$ oc label namespace cert-manager openshift.io/cluster-monitoring=true
You can expose controller metrics for the cert-manager Operator for Red Hat OpenShift in the format provided by the Prometheus Operator.
You can enable monitoring and metrics collection for the cert-manager Operator for Red Hat OpenShift by using a service monitor to perform the custom metrics scraping.
You have access to the cluster with cluster-admin
privileges.
The cert-manager Operator for Red Hat OpenShift is installed.
Add the label to enable cluster monitoring by running the following command:
$ oc label namespace cert-manager openshift.io/cluster-monitoring=true
Create a service monitor:
Create a YAML file that defines the Role
, RoleBinding
, and serviceMonitor
objects:
monitoring.yaml
fileapiVersion: rbac.authorization.k8s.io/v1
kind: Role
metadata:
name: prometheus-k8s
namespace: cert-manager
rules:
- apiGroups:
- ""
resources:
- services
- endpoints
- pods
verbs:
- get
- list
- watch
---
apiVersion: rbac.authorization.k8s.io/v1
kind: RoleBinding
metadata:
name: prometheus-k8s
namespace: cert-manager
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: Role
name: prometheus-k8s
subjects:
- kind: serviceAccount
name: prometheus-k8s
namespace: openshift-monitoring
---
apiVersion: monitoring.coreos.com/v1
kind: serviceMonitor
metadata:
labels:
app: cert-manager
app.kubernetes.io/component: controller
app.kubernetes.io/instance: cert-manager
app.kubernetes.io/name: cert-manager
name: cert-manager
namespace: cert-manager
spec:
endpoints:
- interval: 30s
port: tcp-prometheus-servicemonitor
scheme: http
selector:
matchLabels:
app.kubernetes.io/component: controller
app.kubernetes.io/instance: cert-manager
app.kubernetes.io/name: cert-manager
Create the Role
, RoleBinding
, and serviceMonitor
objects by running the following command:
$ oc create -f monitoring.yaml
After you have enabled monitoring for the cert-manager Operator for Red Hat OpenShift, you can query its metrics by using the OpenShift Container Platform web console.
You have access to the cluster as a user with the cluster-admin
role.
You have installed the cert-manager Operator for Red Hat OpenShift.
You have enabled monitoring and metrics collection for the cert-manager Operator for Red Hat OpenShift.
From the OpenShift Container Platform web console, navigate to Observe → Metrics.
Add a query by using one of the following formats:
Specify the endpoints:
{instance="<endpoint>"} (1)
1 | Replace <endpoint> with the value of the endpoint for the cert-manager service. You can find the endpoint value by running the following command: oc describe service cert-manager -n cert-manager . |
Specify the tcp-prometheus-servicemonitor
port:
{endpoint="tcp-prometheus-servicemonitor"}