`materialize-monitoring` Helm Reference#

Unified observability stack for Materialize: Alloy-based pipeline, optional bundled backends (Loki / Thanos / Grafana / Alertmanager), and the dashboards / alerts / rules that consume the Materialize metrics surface.

Source Code#

https://github.com/MaterializeInc/materialize-monitoring/tree/main/charts/materialize-monitoring

Requirements#

Kubernetes: >=1.27.0-0

Storage Requirements#

Using Thanos or Loki (in the default bundled-stack profile) requires object storage (such as an AWS S3 bucket) for long-term storage.

In development, Thanos may use a PVC for less-reliable storage. Loki however will not run without object storage. You may consider Garage or RustFS or MinIO for manually provisioned object storage.

Included Subcharts#

Repository	Name	Version
https://grafana.github.io/helm-charts	alloy(alloy-agent)	^1.8.0
https://grafana.github.io/helm-charts	alloy(alloy-gateway)	^1.8.0
https://kubernetes-sigs.github.io/metrics-server	metrics-server	^3.13.0
oci://ghcr.io/grafana-community/helm-charts	grafana	^12.3.3
oci://ghcr.io/grafana-community/helm-charts	loki	^15.0.0
oci://ghcr.io/grafana/helm-charts	grafana-operator	^5.22.2
oci://ghcr.io/prometheus-community/charts	alertmanager	^1.25.0
oci://ghcr.io/prometheus-community/charts	kube-state-metrics	^7.3.0
oci://ghcr.io/thanos-community/helm-charts	thanos	^0.11.0

Values#

Globals#

Values that are passed to all subcharts

Key	Type	Default	Description
global.imageRegistry	string	`""`	Override the registry for all images in this chart and its subcharts. Leave empty to use upstream defaults.
global.imagePullSecrets	list	[]	Image pull secrets applied to every workload in this chart and its subcharts.

Main chart configuration#

Configuration for the main chart

Key	Type	Default	Description
nameOverride	string	`""`	Standard Helm name override.
fullnameOverride	string	`""`	Standard Helm fullname override.
profile	string	`"bundled-stack"`	Deployment profile that drives subchart enablement and pipeline defaults.

Subchart enablement (Helm tags)#

Group toggles for subchart enablement. Subchart enablement has two layers, in precedence order:

Per-chart circuit breaker (<chart>.enabled). Each subchart dependency carries a condition: <chart>.enabled in Chart.yaml. The corresponding enabled: key is left commented-out under each subchart block in values.yaml; uncommenting it force-includes (true) or force-excludes (false) that chart regardless of any tag state. Helm evaluates condition: first and only falls through to tags when the path is absent from values, so this is a hard override.
Helm tags (the tags: block). When no <chart>.enabled is set, enablement is decided by tags. Each dependency in Chart.yaml carries a group tag (e.g. bundled-backends) and a per-chart tag (e.g. loki); a dependency is included if any of its tags evaluates true (OR semantics). To opt one chart out of an otherwise-enabled group, set the group tag false and flip the per-chart tags individually — or use the circuit breaker.

Group ↔ chart mapping:

Group tag	Charts
`pipeline`	`alloy-agent`, `alloy-gateway`
`bundled-backends`	`loki`, `thanos`, `grafana`, `alertmanager`
`cluster-metrics`	`kube-state-metrics`, `metrics-server`
`crds`	`prometheus-operator-crds`

The tag defaults match profile=bundled-stack. Other profiles flip bundled-backends off and the pipeline exporters appropriately; see the profile preset values files under examples/.

Key	Type	Default	Description
tags.pipeline	bool	`true`	Enable both Alloy releases (agent + gateway).
tags.bundled-backends	bool	`true`	Enable Loki, Thanos, Grafana, and Alertmanager as a group.
tags.cluster-metrics	bool	`false`	Enable kube-state-metrics and metrics-server as a group.
tags.crds	bool	`false`	Install Prometheus Operator CRDs.
tags.alloy-agent	bool	`false`	Per-chart override: enable just the Alloy agent. OR'd with `tags.pipeline`.
tags.alloy-gateway	bool	`false`	Per-chart override: enable just the Alloy gateway. OR'd with `tags.pipeline`.
tags.loki	bool	`false`	Per-chart override: enable just Loki. OR'd with `tags.bundled-backends`.
tags.thanos	bool	`false`	Per-chart override: enable just Thanos. OR'd with `tags.bundled-backends`.
tags.grafana-standalone	bool	`false`	Per-chart override: enable just Grafana standalone. OR'd with `tags.bundled-backends`.
tags.grafana-operator	bool	`false`	Per-chart override: enable just Grafana operator. OR'd with `tags.bundled-backends`.
tags.alertmanager	bool	`false`	Per-chart override: enable just Alertmanager. OR'd with `tags.bundled-backends`.
tags.kube-state-metrics	bool	`false`	Per-chart override: enable just kube-state-metrics. OR'd with `tags.cluster-metrics`.
tags.metrics-server	bool	`false`	Per-chart override: enable just metrics-server. OR'd with `tags.cluster-metrics`.
tags.prometheus-operator-crds	bool	`false`	Per-chart override: enable just the Prometheus Operator CRDs. OR'd with `tags.crds`.

Materialize Integration#

Materialize-specific configuration values.

Key	Type	Default	Description
materialize.namespaces	list	[]	Namespaces to scrape Materialize workloads from. Empty list means all namespaces the chart can read.
materialize.environmentLabel	string	`""`	Logical environment label applied to all scraped Materialize telemetry.
materialize.podMonitor.enabled	bool	`true`	Deploy a PodMonitor to collect Materialize metrics.
materialize.podMonitor.environmentdEndpoints	list	[ "/metrics/public" ]	Which endpoints to scrape on environmentd pods. Note that `/metrics/public` did not become available until v26.25. For earlier versions, you may wish to use `/metrics` instead.
materialize.deploymentMode	string	`"self-managed"`	Deployment mode normalization hint. One of: `self-managed`, `cloud`. Drives relabeling rules in the pipeline.

Pipeline configuration#

Pipeline configuration values that drive Alloy behavior and defaults.

The Alloy pipeline is the flagship deliverable of this chart. Pipeline configuration is expressed in values, rendered into ConfigMaps under templates/pipelines/, and consumed by the Alloy agent and gateway release instances.

Cardinality reduction configuration#

Configuration for cardinality reduction in Alloy gateway

Key	Type	Default	Description
pipeline.cardinalityReduction.enabled	bool	`true`	Whether the gateway applies cardinality-reduction relabeling before egress.
pipeline.cardinalityReduction.demoteLabels	list	[ "pod", "node", "zone", "region" ]	Labels demoted from metric labels to structured metadata (Loki) or dropped (Datadog/Prometheus remote-write). Default mirrors the Cloud team's policy.

Exporter configuration#

Configuration for exporters attached to the Alloy gateway

Key	Type	Default	Description
pipeline.exporters.prometheusRemoteWrite.enabled	bool	`false`	Enable Prometheus remote_write exporter on the gateway.
pipeline.exporters.prometheusRemoteWrite.endpoint	string	`""`	Prometheus-compatible remote_write endpoint URL.
pipeline.exporters.prometheusRemoteWrite.basicAuth.usernameSecret	object	{}	Secret reference for remote_write basic-auth username. `{name, key}` form.
pipeline.exporters.prometheusRemoteWrite.basicAuth.passwordSecret	object	{}	Secret reference for remote_write basic-auth password. `{name, key}` form.
pipeline.exporters.otlp.enabled	bool	`false`	Enable OTLP exporter on the gateway.
pipeline.exporters.otlp.endpoint	string	`""`	OTLP gRPC endpoint URL.
pipeline.exporters.bundled.enabled	bool	`false`	Enable export to the bundled Loki / Thanos backends. Implied when `profile=bundled-stack`.

Monitoring configurations#

Configuration for dashboards, rules, and alerts

Underlying content is generated into pre-rendered/ from the sources under packages/ and embedded via .Files.Get.

Key	Type	Default	Description
dashboards.config.grafana.enabled	bool	`true`	Install the bundled Grafana dashboards. Requires the Grafana operator or a writable Grafana instance.
dashboards.config.grafana.mode	string	`"operator"`	Grafana deployment mode, either "standalone" (the bundled Grafana chart) or "operator" (a separate Grafana Operator instance).
dashboards.config.grafana.manifest.resyncPeriod	string	`"5m"`	Time to sync the dashboard from the manifest
dashboards.config.grafana.manifest.instanceSelector	object	{}	Non-default label selector for a Grafana-operator Grafana instance
dashboards.config.grafana.manifest.apiTarget	string	`"dashboard.grafana.app/v2"`	Dashboard API Version (v2 or v2beta1)
dashboards.config.datadog.enabled	bool	`false`	Install the bundled Datadog dashboards. Requires Datadog API credentials configured out-of-band.
dashboards.selected	list	[ "env-*" ]	List of dashboard patterns to render

Rule configuration#

Configuration for rules

Key	Type	Default	Description
config.rules.prometheus.enabled	bool	`true`	Install the bundled Prometheus recording and alerting rules as PrometheusRule resources.
config.rules.loki.enabled	bool	`false`	Install the bundled Loki rules.
config.rules.thanos.enabled	bool	`false`	Install the bundled Thanos rules.

Alert configuration#

Configuration for alerts

Key	Type	Default	Description
config.alerts.enabled	bool	`true`	Install the bundled Alertmanager routing and templates.

Scraper configuration#

Configuration for scrapers

Key	Type	Default	Description
config.scrapers.enabled	bool	`true`	Install ServiceMonitors / Alloy scrape configs for Materialize and adjacent components.

Grafana connection configuration#

How to talk to a grafana instance

Key	Type	Default	Description
connections.grafana.mode	string	`"bundled"`	How this establishes its connection to Grafana. `bundled` means it uses the grafana provisioning chart.
connections.grafana.labels	object	{}	Labels applied to Grafana instance
connections.grafana.external.url	string	`""`	External grafana uri
connections.grafana.external.adminPassword	object	{}	Secret for Grafana admin password
connections.grafana.external.adminUser	object	{}	Secret for Grafana admin user
connections.grafana.external.apiKey	object	{}	Secret for Grafana API key

Bundled subchart configurations#

Configuration for bundled subcharts

Alloy Agent#

Alloy collector instance running close to scrape targets. Pre-egress shaping happens here.

Alloy Gateway#

Alloy gateway instance. Cardinality reduction and backend-specific egress happen here.

Loki#

Bundled Loki backend for logs.

Thanos#

Bundled Thanos backend for long-term metrics.

Key	Type	Default	Description
thanos.query	object	{ "enabled": true }	Thanos Query configuration. Query provides a PromQL query endpoint.
thanos.receive	object	{ "enabled": true, "mode": "standalone" }	Thanos receive configuration. Receive provides a Prometheus remote_write-compatible endpoint.
thanos.storegateway	object	{ "enabled": true }	Thanos Store Gateway configuration. Store Gateway provides historical block querying.
thanos.compactor	object	enabled with default retention policies	Thanos Compactor configuration. Compactor provides block compaction and downsampling.
thanos.compactor.retention	object	{ "resolution1h": "365d", "resolution5m": "90d", "resolutionRaw": "30d" }	Retention policies for Thanos Compactor downsampled data
thanos.queryFrontend	object	{ "enabled": false }	Thanos Query Frontend configuration. Query Frontend provides query parallelization and result caching. Only required for production.
thanos.ruler	object	{ "enabled": false }	Thanos Ruler configuration. Ruler provides alerting and recording rules evaluation.

Grafana Operator#

Bundled Grafana-operator for managing Grafana instances.

Upstream references:

Key	Type	Default	Description
grafana-operator.crds	object	{ "immutable": false }	CRD behavior

Grafana Instance#

Bundled Grafana for dashboard rendering.

Upstream reference:

https://github.com/grafana-community/helm-charts/blob/main/charts/grafana/values.yaml

Alertmanager#

Bundled Alertmanager for routing alerts emitted by the rule packages.

Kube State Metrics#

kube-state-metrics for Kubernetes resource-state metrics consumed by Materialize-adjacent dashboards.

Metrics Server#

metrics-server for pod and node resource usage; only needed when the cluster does not already ship one.

Key	Type	Default	Description
metrics-server.replicas	int	`1`	Number of replicas for metrics-server.

materialize-monitoring Helm Reference#