堆栈内存溢出
  简体   繁体   English

是否可以在没有 RBAC 的情况下从 prometheus 获取 pod 指标?

[英]Is it possible to get pod metrics from prometheus without RBAC?

 原文  2022-06-28 08:13:52       kubernetes/ prometheus/ prometheus-alertmanager/ prometheus-operator

问题描述

I have a Kubernetes namespace with limited privileges which excludes the creation of ClusterRole and ClusterRoleBinding .我有一个 Kubernetes 命名空间,其权限有限,不包括ClusterRoleClusterRoleBinding的创建。 I want to monitor the resource consumption and pod-related metrics on the namespace level.我想在命名空间级别监控资源消耗和 pod 相关指标。

Eg, pod health and status, new pod creation, pod restarts, etc.例如,pod 健康和状态、新 pod 创建、pod 重启等。

Although I can create an application-level metrics endpoint for custom metrics by exposing /metrics and adding the annotation prometheus.io/scrape: 'true' .尽管我可以通过公开/metrics并添加注释prometheus.io/scrape: 'true'来为自定义指标创建应用程序级指标端点。

But is there a way to get resource consumption and pod-related metrics on the namespace level without Cluster Role and ClusterRoleBinding ?但是有没有办法在没有Cluster RoleClusterRoleBinding的情况下在命名空间级别获取resource consumption and pod-related metrics

1 个解决方案

解决方案1
 0 已采纳  2022-08-05 16:14:42

It is possible to get namespace level entities from kube-state-metrics.可以从 kube-state-metrics 获取命名空间级别的实体。

  1. Pull the helm chart for kube-state-metrics: https://bitnami.com/stack/kube-state-metrics/helm拉取kube-state-metrics的helm图表: https://bitnami.com/stack/kube-state-metrics/helm

  2. Edit the values.yaml file and make the following changes:编辑 values.yaml 文件并进行以下更改:

     rbac: create: false useClusterRole: false collectors: - configmaps - cronjobs - daemonsets - deployments - endpoints - horizontalpodautoscalers - ingresses - jobs - limitranges - networkpolicies - poddisruptionbudgets - pods - replicasets - resourcequotas - services - statefulsets namespace: <current-namespace>

  3. In the prometheus ConfigMap, add a job with the following configurations:在 prometheus ConfigMap 中,添加一个具有以下配置的作业:

     - job_name: 'kube-state-metrics' scrape_interval: 1s scrape_timeout: 500ms static_configs: - targets: ['{{.Values.kube_state_metrics.service.name }}:8080']

  4. Create a role binding:创建角色绑定:

     apiVersion: rbac.authorization.k8s.io/v1 kind: RoleBinding metadata: name: kube-state-metrics namespace: <current-namespace> roleRef: apiGroup: rbac.authorization.k8s.io kind: ClusterRole name: view subjects: - kind: ServiceAccount name: kube-state-metrics namespace: <current-namespace>

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 从 Kube State Metrics 中提取指标时如何在 Prometheus 中获取 Pod 的标签 - How to get a pod's labels in Prometheus when pulling the metrics from Kube State Metrics Prometheus 不收集 pod 指标 - Prometheus is not collecting pod metrics 带有 pod 标签的 Prometheus kubelet 指标 - Prometheus kubelet metrics with pod labels 将 pod 指标拉取到外部 prometheus - Pull pod metrics to external prometheus 具有Pometheus的自定义指标的水平Pod Autoscaler和百分位数的CPU使用率 - Horizontal Pod Autoscaler with custom metrics from Prometheus with percentiles for CPU usage 在 Grafana 中显示来自 Prometheus 最后抓取的 Kubernetes Pod 的指标 - Show metrics in Grafana from the Kubernetes Pod that was scraped last by Prometheus 从同一个 Kubernetes pod 中的两个端点抓取 Prometheus 指标 - Scrape Prometheus metrics from two endpoints in the same Kubernetes pod 配置 prometheus 以从 dockerized nodejs pod 收集自定义指标 - Configure prometheus to collect custom metrics from dockerized nodejs pod 是否可以将指标发送给普罗米修斯? - Is it possible to send metrics to prometheus? 使用Mac的Docker从Pod获取指标 - Get metrics from pod with docker for mac
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM