Clarification on authorization header for k8s service discovery i.e kubernetes_sd_configs
22 views
Skip to first unread message
learner
Aug 15, 2024, 2:48:53 PM8/15/24
to Prometheus Users
Hi All,
Need some clarification on authorization header for k8s service discovery i.e kubernetes_sd_configs?
Question 1:
why we need authorization header for the role endpoints i.e (- role: endpoints) but not pods i.e (- role: pod)?
More ref: https://github.com/prometheus/prometheus/blob/release-2.54/documentation/examples/prometheus-kubernetes.yml
Question 1:
why we need authorization header for the role endpoints i.e (- role: endpoints) but not pods i.e (- role: pod)?
More ref: https://github.com/prometheus/prometheus/blob/release-2.54/documentation/examples/prometheus-kubernetes.yml
Question 2:
As per doc, The discovery auth config is automatic if Prometheus runs inside the cluster. Otherwise, more config options have to be provided within the <kubernetes_sd_config?
That means it will use service account attached to prometheus pod for authentication with k8s api server?
Kind Regards,
Kavin
Reply all
Reply to author
Forward
0 new messages