apiVersion: v1 kind: Service metadata: name: vmalert labels: app.kubernetes.io/name: vmalert app.kubernetes.io/component: vmalert spec: ports: - port: 8880 name: vmalert selector: app.kubernetes.io/name: vmalert app.kubernetes.io/component: vmalert --- apiVersion: apps/v1 kind: Deployment metadata: name: vmalert labels: app.kubernetes.io/name: vmalert app.kubernetes.io/component: vmalert spec: selector: matchLabels: app.kubernetes.io/name: vmalert app.kubernetes.io/component: vmalert template: metadata: labels: app.kubernetes.io/name: vmalert app.kubernetes.io/component: vmalert spec: containers: - name: vmalert image: docker.io/victoriametrics/vmalert:v1.96.0 args: - -envflag.enable=true - -envflag.prefix=vmalert_ - -httpListenAddr=0.0.0.0:8880 - -configCheckInterval=30s env: - name: vmalert_rule value: /rules/*.yml - name: vmalert_datasource_url value: http://vmselect:8481/select/1/prometheus - name: vmalert_remoteRead_url value: http://vmselect:8481/select/1/prometheus - name: vmalert_remoteWrite_url value: http://vminsert:8480/insert/1/prometheus - name: vmalert_notifier_url value: http://alertmanager:9093 ports: - containerPort: 8880 name: http readinessProbe: &probe httpGet: port: http path: /health periodSeconds: 60 startupProbe: <<: *probe periodSeconds: 1 successThreshold: 1 failureThreshold: 30 timeoutSeconds: 1 securityContext: runAsNonRoot: true readOnlyRootFilesystem: true volumeMounts: - mountPath: /rules name: rules readOnly: true - mountPath: /tmp name: tmp subPath: tmp securityContext: runAsGroup: 2093 runAsNonRoot: true runAsUser: 2093 volumes: - name: rules configMap: name: vmalert-rules optional: true - name: tmp emptyDir: {}