-
Notifications
You must be signed in to change notification settings - Fork 5.5k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
inputs.prometheus require cluster level permissions even when scoped to a namespace #12780
Comments
@redbaron have you looked into what might be required to reduce the permissions? It does look like the readme example expected cluster level permissions as you point out. |
Hello, we're facing the same issue where we need to scrape pods but don't have permissions in our cluster to create ClusterRoles. |
Uh, It was very hard for me to setup the environment, but I think I manage to do it in the end. The good news is the fix is working! With only Role and RoleBinding (as opposed to ClusterRole and ClusterRoleBining) I was able to scrape Pods from the namespace specified in Thank you @Ivaylogi98 for the fix! |
@skrech thank you for taking the time to confirm! |
Relevant telegraf.conf
Logs from Telegraf
System info
1.25.1
Docker
No response
Steps to reproduce
Grant kubernetes service account used to run telegraf followig role (important, NOT cluster role)
Run telegraf with config from the above in the namespace
ns1
Expected behavior
Scrapes metrics successfully
Actual behavior
Unable to list pods
Additional info
No response
The text was updated successfully, but these errors were encountered: