[Proposal] Allow ec2_sd_config to use the proxy_url (or similar) YAML value

[wbhe...@gmail.com]

Hi all,

From what I gather, the service discovery mechanisms do not utilize the proxy_url YAML value, but instead that value is only used when it is actually time to scrape (judging based on this code). PR #2027 was closed after discovering that the AWS config uses Go's default http.Client, which gives it the ability to take HTTP_PROXY and other related environment variables as part of its configuration. However, I still think that a feature that allows a proxy to be specified as part of the EC2 service discovery config would be useful, specifically for the use case that I'll describe below.

I've got a not-so-fun use-case that I am trying to fill. Our Prometheus environment is currently set up such that it has no direct external internet access. This is typically fine since we have tunnels set up to our cloud providers so Prometheus can still get to targets in AWS, for example, without the need of a proxy. However, in order to hit the EC2 API, I need to go through our Squid proxy. I am able to do that just fine with the HTTP_PROXY environment variable. However, the internal IP address that gets discovered is not able to be reached through the Squid proxy by design (it doesn't proxy internal-to-internal traffic).

Since it's getting IPs, I cannot just set NO_PROXY since the IPs being returned will change as instances are created/removed and having to manually specify the IPs sort of defeats the purpose of service discovery. So, I've run into the issue of needing to be able to use a proxy to hit the EC2 API, but need to NOT use the proxy in order to scrape the desired endpoints.

I do not mind doing the work to implement this, but I wanted to throw this out there as a proposal before committing too much time to it. What are your thoughts?

Thanks,

Will Hegedus