Image Overview: prometheus-alertmanager-fips

Overview: prometheus-alertmanager-fips Chainguard Image

Minimalist Wolfi-based image for Prometheus Alertmanager. Handles alerts sent by client applications such as the Prometheus server. It takes care of deduplicating, grouping, and routing to the correct receiver.

Download this Image

The image is available on

docker pull


For full instructions on prometheus-alertmanager, refer to the official documentation. The GitHub repository can also be found here.

Default config settings

The upstream docker image, overrides some of the default values for alertmanager, for example, see here. We replicate the same behaviour in the chainguard image to provide parity with the upstream image.


To deploy via helm, please refer to the upstream helm charts documentation for comprehensive instructions, which includes supported parameters.

Below is an example of how to use the helm chart, overriding the image with the chainguard image:

helm repo add prometheus-community
helm repo update

helm install prom-alertmanager prometheus-community/alertmanager \
 --set \
 --set image.tag=latest

The upstream helm chart provides some default config: values, but if you intend to deploy with additional configuration, i.e defining routes and receivers, you’ll need to create your own custom values.yaml and pass this into the chart at deployment.


Create config file

Before running the container, you’ll need to create a configuration file. This contains all the necessary configurations for Alertmanager, such as alerting routes, receivers, and integrations.

Refer to the official documentation for more information. Below is a simple example:

# Save this as 'alertmanager.yml')
  resolve_timeout: 11m
  group_by: ['alertname']
  group_wait: 10s
  group_interval: 10m
  repeat_interval: 1h
  - name: 'example-webhook'
    - url: ''

In order to ensure the ’nonroot’ container user can access the file when volume mounted (below step), ensure you’ve set read-only permissions:

chmod 400 alertmanager.ym

Run container

IMPORTANT: Prometheus looks for a file mounted as ‘alertmanager.yml’ (i.e not .yaml).

# TODO: Update '$(pwd)/alertmanager.yml' accordingly to reference your locally
# created config file.
docker run -p 9093:9093 \
  -v $(pwd)/alertmanager.yml:/etc/alertmanager/alertmanager.yml \
  --name alertmanager \

Verify that Alertmanager is running correctly by accessing http://localhost:9093 on your browser.

Last updated: 2024-04-11 12:38