mirrors/kube-prometheus
1
0
Fork 0
mirror of https://github.com/prometheus-operator/kube-prometheus.git synced 2025-11-03 09:31:01 +01:00
Code Issues Projects Releases Wiki Activity

secure scheduler/controller metrics ports, kubeadm discovery services

Browse Source
This commit is contained in:
tafkam 2020-07-25 18:27:17 +02:00
parent 40adbfae6c
commit 4410a80e4e
2 changed files with 12 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
jsonnet/kube-prometheus/kube-prometheus-kubeadm.libsonnet
View File

@ -5,12 +5,12 @@ local servicePort = k.core.v1.service.mixin.spec.portsType;
{ {
prometheus+: { prometheus+: {
kubeControllerManagerPrometheusDiscoveryService: kubeControllerManagerPrometheusDiscoveryService:
service.new('kube-controller-manager-prometheus-discovery', { component: 'kube-controller-manager' }, servicePort.newNamed('http-metrics', 10252, 10252)) + service.new('kube-controller-manager-prometheus-discovery', { component: 'kube-controller-manager' }, servicePort.newNamed('http-metrics', 10257, 10257)) +
service.mixin.metadata.withNamespace('kube-system') + service.mixin.metadata.withNamespace('kube-system') +
service.mixin.metadata.withLabels({ 'k8s-app': 'kube-controller-manager' }) + service.mixin.metadata.withLabels({ 'k8s-app': 'kube-controller-manager' }) +
service.mixin.spec.withClusterIp('None'), service.mixin.spec.withClusterIp('None'),
kubeSchedulerPrometheusDiscoveryService: kubeSchedulerPrometheusDiscoveryService:
service.new('kube-scheduler-prometheus-discovery', { component: 'kube-scheduler' }, servicePort.newNamed('http-metrics', 10251, 10251)) + service.new('kube-scheduler-prometheus-discovery', { component: 'kube-scheduler' }, servicePort.newNamed('http-metrics', 10259, 10259)) +
service.mixin.metadata.withNamespace('kube-system') + service.mixin.metadata.withNamespace('kube-system') +
service.mixin.metadata.withLabels({ 'k8s-app': 'kube-scheduler' }) + service.mixin.metadata.withLabels({ 'k8s-app': 'kube-scheduler' }) +
service.mixin.spec.withClusterIp('None'), service.mixin.spec.withClusterIp('None'),

10
jsonnet/kube-prometheus/prometheus/prometheus.libsonnet
View File

@ -248,6 +248,11 @@ local k = import 'ksonnet/ksonnet.beta.4/k.libsonnet';
{ {
port: 'http-metrics', port: 'http-metrics',
interval: '30s', interval: '30s',
scheme: "https",
bearerTokenFile: "/var/run/secrets/kubernetes.io/serviceaccount/token",
tlsConfig: {
insecureSkipVerify: true
}
}, },
], ],
selector: { selector: {
@ -349,6 +354,11 @@ local k = import 'ksonnet/ksonnet.beta.4/k.libsonnet';
{ {
port: 'http-metrics', port: 'http-metrics',
interval: '30s', interval: '30s',
scheme: "https",
bearerTokenFile: "/var/run/secrets/kubernetes.io/serviceaccount/token",
tlsConfig: {
insecureSkipVerify: true
},
metricRelabelings: (import 'kube-prometheus/dropping-deprecated-metrics-relabelings.libsonnet') + [ metricRelabelings: (import 'kube-prometheus/dropping-deprecated-metrics-relabelings.libsonnet') + [
{ {
sourceLabels: ['__name__'], sourceLabels: ['__name__'],