missing TLSCertPath

[SH]

Hey all,

I am trying to enable TLS encryption for the node_exporter in my machines. When I am trying to start node_explorer with the --web.config flag I am running to 

level=error ts=2020-06-02T12:43:38.957Z caller=node_exporter.go:193 err="missing TLSCertPath"

My web-config.yml looks like:

tls_config:

 # Certificate and key files for server to use to authenticate to client

 cert_file: /root/data/cert/live/folder/fullchain.pem

 key_file:  /root/data/cert/live/folder/privkey.pem

entering 

systemctl status node_exporter

shows me that node_exporter is running correctly:

● node_exporter.service - Node Exporter

  Loaded: loaded (/etc/systemd/system/node_exporter.service; enabled; vendor preset: enabled)

  Active: active (running) since Tue 2020-06-02 12:34:07 UTC; 15min ago

Main PID: 10871 (node_exporter)

  CGroup: /system.slice/node_exporter.service

          └─10871 /usr/local/bin/node_exporter

I am thankful for any advices since I can't figure out what the problem is. Any clues maybe?


Friendly regards

[Ben Kochie]

If your config file example is accurate, you are missing the required yaml indentation.

--
You received this message because you are subscribed to the Google Groups "Prometheus Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email to prometheus-use...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/prometheus-users/037f6dd9-3071-47ed-b5a6-43e7807ec958%40googlegroups.com.

[Julien Pivotto]

On 02 Jun 05:51, SH wrote:
> Hey all,
>
> I am trying to enable TLS encryption for the node_exporter in my machines.
> When I am trying to start node_explorer with the --web.config flag I am
> running to
>
> level=error ts=2020-06-02T12:43:38.957Z caller=node_exporter.go:193 err="missing
> TLSCertPath"
>
> My web-config.yml looks like:
>
> tls_config:

Which version of the exporter are you using?

tls_server_config is required in 1.0.0.

>
> # Certificate and key files for server to use to authenticate to client
>
> cert_file: /root/data/cert/live/folder/fullchain.pem
>
> key_file: /root/data/cert/live/folder/privkey.pem
>
> entering
> systemctl status node_exporter
>
> shows me that node_exporter is running correctly:
>

> *●* node_exporter.service - Node Exporter

>
> Loaded: loaded (/etc/systemd/system/node_exporter.service; enabled;
> vendor preset: enabled)
>

> Active: *active (running)* since Tue 2020-06-02 12:34:07 UTC; 15min ago

>
> Main PID: 10871 (node_exporter)
>
> CGroup: /system.slice/node_exporter.service
>
> └─10871 /usr/local/bin/node_exporter
>
> I am thankful for any advices since I can't figure out what the problem is.
> Any clues maybe?
>
>
> Friendly regards
>

> --
> You received this message because you are subscribed to the Google Groups "Prometheus Users" group.
> To unsubscribe from this group and stop receiving emails from it, send an email to prometheus-use...@googlegroups.com.
> To view this discussion on the web visit https://groups.google.com/d/msgid/prometheus-users/037f6dd9-3071-47ed-b5a6-43e7807ec958%40googlegroups.com.

--
Julien Pivotto
@roidelapluie

[Julien Pivotto]

On 02 Jun 14:58, Ben Kochie wrote:
> If your config file example is accurate, you are missing the required yaml
> indentation.

The issue here is that it is a mix betweem rc-0 and rc-1 code. Note that
rc-0 did not unmarshal yaml striclty.

>
> On Tue, Jun 2, 2020 at 2:51 PM SH <samir.ha...@gmail.com> wrote:
>
> > Hey all,
> >
> > I am trying to enable TLS encryption for the node_exporter in my machines.
> > When I am trying to start node_explorer with the --web.config flag I am
> > running to
> >
> > level=error ts=2020-06-02T12:43:38.957Z caller=node_exporter.go:193 err="missing
> > TLSCertPath"
> >
> > My web-config.yml looks like:
> >
> > tls_config:
> >
> > # Certificate and key files for server to use to authenticate to client
> >
> > cert_file: /root/data/cert/live/folder/fullchain.pem
> >
> > key_file: /root/data/cert/live/folder/privkey.pem
> >
> > entering
> > systemctl status node_exporter
> >
> > shows me that node_exporter is running correctly:
> >

> > *●* node_exporter.service - Node Exporter

> >
> > Loaded: loaded (/etc/systemd/system/node_exporter.service; enabled;
> > vendor preset: enabled)
> >

> > Active: *active (running)* since Tue 2020-06-02 12:34:07 UTC; 15min ago

> >
> > Main PID: 10871 (node_exporter)
> >
> > CGroup: /system.slice/node_exporter.service
> >
> > └─10871 /usr/local/bin/node_exporter
> >
> > I am thankful for any advices since I can't figure out what the problem
> > is. Any clues maybe?
> >
> >
> > Friendly regards
> >
> > --
> > You received this message because you are subscribed to the Google Groups
> > "Prometheus Users" group.
> > To unsubscribe from this group and stop receiving emails from it, send an
> > email to prometheus-use...@googlegroups.com.
> > To view this discussion on the web visit
> > https://groups.google.com/d/msgid/prometheus-users/037f6dd9-3071-47ed-b5a6-43e7807ec958%40googlegroups.com

> > <https://groups.google.com/d/msgid/prometheus-users/037f6dd9-3071-47ed-b5a6-43e7807ec958%40googlegroups.com?utm_medium=email&utm_source=footer>
> > .

> >
>
> --
> You received this message because you are subscribed to the Google Groups "Prometheus Users" group.
> To unsubscribe from this group and stop receiving emails from it, send an email to prometheus-use...@googlegroups.com.

> To view this discussion on the web visit https://groups.google.com/d/msgid/prometheus-users/CABbyFmp6%3Df31oKLiP110XKUBEYLAEAF2AnwbbKn4jVe5dQhTZw%40mail.gmail.com.

--
Julien Pivotto
@roidelapluie

[SH]

Hey, thanks for your fast response. What do you mean by required yaml indentation? Can you please specify your point? I am realy new to this topic...

friendly regards

Am Dienstag, 2. Juni 2020 14:59:14 UTC+2 schrieb Ben Kochie:

If your config file example is accurate, you are missing the required yaml indentation.

On Tue, Jun 2, 2020 at 2:51 PM SH <samir.h...@gmail.com> wrote:

Hey all,

I am trying to enable TLS encryption for the node_exporter in my machines. When I am trying to start node_explorer with the --web.config flag I am running to 

level=error ts=2020-06-02T12:43:38.957Z caller=node_exporter.go:193 err="missing TLSCertPath"

My web-config.yml looks like:

tls_config:

 # Certificate and key files for server to use to authenticate to client

 cert_file: /root/data/cert/live/folder/fullchain.pem

 key_file:  /root/data/cert/live/folder/privkey.pem

entering 

systemctl status node_exporter

shows me that node_exporter is running correctly:

● node_exporter.service - Node Exporter

  Loaded: loaded (/etc/systemd/system/node_exporter.service; enabled; vendor preset: enabled)

  Active: active (running) since Tue 2020-06-02 12:34:07 UTC; 15min ago

Main PID: 10871 (node_exporter)

  CGroup: /system.slice/node_exporter.service

          └─10871 /usr/local/bin/node_exporter

I am thankful for any advices since I can't figure out what the problem is. Any clues maybe?


Friendly regards

--
You received this message because you are subscribed to the Google Groups "Prometheus Users" group.

To unsubscribe from this group and stop receiving emails from it, send an email to promethe...@googlegroups.com.

[SH]

Hello, yes i am using 1.0.0. Do I need to upgrade the version to make that working?

Friendly regards

> To unsubscribe from this group and stop receiving emails from it, send an email to promethe...@googlegroups.com.

[SH]

Hello, thanks for your fast response. What do you suggest? Upgrade the version?

> > email to promethe...@googlegroups.com.

> > To view this discussion on the web visit
> > https://groups.google.com/d/msgid/prometheus-users/037f6dd9-3071-47ed-b5a6-43e7807ec958%40googlegroups.com
> > <https://groups.google.com/d/msgid/prometheus-users/037f6dd9-3071-47ed-b5a6-43e7807ec958%40googlegroups.com?utm_medium=email&utm_source=footer>
> > .
> >
>
> --
> You received this message because you are subscribed to the Google Groups "Prometheus Users" group.

> To unsubscribe from this group and stop receiving emails from it, send an email to promethe...@googlegroups.com.

[Julien Pivotto]

Your error message does not come from 1.0.0 I think but from one of the release candidates.

Can you update to 1.0.0? Also, you should use tls_server_config, not tls_config:

tls_server_config:
  cert_file: node_exporter.crt
  key_file: node_exporter.key

To unsubscribe from this group and stop receiving emails from it, send an email to prometheus-use...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/prometheus-users/3a62f346-609d-47cf-afac-78ffc3921559%40googlegroups.com.

[SH]

Everything works now. Thanks a lot for your help. You are my hero :D

Am Donnerstag, 4. Juni 2020 09:19:32 UTC+2 schrieb Julien Pivotto:

Your error message does not come from 1.0.0 I think but from one of the release candidates.

Can you update to 1.0.0? Also, you should use tls_server_config, not tls_config:

tls_server_config:
  cert_file: node_exporter.crt
  key_file: node_exporter.key

To view this discussion on the web visit https://groups.google.com/d/msgid/prometheus-users/3a62f346-609d-47cf-afac-78ffc3921559%40googlegroups.com.

[SH]

oh, basic auth isn't supported my prometheus. They recommend using reverse proxy. Does that mean I need drop that whole config?

[Julien Pivotto]

What do you mean?

To unsubscribe from this group and stop receiving emails from it, send an email to prometheus-use...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/prometheus-users/28f31199-425b-480b-91b4-caa948d11638%40googlegroups.com.