Using client certificates in Prometheus
49 views
Skip to first unread message
Gokulasuriyan R.K
Aug 25, 2021, 7:58:10 AM8/25/21
to Prometheus Users
Hi,
I am using prometheus to monitor my microservice. I would like to Instruct Prometheus to do as follow:
- API call to '/login' get the Bearer token using a client certificate (.cert and .key files).
- Add the Bearer token as the 'Authorization' as a header in all API call
My config file:
global:
scrape_interval: 1m
scrape_timeout: 30s
external_labels:
monitor: 'test_system'
scrape_configs:
- job_name: 'DT30'
scheme: https
tls_config:
ca_file: valid_ca_file
cert_file: valid_cert_file
metrics_path: "/api/v1/gateway/auth/login"
static_configs:
- targets: ['test.net:60004']
- job_name: 'DT31'
scheme: https
bearer_token: 'xxxxxxxx (generated from previous step)'
metrics_path: "/api/v1/
gateway/prometheus/generic"
params:
ssid: ['chk']
delta: ['true']
function: ['cccccc']
static_configs:
- targets: ['test.net:60004']
Julien Pivotto
Aug 25, 2021, 8:06:04 AM8/25/21
to Gokulasuriyan R.K, Prometheus Users
This is not possible.
What prometheus can do is to use Client Credentials OAuth2 flow.
On 25 Aug 04:58, Gokulasuriyan R.K wrote:
> Hi,
>
> I am using prometheus to monitor my microservice. I would like to Instruct
> Prometheus to do as follow:
>
> 1. API call to '/login' get the Bearer token using a client certificate
> (.cert and .key files).
> 2. Add the Bearer token as the 'Authorization' as a header in all API
> You received this message because you are subscribed to the Google Groups "Prometheus Users" group.
> To unsubscribe from this group and stop receiving emails from it, send an email to prometheus-use...@googlegroups.com.
> To view this discussion on the web visit https://groups.google.com/d/msgid/prometheus-users/e6cd7424-43bd-48c6-a320-e71fb18fbdccn%40googlegroups.com.
--
Julien Pivotto
@roidelapluie
What prometheus can do is to use Client Credentials OAuth2 flow.
On 25 Aug 04:58, Gokulasuriyan R.K wrote:
> Hi,
>
> I am using prometheus to monitor my microservice. I would like to Instruct
> Prometheus to do as follow:
>
> (.cert and .key files).
> 2. Add the Bearer token as the 'Authorization' as a header in all API
> call
>
> Is this possible ?
>
> *My config file:*
>
> Is this possible ?
>
>
> global:
> scrape_interval: 1m
> scrape_timeout: 30s
> external_labels:
> monitor: 'test_system'
>
> scrape_configs:
> - job_name: 'DT30'
> scheme: https
> tls_config:
> ca_file: valid_ca_file
> cert_file: valid_cert_file
> metrics_path: "/api/v1/gateway/auth/login"
> static_configs:
> - targets: ['test.net:60004']
>
> - job_name: 'DT31'
> scheme: https
> bearer_token: 'xxxxxxxx (generated from previous step)'
> metrics_path: "/api/v1/ gateway/prometheus/generic"
> params:
> ssid: ['chk']
> delta: ['true']
> function: ['cccccc']
> static_configs:
> - targets: ['test.net:60004']
>
> --
> global:
> scrape_interval: 1m
> scrape_timeout: 30s
> external_labels:
> monitor: 'test_system'
>
> scrape_configs:
> - job_name: 'DT30'
> scheme: https
> tls_config:
> ca_file: valid_ca_file
> cert_file: valid_cert_file
> metrics_path: "/api/v1/gateway/auth/login"
> static_configs:
> - targets: ['test.net:60004']
>
> - job_name: 'DT31'
> scheme: https
> bearer_token: 'xxxxxxxx (generated from previous step)'
> metrics_path: "/api/v1/ gateway/prometheus/generic"
> params:
> ssid: ['chk']
> delta: ['true']
> function: ['cccccc']
> static_configs:
> - targets: ['test.net:60004']
>
> You received this message because you are subscribed to the Google Groups "Prometheus Users" group.
> To unsubscribe from this group and stop receiving emails from it, send an email to prometheus-use...@googlegroups.com.
> To view this discussion on the web visit https://groups.google.com/d/msgid/prometheus-users/e6cd7424-43bd-48c6-a320-e71fb18fbdccn%40googlegroups.com.
--
Julien Pivotto
@roidelapluie
Gokulasuriyan R.K
Aug 25, 2021, 8:26:02 AM8/25/21
to Prometheus Users
Ok, Thanks to you.
Reply all
Reply to author
Forward
0 new messages