Simple application that accesses the Kubernetes metrics API and exports the pod metrics for Prometheus scraping.
The Metrics API is exposed by a deployed Metrics Server which is included in most managed clusters. It can also be deployed separately..
This services exports two metrics:
container_cpu_usage_corescontainer_mem_usage_bytes
Both metrics include the labels:
namespacepodcontainer
By default, Prometheus will rename the labels above to avoid conflicts with the same labels applied during export. As a result, the metric in Prometheus will appear as:
container_cpu_usage_cores{container="kube-metrics-exporter",endpoint="http",exported_container="grafana",exported_namespace="default",exported_pod="grafana-0",instance="10.40.1.109:8080",job="thanos-poc/monitor-metrics-http",namespace="default",pod="kube-metrics-exporter-6d9b8f978d-84x6q"}
# HELP container_cpu_usage_cores CPU cores used
# TYPE container_cpu_usage_cores gauge
container_cpu_usage_cores{container="grafana",namespace="default",pod="grafana-0"} 0.003
# HELP container_memory_usage_bytes memory used
# TYPE container_memory_usage_bytes gauge
container_memory_usage_bytes{container="grafana",namespace="default",pod="grafana-0"} 6.0362752e+08
-debug
enable debug logging (env DEBUG)
-http-binding string
binding of http listener for metrics export (env HTTP_BINDING) (default ":8080")
-ignore-namespaces value
when 'namespace' is empty, this lists namespaces to ignore (env IGNORE_NAMESPACES) (default kube-system)
-metrics-path string
http path for metrics export (env METRICS_PATH) (default "/metrics")
-namespace string
the namespace of the pods to collect (env NAMESPACE) (default "default")
The kube-metrics-exporter executable can be executed outside of Kubernetes cluster, in which case it will locate and use the kubernetes configuration from the standard location(s).
With a service account defined with the correct roles, as described below, the reporter can be deployed with a pod manifest such as the following to export metrics for pods in the same namespace:
metadata:
name: kube-metrics-exporter
labels:
app: kube-metrics-exporter
spec:
serviceAccountName: kube-metrics-monitor
containers:
- name: kube-metrics-exporter
image: itzg/kube-metrics-exporter
env:
- name: NAMESPACE
valueFrom:
fieldRef:
fieldPath: metadata.namespaceSince this application accesses the metrics API of the kubernetes API service, the pod will need to be assigned a service account with an appropriate role.
Service accounts must be present before the deployment, so either ensure the service account manifest is applied first or place the service account yaml documents before the deployment in the same manifest file.
The following shows how a service account could be declared:
---
apiVersion: v1
kind: ServiceAccount
metadata:
name: kube-metrics-monitor
---
apiVersion: rbac.authorization.k8s.io/v1
kind: Role
metadata:
name: kube-metrics-monitor
rules:
- apiGroups: ["metrics.k8s.io"]
resources:
- pods
verbs: ["get", "list"]
---
apiVersion: rbac.authorization.k8s.io/v1
kind: RoleBinding
metadata:
name: kube-metrics-monitor
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: Role
name: kube-metrics-monitor
subjects:
- kind: ServiceAccount
name: kube-metrics-monitor