Promconsulfetcher was made for consul and the idea behind is to give ability to fetch metrics from all services instance queried in a consul. This allow to aggregate metrics from a consul cluster where node and their port is not accessible by a prometheus instance.
User can retrieve is metrics by simply call /v1/services/[consul template style query]/metrics
which will merge all
metrics from service instances and add labels:
node_name
node_id
node_address
datacenter
service_id
service_name
service_address
service_port
Metrics from app instance 0:
go_memstats_mspan_sys_bytes{} 65536
Metrics from app instance 1:
go_memstats_mspan_sys_bytes{} 5600
become:
go_memstats_mspan_sys_bytes{node="node1",id="id1",address="host1",datacenter="dc1",service_id="id1",service_name="name",service_address="host1",service_port="4646",instance="172.76.112.90:61038"} 65536
go_memstats_mspan_sys_bytes{node="node2",id="id2",address="host2",datacenter="dc1",service_id="id2",service_name="name",service_address="host2",service_port="4646",instance="172.76.112.91:61010"} 65536
This is the same query style described here: https://github.com/hashicorp/consul-template/blob/master/docs/templating-language.md#service
It must have the form <TAG>.<NAME>@<DATACENTER>~<NEAR>
The <TAG>
attribute is optional; if omitted, all nodes will be queried.
The <DATACENTER>
attribute is optional; if omitted, the local datacenter is used.
The <NEAR>
attribute is optional; if omitted, results are specified in lexical order. If provided a node name, results
are ordered by shortest round-trip time to the provided node. If provided _agent
, results are ordered by shortest
round-trip time to the local agent.
You have nothing to do, you can retrieve app instances metrics by simply call one of:
- [my.promconsulfetcher.com/v1/services/[consul template style query]/metrics](my.promconsulfetcher.com/v1/services/{consul template style query}/metrics)
- [my.promconsulfetcher.com/v1/services/metrics?consul_query="[consul template style query]"](my.promconsulfetcher.com/v1/services/metrics?consul_query="[consul template style query]")
Add tag promconsulfetcher.metric_path=/my-metrics/endpoint
Add url param metric_path=/my-metrics/endpoint
, e.g.:
- [my.promconsulfetcher.com/v1/services/[consul template style query]/metrics?metric_path=/my-metrics/endpoint](my.promconsulfetcher.com/v1/services/{consul template style query}/metrics?metric_path=/my-metrics/endpoint)
Add tag promconsulfetcher.scheme=https
Add url param scheme=https
, e.g.:
- [my.promconsulfetcher.com/v1/services/[consul template style query]/metrics?scheme=https](my.promconsulfetcher.com/v1/services/{consul template style query}/metrics?scheme=https)
If you do a request with headers, they are all passed to app.
This is useful for authentication purpose, example on basic auth
- I have an app with metrics on
/metrics
but it is protected with basic authfoo
/bar
- You can perform curl:
curl https://foo:bar@my.promconsulfetcher.com/v1/services/my-app/metrics
- Basic auth header are passed to app and you can retrieve information (note that promconsulfetcher do not store anything)
Use /only-app-metrics
instead of /metrics
, e.g.:
- my.promconsulfetcher.com/v1/services/[org_name]/[space_name]/[app_name]/only-app-metrics
- my.promconsulfetcher.com/v1/services/only-app-metrics?app="[app_id]"
Please download latest release for your platform and run it with ./promconsulfetcher
, you will now have
access to http://localhost:8085
which is the user doc.
Of course, default configuration will not work in most context, to configure you write a config.yml
and configure as
described:
For understanding config definition format:
[]
means optional (by default parameter is required)<>
means type to use
# Port for listening
[ port: <int> | default = 8085]
# Port for listening health check
[ health_check_port: <int> | default = 8080]
# External url which give docs url to user
# This is an url pointing on this service of course
# using it let you separate logs part from user part
[ base_url: <string> | default = "http://localhost:8085" ]
# skip ssl validation when connecting to services found
[ skip_ssl_validation: <bool> ]
# set to true to enable ssl server
# you will need to set `tls_pem.cert_chain` and `tls_pem.private_key`
[ enable_ssl: <bool> ]
# CA(s) in pem format (multiple can bet set inside)
# which will be use when connecting on service
[ ca_certs: <string> ]
# tls cert and private key in pem format if you want to enable ssl
tls_pem:
cert_chain: <string>
private_key: <string>
log:
# log level to use for server
# you can chose: `trace`, `debug`, `info`, `warn`, `error`, `fatal` or `panic`
[ level: <string> | default = info ]
# Set to true to force not have color when seeing logs
[ no_color: <bool> ]
# et to true to see logs as json format
[ in_json: <bool> ]
# consul configuration for connecting
consul:
# Defines the address of the Consul server
[ address: <string> | default = "127.0.0.1:8500" ]
# Defines the URI scheme for the Consul server
[ scheme: <string> | default = "http" ]
# Defines the datacenter to use.
# If not provided, Consul uses the default agent datacenter
[ datacenter: <string> ]
# Token is used to provide a per-request ACL
# token which overwrites the agent's default token.
[ token: <string> ]
# Limits the duration for which a Watch can block.
# If not provided, the agent default values will be used.
[ endpoint_wait_time: <string> ]
# Defines the TLS configuration used for the secure connection to Consul Catalog
tls:
# the path to the certificate authority used for the secure
# connection to Consul Catalog, it defaults to the system bundle
[ ca: <string> ]
# the path to the public certificate used for the secure
# connection to Consul Catalog. When using this option,
# setting the key option is required
[ cert: <string> ]
# the path to the private key used for the secure
# connection to Consul Catalog. When using this option,
# setting the cert option is required
[ key: <string> ]
# if true, the TLS connection to Consul accepts any certificate
# presented by the server regardless of the hostnames it covers
[ skip_ssl_validation: <bool> ]
# Used to authenticate the HTTP client using HTTP Basic Authentication
http_auth:
# Username to use for HTTP Basic Authentication
[ username: <string> ]
# Password to use for HTTP Basic Authentication
[ password: <string> ]
Promconsulfetcher expose metrics on /metrics
:
promconsulfetcher_metric_fetch_failed_total
: Number of non fetched metrics without be an normal error.promconsulfetcher_metric_fetch_success_total
: Number of fetched metrics succeeded for an app (app instance call are summed).promconsulfetcher_latest_time_scrape_route
: Last time that route has been scraped in seconds.promconsulfetcher_scrape_route_failed_total
: Number of non fetched metrics without be an normal error.
Promconsulfetcher when receiving a SIGINT or SIGTERM or SIGUSR1 signal will stop listening new connections and will wait to finish opened requests before stopping. If opened requests are not finished after 15 seconds the server will be hard closed.
Health check is available by default on port 8080. If promconsulfetcher is not healthy or not yet healthy it will respond a 503 error, if not it will respond a 200.
User can send a USR1
signal on promconsulfetcher to set unhealthy on health check in addition to stop gracefully.