From 3de486de44b1b53522d9da2edbb32b23f4e05a37 Mon Sep 17 00:00:00 2001 From: Duciwuci <duciwuci@gmail.com> Date: Tue, 15 Oct 2024 11:33:26 +0200 Subject: [PATCH] set insecure_skip_verify to true for cadvisor and kubelet job Since Prometheus Targets are all down due to gardener#9716 in Gardener v1.96, we need to set insecure_skip_verify to true on cadvisor & kubelet scrape config. Since this is a hotfix, it can be dropped whenever we have a long term solution. --- .../prometheus/cache/assets/scrapeconfigs/cadvisor.yaml | 2 +- .../prometheus/cache/assets/scrapeconfigs/kubelet.yaml | 2 +- .../monitoring/prometheus/cache/scrapeconfigs_test.go | 4 ++-- 3 files changed, 4 insertions(+), 4 deletions(-) diff --git a/pkg/component/observability/monitoring/prometheus/cache/assets/scrapeconfigs/cadvisor.yaml b/pkg/component/observability/monitoring/prometheus/cache/assets/scrapeconfigs/cadvisor.yaml index 1a4bed9a2a7..634f0e2396a 100644 --- a/pkg/component/observability/monitoring/prometheus/cache/assets/scrapeconfigs/cadvisor.yaml +++ b/pkg/component/observability/monitoring/prometheus/cache/assets/scrapeconfigs/cadvisor.yaml @@ -6,7 +6,7 @@ metrics_path: /metrics/cadvisor tls_config: ca_file: /var/run/secrets/kubernetes.io/serviceaccount/ca.crt - insecure_skip_verify: {{.IsManagedSeed}} + insecure_skip_verify: true bearer_token_file: /var/run/secrets/kubernetes.io/serviceaccount/token kubernetes_sd_configs: diff --git a/pkg/component/observability/monitoring/prometheus/cache/assets/scrapeconfigs/kubelet.yaml b/pkg/component/observability/monitoring/prometheus/cache/assets/scrapeconfigs/kubelet.yaml index 8a901530729..b984c74240c 100644 --- a/pkg/component/observability/monitoring/prometheus/cache/assets/scrapeconfigs/kubelet.yaml +++ b/pkg/component/observability/monitoring/prometheus/cache/assets/scrapeconfigs/kubelet.yaml @@ -4,7 +4,7 @@ scheme: https tls_config: ca_file: /var/run/secrets/kubernetes.io/serviceaccount/ca.crt - insecure_skip_verify: {{.IsManagedSeed}} + insecure_skip_verify: true bearer_token_file: /var/run/secrets/kubernetes.io/serviceaccount/token kubernetes_sd_configs: diff --git a/pkg/component/observability/monitoring/prometheus/cache/scrapeconfigs_test.go b/pkg/component/observability/monitoring/prometheus/cache/scrapeconfigs_test.go index 86f5fa66dcf..8c935992cd5 100644 --- a/pkg/component/observability/monitoring/prometheus/cache/scrapeconfigs_test.go +++ b/pkg/component/observability/monitoring/prometheus/cache/scrapeconfigs_test.go @@ -122,7 +122,7 @@ metrics_path: /metrics/cadvisor tls_config: ca_file: /var/run/secrets/kubernetes.io/serviceaccount/ca.crt - insecure_skip_verify: false + insecure_skip_verify: true bearer_token_file: /var/run/secrets/kubernetes.io/serviceaccount/token kubernetes_sd_configs: @@ -183,7 +183,7 @@ scheme: https tls_config: ca_file: /var/run/secrets/kubernetes.io/serviceaccount/ca.crt - insecure_skip_verify: false + insecure_skip_verify: true bearer_token_file: /var/run/secrets/kubernetes.io/serviceaccount/token kubernetes_sd_configs: