Lab 7.1 - Create Namespace & ClusterRole

Create a Namespace & ClusterRole

First, we will create a Kubernetes namespace for all our monitoring components. If you don’t create a dedicated namespace, all the Prometheus Kubernetes deployment objects get deployed on the default namespace.

Execute the following command to create a new namespace named monitoring:

kubectl create namespace monitoring

Prometheus uses Kubernetes APIs to read all the available metrics from Nodes, Pods, Deployments, etc. For this reason, we need to create an RBAC policy with read access to required API groups and bind the policy to the monitoring namespace.

1. Create a file named clusterRole.yaml and copy the following RBAC role:

vim clusterRole.yaml

apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
  name: prometheus
rules:
- apiGroups: [""]
  resources:
  - nodes
  - nodes/proxy
  - services
  - endpoints
  - pods
  verbs: ["get", "list", "watch"]
- apiGroups:
  - extensions
  resources:
  - ingresses
  verbs: ["get", "list", "watch"]
- nonResourceURLs: ["/metrics"]
  verbs: ["get"]
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
  name: prometheus
roleRef:
  apiGroup: rbac.authorization.k8s.io
  kind: ClusterRole
  name: prometheus
subjects:
- kind: ServiceAccount
  name: default
  namespace: monitoring

2. Create the role using the following command:

kubectl create -f clusterRole.yaml

Kubernetes Monitoring (K9-MON)

Modul 1

Changelog Course

Modul 2

Introduction

Modul 3

Kubernetes Architecture

Modul 4

Kubernetes installation and Configuration

Modul 5

Volumes and Data

Modul 6

Kubernetes Service

Modul 7

Kubernetes Monitoring

Modul 8

Prometheus Fundamentals

Modul 9

PromQL

Modul 10

Node Exporter

Modul 11

Kube State Metrics & Alert Manager

Modul 12

Grafana

Modul 13

Prometheus Operator