--- apiVersion: v1 kind: ConfigMap metadata: name: adot-collector-conf namespace: prometheus labels: app: aws-adot component: adot-collector-conf data: adot-collector-config: | receivers: prometheus: config: global: scrape_interval: 15s scrape_timeout: 10s scrape_configs: - job_name: 'kubernetes-service-endpoints' kubernetes_sd_configs: - role: endpoints tls_config: ca_file: /var/run/secrets/kubernetes.io/serviceaccount/ca.crt insecure_skip_verify: true bearer_token_file: /var/run/secrets/kubernetes.io/serviceaccount/token relabel_configs: - source_labels: [__meta_kubernetes_service_annotation_scrape] action: keep regex: true exporters: awsprometheusremotewrite: # replace this with your endpoint endpoint: "" # replace this with your region aws_auth: region: "" service: "aps" namespace: "adot" logging: loglevel: debug extensions: health_check: pprof: endpoint: :1888 zpages: endpoint: :55679 service: extensions: [pprof, zpages, health_check] pipelines: metrics: receivers: [prometheus] exporters: [logging, awsprometheusremotewrite] --- # create adot-col service account and role binding apiVersion: v1 kind: ServiceAccount metadata: name: amp-iamproxy-service-account namespace: prometheus annotations: eks.amazonaws.com/role-arn: arn:aws:iam:::role/amp-iamproxy-ingest-role --- kind: ClusterRole apiVersion: rbac.authorization.k8s.io/v1 metadata: name: adotcol-admin-role rules: - apiGroups: [""] resources: - nodes - nodes/proxy - services - endpoints - pods verbs: ["get", "list", "watch"] - apiGroups: - extensions resources: - ingresses verbs: ["get", "list", "watch"] - nonResourceURLs: ["/metrics"] verbs: ["get"] --- kind: ClusterRoleBinding apiVersion: rbac.authorization.k8s.io/v1 metadata: name: adotcol-admin-role-binding subjects: - kind: ServiceAccount name: amp-iamproxy-service-account namespace: prometheus roleRef: kind: ClusterRole name: adotcol-admin-role apiGroup: rbac.authorization.k8s.io --- apiVersion: v1 kind: Service metadata: name: adot-collector namespace: prometheus labels: app: aws-adot component: adot-collector spec: ports: - name: metrics # Default endpoint for querying metrics. port: 8888 selector: component: adot-collector type: NodePort --- apiVersion: apps/v1 kind: DaemonSet metadata: name: adot-collector namespace: prometheus labels: app: aws-adot component: adot-collector spec: selector: matchLabels: app: aws-adot component: adot-collector minReadySeconds: 5 template: metadata: labels: app: aws-adot component: adot-collector spec: serviceAccountName: amp-iamproxy-service-account containers: - command: - "/awscollector" - "--config=/conf/adot-collector-config.yaml" image: public.ecr.aws/aws-observability/aws-otel-collector:v0.17.1 name: adot-collector resources: limits: cpu: 1 memory: 2Gi requests: cpu: 200m memory: 400Mi ports: - containerPort: 8888 # Default endpoint for querying metrics. volumeMounts: - name: adot-collector-config-vol mountPath: /conf livenessProbe: httpGet: path: / port: 13133 # Health Check extension default port. readinessProbe: httpGet: path: / port: 13133 # Health Check extension default port. volumes: - configMap: name: adot-collector-conf items: - key: adot-collector-config path: adot-collector-config.yaml name: adot-collector-config-vol ---