openshift/openshift-docs
1
0
Fork 0
mirror of https://github.com/openshift/openshift-docs.git synced 2026-02-07 09:46:53 +01:00
Code Issues Releases Activity
Files
b861fb8d1fe02da170cbb977e5f74d9d1d76384c
openshift-docs/modules/cert-manager-enable-metrics.adoc
Shubha Narayanan 823dd13937 Added Role and RoleBinding objects
2024-01-18 12:40:16 +00:00

91 lines
2.1 KiB
Plaintext
Raw Blame History

// Module included in the following assemblies:
//
// * security/cert_manager_operator/cert-manager-monitoring.adoc
:_mod-docs-content-type: PROCEDURE
[id="cert-manager-enable-metrics_{context}"]
= Enabling monitoring by using a service monitor for the {cert-manager-operator}
You can enable monitoring and metrics collection for the {cert-manager-operator} by using a service monitor to perform the custom metrics scraping.
.Prerequisites
* You have access to the cluster with `cluster-admin` privileges.
* The {cert-manager-operator} is installed.
.Procedure
. Add the label to enable cluster monitoring by running the following command:
+
[source,terminal]
----
$ oc label namespace cert-manager openshift.io/cluster-monitoring=true
----
. Create a service monitor:
.. Create a YAML file that defines the `Role`, `RoleBinding`, and `ServiceMonitor` objects:
+
.Example `monitoring.yaml` file
[source,yaml]
----
apiVersion: rbac.authorization.k8s.io/v1
kind: Role
metadata:
name: prometheus-k8s
namespace: cert-manager
rules:
- apiGroups:
- ""
resources:
- services
- endpoints
- pods
verbs:
- get
- list
- watch
---
apiVersion: rbac.authorization.k8s.io/v1
kind: RoleBinding
metadata:
name: prometheus-k8s
namespace: cert-manager
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: Role
name: prometheus-k8s
subjects:
- kind: ServiceAccount
name: prometheus-k8s
namespace: openshift-monitoring
---
apiVersion: monitoring.coreos.com/v1
kind: ServiceMonitor
metadata:
labels:
app: cert-manager
app.kubernetes.io/component: controller
app.kubernetes.io/instance: cert-manager
app.kubernetes.io/name: cert-manager
name: cert-manager
namespace: cert-manager
spec:
endpoints:
- interval: 30s
port: tcp-prometheus-servicemonitor
scheme: http
selector:
matchLabels:
app.kubernetes.io/component: controller
app.kubernetes.io/instance: cert-manager
app.kubernetes.io/name: cert-manager
----
.. Create the `Role`, `RoleBinding`, and `ServiceMonitor` objects by running the following command:
+
[source,terminal]
----
$ oc create -f monitoring.yaml
----
View Git Blame Copy Permalink