nomad
/
postgres
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Add conf fragment to expose patroni prometheus metrics

This commit is contained in:
Daniel Berteaud 2023-10-30 11:53:58 +01:00
parent d690f16a66
commit 2139d4d44d
2 changed files with 28 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
postgres.nomad.hcl
View File

@ -331,7 +331,7 @@ _EOT
[[- if $c.prometheus.enabled ]]
[[ template "common/task.metrics_proxy.tpl" $c ]]
[[ template "common/task.metrics_proxy.tpl" merge (dict "prometheus" (dict "additional_proxy_conf" (tmpl.Exec "postgres/nginx_patroni.conf.tpl" $c))) $c ]]
task "exporter" {
driver = [[ $c.nomad.driver | toJSON ]]

27
templates/nginx_patroni.conf.tpl Normal file
View File

@ -0,0 +1,27 @@
server {
listen {{ env "NOMAD_ALLOC_PORT_patroni-metrics" }} ssl http2;
ssl_certificate /secrets/metrics.bundle.pem;
ssl_certificate_key /secrets/metrics.bundle.pem;
ssl_client_certificate /local/monitoring.ca.pem;
ssl_verify_client on;
ssl_protocols TLSv1.2 TLSv1.3;
ssl_ciphers ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384;
ssl_session_cache shared:SSL:10m;
ssl_session_timeout 1h;
ssl_session_tickets off;
gzip on;
gzip_types
text/plain;
gzip_vary on;
server_tokens off;
if ($request_method !~ ^(GET|HEAD)$ ) {
return 405;
}
location /metrics {
proxy_pass https://localhost:{{ env "NOMAD_ALLOC_PORT_patroni" }}/metrics;
proxy_ssl_verify off;
}
}