Comments (1)
Hey, I've also noticed that the metrics only show when there is at least one Certificate resource in the cluster. Without any certificates, it shows this:
$ kubectl get --raw /api/v1/namespaces/cert-manager/services/cert-manager:9402/proxy/metrics
# HELP certmanager_clock_time_seconds DEPRECATED: use clock_time_seconds_gauge instead. The clock time given in seconds (from 1970/01/01 UTC).
# TYPE certmanager_clock_time_seconds counter
certmanager_clock_time_seconds 1.7114653e+09
# HELP certmanager_clock_time_seconds_gauge The clock time given in seconds (from 1970/01/01 UTC).
# TYPE certmanager_clock_time_seconds_gauge gauge
certmanager_clock_time_seconds_gauge 1.7114653e+09
# HELP certmanager_controller_sync_call_count The number of sync() calls made by a controller.
# TYPE certmanager_controller_sync_call_count counter
certmanager_controller_sync_call_count{controller="certificaterequests-approver"} 4
certmanager_controller_sync_call_count{controller="certificaterequests-issuer-acme"} 4
certmanager_controller_sync_call_count{controller="certificaterequests-issuer-ca"} 4
certmanager_controller_sync_call_count{controller="certificaterequests-issuer-selfsigned"} 4
certmanager_controller_sync_call_count{controller="certificaterequests-issuer-vault"} 4
certmanager_controller_sync_call_count{controller="certificaterequests-issuer-venafi"} 4
certmanager_controller_sync_call_count{controller="certificates-issuing"} 4
certmanager_controller_sync_call_count{controller="certificates-key-manager"} 4
certmanager_controller_sync_call_count{controller="certificates-metrics"} 4
certmanager_controller_sync_call_count{controller="certificates-readiness"} 4
certmanager_controller_sync_call_count{controller="certificates-request-manager"} 4
certmanager_controller_sync_call_count{controller="certificates-revision-manager"} 4
certmanager_controller_sync_call_count{controller="certificates-trigger"} 4
certmanager_controller_sync_call_count{controller="clusterissuers"} 2
certmanager_controller_sync_call_count{controller="issuers"} 3
Then, I add one certificate:
kubectl apply -f - <<EOF
apiVersion: cert-manager.io/v1
kind: Certificate
metadata:
name: test
spec:
secretName: test
issuerRef:
name: test
kind: Issuer
dnsNames:
- test
EOF
The metrics are now showing:
$ k get --raw /api/v1/namespaces/cert-manager/services/cert-manager:9402/proxy/metrics
# HELP certmanager_certificate_expiration_timestamp_seconds The date after which the certificate expires. Expressed as a Unix Epoch Time.
# TYPE certmanager_certificate_expiration_timestamp_seconds gauge
certmanager_certificate_expiration_timestamp_seconds{issuer_group="",issuer_kind="Issuer",issuer_name="test",name="test",namespace="default"} 0
# HELP certmanager_certificate_ready_status The ready status of the certificate.
# TYPE certmanager_certificate_ready_status gauge
certmanager_certificate_ready_status{condition="False",issuer_group="",issuer_kind="Issuer",issuer_name="test",name="test",namespace="default"} 1
certmanager_certificate_ready_status{condition="True",issuer_group="",issuer_kind="Issuer",issuer_name="test",name="test",namespace="default"} 0
certmanager_certificate_ready_status{condition="Unknown",issuer_group="",issuer_kind="Issuer",issuer_name="test",name="test",namespace="default"} 0
# HELP certmanager_certificate_renewal_timestamp_seconds The number of seconds before expiration time the certificate should renew.
# TYPE certmanager_certificate_renewal_timestamp_seconds gauge
certmanager_certificate_renewal_timestamp_seconds{issuer_group="",issuer_kind="Issuer",issuer_name="test",name="test",namespace="default"} 0
# HELP certmanager_clock_time_seconds DEPRECATED: use clock_time_seconds_gauge instead. The clock time given in seconds (from 1970/01/01 UTC).
# TYPE certmanager_clock_time_seconds counter
certmanager_clock_time_seconds 1.711465478e+09
# HELP certmanager_clock_time_seconds_gauge The clock time given in seconds (from 1970/01/01 UTC).
# TYPE certmanager_clock_time_seconds_gauge gauge
certmanager_clock_time_seconds_gauge 1.711465478e+09
# HELP certmanager_controller_sync_call_count The number of sync() calls made by a controller.
# TYPE certmanager_controller_sync_call_count counter
certmanager_controller_sync_call_count{controller="certificaterequests-approver"} 7
certmanager_controller_sync_call_count{controller="certificaterequests-issuer-acme"} 7
certmanager_controller_sync_call_count{controller="certificaterequests-issuer-ca"} 7
certmanager_controller_sync_call_count{controller="certificaterequests-issuer-selfsigned"} 7
certmanager_controller_sync_call_count{controller="certificaterequests-issuer-vault"} 7
certmanager_controller_sync_call_count{controller="certificaterequests-issuer-venafi"} 7
certmanager_controller_sync_call_count{controller="certificates-issuing"} 11
certmanager_controller_sync_call_count{controller="certificates-key-manager"} 9
certmanager_controller_sync_call_count{controller="certificates-metrics"} 8
certmanager_controller_sync_call_count{controller="certificates-readiness"} 12
certmanager_controller_sync_call_count{controller="certificates-request-manager"} 12
certmanager_controller_sync_call_count{controller="certificates-revision-manager"} 11
certmanager_controller_sync_call_count{controller="certificates-trigger"} 11
certmanager_controller_sync_call_count{controller="clusterissuers"} 2
certmanager_controller_sync_call_count{controller="issuers"} 3
from cert-manager.
Related Issues (20)
- Cert-manager fails with invalid x509 certificate error when running on istio HOT 8
- cainjector shows usages and non json output, if error appears HOT 2
- jks keystore in secret is removed when a secret is referenced by multiple certificates HOT 5
- Expose metrics for webhook and ca-injector
- When using a keystore.p12, we need to be able to specify the name for the alias HOT 1
- cert-manager-cainjector is looking for ca secret in wrong namespace? HOT 2
- Error nil pointer evaluating interface {}.enabled on Helm chart upgrade to 1.15.0 HOT 5
- Custom keystore filename when onboarding certificate. HOT 1
- nameOverride and fullnameOverride are missing from helm values.yaml HOT 1
- [Helm] add failurePolicy configuration to values.yaml HOT 2
- cert-manager randomly crashes with leader election lost HOT 2
- Challenge getting 404 instead of 200
- Job label in Helm chart of cert-manager shouldn't be templated from chart name HOT 2
- cert manager controller pod showing unknown flag: --cluster-resource-namespace HOT 3
- Support monitoring Traefik IngressRoutes (CRDs)
- CRDs not being installed since v1.15.0 HOT 5
- Vault issuer should retry on volatile errors HOT 3
- Add global image repository value to helm values to facilitate private repo and eiliminate need to maintain individual repo image paths
- Route53 Provider Assume Role Error - Missing Region HOT 1
- UI Toolings to help user create and manage certificates
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from cert-manager.