Skip to content

jenting/secure-metrics-server

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

4 Commits
.github/workflows
.github/workflows
 
 
.gitignore
.gitignore
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
secure-metrics-server.sh
secure-metrics-server.sh
 
 

Repository files navigation

Secure metrics server

Official metrics-server deploys onto Kubernetes is insecure.

This repo provides a way to generate metrics-server server certificate and key by Kubernetes CA. Then, deploys metrics-server in secure.

Prerequisite

Demo

KIND

  1. Clone upstream metrics-server manifests.

    At here, we clone the current latest metrics-server tag v0.4.1, you could switch to your preferred metrics-server release version.

    git clone -b v0.4.1 git@github.com:kubernetes-sigs/metrics-server.git
cd metrics-server/manifests
git clone git@github.com:jenting/secure-metrics-server.git
cd secure-metrics-server

  2. Copy the Kubernetes CA certificate from remote machine to local machine.

    NODE_NAME=`kind get nodes`
CONTAINER_ID=`docker ps --filter "name=$NODE_NAME" -q`
docker cp $CONTAINER_ID:/etc/kubernetes/pki/ca.crt kubernetes-ca.crt

  3. Run generate secure metrics-server patch manifests.

    ./secure-metrics-server.sh

  4. Apply the kustomization.yaml file

    cd ../
kustomize build secure-metrics-server | kubectl apply -f -

  5. Check the metrics-server bahavior

    kubectl top nodes
kubectl top pods

About

Deploy Kubernetes metrics-server in secure

Topics

kubernetes metrics-server

Resources

Readme

License

Apache-2.0 license
Activity

Stars

11 stars

Watchers

2 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages