diff --git a/k3s-overrides.jsonnet b/k3s-overrides.jsonnet index 3b917d3..b95f660 100644 --- a/k3s-overrides.jsonnet +++ b/k3s-overrides.jsonnet @@ -100,12 +100,12 @@ local vars = import 'vars.jsonnet'; ports: [{ name: 'http-main', port: 8080, - targetPort: 'http' + targetPort: '8080' }, { name: 'http-self', port: 8081, - targetPort: 'http' + targetPort: '8081' }] } }, diff --git a/main.jsonnet b/main.jsonnet index 25bb626..8621058 100644 --- a/main.jsonnet +++ b/main.jsonnet @@ -14,7 +14,7 @@ local kp = (import 'kube-prometheus/kube-prometheus.libsonnet') + (import 'kube-prometheus/kube-prometheus-kops-coredns.libsonnet') + (import 'kube-prometheus/kube-prometheus-kubeadm.libsonnet') // Use http Kubelet targets. Comment to revert to https - + (import 'kube-prometheus/kube-prometheus-insecure-kubelet.libsonnet') + + join_objects([m for m in [import 'kube-prometheus/kube-prometheus-insecure-kubelet.libsonnet'] if vars.k3s == false]) + (import 'smtp_server.jsonnet') // Additional modules are loaded dynamically from vars.jsonnet + join_objects([module.file for module in vars.modules if module.enabled]) diff --git a/manifests/kube-state-metrics-service.yaml b/manifests/kube-state-metrics-service.yaml index 13b158b..7b0ca4a 100644 --- a/manifests/kube-state-metrics-service.yaml +++ b/manifests/kube-state-metrics-service.yaml @@ -10,9 +10,9 @@ spec: ports: - name: http-main port: 8080 - targetPort: http + targetPort: "8080" - name: http-self port: 8081 - targetPort: http + targetPort: "8081" selector: app: kube-state-metrics diff --git a/manifests/prometheus-serviceMonitorKubelet.yaml b/manifests/prometheus-serviceMonitorKubelet.yaml index 71b95a5..91da377 100644 --- a/manifests/prometheus-serviceMonitorKubelet.yaml +++ b/manifests/prometheus-serviceMonitorKubelet.yaml @@ -8,15 +8,25 @@ metadata: spec: endpoints: - bearerTokenFile: /var/run/secrets/kubernetes.io/serviceaccount/token + honorLabels: true interval: 30s - port: http-metrics - scheme: http + port: https-metrics + scheme: https + tlsConfig: + insecureSkipVerify: true - bearerTokenFile: /var/run/secrets/kubernetes.io/serviceaccount/token honorLabels: true interval: 30s + metricRelabelings: + - action: drop + regex: container_(network_tcp_usage_total|network_udp_usage_total|tasks_state|cpu_load_average_10s) + sourceLabels: + - __name__ path: /metrics/cadvisor - port: http-metrics - scheme: http + port: https-metrics + scheme: https + tlsConfig: + insecureSkipVerify: true jobLabel: k8s-app namespaceSelector: matchNames: