From 14d0604aba95c7bb434f3a7687f7903bbe4fd81f Mon Sep 17 00:00:00 2001 From: Jorrit Salverda Date: Tue, 9 May 2017 13:57:49 +0200 Subject: [PATCH] Kubernetes config scrape node via api proxy (#2641) * scrape kubelet metrics via api node proxy * add manifests to setup serviceaccount, clusterrole and clusterrolebinding to work with rbac * removed .cluster.local and added newline to address comments --- .../examples/prometheus-kubernetes.yml | 6 ++++ documentation/examples/rbac-setup.yml | 34 +++++++++++++++++++ 2 files changed, 40 insertions(+) create mode 100644 documentation/examples/rbac-setup.yml diff --git a/documentation/examples/prometheus-kubernetes.yml b/documentation/examples/prometheus-kubernetes.yml index 50834ec72..8ddcdb12e 100644 --- a/documentation/examples/prometheus-kubernetes.yml +++ b/documentation/examples/prometheus-kubernetes.yml @@ -76,6 +76,12 @@ scrape_configs: relabel_configs: - action: labelmap regex: __meta_kubernetes_node_label_(.+) + - target_label: __address__ + replacement: kubernetes.default.svc:443 + - source_labels: [__meta_kubernetes_node_name] + regex: (.+) + target_label: __metrics_path__ + replacement: /api/v1/nodes/${1}/proxy/metrics # Scrape config for service endpoints. # diff --git a/documentation/examples/rbac-setup.yml b/documentation/examples/rbac-setup.yml new file mode 100644 index 000000000..8efed4ca1 --- /dev/null +++ b/documentation/examples/rbac-setup.yml @@ -0,0 +1,34 @@ +apiVersion: rbac.authorization.k8s.io/v1beta1 +kind: ClusterRole +metadata: + name: prometheus +rules: +- apiGroups: [""] + resources: + - nodes + - nodes/proxy + - services + - endpoints + - pods + verbs: ["get", "list", "watch"] +- nonResourceURLs: ["/metrics"] + verbs: ["get"] +--- +apiVersion: v1 +kind: ServiceAccount +metadata: + name: prometheus + namespace: default +--- +apiVersion: rbac.authorization.k8s.io/v1beta1 +kind: ClusterRoleBinding +metadata: + name: prometheus +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: prometheus +subjects: +- kind: ServiceAccount + name: prometheus + namespace: default