堆栈内存溢出
  简体   繁体   English

Kubernetes 集群外的 Prometheus

[英]Prometheus Outside Kubernetes Cluster

 原文  2018-05-29 14:37:59       kubernetes/ prometheus

问题描述

I'm trying to configure Prometheus outside Kubernetes Cluster.我正在尝试在 Kubernetes 集群之外配置 Prometheus。

Below is my Prometheus config.下面是我的 Prometheus 配置。

- job_name: 'kubernetes-apiservers'
  kubernetes_sd_configs:
  - role: endpoints
    api_server: https://10.0.4.155:6443
  scheme: https
  tls_config:
    insecure_skip_verify: true
  basic_auth:
      username: kube
      password: Superkube01
  relabel_configs:
  - source_labels: [__meta_kubernetes_namespace, __meta_kubernetes_service_name, __meta_kubernetes_endpoint_port_name]
    action: keep
    regex: default;kubernetes;https

These is how it looks:这是它的外观:

root@master01:~# kubectl cluster-info 
Kubernetes master is running at https://10.0.4.155:6443

root@master01:~# kubectl get endpoints 
NAME                 ENDPOINTS                                         AGE
kubernetes           10.0.4.103:6443,10.0.4.138:6443,10.0.4.155:6443   11h
netchecker-service   10.2.0.10:8081                                    11h
root@master01:~#

But, when starting Prometheus, i'm getting below error.但是,在启动 Prometheus 时,我遇到了以下错误。

level=error ts=2018-05-29T13:55:08.171451623Z caller=main.go:216 component=k8s_client_runtime err="github.com/prometheus/prometheus/discovery/kubernetes/kubernetes.go:270: Failed to list *v1.Pod: Get https://10.0.4.155:6443/api/v1/pods?resourceVersion=0: x509: certificate signed by unknown authority"

Could anyone please tell me, what wrong i'm doing here?谁能告诉我,我在这里做错了什么?

Thanks, Pavanasam R谢谢,帕瓦纳萨姆 R

3 个解决方案

解决方案1
 0  2018-05-29 15:40:06

The error indicates that Prometheus is using a different certificate to sign its metric collection request than the one expected by your apiserver.该错误表明 Prometheus 正在使用与您的 apiserver 预期的证书不同的证书来签署其指标收集请求。

You really need to format your code in a code block so we can see the yaml formatting.您确实需要在代码块中格式化您的代码,以便我们可以看到 yaml 格式。 kubernetes_sd_configs seems to be the wrong home for insecure_skip_verify and basic_auth according to this link .根据此链接, kubernetes_sd_configs似乎是insecure_skip_verifybasic_auth的错误主页。 Might want to move them and try scraping again.可能想要移动它们并再次尝试抓取。

解决方案2
 0  2019-03-03 07:27:50

As of now your insecure_skip_verify is a part of kubernetes_sd_configs:.截至目前,您的 insecure_skip_verify 是 kubernetes_sd_configs: 的一部分。 Add it in api_server context as well.也将它添加到 api_server 上下文中。

kubernetes_sd_configs:
- api_server: https://<ip>:6443
  role: node
  bearer_token_file: /var/run/secrets/kubernetes.io/serviceaccount/token
  tls_config:
    insecure_skip_verify: true

解决方案3
 0  2020-09-30 17:31:58

in order to access kubernetes api endpoint you need to authenticate the client either through basic_auth, bearer_token, tls_config .为了访问 kubernetes api 端点,您需要通过basic_auth、bearer_token、tls_config对客户端进行身份验证。 please go through this , it will be helpful.请通过这个,它会有所帮助。

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 k8集群外使用prometheus监控Kubernetes集群 - Monitoring Kubernetes cluster using prometheus outside the k8 cluster 如何在 kubernetes 集群外将 metrics-server 抓取到 prometheus - How to scrape metrics-server to prometheus outside kubernetes cluster Prometheus - Kubernetes 集群指标 - Prometheus - Kubernetes cluster metrics 将 Prometheus 和 Kubewatch 与 Kubernetes 集群同步 - Syncing Prometheus and Kubewatch with Kubernetes Cluster 使用Istio的Kubernetes集群中的Prometheus - Prometheus in Kubernetes cluster using Istio 如何在kubernetes集群上集成Prometheus? - how to integrate prometheus on kubernetes cluster? 将 prometheus 数据暴露在集群外 - Expose prometheus data outside the cluster 使用 Prometheus 从其他 Kubernetes 集群监控 Kubernetes 集群 - Monitor Kubernetes Cluster from other Kubernetes cluster with Prometheus 使用 Istio 在 Kubernetes 集群上访问 Prometheus GUI - Access Prometheus GUI on Kubernetes Cluster with Istio 如何将 Docker 中的 Prometheus 连接到 Kubernetes 集群? - How to connect Prometheus in Docker to a Kubernetes cluster?
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM