Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Metricbeat] Access Kubernetes metrics from somewhere other than the read-only kublet port #10937

Closed
dpankros opened this issue Feb 25, 2019 · 5 comments
Closed

[Metricbeat] Access Kubernetes metrics from somewhere other than the read-only kublet port #10937

dpankros opened this issue Feb 25, 2019 · 5 comments
Assignees
@odacremolbap
Labels
containers Related to containers use case Metricbeat Metricbeat Team:Integrations Label for the Integrations team

Comments

@dpankros
Copy link

Currently, it appears that metricbeat fetches metrics for kubernetes from the read-only http-metrics port (10255). Using this port is now deprecated. Kubernetes metrics need to be fetched through some other mechanism in the near future.

To make matters worse, the AWS EKS AMI has dropped support for the readonly port in recent versions. Out of the box, metricbeat no longer works on EKS without doing some custom work to the kubelet on the node. We upgraded recently to gain the benefit of other fixes implemented in the recent AMIs (like logrotate) and now we don't see any pod metrics.

This is somewhere between a bug and an enhancement.
@ruflin ruflin added Metricbeat Metricbeat containers Related to containers use case Team:Integrations Label for the Integrations team labels Mar 13, 2019
@odacremolbap
Copy link
Contributor

Hi @dpankros ,

metricbeats do not enforce the read only kubelet port, you can use the commented settings here

https://www.elastic.co/guide/en/beats/metricbeat/current/metricbeat-module-kubernetes.html#_example_configuration_17

if executing as a daemonset something like this should work on a regular kubernete cluster

    - module: kubernetes
      metricsets:
        - node
        - system
        - pod
        - container
        - volume
      period: 10s
      host: ${NODE_NAME}
      hosts: ["https://${NODE_NAME}:10250"]
      enabled: true
      bearer_token_file: /var/run/secrets/kubernetes.io/serviceaccount/token
      ssl.verification_mode: none
      ssl.certificate_authorities:
        - /var/run/secrets/kubernetes.io/serviceaccount/ca.crt

@odacremolbap
Copy link
Contributor

@dpankros we will be closing this because of inactivity, if the comment above didn't solve the issue, please re-open

@salt-mountain
Copy link

@odacremolbap Hopefully this comment is not too much of a resurrection, but I have a question regarding the page and what you posted. Those seem to be the instructions for running metricbeat as a pod within the cluster.

But what about the correct configuration for running it outside of the cluster? Simply using in_cluster: false and specifying the kube_config doesn't seem to cut it. There obviously is now nothing listening to on the port specified in the documentation.

@Crazybus Crazybus mentioned this issue Sep 30, 2019
Closed
@PhaedrusTheGreek
Copy link
Contributor

In master we have changed this to use the secured port by default. I'm wondering if it would be worthwhile to backport this at least to 7.6. Those three lines tested working for me under 7.5.

@jlind23
Copy link
Collaborator

jlind23 commented Apr 1, 2022

Backlog grooming: Closing it for now until further activity, can still be reopened if needed.

@jlind23 jlind23 closed this as completed Apr 1, 2022
@zube zube bot removed the [zube]: Done label Jun 30, 2022
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@odacremolbap odacremolbap

Labels
containers Related to containers use case Metricbeat Metricbeat Team:Integrations Label for the Integrations team
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
8 participants
@ruflin @andresrc @PhaedrusTheGreek @dpankros @odacremolbap @alvarolobato @jlind23 @salt-mountain