Introduction
Monitoring and alerting are crucial aspects of managing Kubernetes clusters. Prometheus is a powerful open-source monitoring and alerting toolkit that is widely used in Kubernetes environments. This guide explains how to successfully install Prometheus on MicroK8s and solve the common TLS certificate issue that may arise during the process.Prerequisites
- A working MicroK8s installation. Install MicroK8s
- Helm package manager installed. Install Helm
- Basic knowledge of Kubernetes and command-line tools. Learn More
Resolving TLS Certificate Issues in MicroK8s
Before installing Prometheus, you may encounter the following error:
Error: INSTALLATION FAILED: Kubernetes cluster unreachable: Get "https://<cluster-ip>:16443/version": tls: failed to verify certificate: x509: certificate signed by unknown authority
-
Copy the MicroK8s CA Certificate:
sudo cp /var/snap/microk8s/current/certs/ca.crt /usr/local/share/ca-certificates/ -
Update the System Certificates:
sudo update-ca-certificates
You should see an output indicating that the certificate has been added:
Updating certificates in /etc/ssl/certs...
1 added, 0 removed; done.
microk8s config > ~/.kube/configHaving followed these steps, you ensure that the Helm client can authenticate with the Kubernetes API server.
Installing Prometheus on MicroK8s
Once the TLS issue is resolved, you can proceed with the Prometheus installation.
Step 1: Add the Prometheus Helm Chart Repository
helm repo add prometheus-community https://prometheus-community.github.io/helm-charts
helm repo update
Step 2: Install Prometheus
helm install my-prom prometheus-community/prometheusExpected Output
If the installation is successful, you will see an output similar to this:
NAME: my-prom
LAST DEPLOYED: <date and time>
NAMESPACE: default
STATUS: deployed
REVISION: 1
TEST SUITE: None
NOTES:
The Prometheus server can be accessed via port 80 on the following DNS name from within your cluster:
my-prom-prometheus-server.default.svc.cluster.local
Get the Prometheus server URL by running these commands in the same shell:
export POD_NAME=$(kubectl get pods --namespace default -l "app.kubernetes.io/name=prometheus,app.kubernetes.io/instance=my-prom" -o jsonpath="{.items[0].metadata.name}")
kubectl --namespace default port-forward $POD_NAME 9090Step 3: Verify the Installation
Run the following command to check the Prometheus pods:
kubectl get pods --namespace defaultStep 4: Access Prometheus
Forward the Prometheus server port to access it in your local browser:
export POD_NAME=$(kubectl get pods --namespace default -l "app.kubernetes.io/name=prometheus,app.kubernetes.io/instance=my-prom" -o jsonpath="{.items[0].metadata.name}")
kubectl --namespace default port-forward $POD_NAME 9090
Visit http://localhost:9090 in your browser to access the Prometheus interface.
Conclusion
By following this guide, you have successfully installed Prometheus on MicroK8s and resolved TLS certificate issues. This setup allows you to monitor your Kubernetes cluster effectively. Prometheus provides a robust foundation for building advanced monitoring and alerting systems, helping you ensure your cluster’s health and performance.
