Werk #18571: Modified handling of kubelet service in restricted environments

Component Checks & agents
Title Modified handling of kubelet service in restricted environments
Date Aug 11, 2025
Level Trivial Change
Class New Feature
Compatibility Compatible - no manual interaction needed
Checkmk versions & editions
2.5.0b1
Not yet released
Checkmk Raw (CRE), Checkmk Enterprise (CEE), Checkmk Cloud (CCE), Checkmk MSP (CME)
2.4.0p10 Checkmk Raw (CRE), Checkmk Enterprise (CEE), Checkmk Cloud (CCE), Checkmk MSP (CME)

In environments where node proxy permissions are restricted (such as GKE), the information of the kubelet health endpoint is not accessible. Previously, this would result in kubelet services being created that would remain in a permanent CRITICAL state. These services provided no useful monitoring information to administrators. With this werk, the kubelet service is no longer created in environments with restricted node proxy permissions. This change applies specifically when the status code returned is equal to 403.

Persistent Volume Claim monitoring relies on kubelet endpoints for volume usage metrics. In environments with restricted node proxy permissions, PVC services may be unavailable. Alternatively, these PVC services may provide incomplete monitoring data.

To the list of all Werks