我在Kubernetes集群中使用Elastic Heartbeat
我试图设置谷歌云平台模块心跳,文档说:
metricbeat.modules:
- module: googlecloud
metricsets:
- compute
region: "us-"
project_id: "your project id"
credentials_file_path: "your JSON credentials file path"
exclude_labels: false
period: 1m
我尝试使用kubernetes secret,但是模块配置不允许这样做。只允许放置路径。
如何将此凭据放入我的心跳pod中?
谢谢!
解决!
我用我的凭证创建了一个秘密。
配置:
secret.yaml:
apiVersion: v1
kind: Secret
metadata:
name: credentials-secret
type: Opaque
stringData:
sa_json: |
{
"type": "service_account",
"project_id": "erased",
"private_key_id": "erased",
"private_key": "-----BEGIN PRIVATE KEY-----erased-----END PRIVATE KEY-----n",
"client_email": "erased",
"client_id": "erased",
"auth_uri": "https://accounts.google.com/o/oauth2/auth",
"token_uri": "https://oauth2.googleapis.com/token",
"auth_provider_x509_cert_url": "https://www.googleapis.com/oauth2/v1/certs",
"client_x509_cert_url": "https://www.googleapis.com/robot/v1/metadata/x509/xxxxx.iam.gserviceaccount.com"
}
deployment.yaml:
---
volumeMounts:
- mountPath: /etc/gcp
name: service-account-credentials-volume
readOnly: true
---
---
---
volumes:
- name: service-account-credentials-volume
secret:
secretName: credentials-secret
items:
- key: sa_json
path: credentials.json