Comments (8)
For reference, I was able to resolve the new 1.6 RBAC reqirements by giving it "god" mode
kubectl create clusterrolebinding add-on-cluster-admin-monitoring --clusterrole=cluster-admin --serviceaccount=monitoring:default
This is not a long term solution but it will work as a hack for now. Could you please provide a better "read-only" RBAC for 1.6?
from prometheus.
that command is new in kubectl 1.6.0
from prometheus.
FYI I also believe this issue is related to #48
from prometheus.
strange - I am getting:
Error: unknown flag: --clusterrole
from prometheus.
Boom - that was it. gcloud components update
is your friend. ;)
from prometheus.
we're also running into this. been debugging for 2 hours now. to me it seems it's just an issue with fish
?
because this works
curl -s --cacert /var/run/secrets/kubernetes.io/serviceaccount/ca.crt --header \"Authorization: Bearer \"(cat /var/run/secrets/kubernetes.io/serviceaccount/token) https://kubernetes.default.svc/api/v1/namespaces/monitoring/endpoints/grafana
but when i do:
set endpoints (curl -s --cacert /var/run/secrets/kubernetes.io/serviceaccount/ca.crt --header \"Authorization: Bearer \"(cat /var/run/secrets/kubernetes.io/serviceaccount/token) https://kubernetes.default.svc/api/v1/namespaces/monitoring/endpoints/grafana); echo $endpoints;
then $endpoints
is always empty.
never used fish before, any ideas?
from prometheus.
@chapati23 Try this command:
curl -sX GET -H "Authorization:bearer `cat /var/run/secrets/kubernetes.io/serviceaccount/token`" -k https://kubernetes.default/api/v1/namespaces/monitoring/endpoints/grafana
Change it in manifests-all.yaml
to
"command": ["fish", "-c", "echo \"waiting for endpoints...\"; while true; set endpoints (curl -sX GET -H \"Authorization:bearer `cat /var/run/secrets/kubernetes.io/serviceaccount/token`\" -k https://kubernetes.default/api/v1/namespaces/monitoring/endpoints/grafana); echo $endpoints | jq \".\"; if test (echo $endpoints | jq -r \".subsets[]?.addresses // [] | length\") -gt 0; exit 0; end; echo \"waiting...\";sleep 1; end"],
There is no need to set ca.crt
and if you do that will make an error.
from prometheus.
I wouldn't recommend getting in the habit of using -k
in actual checked-in manifests... skipping TLS verification at the same time you're sending a bearer token opens you to MITM attacks
from prometheus.
Related Issues (20)
- how to set grafana path prefix? HOT 2
- Alertmanager CrashLoopBackOff HOT 2
- grafana could not access promtheus when i deplyed node-exporter HOT 1
- all containers are names "io_kubernetes_container_name" HOT 2
- Cannot import new dashboard HOT 1
- Error when applying manifest HOT 4
- Deleted
- chown: changing ownership of '/var/lib/grafana': Operation not permitted HOT 3
- no grafana data older than 1 hour HOT 1
- kube-state-metrics-74f67b58d8-tv6zv | CrashLoopBackOff HOT 1
- grafana-import-dashboards Completed HOT 2
- Automatically monitor new service
- SMTP configuration not loading HOT 1
- Empty dashboards from time to time HOT 4
- Issue w/ Quick start instructions HOT 1
- node-directory-size-metrics eats up burst balance on aws HOT 2
- node-directory-size-metrics - high memory utilization HOT 1
- unable to recognize - no matches for kind "Deployment" in version "extensions/v1beta1" HOT 1
- - job_name: 'kubernetes-nodes' - not working
- Some error in log
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from prometheus.