$ oc -n stackrox patch svc/sensor -p '{"spec":{"ports":[{"name":"monitoring","port":9090,"protocol":"TCP","targetPort":9090}]}}' (1)
prometheus is an open-source monitoring and alerting platform. You can use it to monitor health and availability of Central and Sensor components of Red Hat Advanced Cluster Security for Kubernetes.
Before you can monitor Red Hat Advanced Cluster Security for Kubernetes, you must enable monitoring.
Patch the services to expose the port number 9090
.
Patch the Sensor service:
$ oc -n stackrox patch svc/sensor -p '{"spec":{"ports":[{"name":"monitoring","port":9090,"protocol":"TCP","targetPort":9090}]}}' (1)
1 | If you use Kubernetes, enter kubectl instead of oc . |
Patch the Central service:
$ oc -n stackrox patch svc/central -p '{"spec":{"ports":[{"name":"monitoring","port":9090,"protocol":"TCP","targetPort":9090}]}}'
Modify network policies to allow ingress.
$ oc apply -f - <<EOF (1)
apiVersion: networking.k8s.io/v1
kind: NetworkPolicy
metadata:
labels:
app.kubernetes.io/name: stackrox
name: allow-monitoring
namespace: stackrox
spec:
ingress:
- ports:
- port: 9090
protocol: TCP
podSelector:
matchExpressions:
- {key: app, operator: In, values: [central, sensor, collector]}
policyTypes:
- Ingress
EOF
1 | If you use Kubernetes, enter kubectl instead of oc . |
To customize the port used for prometheus metrics in Red Hat Advanced Cluster Security for Kubernetes Central and Sensor, you can use the ROX_METRICS_PORT
environment variable.
Set the ROX_METRICS_PORT
environment variable:
$ oc -n stackrox set env deploy/central ROX_METRICS_PORT=<value> (1)
1 | If you use Kubernetes, enter kubectl instead of oc . |
You can specify the
|