chrony_exporter icon indicating copy to clipboard operation
chrony_exporter copied to clipboard
verified publisher icon SuperQ

How to run chrony exporter

Open fatal56ty opened this issue 1 year ago • 2 comments

How to run chrony exporter on raspberry pi? Docker is working, chrony is working, prometheus working. Only chrony metric in prometheus is (there is other metric, like go_*) HELP chrony_up Whether the chrony server is up. TYPE chrony_up gauge chrony_up 0

Firewall is OK, docker runnig on raspberry, where is chrony installed and running.

In log in chrony exporter is : ts=2024-08-25T09:04:59.072Z caller=main.go:90 level=info msg="Starting chrony_exporter" version="(version=0.10.1, branch=HEAD, revision=cdc0e9642fc3a55c53b7b52eb66ee0bf37f1061b)" ts=2024-08-25T09:04:59.076Z caller=tls_config.go:313 level=info msg="Listening on" address=[::]:9123 ts=2024-08-25T09:04:59.076Z caller=tls_config.go:316 level=info msg="TLS is disabled." http2=false address=[::]:9123 ports on raspberry pi: udp UNCONN 0 0 127.0.0.1:323 0.0.0.0:* udp UNCONN 0 0 [::1]:323 *:*

I try ip and unix socket, IP i try ip address of raspberry pi in local network, 172.17.0.1- ip gateway from docker and 127.0.0.1. Firewall is OK. docker run \ -d \ --restart unless-stopped \ --name chrony-exporter \ -p 9123:9123 \ --volume /run/chrony:/run/chrony:ro \ quay.io/superq/chrony-exporter \ --chrony.address=unix:///run/chrony/chronyd.sock \ --collector.chmod-socket

docker run \ -d \ --restart unless-stopped \ --name chrony-exporter \ -p 9123:9123 \ quay.io/superq/chrony-exporter \ --chrony.address=<IP_ADRESA_RASPBERRY_PI>:323

Any ideas?

fatal56ty avatar Aug 25 '24 09:08 fatal56ty

I agree that the documentation isn't clear about how to run it in Docker. It gives hints to what to configure but there is no complete example.

So here's my working Docker compose config:

  chrony_exporter:
    image: quay.io/superq/chrony-exporter
    ports:
      - "9123:9123"
    user: "118" # Same as chrony user on host. Could use "root" 
    command: --chrony.address=unix:///run/chrony/chronyd.sock --collector.chmod-socket --collector.tracking --collector.sources --collector.serverstats
    restart: unless-stopped
    volumes:
      - /run/chrony:/run/chrony

And somehow it didn't work when I volume mapped just the socket file, so I'm giving it the whole /run/chrony folder 🤷

chris03 avatar Sep 04 '24 01:09 chris03

Here are my two YAML for k8s. I'd like to measure for a specific NTP server, so I added a initContainer to add one but it's optional.

  1. Use Unix socket. Same as @chris03, it seems I have to mount the whole /run/chrony/, since the exporter seems doing something in it.
---
kind: DaemonSet
apiVersion: apps/v1
metadata:
  namespace: monitoring
  name: chrony-exporter
  labels:
    app: chrony-exporter
spec:
  selector:
    matchLabels:
      app: chrony-exporter
  template:
    metadata:
      labels:
        app: chrony-exporter
    spec:
      volumes:
        - name: chronyc
          hostPath:
            path: /usr/
            type: Directory
        - name: chronyd-socket
          hostPath:
            path: /run/chrony/
            type: Directory
      initContainers:
        - name: chronyc
          image: amazonlinux:2023
          command: ["/bin/sh", "-c"]
          args:
            - "/usr/bin/chronyc add server X.X.X.X iburst || true"
          volumeMounts:
            - mountPath: /usr/
              name: chronyc
            - mountPath: /run/chrony/
              name: chronyd-socket
      containers:
        - name: chrony-exporter
          image: quay.io/superq/chrony-exporter:latest
          args:
            - "--chrony.address=unix:///run/chrony/chronyd.sock"
            - "--collector.chmod-socket"
            - "--collector.sources"
            - "--no-collector.tracking"
            - "--log.level=info"
          securityContext:
            runAsUser: 997  # uid of chrony.sock owner, 0 for root also works
          ports:
            - containerPort: 9123
              name: metrics
              protocol: TCP
          volumeMounts:
            - mountPath: /run/chrony/
              name: chronyd-socket
  1. Use host network looks a little easier for the exporter
---
kind: DaemonSet
apiVersion: apps/v1
metadata:
  namespace: monitoring
  name: chrony-exporter
  labels:
    app: chrony-exporter
spec:
  selector:
    matchLabels:
      app: chrony-exporter
  template:
    metadata:
      labels:
        app: chrony-exporter
    spec:
      volumes:
        - name: chronyc
          hostPath:
            path: /usr/
            type: Directory
        - name: chronyd-socket
          hostPath:
            path: /run/chrony/
            type: Directory
      hostNetwork: true
      initContainers:
        - name: chronyc
          image: amazonlinux:2023
          command: ["/bin/sh", "-c"]
          args:
            - "/usr/bin/chronyc add server X.X.X.X minpoll 4 maxpoll 5 || true"
          volumeMounts:
            - mountPath: /usr/
              name: chronyc
            - mountPath: /run/chrony/
              name: chronyd-socket  # still required by chronyc by default
      containers:
        - name: chrony-exporter
          image: quay.io/superq/chrony-exporter:latest
          args:
            - "--collector.sources"
            - "--no-collector.tracking"
            - "--log.level=info"
          ports:
            - containerPort: 9123
              name: metrics
              protocol: TCP

kyleli666 avatar Dec 15 '24 15:12 kyleli666

For a raspberry pi, I recommend the chrony_exporter role.

SuperQ avatar Nov 04 '25 08:11 SuperQ