28 lines
1.2 KiB
YAML
28 lines
1.2 KiB
YAML
# Prometheus Monitor Service (Metrics)
|
|
apiVersion: monitoring.coreos.com/v1
|
|
kind: ServiceMonitor
|
|
metadata:
|
|
labels:
|
|
control-plane: controller-manager
|
|
app.kubernetes.io/name: new
|
|
app.kubernetes.io/managed-by: kustomize
|
|
name: controller-manager-metrics-monitor
|
|
namespace: system
|
|
spec:
|
|
endpoints:
|
|
- path: /metrics
|
|
port: https # Ensure this is the name of the port that exposes HTTPS metrics
|
|
scheme: https
|
|
bearerTokenFile: /var/run/secrets/kubernetes.io/serviceaccount/token
|
|
tlsConfig:
|
|
# TODO(user): The option insecureSkipVerify: true is not recommended for production since it disables
|
|
# certificate verification, exposing the system to potential man-in-the-middle attacks.
|
|
# For production environments, it is recommended to use cert-manager for automatic TLS certificate management.
|
|
# To apply this configuration, enable cert-manager and use the patch located at config/prometheus/servicemonitor_tls_patch.yaml,
|
|
# which securely references the certificate from the 'metrics-server-cert' secret.
|
|
insecureSkipVerify: true
|
|
selector:
|
|
matchLabels:
|
|
control-plane: controller-manager
|
|
app.kubernetes.io/name: new
|