collectd_exporter
collectd_exporter copied to clipboard
prometheus
HTTPS endpoint
Hi,
Is there any work planned for adding TLS support (like in node_exporter) to server accessed by prometheus? I know that question was asked and answered few years ago but maybe there is some update.
Thanks, Kamil
It appears that github.com/prometheus/node_exporter/https exports everything needed to set the TLS context up in the same way as the node_exporter, which seems to me like a reasonable thing to do.
The change itself would be really simple, basically after importing https package and adding config file flag, it could be just:
- if err := http.ListenAndServe(*listenAddress, nil); err != nil {
+ server := &http.Server{Addr: *listenAddress}
+ if err := https.Listen(server, *tlsConfigFile, logger); err != nil {
but... using github.com/prometheus/node_exporter/https bumps up dependencies in go.mod
require (
collectd.org v0.3.1-0.20181025072142-f80706d1e115
- github.com/go-kit/kit v0.8.0
- github.com/prometheus/client_golang v1.0.0
- github.com/prometheus/common v0.4.1
- golang.org/x/sys v0.0.0-20190422165155-953cdadca894 // indirect
+ github.com/go-kit/kit v0.10.0
+ github.com/prometheus/client_golang v1.4.1
+ github.com/prometheus/common v0.9.1
+ github.com/prometheus/node_exporter v1.0.0-rc.0.0.20200503194828-0c532984b7a6
gopkg.in/alecthomas/kingpin.v2 v2.2.6
)
which makes this change a lot heavier. Additionally, as make all requires /vendor update with go mod vendor, it would lead to:
467 files changed, 264071 insertions(+), 2576 deletions(-)
What approach do you recommend? Thanks
We want to move the https package to github.com/prometheus/common before we start importing it into other projects. We're going through a security review of the code in the next couple months. When the security review is complete, we'll move the package.
I added https://github.com/prometheus/collectd_exporter/pull/94 to get the vendoring up to date, should make this diff smaller.