czerwonk
Specifying targets in prometheus and credentials in config file
Hi, I'd like to specify targets in prometheus(which is there) along with credentials in config file. Seems like if configure the exporter with -config.ignore-targets, it does not use the credentials from the file any more and gives below error. I don't want to specify credentials using while running the binary and but keep it in a file and lock it down.
Error
Error while trying to reach another device specified in targets in prometheus
could not initialize config for device junos-test-1: no valid authentication method available.
Let me know if this is not available or if there is something i'm doing wrong. At some point, i'd like to use file discovery and add remove junos devices since we have about 40 of them. Thanks.
Version: 0.9.5 of the exporter
this is how its running. im using a the binary. /path/junos_exporter -config.file=/path/junos_exporter_config.yml -config.ignore-targets
Config File - junos_exporter_config.yml
global:
username: junos
password: junos
features:
bgp: true
ospf: false
isis: false
nat: false
ldp: false
l2circuit: false
environment: true
routes: true
routing_engine: true
interface_diagnostic: true
fpc: true
Prometheus config
- job_name: junos_exporter
scrape_interval: 60s
scrape_timeout: 30s
static_configs:
- targets:
- junos-test-1
relabel_configs:
- source_labels: [__address__]
target_label: __param_target
- source_labels: [__param_target]
target_label: instance
- target_label: __address__
replacement: 127.0.0.1:9326
I'm not sure if v0.9.5 has this functionality, but I'm running the latest commit and have gotten the exporter to work as follows.
junos_exporter_config.yml
devices:
- host: junos-test-1
username: someUser
password: password123
- host: junos-test-2
username: someOtherUser
password: password456
...
- host: junos-test-40
username: someUser
password: password123
features:
bgp: true
ospf: false
isis: false
nat: false
ldp: false
l2circuit: false
environment: true
routes: true
routing_engine: true
interface_diagnostic: true
fpc: true
Prometheus config
- job_name: junos_exporter
scrape_interval: 60s
scrape_timeout: 45s
static_configs:
- targets:
- junos-test-1
- junos-test-2
...
- junos-test-40
relabel_configs:
- source_labels: [__address__]
target_label: __param_target
- source_labels: [__param_target]
target_label: instance
- target_label: __address__
replacement: 127.0.0.1:9326
Sometimes a scrape will take over 30 seconds for a particular device, just be aware of that and increase your scrape timeout.
@pgporada Thanks for ur response. I am currently using it the way you specified. Would be better to specify the targets at Prometheus so that I can use some automation and add/delete targets at one place and not split brain. Also, would be great if the -config.ignore-targets flag doesn't use the targets in the config file but does use the other config like credentials, features etc.
Would be better to specify the targets at Prometheus so that I can use some automation and add/delete targets at one place and not split brain.
I don't know if that's possible, but if it is I'd like to know how to do it too.
@czerwonk is this something that can be worked on? I see tynany/junos_exporter seems to have done something similar..
It would be possible to define credentials not related to a special device and use an special route to get the metrics for a single device. I've done that with several other exporters. Since this is not seen as best practice I would add this as optional feature.
