Prometheus
Enabling Prometheus Support
Prometheus support must be explicitly enabled by modifying the configuration file located at /etc/bondixserver.json or /etc/saneserver.json. You can either:
- Serve Prometheus metrics over the default HTTPS port, or
- Configure a dedicated listener for Prometheus metrics.
Once enabled, Prometheus metrics will be accessible at:
https://<server-ip>/metrics
Serving Prometheus Over the Default HTTPS Port
To enable Prometheus on the default HTTPS port, update your bondixserver.json configuration file.
Modify the Configuration
Locate the following line:
{"target": "server", "action": "add-https", "host": "0.0.0.0", "port": "443", "allowMonitor": true},
Add the following properties:
| Property | Value | Description |
|---|---|---|
allowPrometheus
|
true
|
Enables Prometheus metric reporting |
prometheusUser
|
<username>
|
(Optional) If set, metrics require authentication |
prometheusPassword
|
<password>
|
(Optional) Password for authentication. Both username and password must be provided, otherwise metrics remain unprotected. |
Example Configuration
Your modified configuration should look something like this:
{"target": "server", "action": "add-https", "host": "0.0.0.0", "port": "443", "allowMonitor": true, "allowPrometheus": true, "prometheusUser": "prometheus", "prometheusPassword": "a-good-password"}
Serving Prometheus Over a Dedicated Port
To run Prometheus metrics on a dedicated port, add a new configuration entry to bondixserver.json. This ensures only Prometheus metrics are served. You can choose between HTTP and HTTPS.
Example Configuration
The following configuration allows Prometheus metrics on a dedicated port while restricting other services:
{"target": "server", "action": "add-http", "host": "127.0.0.1", "port": "181818", "allowMonitor": false, "allowTunnel": false, "allowPrometheus": true, "prometheusUser": "prometheus", "prometheusPassword": "a-good-password"}
Configuration Notes:
- Use
"action": "add-http"for HTTP or"action": "add-https"for HTTPS. - Adjust the
hostandportas per your requirements. - If other security measures restrict access to the port, authentication (
prometheusUserandprometheusPassword) may be optional.
Adding Bondix Server to Prometheus
To configure Prometheus to scrape metrics from the Bondix server, add the following snippet to your Prometheus configuration file:
- job_name: 'endpoints'
static_configs:
- targets: ['your_endpoint_server.com']
scheme: https
basic_auth:
username: 'prometheus'
password: 'a-good-password'
tls_config:
insecure_skip_verify: true
enable_http2: false
This configuration enables Prometheus to securely scrape metrics over HTTPS with basic authentication.
By following these steps, you can successfully integrate Prometheus metrics into your Bondix server setup while ensuring security and accessibility as per your requirements.
