Is it possible to use this exporter to monitor PEM files within each pod? #188

Reyzorcat · 2023-09-16T02:04:00Z

Is it possible to use this exporter to monitor PEM files within each pod?
As far as I understand from the documentation, PEM files can only be monitored locally from the exporter pod itself or from the host using a daemonset. I would like to be able to monitor files within each cluster pod

npdgm · 2023-09-18T12:17:56Z

Hi,
The only good option would be to run the exporter as a sidecar in each Pod having PEM files. Mounting the volume with certificates for each container, or using an emptyDir ephemeral volume if PEM files are created at runtime only.
Then you could scrape the sidecar with a PodMonitor for example.
Other users have been wanting to do this with a DaemonSet mounting the whole kubelet directory, and a globbing pattern that could look for *.pem in every container overlayfs. It makes me a bit nauseous, I would not recommend that at all.
Cheers

Reyzorcat · 2023-09-20T08:51:22Z

Thanks for reply. For now i choose to create separated pod with exporter and mount all certs from secrets to it. Maybe not the best solution, but the simplest

npdgm self-assigned this Sep 18, 2023

npdgm added the usage label Sep 18, 2023

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Is it possible to use this exporter to monitor PEM files within each pod? #188

Is it possible to use this exporter to monitor PEM files within each pod? #188

Reyzorcat commented Sep 16, 2023

npdgm commented Sep 18, 2023

Reyzorcat commented Sep 20, 2023

Is it possible to use this exporter to monitor PEM files within each pod? #188

Is it possible to use this exporter to monitor PEM files within each pod? #188

Comments

Reyzorcat commented Sep 16, 2023

npdgm commented Sep 18, 2023

Reyzorcat commented Sep 20, 2023