Add instanceha metrics service#590
Conversation
|
Build failed (check pipeline). Post ❌ openstack-k8s-operators-content-provider FAILURE in 4m 40s |
lmiccini
force-pushed
the
add-instanceha-metrics-service
branch
from
f1a16b0 to
8029852
Compare
lmiccini
force-pushed
the
add-instanceha-metrics-service
branch
2 times, most recently
from
2b15596 to
81fbb18
Compare
- Add a Kubernetes Service exposing the InstanceHA Prometheus metrics endpoint, with labels for automatic discovery by the telemetry operator's ScrapeConfig. - Add MetricsTLS field (tls.SimpleService) to the InstanceHa API, allowing TLS certificate configuration for the metrics endpoint. - Mount TLS certificate secret into the deployment and pass cert/key paths via environment variables when MetricsTLS is enabled. - Validate the MetricsTLS secret in the controller with hash tracking for automatic pod rollout on certificate rotation. - Add field indexer for the metrics TLS secret so the controller reconciles on secret changes. - Update the Python health/metrics server to wrap the HTTP socket with TLS when certificate environment variables are present. - Add RBAC annotation for Services to the InstanceHA controller. - Add functional tests for the metrics Service creation. - Update documentation for Prometheus metrics integration. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
lmiccini
force-pushed
the
add-instanceha-metrics-service
branch
from
81fbb18 to
474cf86
Compare
|
[APPROVALNOTIFIER] This PR is APPROVED This pull-request has been approved by: dciabrin, lmiccini The full list of commands accepted by this bot can be found here. The pull request process is described here DetailsNeeds approval from an approver in each of these files:
Approvers can indicate their approval by writing |
openshift-merge-bot
Bot
merged commit 48b751f
into
openstack-k8s-operators:main
2 participants
With this commit we add a Kubernetes Service exposing the InstanceHA metrics endpoint (port 8080/TCP) with labels "metrics: enabled" and "service: instanceha" for Prometheus scrapeconfig discovery by telemetry-operator.
We also add an optional MetricsTLS field (tls.SimpleService) to the InstanceHa API, allowing TLS certificate configuration for the metrics endpoint.
With openstack-k8s-operators/openstack-operator#1932 we automatically create the certificate from openstack-operator when podlevel tls is enabled, so the instanceha controller checks if this exists (and the user did not override it via MetricsTLS) and automatically sets the proper field/adds the volume etc.