跳转至

Prometheus Cloudwatch Exporter

An exporter for Amazon CloudWatch, for Prometheus.

This chart bootstraps a cloudwatch exporter deployment on a Kubernetes cluster using the Helm package manager.

Prerequisites

  • kube2iam installed to used the aws.role config option otherwise configure aws.aws_access_key_id and aws.aws_secret_access_key or aws.secret.name
  • Or an IAM Role for service account attached to a service account with an annotation. If you run the pod as nobody in securityContext.runAsUser then also set securityContext.fsGroup to the same value so it will be able to access to the mounted secret.

Get Repository Info

helm repo add prometheus-community https://helm-charts.itboon.top/prometheus-community
helm repo update

See helm repo for command documentation.

Install Chart

# Helm 3
$ helm install [RELEASE_NAME] prometheus-community/prometheus-cloudwatch-exporter

# Helm 2
$ helm install --name [RELEASE_NAME] prometheus-community/prometheus-cloudwatch-exporter

See Configuring below.

See helm install for command documentation.

Uninstall Chart

# Helm 3
$ helm uninstall [RELEASE_NAME]

# Helm 2
# helm delete --purge [RELEASE_NAME]

This removes all the Kubernetes components associated with the chart and deletes the release.

See helm uninstall for command documentation.

Upgrading Chart

# Helm 3 or 2
$ helm upgrade [RELEASE_NAME] [CHART] --install

See helm upgrade for command documentation.

Configuring

See Customizing the Chart Before Installing. To see all configurable options with detailed comments, visit the chart's values.yaml, or run these configuration commands:

# Helm 2
$ helm inspect values prometheus-community/prometheus-cloudwatch-exporter

# Helm 3
$ helm show values prometheus-community/prometheus-cloudwatch-exporter

AWS Credentials or Role

For Cloudwatch Exporter to operate properly, you must configure either AWS credentials or an AWS role with the correct policy.

  • To configure AWS credentials by value, set aws.aws_access_key_id to your [AWS_ACCESS_KEY_ID], and aws.aws_secret_access_key to [AWS_SECRET_ACCESS_KEY].
  • To configure AWS credentials by secret, you must store them in a secret (kubectl create secret generic [SECRET_NAME] --from-literal=access_key=[AWS_ACCESS_KEY_ID] --from-literal=secret_key=[AWS_SECRET_ACCESS_KEY]) and set aws.secret.name to [SECRET_NAME]
  • To configure an AWS role (with correct policy linked above), set aws.role to [ROLE_NAME]