Hi All, Currently Prometheus needs ClusterRole and ClusterRoleBinding for scrapping the metrics on Kubernetes. We want to restrict the prometheus to a particular namespace. So we changed RBAC to using Role and RoleBinding and in the Prometheus configuration we added namespaces to kubernetes_sd_configs section. we see that we are able to scrape metrics from the configured namespace, but continuously seeing the errors saying access forbidden to *v1.Pod etc. Currently my cluster is down. will share the exact error once it is available.
Following is the Prometheus configuration:
- job_name: 'kubernetes-apiservers'
kubernetes_sd_configs:
- role: endpoints
namespaces:
names: ['admin']
Please let me know whether we can do with Role and RoleBinding?
Thanks n Regards,
Chalapathi.
--
You received this message because you are subscribed to the Google Groups
"Prometheus Developers" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to prometheus-developers+unsubscr...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/prometheus-developers/CABXnQPvSq3-45%2B-2%2BWUctibx6UZKJK%2Bdwfj31zMeGCU%2BcX-vhA%40mail.gmail.com.
<<attachment: cpro-rbac.zip>>
