76 lines
1.7 KiB
YAML
76 lines
1.7 KiB
YAML
apiVersion: v1
|
|
kind: ServiceAccount
|
|
metadata:
|
|
name: prometheus-k8s
|
|
namespace: monitoring
|
|
---
|
|
apiVersion: rbac.authorization.k8s.io/v1beta1
|
|
kind: ClusterRole
|
|
metadata:
|
|
name: prometheus
|
|
rules:
|
|
- apiGroups: [""]
|
|
resources: ["nodes", "services", "endpoints", "pods"]
|
|
verbs: ["get", "list", "watch"]
|
|
- apiGroups: [""]
|
|
resources: ["configmaps"]
|
|
verbs: ["get"]
|
|
- nonResourceURLs: ["/metrics"]
|
|
verbs: ["get"]
|
|
---
|
|
apiVersion: v1
|
|
kind: ServiceAccount
|
|
metadata:
|
|
name: kube-state-metrics
|
|
namespace: monitoring
|
|
---
|
|
apiVersion: rbac.authorization.k8s.io/v1beta1
|
|
kind: ClusterRoleBinding
|
|
metadata:
|
|
name: prometheus
|
|
roleRef:
|
|
apiGroup: rbac.authorization.k8s.io
|
|
kind: ClusterRole
|
|
name: prometheus
|
|
subjects:
|
|
- kind: ServiceAccount
|
|
name: prometheus-k8s
|
|
namespace: monitoring
|
|
---
|
|
apiVersion: rbac.authorization.k8s.io/v1beta1
|
|
kind: ClusterRole
|
|
metadata:
|
|
name: kube-state-metrics
|
|
rules:
|
|
- apiGroups: [""]
|
|
resources: ["nodes","pods","services","resourcequotas","replicationcontrollers","limitranges"]
|
|
verbs: ["list", "watch"]
|
|
- apiGroups: ["extensions"]
|
|
resources: ["daemonsets","deployments","replicasets"]
|
|
verbs: ["list", "watch"]
|
|
- apiGroups: ["batch/v1"]
|
|
resources: ["job"]
|
|
verbs: ["list", "watch"]
|
|
- apiGroups: ["v1"]
|
|
resources: ["persistentvolumeclaim"]
|
|
verbs: ["list", "watch"]
|
|
- apiGroups: ["apps"]
|
|
resources: ["statefulset"]
|
|
verbs: ["list", "watch"]
|
|
- apiGroups: ["batch/v2alpha1"]
|
|
resources: ["cronjob"]
|
|
verbs: ["list", "watch"]
|
|
---
|
|
apiVersion: rbac.authorization.k8s.io/v1beta1
|
|
kind: ClusterRoleBinding
|
|
metadata:
|
|
name: kube-state-metrics
|
|
roleRef:
|
|
apiGroup: rbac.authorization.k8s.io
|
|
kind: ClusterRole
|
|
name: kube-state-metrics
|
|
subjects:
|
|
- kind: ServiceAccount
|
|
name: kube-state-metrics
|
|
namespace: monitoring
|