easylinux/kube-prometheus
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

kube-prometheus: Allow skipping etcd TLS errors

Browse Source
This commit is contained in:
Frederic Branczyk
2018-08-06 21:16:59 +02:00
parent 159eb05497
commit a559123a2b
2 changed files with 25 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

22
examples/etcd-skip-verify.jsonnet Normal file
View File

@@ -0,0 +1,22 @@
local kp = (import 'kube-prometheus/kube-prometheus.libsonnet') +
(import 'kube-prometheus/kube-prometheus-static-etcd.libsonnet') + {
_config+:: {
namespace: 'monitoring',
etcd+:: {
ips: ['127.0.0.1'],
clientCA: importstr 'etcd-client-ca.crt',
clientKey: importstr 'etcd-client.key',
clientCert: importstr 'etcd-client.crt',
insecureSkipVerify: true,
},
},
};
{ ['00namespace-' + name]: kp.kubePrometheus[name] for name in std.objectFields(kp.kubePrometheus) } +
{ ['0prometheus-operator-' + name]: kp.prometheusOperator[name] for name in std.objectFields(kp.prometheusOperator) } +
{ ['node-exporter-' + name]: kp.nodeExporter[name] for name in std.objectFields(kp.nodeExporter) } +
{ ['kube-state-metrics-' + name]: kp.kubeStateMetrics[name] for name in std.objectFields(kp.kubeStateMetrics) } +
{ ['alertmanager-' + name]: kp.alertmanager[name] for name in std.objectFields(kp.alertmanager) } +
{ ['prometheus-' + name]: kp.prometheus[name] for name in std.objectFields(kp.prometheus) } +
{ ['grafana-' + name]: kp.grafana[name] for name in std.objectFields(kp.grafana) }

4
jsonnet/kube-prometheus/kube-prometheus-static-etcd.libsonnet
View File

@@ -8,6 +8,7 @@ local k = import 'ksonnet/ksonnet.beta.3/k.libsonnet';
clientKey: null, clientKey: null,
clientCert: null, clientCert: null,
serverName: null, serverName: null,
insecureSkipVerify: null,
}, },
}, },
prometheus+:: { prometheus+:: {
@@ -65,7 +66,8 @@ local k = import 'ksonnet/ksonnet.beta.3/k.libsonnet';
caFile: '/etc/prometheus/secrets/kube-etcd-client-certs/etcd-client-ca.crt', caFile: '/etc/prometheus/secrets/kube-etcd-client-certs/etcd-client-ca.crt',
keyFile: '/etc/prometheus/secrets/kube-etcd-client-certs/etcd-client.key', keyFile: '/etc/prometheus/secrets/kube-etcd-client-certs/etcd-client.key',
certFile: '/etc/prometheus/secrets/kube-etcd-client-certs/etcd-client.crt', certFile: '/etc/prometheus/secrets/kube-etcd-client-certs/etcd-client.crt',
serverName: $._config.etcd.serverName, [if $._config.etcd.serverName != null then 'serverName']: $._config.etcd.serverName,
[if $._config.etcd.insecureSkipVerify != null then 'insecureSkipVerify']: $._config.etcd.insecureSkipVerify,
}, },
}, },
], ],