VinTekh
All sources
Integration

Kubernetes / OpenTelemetry

Connect a single cluster via the API server. Namespaces appear as accounts; pods, services, ingresses, deployments, and network policies appear as resources. EKS, GKE, AKS, kops, kubeadm — anything that speaks the standard API.

Connect with service-account token

Auth mode: BearerToken (Phase 1) · IRSA / Workload Identity in Phase 2

How you'll see this cluster in the list.

kubectl cluster-info → 'Kubernetes control plane is running at …'

kubectl -n kube-system create token vintekh-reader (or read from the SA secret)

kubectl config view --raw -o jsonpath='{.clusters[0].cluster.certificate-authority-data}' | base64 -d. Leave blank to skip TLS verify (not recommended).

Read-only RBAC required. VinTekh imports no write SDK clients.

RBAC bootstrap

Apply once to grant read-only access

apiVersion: v1
kind: ServiceAccount
metadata:
  name: vintekh-reader
  namespace: kube-system
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
  name: vintekh-reader
rules:
- apiGroups: [""]
  resources: [namespaces, pods, services, persistentvolumeclaims]
  verbs:     [get, list, watch]
- apiGroups: [apps]
  resources: [deployments, statefulsets, daemonsets]
  verbs:     [get, list, watch]
- apiGroups: [networking.k8s.io]
  resources: [ingresses, networkpolicies]
  verbs:     [get, list, watch]
- apiGroups: [batch]
  resources: [cronjobs, jobs]
  verbs:     [get, list, watch]
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
  name: vintekh-reader
roleRef:
  apiGroup: rbac.authorization.k8s.io
  kind:     ClusterRole
  name:     vintekh-reader
subjects:
- kind: ServiceAccount
  name: vintekh-reader
  namespace: kube-system

Then: kubectl -n kube-system create token vintekh-reader

RBAC docs