diff --git a/CHANGES.md b/CHANGES.md index 64b7f17c5..a2eba4c45 100644 --- a/CHANGES.md +++ b/CHANGES.md @@ -10,6 +10,10 @@ Notable changes between versions. * Add `disk_iops` variable for EBS volume IOPS ([#314](https://github.com/poseidon/typhoon/pull/314)) +#### Addons + +* Configure Heapster to scrape Kubelets with bearer token auth ([#323](https://github.com/poseidon/typhoon/pull/323)) + ## v1.12.1 * Kubernetes [v1.12.1](https://github.com/kubernetes/kubernetes/blob/master/CHANGELOG-1.12.md#v1121) diff --git a/addons/heapster/cluster-role-binding.yaml b/addons/heapster/cluster-role-binding.yaml index 9ae16e6d5..6a36f0809 100644 --- a/addons/heapster/cluster-role-binding.yaml +++ b/addons/heapster/cluster-role-binding.yaml @@ -5,7 +5,7 @@ metadata: roleRef: apiGroup: rbac.authorization.k8s.io kind: ClusterRole - name: system:heapster + name: heapster subjects: - kind: ServiceAccount name: heapster diff --git a/addons/heapster/cluster-role.yaml b/addons/heapster/cluster-role.yaml new file mode 100644 index 000000000..7f4ac13f7 --- /dev/null +++ b/addons/heapster/cluster-role.yaml @@ -0,0 +1,30 @@ +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: heapster +rules: +- apiGroups: + - "" + resources: + - events + - namespaces + - nodes + - pods + verbs: + - get + - list + - watch +- apiGroups: + - extensions + resources: + - deployments + verbs: + - get + - list + - watch +- apiGroups: + - "" + resources: + - nodes/stats + verbs: + - get diff --git a/addons/heapster/deployment.yaml b/addons/heapster/deployment.yaml index 82adcd08f..3e1424d30 100644 --- a/addons/heapster/deployment.yaml +++ b/addons/heapster/deployment.yaml @@ -23,7 +23,7 @@ spec: image: k8s.gcr.io/heapster-amd64:v1.5.4 command: - /heapster - - --source=kubernetes.summary_api:'' + - --source=kubernetes.summary_api:''?useServiceAccount=true&kubeletHttps=true&kubeletPort=10250&insecure=true livenessProbe: httpGet: path: /healthz