chrony_exporter icon indicating copy to clipboard operation
chrony_exporter copied to clipboard

Published 20 hours ago verified publisher icon SuperQ

Metadata

Exporter for Chrony NTP

Prometheus Chrony Exporter

Build Status Docker Repository on Quay Go Reference

This is a Prometheus Exporter for Chrony NTP.

Installation

For most use-cases, simply download the the latest release.

Building from source

You need a Go development environment. Then, simply run make to build the executable:

make

This uses the common prometheus tooling to build and run some tests.

Building a Docker container

You can build a Docker container with the included docker make target:

make promu
promu crossbuild -p linux/amd64 -p linux/arm64
make docker

This will not even require Go tooling on the host.

Running in a container

Because chrony only listens on the host localhost, you need to adjust the default chrony address

docker run \
  -d --rm \
  --name chrony-exporter \
  -p 9123:9123 \
  quay.io/superq/chrony-exporter \
  --chrony.address=host.docker.internal:323

Running

A minimal invocation looks like this:

./chrony_exporter

Supported parameters include:

  • --web.listen-address: the address/port to listen on (default: ":9123")
  • --chrony.address: the address/port (UDP) or path to Unix socket used to connect to chrony (default: "[::1]:323")
  • --collector.sources: Enable/disable the collection of chronyc sources metrics. (Default: Disabled)
  • --collector.tracking: Enable/disable the collection of chronyc tracking metrics. (Default: Enabled)
  • --collector.serverstats: Enable/disable the collection of chronyc serverstats metrics. This collector only works when chrony is accessed through the Unix socket. (Default: Disabled)
  • --collector.dns-lookups: Enable/disable reverse DNS Lookups. (Default: Enabled)

To disable a collector, use --no-. (i.e. --no-collector.tracking)

By default, the exporter will bind on :9123.

In case chrony is configured to not accept command messages via UDP (cmdport 0) the exporter can use the unix command socket opened by chrony. In this case use the command line option --chrony.address=unix:///path/to/chronyd.sock to configure the path to the chrony command socket. On most systems chrony will be listenting on unix:///run/chrony/chronyd.sock. For this to work the exporter needs to run as root or the same user as chrony. When the exporter is run as root the flag collector.chmod-socket is needed as well.

Prometheus Rules

You can use Prometheus rules to pre-compute some values.

For example, the maximum clock error can be computed from several metrics as documented in the Chrony man pages.

groups:
  - name: Chrony
    rules:
      - record: instance:chrony_clock_error_seconds:abs
        expr: >
          abs(chrony_tracking_last_offset_seconds)
          +
          chrony_tracking_root_dispersion_seconds
          +
          (0.5 * chrony_tracking_root_delay_seconds)

TLS and basic authentication

The Chrony Exporter supports TLS and basic authentication.

To use TLS and/or basic authentication, you need to pass a configuration file using the --web.config.file parameter. The format of the file is described in the exporter-toolkit repository.

Metadata

26
Stars
8
Forks
Watchers

Owner

verified publisher icon SuperQ

Metadata

Exporter for Chrony NTP

Back