Prometheus targets： server returned HTTP status 403 Forbidden

Question

I have setup prometheus, running in my kubernetes cluster , And I configured the certificate of kubernetes in the configuration file of Prometheus, but for some targets I am getting back a "server returned HTTP status 403 Forbidden". this is part of my config:

- job_name: 'kubernetes-apiservers'
    kubernetes_sd_configs:
    - role: endpoints

    scheme: https

    tls_config:
      ca_file: /etc/k8spem/ca.pem
      cert_file: /etc/k8spem/admin.pem
      key_file: /etc/k8spem/admin.key

    bearer_token_file: /etc/k8spem//token

    relabel_configs:
    - source_labels: [__meta_kubernetes_namespace, __meta_kubernetes_service_name, __meta_kubernetes_endpoint_port_name]
      action: keep
      regex: default;kubernetes;https

I have already configured the certificate, why still 403 ?
by the way, I can get results on CLI by executing this command curl -k --cacert /work/deploy/kubernetes/security/ca.pem --cert /work/deploy/kubernetes/security/admin.pem --key /work/deploy/kubernetes/security/admin.key --cert-type PEM https://172.16.5.150:6443/metrics

Answer 1

I don't know why, I just mount a new directory, delete the old configMap and recreate it. And it' work. I think maybe i just forgot to reapply the configMap.