Hi All, Currently Prometheus needs ClusterRole and ClusterRoleBinding for scrapping the metrics on Kubernetes. We want to restrict the prometheus to a particular namespace. So we changed RBAC to using Role and RoleBinding and in the Prometheus configuration we added namespaces to kubernetes_sd_configs section. we see that we are able to scrape metrics from the configured namespace, but continuously seeing the errors saying access forbidden to *v1.Pod etc. Currently my cluster is down. will share the exact error once it is available.
Following is the Prometheus configuration:
- job_name: 'kubernetes-apiservers'
kubernetes_sd_configs:
- role: endpoints
namespaces:
names: ['admin']
Please let me know whether we can do with Role and RoleBinding?
Thanks n Regards,
Chalapathi.
--
You received this message because you are subscribed to the Google Groups
"Prometheus Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To view this discussion on the web visit
https://groups.google.com/d/msgid/prometheus-users/CABXnQPvSq3-45%2B-2%2BWUctibx6UZKJK%2Bdwfj31zMeGCU%2BcX-vhA%40mail.gmail.com.
<<attachment: cpro-rbac.zip>>
