-
Notifications
You must be signed in to change notification settings - Fork 17
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Extend metrics #38
Extend metrics #38
Conversation
e000e5a
to
93f5652
Compare
just align the helm charts too |
Changing the metrics port so this pod does not clash with MetalLB's HTTP port Signed-off-by: Ori Braunshtein <[email protected]>
Similarly to MetalLB we add some metrics regarding k8s updates. Also these register with the global controller-runtime metrics so we get some for free. Signed-off-by: Ori Braunshtein <[email protected]>
Signed-off-by: Ori Braunshtein <[email protected]>
Add a metric for the amount of prefixes received on a BGP session. Signed-off-by: Ori Braunshtein <[email protected]>
Signed-off-by: Ori Braunshtein <[email protected]>
Signed-off-by: Ori Braunshtein <[email protected]>
done |
@@ -188,7 +188,7 @@ spec: | |||
args: | |||
- "--node-name=$(NODE_NAME)" | |||
- "--namespace=$(NAMESPACE)" | |||
- "--metrics-bind-address=127.0.0.1:{{ .Values.prometheus.metricsPort }}" | |||
- "--metrics-bind-address=:{{ .Values.prometheus.metricsPort }}" |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I think binding to 127.0.0.1 is better than listening on any
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I changed it here so it is aligned with the regular manifests and the code's default (when we generated the controller), do you think we should change it everywhere?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
yeah I think this is better as the pod is hostnetworked adn we won't expose the port outside.
Since the pods are host-networked we should restrict the HTTP metrics endpoints to lo, allowing access from outside only to the HTTPs kube-rbac-proxy endpoints. Signed-off-by: Ori Braunshtein <[email protected]>
Now that the HTTP metrics endpoints listen only on lo we need to access them through the rbac-proxy endpoint when coming from outside (from the prometheus pod). Signed-off-by: Ori Braunshtein <[email protected]>
LGTM |
Depends on #33
this aligns the ports to not clash with MetalLB and adds some metrics