mirror of
https://github.com/puppetmaster/typhoon.git
synced 2024-12-25 07:09:34 +01:00
cbef202eec
* Kubernetes v1.22.0 disabled kube-controller-manager insecure port, which was used internally for Prometheus metrics scraping * Configure Prometheus to discover and scrape endpoints for kube-scheduler and kube-controller-manager via the authenticated https ports, via bearer token * Change firewall ports to allow Prometheus (on worker nodes) to scrape kube-scheduler and kube-controller-manager targets that run on controller(s) with hostNetwork * Disable the insecure port on kube-scheduler
17 lines
327 B
YAML
17 lines
327 B
YAML
# Allow Prometheus to discover service endpoints
|
|
apiVersion: v1
|
|
kind: Service
|
|
metadata:
|
|
name: kube-controller-manager
|
|
namespace: kube-system
|
|
spec:
|
|
type: ClusterIP
|
|
clusterIP: None
|
|
selector:
|
|
k8s-app: kube-controller-manager
|
|
ports:
|
|
- name: metrics
|
|
protocol: TCP
|
|
port: 10257
|
|
targetPort: 10257
|