CadolesKube/typhoon
7
0
Fork 0
mirror of https://github.com/puppetmaster/typhoon.git synced 2025-07-30 06:11:33 +02:00
Code Issues Packages Projects Releases Wiki Activity

Configure Prometheus to scrape Kubelets directly

Browse Source 
* Use Kubelet bearer token authn/authz to scrape metrics
* Drop RBAC permission from nodes/proxy to nodes/metrics
* Stop proxying kubelet scrapes through the apiserver, since
this required higher privilege (nodes/proxy) and can add
load to the apiserver on large clusters
This commit is contained in:
Dalton Hubble
2018-05-13 23:49:45 -07:00
parent 37981f9fb1
commit c2b719dc75
7 changed files with 40 additions and 38 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
addons/prometheus/rbac/cluster-role.yaml
View File

@ -6,7 +6,7 @@ rules:
- apiGroups: [""]
resources:
- nodes
- nodes/proxy
- nodes/metrics
- services
- endpoints
- pods