From 6501366ff8f16926ed5b55b9f3ba6b1cf58ceec8 Mon Sep 17 00:00:00 2001
From: Frederic Branczyk <fbranczyk@gmail.com>
Date: Thu, 31 Dec 2020 15:05:18 +0100
Subject: [PATCH] blackbox-exporter: Add probe port to Service

---
 docs/blackbox-exporter.md                            |  6 +++---
 .../blackbox-exporter/blackbox-exporter.libsonnet    | 12 ++++++++++--
 manifests/blackbox-exporter-service.yaml             |  5 ++++-
 manifests/blackbox-exporter-serviceMonitor.yaml      |  2 +-
 4 files changed, 18 insertions(+), 7 deletions(-)

diff --git a/docs/blackbox-exporter.md b/docs/blackbox-exporter.md
index 9136944d..624b9483 100644
--- a/docs/blackbox-exporter.md
+++ b/docs/blackbox-exporter.md
@@ -19,8 +19,8 @@ The `prometheus-operator` defines a `Probe` resource type that can be used to de
 * `_config.versions.configmapReloader`: the tag of the ConfigMap reloader image to deploy. Defaults to the version `kube-prometheus` was tested with.
 * `_config.resources.blackbox-exporter.requests`: the requested resources; this is used for each container. Defaults to `10m` CPU and `20Mi` RAM. See https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ for details.
 * `_config.resources.blackbox-exporter.limits`: the resource limits; this is used for each container. Defaults to `20m` CPU and `40Mi` RAM. See https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ for details.
-* `_config.blackboxExporter.port`: the exposed HTTPS port of the exporter. This is where Prometheus should send the probe requests. Defaults to `9115`.
-* `_config.blackboxExporter.internalPort`: the internal plaintext port of the exporter. Not accessible from outside the pod. Defaults to `19115`.
+* `_config.blackboxExporter.port`: the exposed HTTPS port of the exporter. This is what Prometheus can scrape for metrics related to the blackbox exporter itself. Defaults to `9115`.
+* `_config.blackboxExporter.internalPort`: the internal plaintext port of the exporter. Prometheus scrapes configured via `Probe` objects cannot access the HTTPS port right now, so you have to specify this port in the `url` field. Defaults to `19115`.
 * `_config.blackboxExporter.replicas`: the number of exporter replicas to be deployed. Defaults to `1`.
 * `_config.blackboxExporter.matchLabels`: map of the labels to be used to select resources belonging to the instance deployed. Defaults to `{ 'app.kubernetes.io/name': 'blackbox-exporter' }`
 * `_config.blackboxExporter.assignLabels`: map of the labels applied to components of the instance deployed. Defaults to all the labels included in the `matchLabels` option, and additionally `app.kubernetes.io/version` is set to the version of the blackbox exporter.
@@ -73,7 +73,7 @@ spec:
   interval: 60s
   module: http_2xx
   prober:
-    url: blackbox-exporter.monitoring.svc.cluster.local:9115
+    url: blackbox-exporter.monitoring.svc.cluster.local:19115
   targets:
     staticConfig:
       static:
diff --git a/jsonnet/kube-prometheus/blackbox-exporter/blackbox-exporter.libsonnet b/jsonnet/kube-prometheus/blackbox-exporter/blackbox-exporter.libsonnet
index 8bd08e12..93fc3066 100644
--- a/jsonnet/kube-prometheus/blackbox-exporter/blackbox-exporter.libsonnet
+++ b/jsonnet/kube-prometheus/blackbox-exporter/blackbox-exporter.libsonnet
@@ -228,7 +228,15 @@ local kubeRbacProxyContainer = import '../kube-rbac-proxy/container.libsonnet';
           labels: bb.assignLabels,
         },
         spec: {
-          ports: [{ name: 'http', port: bb.port, targetPort: 'https' }],
+          ports: [{
+            name: 'https',
+            port: bb.port,
+            targetPort: 'https',
+          }, {
+            name: 'probe',
+            port: bb.internalPort,
+            targetPort: 'http',
+          }],
           selector: bb.matchLabels,
         },
       },
@@ -247,7 +255,7 @@ local kubeRbacProxyContainer = import '../kube-rbac-proxy/container.libsonnet';
               bearerTokenFile: '/var/run/secrets/kubernetes.io/serviceaccount/token',
               interval: '30s',
               path: '/metrics',
-              port: 'http',
+              port: 'https',
               scheme: 'https',
               tlsConfig: {
                 insecureSkipVerify: true,
diff --git a/manifests/blackbox-exporter-service.yaml b/manifests/blackbox-exporter-service.yaml
index 587fff2b..5a693e2b 100644
--- a/manifests/blackbox-exporter-service.yaml
+++ b/manifests/blackbox-exporter-service.yaml
@@ -8,8 +8,11 @@ metadata:
   namespace: monitoring
 spec:
   ports:
-  - name: http
+  - name: https
     port: 9115
     targetPort: https
+  - name: probe
+    port: 19115
+    targetPort: http
   selector:
     app.kubernetes.io/name: blackbox-exporter
diff --git a/manifests/blackbox-exporter-serviceMonitor.yaml b/manifests/blackbox-exporter-serviceMonitor.yaml
index 81eec23d..b4b78091 100644
--- a/manifests/blackbox-exporter-serviceMonitor.yaml
+++ b/manifests/blackbox-exporter-serviceMonitor.yaml
@@ -11,7 +11,7 @@ spec:
   - bearerTokenFile: /var/run/secrets/kubernetes.io/serviceaccount/token
     interval: 30s
     path: /metrics
-    port: http
+    port: https
     scheme: https
     tlsConfig:
       insecureSkipVerify: true
-- 
GitLab