Skip to content

Enhance collected shoot apiserver metrics #12716

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 1 commit into from
Aug 14, 2025
Merged

Enhance collected shoot apiserver metrics #12716

merged 1 commit into from
Aug 14, 2025
+2 −1

Conversation

chrkl
Copy link
Member

@chrkl chrkl commented Aug 12, 2025
edited by ialidzhikov
Loading

How to categorize this PR?

/area monitoring
/kind enhancement

What this PR does / why we need it:

Collect apiserver_validating_admission_policy_check_total by shoot Prometheus to allow shoot owners to monitor their admission policies.

The metric is recommended to monitor the Validating Admission Policy, which has been graduated to GA with Kubernetes 1.30. See https://kubernetes.io/blog/2024/04/24/validating-admission-policy-ga/#set-up-monitoring

Which issue(s) this PR fixes:
Fixes #

Special notes for your reviewer:
/cc @istvanballok @vicwicker
Release note:

Collect `apiserver_validating_admission_policy_check_total` metric by shoot Prometheus.

@chrkl
Enhance collected shoot apiserver metrics
0a69c27 
Collect apiserver_validating_admission_policy_check_total by shoot
Prometheus to allow shoot owners to monitor their admission policies.
@gardener-prow gardener-prow bot added area/monitoring Monitoring (including availability monitoring and alerting) related kind/enhancement Enhancement, improvement, extension cla: yes Indicates the PR's author has signed the cla-assistant.io CLA. size/XS Denotes a PR that changes 0-9 lines, ignoring generated files. labels Aug 12, 2025
istvanballok
istvanballok approved these changes Aug 12, 2025
View reviewed changes
Copy link
Member

@istvanballok istvanballok left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

/lgtm

@gardener-prow gardener-prow bot added the lgtm Indicates that a PR is ready to be merged. label Aug 12, 2025
@gardener-prow Gardener Prow
Copy link
Contributor

gardener-prow bot commented Aug 12, 2025

LGTM label has been added.

Git tree hash: 96351aa0e67e14ec26b5e87757472cf97e3ebab4

@chrkl
Copy link
Member Author

chrkl commented Aug 14, 2025

/assign @tobschli

tobschli
tobschli reviewed Aug 14, 2025
View reviewed changes
Copy link
Member

@tobschli tobschli left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thank you very much! 😊
In the docs there is als apiserver_validating_admission_policy_check_duration_seconds_bucket mentioned.
When I tried out this PR, I could not see this metric.
Do we collect it? Do we want to collect it?

Otherwise I don't see anything not to merge this
/lgtm

@chrkl
Copy link
Member Author

chrkl commented Aug 14, 2025

Thank you very much! 😊 In the docs there is als apiserver_validating_admission_policy_check_duration_seconds_bucket mentioned. When I tried out this PR, I could not see this metric. Do we collect it? Do we want to collect it?

The main purpose of this PR is to allow shoot owners to federate the whitelisted metric to their own monitoring stack. As long as we do not visualize this in our dashboards, I would not collect a (possibly large) histogram metric and keep this change minimal.

@tobschli
Copy link
Member

All right!
Thank you for the explanation 😊
/approve

@gardener-prow Gardener Prow
Copy link
Contributor

gardener-prow bot commented Aug 14, 2025

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: istvanballok, tobschli

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

@gardener-prow gardener-prow bot added the approved Indicates a PR has been approved by an approver from all required OWNERS files. label Aug 14, 2025
@gardener-prow gardener-prow bot merged commit 893dd2d into gardener:master Aug 14, 2025
19 checks passed
@chrkl chrkl deleted the allow-admission-policy-check branch August 14, 2025 14:34
Duciwuci pushed a commit to stackitcloud/gardener that referenced this pull request Sep 1, 2025
@chrkl @Duciwuci
Enhance collected shoot apiserver metrics (gardener#12716)
ce4fe8d 
Collect apiserver_validating_admission_policy_check_total by shoot
Prometheus to allow shoot owners to monitor their admission policies.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@tobschli tobschli tobschli left review comments

@vicwicker vicwicker Awaiting requested review from vicwicker

+1 more reviewer

@istvanballok istvanballok istvanballok approved these changes

Reviewers whose approvals may not affect merge requirements
Assignees

@istvanballok istvanballok

@tobschli tobschli

Labels
approved Indicates a PR has been approved by an approver from all required OWNERS files. area/monitoring Monitoring (including availability monitoring and alerting) related cla: yes Indicates the PR's author has signed the cla-assistant.io CLA. kind/enhancement Enhancement, improvement, extension lgtm Indicates that a PR is ready to be merged. size/XS Denotes a PR that changes 0-9 lines, ignoring generated files.
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@chrkl @tobschli @istvanballok