How to use k8s secret resource for endpoints service.
k8s resoure yaml:
apiVersion: v1
kind: Secret
metadata:
name: myservice-secret
data:
cert-chain.pem:
key.pem:
root-cert.pem:
---
apiVersion: v1
kind: Service
metadata:
labels:
run: myservice
annotations:
prometheus.io/port: "443"
prometheus.io/scrape: "true"
name: myservice
spec:
ports:
- port: 443
protocol: TCP
targetPort: 443
type: ClusterIP
prometheus config file:
scrape_configs:
- job_name: kubernetes_endpoints
honor_timestamps: true
scrape_interval: 30s
scrape_timeout: 15s
metrics_path: /metrics
scheme: http
kubernetes_sd_configs:
- api_server: https://my.k8s.server:443
role: endpoints
tls_config:
ca_file: /data/certs/ca.pem
cert_file: /data/certs/admin/admin.pem
key_file: /data/certs/admin/admin-key.pem
insecure_skip_verify: false
tls_config:
ca_file: *how to use myservice-secret*
cert_file: *how to use myservice-secret*
key_file: *how to use myservice-secret*
insecure_skip_verify: false
relabel_configs:
- source_labels: [__meta_kubernetes_service_annotation_prometheus_io_scrape]
separator: ;
regex: "true"
replacement: $1
action: keep
--
You received this message because you are subscribed to the Google Groups
"Prometheus Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To view this discussion on the web visit
https://groups.google.com/d/msgid/prometheus-users/7b0894e2-8b8d-4103-b805-68d6b95b9793o%40googlegroups.com.
