From 599fafd2aa989ea49f23935954356916bdea201d Mon Sep 17 00:00:00 2001
From: William Stewart <zoidbergwill@gmail.com>
Date: Thu, 21 Jul 2016 15:45:42 +0200
Subject: [PATCH] Add node job

---
 .../examples/prometheus-kubernetes.yml        | 27 +++++++++++++++++++
 1 file changed, 27 insertions(+)

diff --git a/documentation/examples/prometheus-kubernetes.yml b/documentation/examples/prometheus-kubernetes.yml
index 1a5150096..e6ef4ebb0 100644
--- a/documentation/examples/prometheus-kubernetes.yml
+++ b/documentation/examples/prometheus-kubernetes.yml
@@ -34,6 +34,33 @@ scrape_configs:
     in_cluster: true
     role: apiserver
 
+- job_name: 'kubernetes-nodes'
+
+  # Default to scraping over https. If required, just disable this or change to
+  # `http`.
+  scheme: https
+
+  # This TLS & bearer token file config is used to connect to the actual scrape
+  # endpoints for cluster components. This is separate to discovery auth
+  # configuration (`in_cluster` below) because discovery & scraping are two
+  # separate concerns in Prometheus.
+  tls_config:
+    ca_file: /var/run/secrets/kubernetes.io/serviceaccount/ca.crt
+    # If your node certificates are self-signed or use a different CA to the
+    # master CA, then disable certificate verification below. Note that
+    # certificate verification is an integral part of a secure infrastructure
+    # so this should only be disabled in a controlled environment. You can
+    # disable certificate verification by uncommenting the line below.
+    #
+    # insecure_skip_verify: true
+  bearer_token_file: /var/run/secrets/kubernetes.io/serviceaccount/token
+
+  kubernetes_sd_configs:
+  - api_servers:
+    - 'https://kubernetes.default.svc'
+    in_cluster: true
+    role: node
+
   relabel_configs:
   - source_labels: [__meta_kubernetes_role]
     action: keep