monitor kuberntes cluster which created using kops with prometheus running on different vpc

2/2/2018

I created a kubernetes cluster on aws using kops so it created the certificates on its own. so next is to add kubernetes api server in prometheus configuration. I used the below prometheus configuration.

 - role: node
  api_server: 'https://example.com'
  basic_auth:
    username: 'username'
    password: 'password'
  tls_config:
    ca_file: '/opt/prometheus-2.1.0.linux-amd64/ca.crt'
    server_name: kubernetes

It's adding the targets in prometheus but prometheus unable to scrap the targets with the below error.

Get https://x.x.x.x:10250/metrics: x509: cannot validate certificate for x.x.x.x because it doesn't contain any IP SANs

eventhough i added server_name: kubernetes in the above configuration. I took kubernetes from the certficate.

openssl x509 -text -noout -in ca.crt

It has below contents. Subject: CN=kubernetes

-- vinodh kumar Basavani
kops
kubernetes
prometheus
prometheus-operator

0 Answers