0

I have an kubernetes cluster running. I want to monitor this with kube-state-metrics. This is all installed and when port forwarding the metrics are visible on my local pc.

I have prometheus running on a seperate ubuntu server. How do I expose the kube-state-metrics to the prometheus server. Is there a save way to expose the metrics without desturbing any other applications and comprimising safety?

jasper sikkema
  • 21
  • 1
  • 5
  • I would highly recommend installing prometheus inside the cluster itself so that you can take advantage of its k8s autodiscovery features. See this project for a complete out of the box stack: https://github.com/prometheus-operator/kube-prometheus – jordanm Apr 14 '22 at 14:55
  • Thank you for you response. Is there a way to link the in cluster prometheus to the one outside the cluster because there is a lot more being monitored by my prometheus instance. I also already have grafana running outside the cluster so I do not need that on the cluster as well. – jasper sikkema Apr 14 '22 at 15:15
  • Yes, you can configure a federation of clusters: https://prometheus.io/docs/prometheus/latest/federation/. Alternatively, you can setup a grafana instance with multiple prometheus sources. – jordanm Apr 14 '22 at 15:18
  • So I can setup my grafana instance so it can get the information from the oncluster prometheus? But then I would need to expose the in cluster prometheus? How do I expose prometheus to the grafana instance? – jasper sikkema Apr 14 '22 at 15:26
  • The most common way to expose services to outside of your cluster is to use an ingress. If you are using kube-prometheus, ingress setup docs are found here: https://github.com/prometheus-operator/kube-prometheus/blob/main/docs/customizations/exposing-prometheus-alertmanager-grafana-ingress.md – jordanm Apr 14 '22 at 17:34
  • You could use the API server's port forward feature to connect to kube state metric's container port without exposing any data to unauthorized users. – whites11 Apr 15 '22 at 08:21
  • Thanks for the input! Is that a viable option for a production environment? Also when port forwarding is it still possible to use the command line? – jasper sikkema Apr 15 '22 at 09:41

0 Answers0