Skip to content

GitLab

Unverified Commit 7dbebf3c authored by Thomas Montfort's avatar Thomas Montfort Committed by GitHub
Browse files

refactor: replace kube-rbac-proxy sidecar with controller-runtime... 

refactor: replace kube-rbac-proxy sidecar with controller-runtime WithAuthenticationAndAuthorization (#7045)
parent f1dbea4f
Hide whitespace changes
Inline Side-by-side
Showing with 3 additions and 3 deletions
docs/kubernetes/api-reference.md
View file @ 7dbebf3c
...@@ -1926,7 +1926,7 @@ _Appears in:_ ...@@ -1926,7 +1926,7 @@ _Appears in:_
| --- | --- | --- | --- | | --- | --- | --- | --- |
| `bindAddress` _string_ | BindAddress is the address the server binds to | | | | `bindAddress` _string_ | BindAddress is the address the server binds to | | |
| `port` _integer_ | Port is the port the server listens on | | | | `port` _integer_ | Port is the port the server listens on | | |
| `secure` _boolean_ | Secure enables secure serving for the metrics endpoint | | | | `secure` _boolean_ | Secure enables secure serving for the metrics endpoint.<br />nil = default to true (secure by default). | | |
#### NamespaceConfiguration #### NamespaceConfiguration
...@@ -2076,7 +2076,7 @@ _Appears in:_ ...@@ -2076,7 +2076,7 @@ _Appears in:_
| Field | Description | Default | Validation | | Field | Description | Default | Validation |
| --- | --- | --- | --- | | --- | --- | --- | --- |
| `metrics` _[MetricsServer](#metricsserver)_ | Metrics server configuration | \{ bindAddress:127.0.0.1 port:8080 \} | | | `metrics` _[MetricsServer](#metricsserver)_ | Metrics server configuration | \{ bindAddress:0.0.0.0 port:8080 secure:true \} | |
| `healthProbe` _[Server](#server)_ | Health probe server configuration | \{ bindAddress:0.0.0.0 port:8081 \} | | | `healthProbe` _[Server](#server)_ | Health probe server configuration | \{ bindAddress:0.0.0.0 port:8081 \} | |
| `webhook` _[WebhookServer](#webhookserver)_ | Webhook server configuration | \{ certDir:/tmp/k8s-webhook-server/serving-certs host:0.0.0.0 port:9443 \} | | | `webhook` _[WebhookServer](#webhookserver)_ | Webhook server configuration | \{ certDir:/tmp/k8s-webhook-server/serving-certs host:0.0.0.0 port:9443 \} | |
......
docs/kubernetes/observability/operator-metrics.md
View file @ 7dbebf3c
...@@ -27,7 +27,7 @@ The operator metrics feature requires the same monitoring infrastructure as appl ...@@ -27,7 +27,7 @@ The operator metrics feature requires the same monitoring infrastructure as appl
Operator metrics are automatically collected via a ServiceMonitor, which is created by the Helm chart when `metricsService.enabled: true` (default). Operator metrics are automatically collected via a ServiceMonitor, which is created by the Helm chart when `metricsService.enabled: true` (default).
**Unlike application metrics** (which use PodMonitor), the operator uses ServiceMonitor and requires no manual RBAC configuration. The operator's kube-rbac-proxy sidecar is configured with `--ignore-paths=/metrics` to allow Prometheus access. **Unlike application metrics** (which use PodMonitor), the operator uses ServiceMonitor and requires no manual RBAC configuration. The operator's metrics endpoint uses controller-runtime's built-in `WithAuthenticationAndAuthorization` filter for secure serving.
To verify the ServiceMonitor is created: To verify the ServiceMonitor is created:
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment