确保etcd已经开启/metrics如下:
curl --cert /etc/kubernetes/pki/etcd/server.crt --key /etc/kubernetes/pki/etcd/server.key https://192.168.0.54:2379/metrics -k | more
创建证书的secret资源
kubectl -n istio-system create secret generic etcd-certs --from-file=/etc/kubernetes/pki/etcd/server.crt --from-file=/etc/kubernetes/pki/etcd/server.key挂载证书如下:
volumeMounts:- mountPath: /etc/secretname: secret-volume -----此部分volumes:- name: secret-volumesecret:secretName: etcd-certs ------此部分- hostPath:path: /usr/share/zoneinfo/Asia/Shanghaitype: ''name: timezone- configMap:defaultMode: 420name: prometheusname: config-volume- emptyDir: {}name: storage-volume
最后配置prometheus.yaml配置文件
- job_name: 'etcd'scheme: httpstls_config:cert_file: '/etc/secret/server.crt'key_file: '/etc/secret/server.key'insecure_skip_verify: truestatic_configs:- targets: - '192.168.0.33:2379'
集群模式。添加IP即可
重启prometheus 生效
