Prometheus cannot access etcd targets created by relation
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
Etcd Charm |
Fix Released
|
High
|
Adam Dyess |
Bug Description
When we related etcd to prometheus, a manual job is added with the following config:
- job_name: etcd-cecc7935-
scheme: https
static_configs:
- targets:
- 10.50.13.59:2379
- 10.50.13.86:2379
- 10.50.13.77:2379
But in the targets page of the webui I see it's having ssl errors:
Get "https:/
I tried adding the following:
tls_config:
insecure_
But then the new error on connection is:
Get "https:/
It seems we need a valid client certificate to communicate with etcd.
Since etcd supports the relation with prometheus, it should take care of passing all the necessary bits to enable the communication.
In case it matters, this is prometheus2 charm, stable channel, rev 33 and etcd from the latest/stable channel, rev 724. Both deployed on focal.
Changed in charm-etcd: | |
status: | Triaged → In Progress |
assignee: | nobody → Adam Dyess (addyess) |
milestone: | none → 1.27+ck1 |
Changed in charm-etcd: | |
status: | Fix Committed → Fix Released |
Thanks for the report. The Prometheus job is defined by the etcd charm in the register_ prometheus_ jobs handler[1]. Looking at the prometheus-manual interface definition[2], it should be possible to provide client certificates to the register_job call.
[1]: https:/ /github. com/charmed- kubernetes/ layer-etcd/ blob/ae98be0046 953ced628f682ee e266d0e875a62b0 /reactive/ etcd.py# L904-L912 /github. com/juju- solutions/ interface- prometheus- manual/ blob/51094180f3 8de3e66afcda5e5 20cd0b895e88c26 /provides. py#L17- L25
[2]: https:/