disabled kube-rbac-proxy to fix the issue for scraping the operator m…

…etrics see more detail in issue operator-framework/operator-sdk#4764 Signed-off-by: Abdul Hameed <[email protected]>
redhatHameed · Apr 11, 2022 · 6d6b48c · 6d6b48c
1 parent 4b3251a
commit 6d6b48c
Show file tree

Hide file tree

Showing 7 changed files with 55 additions and 4 deletions.
diff --git a/config/default/kustomization.yaml b/config/default/kustomization.yaml
@@ -22,13 +22,14 @@ bases:
 # [CERTMANAGER] To enable cert-manager, uncomment all sections with 'CERTMANAGER'. 'WEBHOOK' components are required.
 #- ../certmanager
 # [PROMETHEUS] To enable prometheus monitor, uncomment all sections with 'PROMETHEUS'.
-#- ../prometheus
+- ../prometheus
 
 patchesStrategicMerge:
 # Protect the /metrics endpoint by putting it behind auth.
 # If you want your controller-manager to expose the /metrics
 # endpoint w/o any authn/z, please comment the following line.
-- manager_auth_proxy_patch.yaml
+#- manager_auth_proxy_patch.yaml
+- manager_insecure_patch.yaml
 
 # Mount the controller config file for loading manager configurations
 # through a ComponentConfig type

diff --git a/config/default/manager_insecure_patch.yaml b/config/default/manager_insecure_patch.yaml
@@ -0,0 +1,18 @@
+# This patch updates the manager for insecure /metrics scraping
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: controller-manager
+  namespace: system
+spec:
+  template:
+    spec:
+      containers:
+        - name: manager
+          args:
+            - "--health-probe-bind-address=:8081"
+            - "--metrics-bind-address=:8080"
+            - "--leader-elect"
+          ports:
+            - name: http
+              containerPort: 8080
diff --git a/config/manager/manager.yaml b/config/manager/manager.yaml
@@ -33,6 +33,7 @@ spec:
         - --leader-elect
         - --log-level=INFO
         image: controller:latest
+        imagePullPolicy: Always
         name: manager
         imagePullPolicy: Always
         securityContext:

diff --git a/config/manifests/kustomization.yaml b/config/manifests/kustomization.yaml
@@ -20,7 +20,7 @@ patchesJson6902:
     # Remove the manager container's "cert" volumeMount, since OLM will create and mount a set of certs.
     # Update the indices in this path if adding or removing containers/volumeMounts in the manager's Deployment.
     - op: remove
-      path: /spec/template/spec/containers/1/volumeMounts/0
+      path: /spec/template/spec/containers/0/volumeMounts/0
     # Remove the "cert" volume, since OLM will create and mount a set of certs.
     # Update the indices in this path if adding or removing volumes in the manager's Deployment.
     - op: remove

diff --git a/config/prometheus/kustomization.yaml b/config/prometheus/kustomization.yaml
@@ -1,2 +1,2 @@
 resources:
-- monitor.yaml
+- monitor_insecure.yaml
diff --git a/config/prometheus/monitor_insecure.yaml b/config/prometheus/monitor_insecure.yaml
@@ -0,0 +1,17 @@
+# Prometheus Monitor Service (Metrics)
+apiVersion: monitoring.coreos.com/v1
+kind: ServiceMonitor
+metadata:
+  labels:
+    control-plane: controller-manager
+  name: controller-manager-metrics-monitor
+  namespace: system
+spec:
+  endpoints:
+    - path: /metrics
+      port: http
+      scheme: http
+      interval: 30s
+  selector:
+    matchLabels:
+      control-plane: controller-manager
diff --git a/config/rbac/service_insecure.yaml b/config/rbac/service_insecure.yaml
@@ -0,0 +1,14 @@
+apiVersion: v1
+kind: Service
+metadata:
+  labels:
+    control-plane: controller-manager
+  name: controller-manager-metrics-service
+  namespace: system
+spec:
+  ports:
+    - name: http
+      port: 8080
+      targetPort: http
+  selector:
+    control-plane: controller-manager