Support for HTTPS in JMX exporter
77 views
Skip to first unread message
aravind ravi
Feb 2, 2021, 6:02:21 AM2/2/21
to Prometheus Users
JMX jar version : 0.14.0
JMX conf file (driver_pattern.yaml) :
ssl: true
lowercaseOutputName: true
attrNameSnakeCase: true
rules:
- pattern: "metrics<name=(.*)\\.driver\\.(.*)\\.(.*)\\.(.*)><>(.*)"
name: spark_driver_rag_$2_$3_$4
labels:
app_id: "$1"
Java agent started using below parameters:
-Djava.util.logging.config.file=/mnt/jmx-logging/logging.properties
-Djavax.net.ssl.keyStore=/opt/cspk/ssl/tls-secret/keystore.jks
-Djavax.net.ssl.keyStorePassword=demo
-Djavax.net.ssl.trustStore=/etc/pki/ca-trust/extracted/java/cacerts
-Djavax.net.ssl.trustStorePassword=demo
Expected result : Access for jmx endpoint in https mode.
Actual result : jmx metrics are exposed only in http mode. Unable to access in https mode.
aravind ravi
Feb 9, 2021, 8:39:48 AM2/9/21
to Prometheus Users
Please help me on bring up jmx exporter in https endpoint ...
--
You received this message because you are subscribed to the Google Groups "Prometheus Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email to prometheus-use...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/prometheus-users/88abfed5-f5c1-4d80-8ee4-ec0f64798542n%40googlegroups.com.
Daniel Lacher
Jun 1, 2021, 1:21:50 PM6/1/21
to Prometheus Users
Apparently, you can't do that without a reverse proxy in front of your java node: https://github.com/prometheus/jmx_exporter/issues/442
Connecting with SSL doesn't mean protecting the /metrics endpoint in this case: https://groups.google.com/g/prometheus-developers/c/ltI-gB0seVs
Reply all
Reply to author
Forward
0 new messages