Prometheus node exporter 启用TLS安全证书并设置帐号密码访问

1、生成SSL证书

openssl req -new -newkey rsa:2048 -days 3650 -nodes -x509 -keyout node_exporter.key -out node_exporter.crt -subj "/C=CN/ST=Beijing/L=Beijing/O=abc.com/CN=abc.com"

命令执行完在当前目录生成2个文件node_exporter.crt、node_exporter.key

2、配置Node exporter开启TLS

htpasswd -nBC 12 '' | tr -d ':\n' #生成密码

vi auth_config.yml

tls_server_config:
  cert_file: /home/tls/node_exporter.crt
  key_file: /home/tls/node_exporter.key
basic_auth_users:
  kyj0eytz@wilkey.vip: $2y$12$WLw2sYa.NY0NhTn0EvpefLHeuG.l7TAH9Wzd9HlK1H8ZuDo9EAGKK0i

3、指定配置文件启动

./node_exporter --web.config=auth_config.yml

4、修改prometheus配置

 - job_name: 'host'
    scheme: https
    tls_config:
      ca_file: node_exporter.crt
    basic_auth:
      username: kyj0eytz@wilkey.vip
      password: 123456
    static_configs:
    - targets: ['10.10.8.90:9100']

curl -X POST http://10.10.8.90:9090/-/reload重新加载

参考：

https://prometheus.io/docs/prometheus/latest/configuration/https/

Prometheus node exporter 启用TLS安全证书并设置帐号密码访问

logstash配置Elasticsearch默认index Template

k8s踩坑记录

wilkey

Comments | NOTHING