metrics icon indicating copy to clipboard operation
metrics copied to clipboard
verified publisher icon VictoriaMetrics

Custom httpclient support

Open chou-godaddy opened this issue 9 months ago • 2 comments

Problem

I need to push metrics that requires mutual TLS authentication with client certificates. The current implementation in push.go uses a private HTTP client that can't be customized from outside the package.

This creates a dilemma:

  1. Either modify the global HTTP DefaultTransport (which affects all HTTP clients in the application)
  2. Or create a custom pusher with a custom HTTP client with specific TLS configuration

Question

Has anyone else needed to push metrics to the storage endpoint requiring client certificates or custom TLS configurations? How have you solved this problem?

Potential Solutions

I see a few possible ways to address this:

  1. Add a CustomClient field to the existing PushOptions struct
  2. Create new functions that accept a custom HTTP client

I'd appreciate any guidance on the best approach that aligns with the project's design philosophy before submitting a pull request.

chou-godaddy avatar Apr 01 '25 08:04 chou-godaddy

For handling mTLS authentication, we recommend placing vmauth in front of Victoriametrics and use vmauth for handling mTLS. You can also handle mTLS using a different reverse proxy like Traefik

tiny-pangolin avatar Apr 01 '25 13:04 tiny-pangolin

In scenarios where there is network isolation or restrictions, it is necessary to provide a custom http.Client to define a proxy. It may also be required to use a custom DialContext to obtain network connections. Without the ability to supply a custom http.Client, the only alternative would be to modify the global http.DefaultTransport, which could cause issues for other HTTP requests in the application.

xmx avatar Nov 20 '25 09:11 xmx