Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Reload kube-state-metrics when kubeconfig changes. #2120

Closed
valayDave opened this issue Jul 20, 2023 · 4 comments · Fixed by #2144
Closed

Reload kube-state-metrics when kubeconfig changes. #2120

valayDave opened this issue Jul 20, 2023 · 4 comments · Fixed by #2144
Assignees
@dgrisonnet
Labels
help wanted Denotes an issue that needs help from a contributor. Must meet "help wanted" guidelines. kind/feature Categorizes issue or PR as related to a new feature. triage/accepted Indicates an issue or PR is ready to be actively worked on.

Comments

@valayDave
Copy link

valayDave commented Jul 20, 2023
edited
Loading

What would you like to be added:
The kube-state-metrics server takes the --kubeconfig argument. This argument allows passing a path to the kube-config file. When the kubeconfig file changes, the server doesn't automatically reload and we need to reload the server manually (or with hacky reload logic which we have to maintain downstream). If there were a way for the server to listen to a change in the kube-config file, then we wouldn't have to write any custom reload logic.

Why is this needed:
As good security measure, kubeconfig files should be short-lived and renewed periodically. Since kube-state-metrics takes a custom configuration file options, it would be really great if kube-state-metrics updates when the kube-config file changes.

Describe the solution you'd like
I have noticed that KSM already has a watcher for the --config file option (where it is trying to listen to the change in the file), Can a similar pattern be implemented for a --kubeconfig option ?

Additional context
@valayDave valayDave added the kind/feature Categorizes issue or PR as related to a new feature. label Jul 20, 2023
@k8s-ci-robot k8s-ci-robot added the needs-triage Indicates an issue or PR lacks a `triage/foo` label and requires one. label Jul 20, 2023
@dashpole
Copy link
Contributor

Might need change in k8s client go
/assign @dgrisonnet
/triage accepted

@k8s-ci-robot k8s-ci-robot added triage/accepted Indicates an issue or PR is ready to be actively worked on. and removed needs-triage Indicates an issue or PR lacks a `triage/foo` label and requires one. labels Jul 27, 2023
@dgrisonnet
Copy link
Member

Sounds like something that could be beneficial to the project. I looked again in client-go and couldn't find any existing helper that we could reuse, so we will have to implement the watcher ourselves.

/help

@k8s-ci-robot
Copy link
Contributor

@dgrisonnet:
This request has been marked as needing help from a contributor.

Guidelines

Please ensure that the issue body includes answers to the following questions:

  • Why are we solving this issue?
  • To address this issue, are there any code changes? If there are code changes, what needs to be done in the code and what places can the assignee treat as reference points?
  • Does this issue have zero to low barrier of entry?
  • How can the assignee reach out to you for help?

For more details on the requirements of such an issue, please see here and ensure that they are met.

If this request no longer meets these requirements, the label can be removed
by commenting with the /remove-help command.

In response to this:

Sounds like something that could be beneficial to the project. I looked again in client-go and couldn't find any existing helper that we could reuse, so we will have to implement the watcher ourselves.

/help

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.

@k8s-ci-robot k8s-ci-robot added the help wanted Denotes an issue that needs help from a contributor. Must meet "help wanted" guidelines. label Jul 28, 2023
@opeco17 opeco17 mentioned this issue Aug 13, 2023
Merged
@opeco17
Copy link
Contributor

opeco17 commented Aug 14, 2023

I created PR (#2144) to implement the feature.
I'm using the same logic as the hot reload of --config .

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@dgrisonnet dgrisonnet

Labels
help wanted Denotes an issue that needs help from a contributor. Must meet "help wanted" guidelines. kind/feature Categorizes issue or PR as related to a new feature. triage/accepted Indicates an issue or PR is ready to be actively worked on.
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

feat: hot reload kubeconfig opeco17/kube-state-metrics
5 participants
@dashpole @valayDave @k8s-ci-robot @dgrisonnet @opeco17