Does cert-exporter work with kubeadm clusters?

joe-elliott / cert-exporter

A Prometheus exporter that publishes cert expirations on disk and in Kubernetes secrets

Apache License 2.0

316 stars 87 forks source link

Does cert-exporter work with kubeadm clusters? #84

Open Evantage-WS opened 3 years ago

Evantage-WS commented 3 years ago

Hello,

Does the cert-exporter work with kubeadm clusters? The config for kube-proxy is in a configmap which is mounted in kube-proxy pod, so it is unclear how to check the certs from kube-proxy.

Kind regards, WS

joe-elliott commented 3 years ago

I can't say I know exactly what the configmaps in a kubeadm cluster looks like, but it's possible that cert-exporter as is can read these certs and expose their expirations.

Perhaps you can mount the same configmaps in a cert-exporter pod and have it parse the certs that way? cert-exporter could be extended to check configmaps directly I suppose but it currently is unable to.

Evantage-WS commented 3 years ago

Ok, thanks, unfortunally there is no reference to a cert in the kube-proxy pod.