On 07/02/17 02:25, Andrew Wilkins wrote: > Hi folks, > > In the release notes there was an innocuous line about introspection > endpoints added to the controller. What this really means is that you can > now monitor Juju controllers with Prometheus. Juju controllers export > metrics, including: > - API requests (total number and latencies by facade/method, grouped by > error code) > - numbers of entities (models, users, machines, ...) > - mgo/txn op counts > > We're working on getting the online docs updated. In the mean time, please > refer to https://github.com/juju/docs/issues/1624 for instructions on how > to set up Prometheus to scrape Juju. It would be great to get some early > feedback.
Hi Andrew, Thanks! Those metrics will be super useful, I will try to find some time to look into them properly. Some early feedback: 1. Your docs say the metrics endpoint requires authentication. I think this can be problematic for people who run multiple controllers or recycle them often. Secrets set up requires manual steps and they need to be distributed to prometheus server. It would be very useful to allow unauthenticated access and rely on firewalls to restrict access (approach followed by most prometheus exporters I looked at). 2. You don't offer option to downgrade to HTTP which is problematic as well IMO. Similar to above it's an obstacle users have to go through before they can scrape targets, manual steps are required, CA certs need to be shipped around. It would be very convenient if users could explicitly fall back to http and let other layers to provide security. Basically I think letting users enable unauthenticated HTTP endpoint for prometheus metrics would be big usability win. Thanks, Jacek
signature.asc
Description: OpenPGP digital signature
-- Juju mailing list Juju@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/juju
