We are now using the CheckMk trial Cloud Edition 2.2.0p23 in order to experiment the prometheus integration with our Checkmk.
We have an prometheus endpoint on our openshift cluster and we can query it with service account to get metrics for example cpu usage pods for given namespace without openshift administor rights.
Is it possible to get these metrics with this prometheus integration using Cadvisor Scrape tagert ?
Now , we configured an prometheus rule and now we faced an 401 error and I don’t understand why .
For your information , the token has been added as well as the certificate.
Which steps and configurations that we might have forgotten ?
is there anyone in the same situation and who has achieved this type of integration ?
Because I don’t have openshift admin rights and we wanted to experiment since we have a prometheus endpoint.
Does it mean that the integration of checkmk with prometheus is not possible with a prometheus openshit endpoint without openshit integration?
I also tested with the openshift integration with an account service limited to only the pods in my namespace.
I found the following error that the account service must have rights to the openshift node.
Does this mean that only admin rights on OpenShift can integrate openshift with checkmk?
The problem is that we are in a hyper-segmented organization with a provider group and us as the customer.
We only have a view of our own namespaces and not of other namespaces on the same cluster.
The example is that we cannot create a namespace ourselves.
So the account service cannot work with the ClusterRole role.
Can’t the integration of checkmk with openshift work in this type of organization?
Do we need to have admin rights?
Your service account which will be used to query the information should atleast have a ClusterRole with those LIST/GET permissions to query those resources.
