确保etcd已经开启/metrics如下:
curl --cert /etc/kubernetes/pki/etcd/server.crt --key /etc/kubernetes/pki/etcd/server.key https://192.168.0.54:2379/metrics -k | more
创建证书的secret资源
kubectl -n istio-system create secret generic etcd-certs --from-file=/etc/kubernetes/pki/etcd/server.crt --from-file=/etc/kubernetes/pki/etcd/server.key
挂载证书如下:
volumeMounts:
- mountPath: /etc/secret
name: secret-volume -----此部分
volumes:
- name: secret-volume
secret:
secretName: etcd-certs ------此部分
- hostPath:
path: /usr/share/zoneinfo/Asia/Shanghai
type: ''
name: timezone
- configMap:
defaultMode: 420
name: prometheus
name: config-volume
- emptyDir: {}
name: storage-volume
最后配置prometheus.yaml配置文件
- job_name: 'etcd'
scheme: https
tls_config:
cert_file: '/etc/secret/server.crt'
key_file: '/etc/secret/server.key'
insecure_skip_verify: true
static_configs:
- targets:
- '192.168.0.33:2379'
集群模式。添加IP即可
重启prometheus 生效
