--- tags: - groupvps - firewall - "#prometheus" --- # Create scrape config `roles/prometheus/hostnet/onecom-prometheus-scrape-config-vps-gobs.json` # Testing the endpoint https://prometheus1.env.vps1-lej1.one.com/targets?search=&scrapePool=gobs # Metrics only accessible over HTTPS ``` commit e1e36bd073c8faf777577a41eb2eb67035e917b2 (HEAD -> master, upstream/master, upstream/HEAD, origin/master) Author: Ihor Piddubnyak Date: Mon Jan 27 13:24:30 2025 +0100 onecom-prometheus-relabel-config-vps-gobs role to scrape https from gobs diff --git a/roles/prometheus/hostnet/onecom-prometheus-relabel-config-vps-gobs.json b/roles/prometheus/hostnet/onecom-prometheus-relabel-config-vps-gobs.json new file mode 100644 index 0000000000..a18adccf7c --- /dev/null +++ b/roles/prometheus/hostnet/onecom-prometheus-relabel-config-vps-gobs.json @@ -0,0 +1,21 @@ +{ + "name": "onecom-prometheus-relabel-config-vps-gobs", + "description": "Role for configuration of Prometheus gabs scrape to get metrics with https", + "json_class": "Chef::Role", + "default_attributes": { + "prometheus": { + "server": { + "scrape_configs": { + "gobs": { + "scheme": "https", + "tls_config": { + "insecure_skip_verify": true + } + } + } + } + } + }, + "chef_type": "role" +} + diff --git a/roles/prometheus/onecom-prometheus-server.json b/roles/prometheus/onecom-prometheus-server.json index 6b430e4171..1089f6bb73 100644 --- a/roles/prometheus/onecom-prometheus-server.json +++ b/roles/prometheus/onecom-prometheus-server.json @@ -53,6 +53,7 @@ "role[pl-onecom-prometheus]", "role[onecom-prometheus-scrape-config-thanos-sidecar]", "role[onecom-prometheus-relabel-config-thanos]", + "role[onecom-prometheus-relabel-config-vps-gobs]", "role[onecom-prometheus-pdns-passwd]", ``` # Zeh Firewall https://gitlab.group.one/systems/chef-repo/-/merge_requests/2838 base servers need to have a fw rule added to allow traffic out from prom to service/port. if in same vlan no need for a rule on the gateways