-
Notifications
You must be signed in to change notification settings - Fork 459
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Create ServiceMonitor for operator metrics programmatically #3371
Conversation
...nifests/opentelemetry-operator-prometheus-rules_monitoring.coreos.com_v1_prometheusrule.yaml
Show resolved
Hide resolved
@iblancasa I tested the PR with operator deployed in non-standard namespaces and enabling the in-cluster monitoring by adding label openshift.io/cluster-monitoring="true". The metrics are scraped by the in-cluster monitoring as well as the targets are shown up for the servicemonitors that are created. We already have added test case to check the metrics exported by prometheus exporter and using the user workload monitoring stack. I'll add the operator monitoring as well to that test case and verify the metrics using the in-cluster monitoring stack. |
Thanks @IshwarKanse ! |
...openshift/manifests/opentelemetry-operator-prometheus_rbac.authorization.k8s.io_v1_role.yaml
Outdated
Show resolved
Hide resolved
tlsConfig = &monitoringv1.TLSConfig{ | ||
SafeTLSConfig: monitoringv1.SafeTLSConfig{ | ||
// kube-rbac-proxy uses a self-signed cert by default | ||
InsecureSkipVerify: &t, |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I think we talked about this internally as a bug that we should not be using the InsecureSkipVerify
it is also not present here https://github.com/os-observability/konflux-opentelemetry/blob/main/bundle-patch/manifests/opentelemetry-operator-metrics-monitor_monitoring.coreos.com_v1_servicemonitor.yaml#L22
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
If you review the code, you will see this will be only executed if the ConfigMap containing the CA doesn´t exist. This covers non-OpenShift scenarios.
Signed-off-by: Israel Blancas <[email protected]>
Signed-off-by: Israel Blancas <[email protected]>
Signed-off-by: Israel Blancas <[email protected]>
@pavolloffay anything else? |
Link to tracking Issue(s):