DEV.co
Open-Source Observability · kubernetes

kube-state-metrics

kube-state-metrics is a Kubernetes add-on that exposes cluster state as Prometheus-compatible metrics. It queries the Kubernetes API to generate metrics about deployments, pods, nodes, and other objects, making them available for monitoring and alerting systems.

Source: GitHub — github.com/kubernetes/kube-state-metrics
6.1k
GitHub stars
2.2k
Forks
Go
Primary language
Apache-2.0
License (OSI-approved)

Key facts

Objective fields from the source. Values we can't verify are shown as “Unknown” rather than guessed.

FieldValue
Repositorykubernetes/kube-state-metrics
Ownerkubernetes
Primary languageGo
LicenseApache-2.0 — OSI-approved
Stars6.1k
Forks2.2k
Open issues109
Latest releasev2.19.1 (2026-06-12)
Last updated2026-07-06
Sourcehttps://github.com/kubernetes/kube-state-metrics

What kube-state-metrics is

Written in Go and part of the Kubernetes project, kube-state-metrics listens to the Kubernetes API server and exports raw, unmodified object state as Prometheus metrics on port 8080. It is designed for horizontal scaling via sharding, supports multiple architectures, and maintains compatibility with recent Kubernetes versions via client-go.

Quickstart

Get the kube-state-metrics source

Clone the repository and explore it locally.

terminalbash
git clone https://github.com/kubernetes/kube-state-metrics.gitcd kube-state-metrics# follow the project's README for install & configuration

Need it deployed, integrated, or customized instead? DEV.co ships production installs.

Best use cases

Prometheus-based Kubernetes monitoring

Export cluster-level object state (Pod, Deployment, Node, StatefulSet, etc.) metrics to Prometheus for alerting and dashboarding without requiring custom scrapers.

Multi-cluster observability at scale

Use horizontal sharding and daemonset configurations to monitor large clusters efficiently, with support for filtering and latency optimization.

Compliance and audit monitoring

Track resource state changes, replica counts, and object lifecycle events to support auditing, quota enforcement, and cluster health assertions.

Implementation considerations

  • Plan RBAC policy to grant necessary LIST and WATCH permissions; consider using a separate ServiceAccount with minimal scope.
  • Estimate resource consumption: review scaling guide for CPU/memory and latency characteristics at cluster scale.
  • Configure horizontal sharding or daemonset topology if cluster exceeds ~100 nodes or if single-instance latency becomes a bottleneck.
  • Establish metric allow/deny lists to reduce cardinality and avoid overwhelming Prometheus, especially for label-heavy workloads.
  • Monitor kube-state-metrics' own metrics (list/watch success rates) to detect API permission or configuration issues early.

When to avoid it — and what to weigh

  • Need node-level resource metrics (CPU, memory) — kube-state-metrics focuses on object state, not kubelet metrics. Use metrics-server or node-exporter for node resource utilization.
  • Non-Prometheus metric consumption required — Metrics are exposed in Prometheus text format only. No support for other metric backends without a bridge/adapter.
  • Minimal RBAC permissions desired — kube-state-metrics requires broad read access to Kubernetes API resources. Cannot operate in highly restricted, zero-trust environments without significant LIST/WATCH permissions.
  • No appetite for operator maintenance — Requires careful scaling, sharding configuration, and RBAC tuning for production use; not a fully hands-off deployment.

License & commercial use

Apache License 2.0 (Apache-2.0). Permissive OSI-approved license allowing commercial use, modification, and redistribution with attribution and liability disclaimer.

Apache-2.0 explicitly permits commercial use, including in proprietary solutions. No license restrictions on commercial deployment, redistribution, or modification. Confirm your use aligns with Apache-2.0 terms; no commercial support or indemnification provided by the license itself.

DEV.co evaluation signals

Editorial assessment — not user reviews. Directional, with an explicit confidence level.

SignalAssessment
MaintenanceActive
DocumentationStrong
License clarityClear
Deployment complexityModerate
DEV.co fitStrong
Assessment confidenceHigh
Security considerations

kube-state-metrics requires broad read permissions on Kubernetes API objects (LIST, WATCH). Network exposure is typically limited to in-cluster Prometheus scraping; consider network policies to restrict access. Project maintains govulncheck CI and OpenSSF badge; review RBAC policy and API object exposure in your threat model. Does not modify cluster state, reducing mutation attack surface.

Alternatives to consider

metrics-server

Provides node-level resource metrics (CPU, memory) from kubelet; complements rather than replaces kube-state-metrics. Use both for complete observability.

Prometheus Operator + custom exporters

Offers more granular control and custom metric generation; higher operational overhead but suited to non-standard metric needs.

Cloud provider native monitoring (e.g., AWS CloudWatch, GKE Monitoring)

Managed alternatives reduce operational burden; trade vendor lock-in for ease of use and deeper platform integration.

Software development agency

Build on kube-state-metrics with DEV.co software developers

kube-state-metrics bridges Kubernetes and Prometheus. Our DevOps team can help design RBAC, scaling, and cardinality strategies for your environment.

Talk to DEV.co

Related open-source tools

Surfaced by semantic similarity across the DEV.co open-source index.

kube-state-metrics FAQ

What is the difference between kube-state-metrics and metrics-server?
kube-state-metrics exposes Kubernetes object state (deployments, pods, replicas). metrics-server exposes kubelet resource metrics (CPU, memory). They are complementary; use both for complete cluster observability.
How do I reduce memory usage or latency?
Use allow/deny lists to filter metrics by namespace or resource type, configure horizontal sharding to distribute API load, or deploy daemonset topology for pod metrics only. Review the Scaling section in the README.
What RBAC permissions does kube-state-metrics need?
LIST and WATCH on core API groups (v1) and extension groups (apps, batch, etc.). See the official Helm chart for recommended ClusterRole; scope to namespaces if possible to reduce blast radius.
Is kube-state-metrics suitable for air-gapped or highly restricted environments?
It can be deployed offline (no outbound calls required), but the broad RBAC scope may conflict with zero-trust policies. Evaluate whether relaxing read permissions aligns with your security posture.

Custom software development services

From first prototype to production, DEV.co delivers software development services around tools like kube-state-metrics. Our software development agency staffs experienced software developers and web developers for custom software development, web development, integrations, and ongoing support across open-source observability and beyond.

Ready to add Prometheus-based cluster monitoring?

kube-state-metrics bridges Kubernetes and Prometheus. Our DevOps team can help design RBAC, scaling, and cardinality strategies for your environment.