federation using https targets

[Mike Michel]

hi,

we are running prom behind haproxy which is doing ssl termination. now i want to scrape them with federation.

    target_groups:

      - targets:

        - 'https://ha-prometheus.intern.example.io'

returns:

 is not a valid hostname  source=main.go:208

    target_groups:

      - targets:

        - 'ha-prometheus.intern.example.io:443'

returns:

server returned HTTP status 400 Bad Request

in the UI because haproxy answers (correct): "You're speaking plain HTTP to an SSL-enabled server port".

haproxy redirects http to https so tried:

    target_groups:

      - targets:

        - 'ha-prometheus.intern.example.io'

but now in UI: 

dial tcp: too many colons in address ha-prometheus.intern.example.io:80:443

solution?

cheers,

mike

[Julius Volz]

Have a look at http://prometheus.io/docs/operating/configuration/#scrape_config. Specifically, you'll want to set the "scheme" in your scrape config to "https". There's also an optional "tls_config" section that allows you to configure things like skipping TLS verification or loading CAs / certs from specific files, if needed.

--
You received this message because you are subscribed to the Google Groups "Prometheus Developers" group.
To unsubscribe from this group and stop receiving emails from it, send an email to prometheus-devel...@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[Mike Michel]

cool, works.

thx

[Mike Michel]

arrr, in live it's not working because of the host header set by prom. it adds the port to the hostname which haproxy does not like and answers with "503 Service Unavailable"

Host: ha-prometheus.intern.example.io:443

should be:

Host: ha-prometheus.intern.example.io

checking https://www.w3.org/Protocols/rfc2616/rfc2616-sec14.html#sec14.23 a port should be fine so it seems that sould be fixed in the haproxy.cfg