diff --git a/install-and-configure/install/provider-installations/openshift-kubecost-install.md b/install-and-configure/install/provider-installations/openshift-kubecost-install.md index f181ba3be..ce7fe24d0 100644 --- a/install-and-configure/install/provider-installations/openshift-kubecost-install.md +++ b/install-and-configure/install/provider-installations/openshift-kubecost-install.md @@ -17,7 +17,7 @@ More details and instructions on both deployment options are covered in the sect A standard deployment of Kubecost to OpenShift is no different from deployments to other platforms with the exception of additional settings which may be required to successfully deploy to OpenShift. -Kubecost is installed with Cost Analyzer and Prometheus as a time-series database. Data is gathered by the Prometheus instance bundled with Kubecost. Kubecost then pushes and queries metrics to and from Prometheus. +Kubecost is installed with Cost Analyzer and Prometheus as a time-series database. Data is gathered by the Prometheus instance. Kubecost then pushes and queries metrics to and from Prometheus. The standard deployment is illustrated in the following diagram. @@ -60,6 +60,41 @@ If you have not opted to do so during installation, it may be necessary to creat After installation, wait for all pods to be ready. Kubecost will begin collecting data and may take up to 15 minutes for the UI to reflect the resources in the local cluster. +### Using in-cluster Prometheus + +Kubecost can now be installed without the bundled Prometheus and using the in-cluster Prometheus of OpenShift. This method requires some additional setup steps but allows for better integration with existing OpenShift monitoring infrastructure without the need to create an additional prometheus instance. + +1. First, add the following label to the namespace where Kubecost will be deployed: + +```sh +oc label namespace kubecost openshift.io/cluster-monitoring=true +``` + +2. Install Kubecost with the following command: + +```sh +helm upgrade --install kubecost kubecost/cost-analyzer -n kubecost --create-namespace \ +-f https://raw.githubusercontent.com/kubecost/cost-analyzer-helm-chart/develop/cost-analyzer/values-openshift.yaml \ +--set global.prometheus.enabled=false \ +--set global.prometheus.kubeRBACProxy=true \ +--set global.platforms.openshift.createMonitoringClusterRoleBinding=true \ +--set global.platforms.openshift.createMonitoringResourceReaderRoleBinding=true \ +--set global.platforms.openshift.monitoringServiceAccountName=prometheus-k8s \ +--set serviceMonitor.enabled=true +``` + + +#### Configuration details + +- `serviceMonitor.enabled=true`: Creates a ServiceMonitor for the Kubecost cost-analyzer service's `/metrics` endpoint in the in-cluster Prometheus. +- `platforms.openshift.createMonitoringClusterRoleBinding=true`: Attaches the `operator-monitoring-view` cluster role to the Kubecost service account, granting necessary permissions to query Prometheus. +- `prometheus.kubeRBACProxy=true`: Enables Kubecost to use the service account token and `service-ca.crt` when querying in-cluster Prometheus. +- `platforms.openshift.createMonitoringResourceReaderRoleBinding=true`: Creates the required role and role binding for the in-cluster Prometheus to have the necessary permissions to scrape Kubecost metrics. +- `platforms.openshift.monitoringServiceAccountName=prometheus-k8s`: Specifies the service account used by the in-cluster Prometheus that needs the specific permissions to scrape Kubecost metrics. + +After installation, wait for all pods to be ready. Kubecost will begin collecting data and may take up to 15 minutes for the UI to reflect the resources in the local cluster. + + ## Community operator deployment guide ### Overview