The Operator exposes metrics in the Prometheus format for each controller. They are available at the standard /metrics path over the HTTPS port 8443.
The metrics are protected by kube-rbac-proxy. This allows providing RBAC-based access to the metrics within the Kubernetes cluster.
The Operator exposes all metrics provided by the controller-runtime by default. The full list you can find on the Kubebuilder documentation.
How metrics are scraped will depend on how you operate your Prometheus server. The below example assumes that the Prometheus Operator is being used to run Prometheus.
If the Operator is deployed with helm, a Kubernetes Cluster IP service resource is created. This service should be used as a target for Prometheus. The service name builds by the following template: {{ .Release.Name }}-controller-manager-metrics-service
Below is an example of the Prometheus Operator ConfigMap to scrape metrics from the Operator Helm release named tfc-operator:
apiVersion: v1
data:
...
prometheus.yml: |
...
- job_name: tfc-operator
bearer_token_file: /var/run/secrets/kubernetes.io/serviceaccount/token
scheme: https
scrape_interval: 1m
scrape_timeout: 10s
static_configs:
- targets:
- tfc-operator-controller-manager-metrics-service:8443
tls_config:
insecure_skip_verify: true