为 Prometheus 目标配置 basic_auth [英] Configure basic_auth for Prometheus Target

问题描述

我的 prometheus.yml 配置文件中 static_configs 中的目标之一通过基本身份验证进行保护.结果，描述连接被拒绝"的错误被排除在外.在 Prometheus 目标页面中始终针对该目标显示.

One of the targets in static_configs in my prometheus.yml config file is secured with basic authentication. As a result, an error of description "Connection refused" is always displayed against that target in the Prometheus Targets' page.

我研究了如何设置 prometheus 以在尝试抓取特定目标时提供安全凭据，但找不到任何解决方案.我发现的是如何在文档的 scrape_config 部分进行设置.这对我不起作用，因为我有其他不受 basic_auth 保护的目标.请帮我解决这个挑战.

I have researched how to setup prometheus to provide the security credentials when trying to scrape that particular target but couldn't find any solution. What I found was how to set it up on the scrape_config section in the docs. This won't work for me because I have other targets that are not protected with basic_auth. Please help me out with this challenge.

这是我的 .yml 配置的一部分，关于我的挑战.

Here is part of my .yml config as regards my challenge.

scrape_configs:
  # The job name is added as a label `job=<job_name>` to any timeseries scraped from this config.
  - job_name: 'prometheus'

    # Override the global default and scrape targets from this job every 5 seconds.
    scrape_interval: 5s
    scrape_timeout: 5s

    # metrics_path defaults to '/metrics'
    # scheme defaults to 'http'.

    static_configs:
      
      - targets: ['localhost:5000']
        labels: 
          service: 'Auth'
      - targets: ['localhost:5090']
        labels:
          service: 'Approval'
      - targets: ['localhost:6211']
        labels:
          service: 'Credit Assessment'
      - targets: ['localhost:6090']
        labels:
          service: 'Sweep'
      - targets: ['localhost:6500']
        labels:

推荐答案

我想在@PatientZro 的回答中添加更多细节.

I would like to add more details to the @PatientZro answer.

就我而言，我需要创建另一个作业(如指定的那样)，但 basic_auth 需要与 job_name 的缩进级别相同.请参阅此处的示例.

In my case, I need to create another job (as specified), but basic_auth needs to be at the same level of indentation as job_name. See example here.

同样，我的 basic_auth 案例需要一个路径，因为它们没有显示在我的域的根目录中.

As well, my basic_auth cases require a path as they are not displayed at the root of my domain.

以下是指定了 API 端点的示例:

Here is an example with an API endpoint specified:

  - job_name: 'myapp_health_checks'
    scrape_interval: 5m
    scrape_timeout: 30s
    static_configs:
        - targets: ['mywebsite.org']
    metrics_path: "/api/health"
    basic_auth:
      username: 'email@username.me'
      password: 'cfgqvzjbhnwcomplicatedpasswordwjnqmd'

最好，

这篇关于为 Prometheus 目标配置 basic_auth的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！