Prometheus / Grafana deployed via docker-compose

docker monitoring prometheus grafana

You cannot select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

Go to file

Grégory Lebreton 6c6bef9cff Mise à jour de 'README.md'		1 year ago
config	ajout branche node-exporter with TLS	1 year ago
README.md	Mise à jour de 'README.md'	1 year ago
docker-compose.yml	Mise à jour de 'docker-compose.yml'	1 year ago

README.md

PROMETHEUS & GRAFANA

NODE EXPORTER TLS

Cette branche à pour but de déployer un conteneur node exporter afin d'exposer les metrics du serveur (afin que prometheus puisse les récupérer). Les metrics transférées sont cryptées via TLS.

NODE EXPORTER HOST

Create certs:

openssl req -new -newkey rsa:4096 -days 365 -nodes -x509 -keyout gn-prod.key -out gn-prod.crt -subj "/C=FR/ST=PARIS/L=GarageNum/O=prom/CN=legaragenumerique.fr" -addext "subjectAltName = DNS:gnprod"

remplacer Les infos (C=FR, ST=PARIS, L=GarageNum, ...)

Create password:

htpasswd -nBC 10 "" | tr -d ':\n'; echo

Node exporter web.yml (/etc/node-exporter/web.yml):

tls_server_config:
  cert_file: gn-prod.crt
  key_file: gn-prod.key
basic_auth_users:
  prometheus: <the-output-value-of-htpasswd>

Copy certs to prometheus host

PROMETHEUS HOST

Config prometheus.yml (/etc/prometheus/prometheus.yml):

scrape_configs:
  - job_name: 'node-exporter-tls'
    scheme: https
    basic_auth:
      username: prometheus
      password: <the-plain-text-password>
    tls_config:
      ca_file: gn-prod.crt
      insecure_skip_verify: true
    static_configs:
    - targets: ['node-exporter-ip:9100']
      labels:
        instance: friendly-instance-name

le scraping des metrics du serveur distant se font désormais via TLS