers - mapping - optional
+ ## The headers parameter allows you to send specific headers with every request.
+ ## You can use it for explicitly specifying the host header or adding headers for
+ ## authorization purposes.
+ ##
+ ## This overrides any default headers.
+ #
+ # headers:
+ # Host: <ALTERNATIVE_HOSTNAME>
+ # X-Auth-Token: <AUTH_TOKEN>
+
+ ## @param extra_headers - mapping - optional
+ ## Additional headers to send with every request.
+ #
+ # extra_headers:
+ # Host: <ALTERNATIVE_HOSTNAME>
+ # X-Auth-Token: <AUTH_TOKEN>
+
+ ## @param timeout - number - optional - default: 10
+ ## The timeout for accessing services.
+ ##
+ ## This overrides the `timeout` setting in `init_config`.
+ #
+ # timeout: 10
+
+ ## @param connect_timeout - number - optional
+ ## The connect timeout for accessing services. Defaults to `timeout`.
+ #
+ # connect_timeout: <CONNECT_TIMEOUT>
+
+ ## @param read_timeout - number - optional
+ ## The read timeout for accessing services. Defaults to `timeout`.
+ #
+ # read_timeout: <READ_TIMEOUT>
+
+ ## @param request_size - number - optional - default: 10
+ ## The number of kibibytes (KiB) to read from streaming HTTP responses at a time.
+ #
+ # request_size: 10
+
+ ## @param log_requests - boolean - optional - default: false
+ ## Whether or not to debug log the HTTP(S) requests made, including the method and URL.
+ #
+ # log_requests: false
+
+ ## @param persist_connections - boolean - optional - default: false
+ ## Whether or not to persist cookies and use connection pooling for increased performance.
+ #
+ # persist_connections: false
+
+ ## @param allow_redirects - boolean - optional - default: true
+ ## Whether or not to allow URL redirection.
+ #
+ # allow_redirects: true
+
+ ## @param tags - list of strings - optional
+ ## A list of tags to attach to every metric and service check emitted by this instance.
+ ##
+ ## Learn more about tagging at https://docs.datadoghq.com/tagging
+ #
+ # tags:
+ # - <KEY_1>:<VALUE_1>
+ # - <KEY_2>:<VALUE_2>
+
+ ## @param service - string - optional
+ ## Attach the tag `service:<SERVICE>` to every metric, event, and service check emitted by this integration.
+ ##
+ ## Overrides any `service` defined in the `init_config` section.
+ #
+ # service: <SERVICE>
+
+ ## @param min_collection_interval - number - optional - default: 20
## This changes the collection interval of the check. For more information, see:
## https://docs.datadoghq.com/developers/write_agent_check/#collection-interval
#
min_collection_interval: 20
+
+ ## @param empty_default_hostname - boolean - optional - default: false
+ ## This forces the check to send metrics with no hostname.
+ ##
+ ## This is useful for cluster-level checks.
+ #
+ # empty_default_hostname: false
diff --git a/kubelet/manifest.json b/kubelet/manifest.json
index 474dd1204f7db3..a90697de685e0e 100644
--- a/kubelet/manifest.json
+++ b/kubelet/manifest.json
@@ -26,6 +26,9 @@
"dashboards": {},
"service_checks": "assets/service_checks.json",
"logs": {},
- "metrics_metadata": "metadata.csv"
+ "metrics_metadata": "metadata.csv",
+ "configuration": {
+ "spec": "assets/configuration/spec.yaml"
+ }
}
}
diff --git a/kubernetes_state/assets/configuration/spec.yaml b/kubernetes_state/assets/configuration/spec.yaml
new file mode 100644
index 00000000000000..12401a0cac3bff
--- /dev/null
+++ b/kubernetes_state/assets/configuration/spec.yaml
@@ -0,0 +1,77 @@
+name: Kubernetes State
+files:
+- name: kubernetes_state.yaml
+ options:
+ - template: init_config
+ options:
+ - template: init_config/openmetrics_legacy
+ - template: instances
+ options:
+ - name: kube_state_url
+ enabled: true
+ required: true
+ description: |
+ To enable Kube State metrics you must specify the URL exposing the API
+ value:
+ type: string
+ example:
+ http://example.com:8080/metrics
+ display_priority: 1
+ - template: instances/openmetrics_legacy
+ overrides:
+ prometheus_url.hidden: true
+ prometheus_metrics_prefix.hidden: true
+
+- name: auto_conf.yaml
+ options:
+ - template: ad_identifiers
+ overrides:
+ value.example:
+ - kube-state-metrics
+ - template: init_config
+ options: []
+ - name: ignore_autodiscovery_tags
+ description: |
+ Ignore tags coming from autodiscovery
+ enabled: true
+ value:
+ type: boolean
+ example: true
+ - template: instances
+ options:
+ - name: kube_state_url
+ description: |
+ To enable Kube State metrics you must specify the URL exposing the API.
+ enabled: true
+ required: true
+ value:
+ type: string
+ example:
+ http://%%host%%:8080/metrics
+ - name: labels_mapper
+ description: |
+ Tags are reported as set by kube-state-metrics. If you want to translate
+ them to other tags, use the labels_mapper dictionary.
+ example:
+ namespace: kube_namespace
+ - name: label_joins
+ description: |
+ Add the tags to join from other KSM metrics.
+ Example: Joining for deployment metrics. Based on:
+ kube_deployment_labels{deployment="kube-dns",label_addonmanager_kubernetes_io_mode="Reconcile"}
+ Use the following config to add the value of label_addonmanager_kubernetes_io_mode as a tag to your KSM
+ deployment metrics.
+ example:
+ kube_deployment_labels:
+ labels_to_match:
+ - deployment
+ labels_to_get:
+ - label_addonmanager_kubernetes_io_mode
+ - name: hostname_override
+ description: |
+ By default the hostname for metrics containing the node label is
+ overridden by the value of the label, this can be deactivated (all metrics
+ will be attached to the host running KSM)
+ example: true
+
+
diff --git a/kubernetes_state/datadog_checks/kubernetes_state/data/auto_conf.yaml b/kubernetes_state/datadog_checks/kubernetes_state/data/auto_conf.yaml
index ff7def6b607117..290920a97795c9 100644
--- a/kubernetes_state/datadog_checks/kubernetes_state/data/auto_conf.yaml
+++ b/kubernetes_state/datadog_checks/kubernetes_state/data/auto_conf.yaml
@@ -1,26 +1,35 @@
+## @param ad_identifiers - list of strings - required
+## A list of container identifiers that are used by Autodiscovery to identify
+## which container the check should be run against. For more information, see:
+## https://docs.datadoghq.com/agent/guide/ad_identifiers/
+#
ad_identifiers:
- kube-state-metrics
+## All options defined here are available to all instances.
+#
init_config:
-# Ignore tags coming from autodiscovery
+## @param ignore_autodiscovery_tags - boolean - optional - default: true
+## Ignore tags coming from autodiscovery
+#
ignore_autodiscovery_tags: true
+## Every instance is scheduled independent of the others.
+#
instances:
## @param kube_state_url - string - required
- ## To enable Kube State metrics you must specify the url exposing the API
+ ## To enable Kube State metrics you must specify the URL exposing the API.
#
- kube_state_url: http://%%host%%:8080/metrics
- ## @param labels_mapper - dictionary - optional
## Tags are reported as set by kube-state-metrics. If you want to translate
- ## them to other tags, use the labels_mapper dictionary
+ ## them to other tags, use the labels_mapper dictionary.
#
# labels_mapper:
# namespace: kube_namespace
- ## @param label_joins - object - optional
## Add the tags to join from other KSM metrics.
## Example: Joining for deployment metrics. Based on:
## kube_deployment_labels{deployment="kube-dns",label_addonmanager_kubernetes_io_mode="Reconcile"}
@@ -28,13 +37,12 @@ instances:
## deployment metrics.
#
# label_joins:
- # kube_deployment_labels:
- # labels_to_match:
- # - deployment
- # labels_to_get:
- # - label_addonmanager_kubernetes_io_mode
+ # kube_deployment_labels:
+ # labels_to_match:
+ # - deployment
+ # labels_to_get:
+ # - label_addonmanager_kubernetes_io_mode
- ## @param hostname_override - boolean - optional - default: true
## By default the hostname for metrics containing the node label is
## overridden by the value of the label, this can be deactivated (all metrics
## will be attached to the host running KSM)
diff --git a/kubernetes_state/datadog_checks/kubernetes_state/data/conf.yaml.example b/kubernetes_state/datadog_checks/kubernetes_state/data/conf.yaml.example
index 8cee50b74563fe..a9ddde4c03897c 100644
--- a/kubernetes_state/datadog_checks/kubernetes_state/data/conf.yaml.example
+++ b/kubernetes_state/datadog_checks/kubernetes_state/data/conf.yaml.example
@@ -1,71 +1,509 @@
+## All options defined here are available to all instances.
+#
init_config:
+ ## @param proxy - mapping - optional
+ ## Set HTTP or HTTPS proxies for all instances. Use the `no_proxy` list
+ ## to specify hosts that must bypass proxies.
+ ##
+ ## The SOCKS protocol is also supported like so:
+ ##
+ ## socks5://user:pass@host:port
+ ##
+ ## Using the scheme `socks5` causes the DNS resolution to happen on the
+ ## client, rather than on the proxy server. This is in line with `curl`,
+ ## which uses the scheme to decide whether to do the DNS resolution on
+ ## the client or proxy. If you want to resolve the domains on the proxy
+ ## server, use `socks5h` as the scheme.
+ #
+ # proxy:
+ # http: http://<PROXY_SERVER_FOR_HTTP>:<PORT>
+ # https: https://<PROXY_SERVER_FOR_HTTPS>:<PORT>
+ # no_proxy:
+ # - <HOSTNAME_1>
+ # - <HOSTNAME_2>
+
+ ## @param skip_proxy - boolean - optional - default: false
+ ## If set to `true`, this makes the check bypass any proxy
+ ## settings enabled and attempt to reach services directly.
+ #
+ # skip_proxy: false
+
+ ## @param timeout - number - optional - default: 10
+ ## The timeout for connecting to services.
+ #
+ # timeout: 10
+
+ ## @param service - string - optional
+ ## Attach the tag `service:<SERVICE>` to every metric, event, and service check emitted by this integration.
+ ##
+ ## Additionally, this sets the default `service` for every log source.
+ #
+ # service: <SERVICE>
+
+## Every instance is scheduled independent of the others.
+#
instances:
- ## @param kube_state_url - string - required
- ## To enable Kube State metrics you must specify the url exposing the API
+ ## @param kube_state_url - string - optional - default: http://example.com:8080/metrics
+ ## To enable Kube State metrics you must specify the URL exposing the API
#
- kube_state_url: http://example.com:8080/metrics
- ## @param labels_mapper - dictionary - optional
- ## Tags are reported as set by kube-state-metrics. If you want to translate
- ## them to other tags, use the labels_mapper dictionary
+ ## @param health_service_check - boolean - optional - default: true
+ ## Send a service check reporting about the health of the Prometheus endpoint.
+ ## The service check is named <NAMESPACE>.prometheus.health
#
- # labels_mapper:
- # namespace: kube_namespace
+ # health_service_check: true
- ## @param label_joins - object - optional
- ## Add the tags to join from other KSM metrics.
- ## Example: Joining for deployment metrics. Based on:
- ## kube_deployment_labels{deployment="kube-dns",label_addonmanager_kubernetes_io_mode="Reconcile"}
- ## Use the following config to add the value of label_addonmanager_kubernetes_io_mode as a tag to your KSM
- ## deployment metrics.
+ ## @param label_to_hostname - string - optional
+ ## Override the hostname with the value of one label.
+ #
+ # label_to_hostname: <LABEL>
+
+ ## @param label_joins - mapping - optional
+ ## Allows targeting a metric to retrieve its label with a 1:1 mapping.
#
# label_joins:
- # kube_deployment_labels:
- # labels_to_match:
- # - deployment
+ # target_metric:
+ # label_to_match: <MATCHED_LABEL>
# labels_to_get:
- # - label_addonmanager_kubernetes_io_mode
+ # - <EXTRA_LABEL_1>
+ # - <EXTRA_LABEL_2>
+
+ ## @param labels_mapper - mapping - optional
+ ## The label mapper allows you to rename labels.
+ ## Format is <LABEL_TO_RENAME>: <NEW_LABEL_NAME>
+ #
+ # labels_mapper:
+ # flavor: origin
+
+ ## @param type_overrides - mapping - optional
+ ## Override a type in the Prometheus payload or type an untyped metric (ignored by default).
+ ## Supported <METRIC_TYPE> are `gauge`, `counter`, `histogram`, and `summary`.
+ ## The "*" wildcard can be used to match multiple metric names.
+ #
+ # type_overrides:
+ # <METRIC_NAME>: <METRIC_TYPE>
+
+ ## @param send_histograms_buckets - boolean - optional - default: true
+ ## Set send_histograms_buckets to true to send the histograms bucket.
+ #
+ # send_histograms_buckets: true
+
+ ## @param send_distribution_buckets - boolean - optional - default: false
+ ## Set `send_distribution_buckets` to `true` to send histograms as Datadog distribution metrics.
+ ##
+ ## Learn more about distribution metrics: https://docs.datadoghq.com/developers/metrics/distributions/
+ #
+ # send_distribution_buckets: false
+
+ ## @param send_monotonic_counter - boolean - optional - default: true
+ ## Set send_monotonic_counter to true to send counters as monotonic counter.
+ #
+ # send_monotonic_counter: true
+
+ ## @param send_distribution_counts_as_monotonic - boolean - optional - default: false
+ ## If set to true, sends histograms and summary counters as monotonic counters (instead of gauges).
+ #
+ # send_distribution_counts_as_monotonic: false
+
+ ## @param send_distribution_sums_as_monotonic - boolean - optional - default: false
+ ## If set to true, sends histograms and summary sums as monotonic counters (instead of gauges).
+ #
+ # send_distribution_sums_as_monotonic: false
+
+ ## @param use_process_start_time - boolean - optional - default: false
+ ## Whether to enable a heuristic for reporting counter values on the first scrape. When true,
+ ## the first time an endpoint is scraped, check `process_start_time_seconds` to decide whether zero
+ ## initial value can be assumed for counters. This requires keeping metrics in memory until the entire
+ ## response is received.
+ #
+ # use_process_start_time: false
+
+ ## @param exclude_labels - list of strings - optional
+ ## A list of labels to be excluded. May be used in conjunction with `include_labels`.
+ ## Labels defined in `excluded labels` will take precedence in case of overlap.
+ #
+ # exclude_labels:
+ # - timestamp
+
+ ## @param include_labels - list of strings - optional
+ ## A list of labels to include. May be used in conjunction with `exclude_labels`.
+ ## Labels defined in `excluded labels` will take precedence in case of overlap.
+ #
+ # include_labels: []
+
+ ## @param bearer_token_auth - boolean or string - optional - default: false
+ ## If set to true, adds a bearer token authentication header.
+ ## If set to 'tls_only', only adds a bearer token authentication header if the endpoint is secure https.
+ ## Note: If bearer_token_path is not set, the default path is /var/run/secrets/kubernetes.io/serviceaccount/token.
+ #
+ # bearer_token_auth: false
+
+ ## @param bearer_token_path - string - optional
+ ## The path to a Kubernetes service account bearer token file. Make sure the file exists and is mounted correctly.
+ ## Note: bearer_token_auth should be set to true to enable adding the token to HTTP headers for authentication.
+ #
+ # bearer_token_path: <TOKEN_PATH>
+
+ ## @param ignore_metrics - list of strings - optional
+ ## A list of metrics to ignore, the "*" wildcard can be used to match multiple metric names.
+ ## The wildcard matching is done via fnmatch, it locates a match anywhere in the string.
+ #
+ # ignore_metrics:
+ # - <IGNORED_METRIC_NAME>
+ # - <SUBSTRING_*>
+ # - <*_SUBSTRING>
+
+ ## @param ignore_metrics_by_labels - mapping - optional
+ ## A mapping of labels where metrics with matching label key and values are ignored.
+ ## Use the "*" wildcard to match all label values.
+ #
+ # ignore_metrics_by_labels:
+ # <KEY_1>:
+ # - <LABEL_1>
+ # - <LABEL_2>
+ # <KEY_2>:
+ # - '*'
+
+ ## @param ignore_tags - list of strings - optional
+ ## A list of regular expressions used to ignore tags added by autodiscovery and entries in the `tags` option.
+ #
+ # ignore_tags:
+ # - <FULL:TAG>
+ # - <TAG_PREFIX:.*>
+ # - <TAG_SUFFIX$>
+
+ ## @param proxy - mapping - optional
+ ## This overrides the `proxy` setting in `init_config`.
+ ##
+ ## Set HTTP or HTTPS proxies for this instance. Use the `no_proxy` list
+ ## to specify hosts that must bypass proxies.
+ ##
+ ## The SOCKS protocol is also supported, for example:
+ ##
+ ## socks5://user:pass@host:port
+ ##
+ ## Using the scheme `socks5` causes the DNS resolution to happen on the
+ ## client, rather than on the proxy server. This is in line with `curl`,
+ ## which uses the scheme to decide whether to do the DNS resolution on
+ ## the client or proxy. If you want to resolve the domains on the proxy
+ ## server, use `socks5h` as the scheme.
+ #
+ # proxy:
+ # http: http://<PROXY_SERVER_FOR_HTTP>:<PORT>
+ # https: https://<PROXY_SERVER_FOR_HTTPS>:<PORT>
+ # no_proxy:
+ # - <HOSTNAME_1>
+ # - <HOSTNAME_2>
+
+ ## @param skip_proxy - boolean - optional - default: false
+ ## This overrides the `skip_proxy` setting in `init_config`.
+ ##
+ ## If set to `true`, this makes the check bypass any proxy
+ ## settings enabled and attempt to reach services directly.
+ #
+ # skip_proxy: false
+
+ ## @param auth_type - string - optional - default: basic
+ ## The type of authentication to use. The available types (and related options) are:
+ ##
+ ## - basic
+ ## |__ username
+ ## |__ password
+ ## |__ use_legacy_auth_encoding
+ ## - digest
+ ## |__ username
+ ## |__ password
+ ## - ntlm
+ ## |__ ntlm_domain
+ ## |__ password
+ ## - kerberos
+ ## |__ kerberos_auth
+ ## |__ kerberos_cache
+ ## |__ kerberos_delegate
+ ## |__ kerberos_force_initiate
+ ## |__ kerberos_hostname
+ ## |__ kerberos_keytab
+ ## |__ kerberos_principal
+ ## - aws
+ ## |__ aws_region
+ ## |__ aws_host
+ ## |__ aws_service
+ ##
+ ## The `aws` auth type relies on boto3 to automatically gather AWS credentials, for example: from `.aws/credentials`.
+ ## Details: https://boto3.amazonaws.com/v1/documentation/api/latest/guide/configuration.html#configuring-credentials
+ #
+ # auth_type: basic
+
+ ## @param use_legacy_auth_encoding - boolean - optional - default: true
+ ## When `auth_type` is set to `basic`, this determines whether to encode as `latin1` rather than `utf-8`.
+ #
+ # use_legacy_auth_encoding: true
+
+ ## @param username - string - optional
+ ## The username to use if services are behind basic or digest auth.
+ #
+ # username: <USERNAME>
+
+ ## @param password - string - optional
+ ## The password to use if services are behind basic or NTLM auth.
+ #
+ # password: <PASSWORD>
+
+ ## @param ntlm_domain - string - optional
+ ## If your services use NTLM authentication, specify
+ ## the domain used in the check. For NTLM Auth, append
+ ## the username to domain, not as the `username` parameter.
+ #
+ # ntlm_domain: <NTLM_DOMAIN>\<USERNAME>
+
+ ## @param kerberos_auth - string - optional - default: disabled
+ ## If your services use Kerberos authentication, you can specify the Kerberos
+ ## strategy to use between:
+ ##
+ ## - required
+ ## - optional
+ ## - disabled
+ ##
+ ## See https://github.com/requests/requests-kerberos#mutual-authentication
+ #
+ # kerberos_auth: disabled
+
+ ## @param kerberos_cache - string - optional
+ ## Sets the KRB5CCNAME environment variable.
+ ## It should point to a credential cache with a valid TGT.
+ #
+ # kerberos_cache: <KERBEROS_CACHE>
+
+ ## @param kerberos_delegate - boolean - optional - default: false
+ ## Set to `true` to enable Kerberos delegation of credentials to a server that requests delegation.
+ ##
+ ## See https://github.com/requests/requests-kerberos#delegation
+ #
+ # kerberos_delegate: false
+
+ ## @param kerberos_force_initiate - boolean - optional - default: false
+ ## Set to `true` to preemptively initiate the Kerberos GSS exchange and
+ ## present a Kerberos ticket on the initial request (and all subsequent).
+ ##
+ ## See https://github.com/requests/requests-kerberos#preemptive-authentication
+ #
+ # kerberos_force_initiate: false
+
+ ## @param kerberos_hostname - string - optional
+ ## Override the hostname used for the Kerberos GSS exchange if its DNS name doesn't
+ ## match its Kerberos hostname, for example: behind a content switch or load balancer.
+ ##
+ ## See https://github.com/requests/requests-kerberos#hostname-override
+ #
+ # kerberos_hostname: <KERBEROS_HOSTNAME>
+
+ ## @param kerberos_principal - string - optional
+ ## Set an explicit principal, to force Kerberos to look for a
+ ## matching credential cache for the named user.
+ ##
+ ## See https://github.com/requests/requests-kerberos#explicit-principal
+ #
+ # kerberos_principal: <KERBEROS_PRINCIPAL>
+
+ ## @param kerberos_keytab - string - optional
+ ## Set the path to your Kerberos key tab file.
+ #
+ # kerberos_keytab: <KEYTAB_FILE_PATH>
+
+ ## @param auth_token - mapping - optional
+ ## This allows for the use of authentication information from dynamic sources.
+ ## Both a reader and writer must be configured.
+ ##
+ ## The available readers are:
+ ##
+ ## - type: file
+ ## path (required): The absolute path for the file to read from.
+ ## pattern: A regular expression pattern with a single capture group used to find the
+ ## token rather than using the entire file, for example: Your secret is (.+)
+ ##
+ ## The available writers are:
+ ##
+ ## - type: header
+ ## name (required): The name of the field, for example: Authorization
+ ## value: The template value, for example `Bearer <TOKEN>`. The default is: <TOKEN>
+ ## placeholder: The substring in `value` to replace by the token, defaults to: <TOKEN>
+ #
+ # auth_token:
+ # reader:
+ # type: <READER_TYPE>
+ # <OPTION_1>: <VALUE_1>
+ # <OPTION_2>: <VALUE_2>
+ # writer:
+ # type: <WRITER_TYPE>
+ # <OPTION_1>: <VALUE_1>
+ # <OPTION_2>: <VALUE_2>
+
+ ## @param aws_region - string - optional
+ ## If your services require AWS Signature Version 4 signing, set the region.
+ ##
+ ## See https://docs.aws.amazon.com/general/latest/gr/signature-version-4.html
+ #
+ # aws_region: <AWS_REGION>
+
+ ## @param aws_host - string - optional
+ ## If your services require AWS Signature Version 4 signing, set the host.
+ ## This only needs the hostname and does not require the protocol (HTTP, HTTPS, and more).
+ ## For example, if connecting to https://us-east-1.amazonaws.com/, set `aws_host` to `us-east-1.amazonaws.com`.
+ ##
+ ## Note: This setting is not necessary for official integrations.
+ ##
+ ## See https://docs.aws.amazon.com/general/latest/gr/signature-version-4.html
+ #
+ # aws_host: <AWS_HOST>
+
+ ## @param aws_service - string - optional
+ ## If your services require AWS Signature Version 4 signing, set the service code. For a list
+ ## of available service codes, see https://docs.aws.amazon.com/general/latest/gr/rande.html
+ ##
+ ## Note: This setting is not necessary for official integrations.
+ ##
+ ## See https://docs.aws.amazon.com/general/latest/gr/signature-version-4.html
+ #
+ # aws_service: <AWS_SERVICE>
- ## @param hostname_override - boolean - optional - default: true
- ## By default the hostname for metrics containing the node label is
- ## overridden by the value of the label, this can be deactivated (all metrics
- ## will be attached to the host running KSM)
+ ## @param tls_verify - boolean - optional - default: true
+ ## Instructs the check to validate the TLS certificate of services.
#
- # hostname_override: true
+ # tls_verify: true
- ## @param tags - list of key:value element - optional
- ## List of tags to attach to every metric, event and service check emitted by this integration.
+ ## @param tls_use_host_header - boolean - optional - default: false
+ ## If a `Host` header is set, this enables its use for SNI (matching against the TLS certificate CN or SAN).
+ #
+ # tls_use_host_header: false
+
+ ## @param tls_ignore_warning - boolean - optional - default: false
+ ## If `tls_verify` is disabled, security warnings are logged by the check.
+ ## Disable those by setting `tls_ignore_warning` to true.
+ ##
+ ## Note: `tls_ignore_warning` set to true is currently only reliable if used by one instance of one integration.
+ ## If enabled for multiple instances, spurious warnings might still appear even if `tls_ignore_warning` is set
+ ## to true.
+ #
+ # tls_ignore_warning: false
+
+ ## @param tls_cert - string - optional
+ ## The path to a single file in PEM format containing a certificate as well as any
+ ## number of CA certificates needed to establish the certificate's authenticity for
+ ## use when connecting to services. It may also contain an unencrypted private key to use.
+ #
+ # tls_cert: <CERT_PATH>
+
+ ## @param tls_private_key - string - optional
+ ## The unencrypted private key to use for `tls_cert` when connecting to services. This is
+ ## required if `tls_cert` is set and it does not already contain a private key.
+ #
+ # tls_private_key: <PRIVATE_KEY_PATH>
+
+ ## @param tls_ca_cert - string - optional
+ ## The path to a file of concatenated CA certificates in PEM format or a directory
+ ## containing several CA certificates in PEM format. If a directory, the directory
+ ## must have been processed using the c_rehash utility supplied with OpenSSL. See:
+ ## https://www.openssl.org/docs/manmaster/man3/SSL_CTX_load_verify_locations.html
+ #
+ # tls_ca_cert: <CA_CERT_PATH>
+
+ ## @param tls_protocols_allowed - list of strings - optional
+ ## The expected versions of TLS/SSL when fetching intermediate certificates.
+ ## Only `SSLv3`, `TLSv1.2`, `TLSv1.3` are allowed by default. The possible values are:
+ ## SSLv3
+ ## TLSv1
+ ## TLSv1.1
+ ## TLSv1.2
+ ## TLSv1.3
+ #
+ # tls_protocols_allowed:
+ # - SSLv3
+ # - TLSv1.2
+ # - TLSv1.3
+
+ ## @param headers - mapping - optional
+ ## The headers parameter allows you to send specific headers with every request.
+ ## You can use it for explicitly specifying the host header or adding headers for
+ ## authorization purposes.
+ ##
+ ## This overrides any default headers.
+ #
+ # headers:
+ # Host: <ALTERNATIVE_HOSTNAME>
+ # X-Auth-Token: <AUTH_TOKEN>
+
+ ## @param extra_headers - mapping - optional
+ ## Additional headers to send with every request.
+ #
+ # extra_headers:
+ # Host: <ALTERNATIVE_HOSTNAME>
+ # X-Auth-Token: <AUTH_TOKEN>
+
+ ## @param timeout - number - optional - default: 10
+ ## The timeout for accessing services.
##
- ## Learn more about tagging: https://docs.datadoghq.com/tagging/
+ ## This overrides the `timeout` setting in `init_config`.
+ #
+ # timeout: 10
+
+ ## @param connect_timeout - number - optional
+ ## The connect timeout for accessing services. Defaults to `timeout`.
+ #
+ # connect_timeout: <CONNECT_TIMEOUT>
+
+ ## @param read_timeout - number - optional
+ ## The read timeout for accessing services. Defaults to `timeout`.
+ #
+ # read_timeout: <READ_TIMEOUT>
+
+ ## @param request_size - number - optional - default: 10
+ ## The number of kibibytes (KiB) to read from streaming HTTP responses at a time.
+ #
+ # request_size: 10
+
+ ## @param log_requests - boolean - optional - default: false
+ ## Whether or not to debug log the HTTP(S) requests made, including the method and URL.
+ #
+ # log_requests: false
+
+ ## @param persist_connections - boolean - optional - default: false
+ ## Whether or not to persist cookies and use connection pooling for increased performance.
+ #
+ # persist_connections: false
+
+ ## @param allow_redirects - boolean - optional - default: true
+ ## Whether or not to allow URL redirection.
+ #
+ # allow_redirects: true
+
+ ## @param tags - list of strings - optional
+ ## A list of tags to attach to every metric and service check emitted by this instance.
+ ##
+ ## Learn more about tagging at https://docs.datadoghq.com/tagging
#
# tags:
# - <KEY_1>:<VALUE_1>
# - <KEY_2>:<VALUE_2>
- ## @param prometheus_timeout - integer - optional - default: 10
- ## Set a timeout for the prometheus query.
+ ## @param service - string - optional
+ ## Attach the tag `service:<SERVICE>` to every metric, event, and service check emitted by this integration.
+ ##
+ ## Overrides any `service` defined in the `init_config` section.
#
- # prometheus_timeout: 10
+ # service: <SERVICE>
- ## @param telemetry - boolean - optional - default: false
- ## To enable the telemetry check's metrics, you must set this parameter to true.
- ## It will generate useful internal check metrics: message payload size, the number
- ## of metrics received, processed, ignored....
- ## Metrics can be found under `kubernetes_state.telemetry`
+ ## @param min_collection_interval - number - optional - default: 15
+ ## This changes the collection interval of the check. For more information, see:
+ ## https://docs.datadoghq.com/developers/write_agent_check/#collection-interval
#
- # telemetry: false
+ # min_collection_interval: 15
- ## @param join_standard_tags - boolean - optional - default: false
- ## To enable joining standard tags from labels, you must set this parameter to true.
- ## It will join standard tags found in these labels coming from info Kube State metrics (*_labels).
- ## tags.datadoghq.com/env => env
- ## tags.datadoghq.com/service => service
- ## tags.datadoghq.com/version => version
- ##
- ## Resources enabled for join_standard_tags include:
- ## Pod, Deployment, ReplicaSet, DaemonSet, StatefulSet, Job, CronJob
+ ## @param empty_default_hostname - boolean - optional - default: false
+ ## This forces the check to send metrics with no hostname.
##
+ ## This is useful for cluster-level checks.
#
- # join_standard_tags: false
+ # empty_default_hostname: false
diff --git a/kubernetes_state/manifest.json b/kubernetes_state/manifest.json
index 3fef37a37504e9..064e7801c99f4c 100644
--- a/kubernetes_state/manifest.json
+++ b/kubernetes_state/manifest.json
@@ -27,6 +27,9 @@
"dashboards": {},
"service_checks": "assets/service_checks.json",
"logs": {},
- "metrics_metadata": "metadata.csv"
+ "metrics_metadata": "metadata.csv",
+ "configuration": {
+ "spec": "assets/configuration/spec.yaml"
+ }
}
}