New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Bug 1811834: Sync jsonnet dependencies #722
Changes from all commits
23fde35
9817e6d
4130a3d
9b3c2b4
7134248
File filter
Filter by extension
Conversations
Jump to
Diff view
Diff view
There are no files selected for viewing
Large diffs are not rendered by default.
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -87,3 +87,15 @@ rules: | |
- get | ||
- list | ||
- watch | ||
- apiGroups: | ||
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. Do we know why this was added for prometheus-operator in kube-prom, can't seem to find it in the prometheus-operator repo itself? https://github.com/coreos/prometheus-operator/blob/master/example/rbac/prometheus-operator/prometheus-operator-cluster-role.yaml should this be updated there? There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. Without those kube-rbac-proxy didn't work and metrics couldn't be scraped. There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. okay that explains that, thanks! |
||
- authentication.k8s.io | ||
resources: | ||
- tokenreviews | ||
verbs: | ||
- create | ||
- apiGroups: | ||
- authorization.k8s.io | ||
resources: | ||
- subjectaccessreviews | ||
verbs: | ||
- create |
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -9,8 +9,13 @@ metadata: | |
namespace: openshift-monitoring | ||
spec: | ||
endpoints: | ||
- honorLabels: true | ||
port: http | ||
- bearerTokenFile: /var/run/secrets/kubernetes.io/serviceaccount/token | ||
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. why do we have 2 endpoint entries? There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. Good catch! Fixing. |
||
honorLabels: true | ||
port: https | ||
scheme: https | ||
tlsConfig: | ||
caFile: /etc/prometheus/configmaps/serving-certs-ca-bundle/service-ca.crt | ||
serverName: server-name-replaced-at-runtime | ||
selector: | ||
matchLabels: | ||
app.kubernetes.io/component: controller | ||
|
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
We don't need the job label selector here, like we had for ClockSkewDetected?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
That metric comes only from node_exporter which is deployed as DaemonSet, so I don't see why we would need it.