On Friday, 18 September 2020 11:27:06 UTC+1, [email protected] wrote: > > I am confused when you say " Any service discovery mechanism can be used > to scrape either HTTP or HTTPS targets" > > 1. Can Prometheus scrape TLS and non-TLS targets at the same time using a > single k8s scrape job? If yes, could you point me an example configuration? >
What do you mean by a "k8s scrape job"? Do you mean a prometheus scrape job which uses a kubernetes_sd_config <https://prometheus.io/docs/prometheus/latest/configuration/configuration/#kubernetes_sd_config> to identify targets to scrape? > Lets say we have service A, B, C and D deployed on k8s. Only A and B > exposes metrics over TLS. C and D expose over non-TLS. > Could you point me how mTLS configuration and k8s scrape configuration > look like? > You need some way to distinguish the hosts which are exposing metrics over TLS, and those which are not. For example, perhaps there is a kubernetes label which can tell you whether it's HTTP or HTTPS. Then you can add a step in your metric relabelling to set __scheme__ accordingly. I suggest you: - show your current scrape config - explain how you can distinguish between HTTP and HTTPS endpoints - then it should be possible to amend your config to set __scheme__ However this seems odd to me, and you might want to explain *why* some endpoints are TLS and some are not. Are the TLS and non-TLS endpoints listening on different ports? If so, you'll need to relabel __address__ as well. -- You received this message because you are subscribed to the Google Groups "Prometheus Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/prometheus-users/e35ef888-d896-4bc8-ad47-31818ed6cee8o%40googlegroups.com.
