Bind node_exporter to listen only from a foreign ip

[Jim Daemon]

Hello is it possible to make node exporter to listen only from specific IP, that ip is not a local interface, it can be the ip of another server ex prometheus server. This would be usefull if you dont want everyone in the netowork to access the metrics just only prometheus server. Probably it is possible with reverse proxy but it requires a lot of work.

[Stuart Clark]

> requires a lot of work. --

It isn't, but you have a number of options.

As you mentioned you can use a reverse proxy, but you could also use
host firewalling (iptables). Also Node Exporter now supports TLS. As
part of that you can use client certificates, so while it doesn't
prevent other hosts from trying to access the exporter they would fail
to fetch any data.