-
Notifications
You must be signed in to change notification settings - Fork 5k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[kube-prometheus-stack] support kubelet endpoint slices #4899
base: main
Are you sure you want to change the base?
[kube-prometheus-stack] support kubelet endpoint slices #4899
Conversation
Signed-off-by: drfaust92 <[email protected]>
@@ -103,7 +103,10 @@ rules: | |||
- endpointslices | |||
verbs: | |||
- get | |||
- create |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Ideally we can use the kubeletEndpointsEnabled
and kubeletEndpointSliceEnabled
to toggle granting these permissions. will let reviewer decide. i can add this logic if needed
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
The toggle would cover only write permissions, right?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
No, I think all of the endpointslice permissions. unelss there is a reason not to (I dont see one)
Signed-off-by: drfaust92 <[email protected]>
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM.
Reading discussion upstream and it seems kinda useful for larger clusters. I as understand, OpenShift toggle the default to endpointslices. WDYT about? We can also leave the upstream defaults.
@@ -63,6 +63,12 @@ spec: | |||
- --kubelet-selector={{ .Values.prometheusOperator.kubeletService.selector }} | |||
{{- end }} | |||
{{- end }} | |||
{{- if .Values.prometheusOperator.kubeletEndpointsEnabled }} |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
if in combination with an boolean might be mis-leading.
Since --kubelet-endpoints=
is set to true by default, I set the value to false
keep the flag still to true, because --kubelet-endpoints=false
would be omit.
not sure, if
{{- if (print .Values.prometheusOperator.kubeletEndpointsEnabled) }}
would help here, since it converts the value to a string and "false"
is still true-ish, I guess?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Good point, maybe just omit the ifs entirely and go by the values.yaml values?
@@ -103,7 +103,10 @@ rules: | |||
- endpointslices | |||
verbs: | |||
- get | |||
- create |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
The toggle would cover only write permissions, right?
jkroepke I think (assume) to leave it same as upstream for the "common" case. |
What this PR does / why we need it
Which issue this PR fixes
(optional, in
fixes #<issue number>(, fixes #<issue_number>, ...)
format, will close that issue when PR gets merged)Special notes for your reviewer
Based one upstream prometheus-operator/prometheus-operator#6882
Checklist
[prometheus-couchdb-exporter]
)