Skip to content
This repository has been archived by the owner on May 16, 2023. It is now read-only.

Commit

Permalink
Merge pull request #471 from ChrsMark/patch-2
Browse files Browse the repository at this point in the history
Make use of secure port when accessing Kubelet API
  • Loading branch information
jmlrt authored Apr 3, 2020
2 parents e7ed45d + 2aed960 commit a03b78e
Show file tree
Hide file tree
Showing 2 changed files with 15 additions and 2 deletions.
8 changes: 7 additions & 1 deletion metricbeat/examples/security/values.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -10,7 +10,13 @@ metricbeatConfig:
- volume
period: 10s
host: "${NODE_NAME}"
hosts: ["${NODE_NAME}:10255"]
hosts: ["https://${NODE_NAME}:10250"]
bearer_token_file: /var/run/secrets/kubernetes.io/serviceaccount/token
ssl.verification_mode: "none"
# If using Red Hat OpenShift remove ssl.verification_mode entry and
# uncomment these settings:
#ssl.certificate_authorities:
#- /var/run/secrets/kubernetes.io/serviceaccount/service-ca.crt
processors:
- add_kubernetes_metadata:
in_cluster: true
Expand Down
9 changes: 8 additions & 1 deletion metricbeat/values.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -13,7 +13,13 @@ metricbeatConfig:
- volume
period: 10s
host: "${NODE_NAME}"
hosts: ["${NODE_NAME}:10255"]
hosts: ["https://${NODE_NAME}:10250"]
bearer_token_file: /var/run/secrets/kubernetes.io/serviceaccount/token
ssl.verification_mode: "none"
# If using Red Hat OpenShift remove ssl.verification_mode entry and
# uncomment these settings:
#ssl.certificate_authorities:
#- /var/run/secrets/kubernetes.io/serviceaccount/service-ca.crt
processors:
- add_kubernetes_metadata:
in_cluster: true
Expand Down Expand Up @@ -145,6 +151,7 @@ clusterRoleRules:
- events
- deployments
- nodes
- nodes/stats
- replicasets
verbs:
- get
Expand Down

0 comments on commit a03b78e

Please sign in to comment.