easylinux/kube-prometheus
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Adding docs on adding k-p to kops cluster on aws

Browse Source
This commit is contained in:
Duncan McNaught
2017-02-23 13:52:00 -07:00
parent dee7f834fb
commit 0858b2f7f1
2 changed files with 46 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
README.md
View File

@@ -133,3 +133,5 @@ kube-system kube-controller-manager-prometheus-discovery 10.2.30.2:10252
kube-system kube-scheduler-prometheus-discovery 10.2.30.4:10251 1h kube-system kube-scheduler-prometheus-discovery 10.2.30.4:10251 1h
monitoring etcd-k8s 172.17.4.51:2379 1h monitoring etcd-k8s 172.17.4.51:2379 1h
``` ```
###[LINK: Install Docs for a cluster created with KOPS on AWS](docs/KOPSonAWS.md)

44
docs/KOPSonAWS.md Normal file
View File

@@ -0,0 +1,44 @@
# Adding kube-prometheus to [KOPS](https://github.com/kubernetes/kops) on AWS 1.5.x
## Prerequisites
A running Kubernetes cluster created with [KOPS](https://github.com/kubernetes/kops).
These instructions have currently been tested with **topology=public** on AWS with KOPS 1.5.1 and Kubernetes 1.5.x
## Open AWS Security Groups:
1. Open port 9100 on the masters security group to the nodes security group
1. Open ports 10250-10252 on the masters security group to the nodes security group.
Example script below requires $AWS\_DEFAULT_PROFILE and [$NAME](https://github.com/kubernetes/kops/blob/master/docs/aws.md#prepare-local-environment)
```bash
MASTER_SG=$(aws --profile ${AWS_DEFAULT_PROFILE} ec2 describe-security-groups --filters "Name=tag:Name,Values=masters.$NAME" --query "SecurityGroups[*].GroupId[]" --output=text)
NODES_SG=$(aws --profile ${AWS_DEFAULT_PROFILE} ec2 describe-security-groups --filters "Name=tag:Name,Values=nodes.$NAME" --query "SecurityGroups[*].GroupId[]" --output=text)
aws --profile ${AWS_DEFAULT_PROFILE} ec2 authorize-security-group-ingress --group-id $MASTER_SG --protocol tcp --port 9100 --source-group $NODES_SG
aws --profile ${AWS_DEFAULT_PROFILE} ec2 authorize-security-group-ingress --group-id $MASTER_SG --protocol tcp --port 10250-10252 --source-group $NODES_SG
```
## Adding kube-prometheus
Following the instructions in the [README](https://github.com/coreos/kube-prometheus/blob/master/README.md):
Example:
```bash
git clone -b master https://github.com/coreos/kube-prometheus.git kube-prometheus-temp;
cd kube-prometheus-temp
./hack/cluster-monitoring/deploy
kubectl -n kube-system create -f manifests/k8s/self-hosted/
cd -
rm -rf kube-prometheus-temp
```
This currently leads to a [certificate error on the kube-apiserver scrape](https://github.com/coreos/kube-prometheus/issues/35). Looks to be fixed by [PR33](https://github.com/coreos/kube-prometheus/pull/33)
To create a config without this alert and error, you can deploy without the kube-apiserver spec:
```bash
kubectl -n kube-system create -f manifests/k8s/self-hosted/kube-controller-manager.yaml
kubectl -n kube-system create -f manifests/k8s/self-hosted/kube-dns.yaml
kubectl -n kube-system create -f manifests/k8s/self-hosted/kube-scheduler.yaml
```