Allow config to restrict hosts allowed to scrape metrics
Bug #1890102 reported by
Haw Loeung
This bug affects 1 person
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
Telegraf Charm |
Fix Released
|
Wishlist
|
Unassigned |
Bug Description
Hi,
It looks like telegraf has an option to restrict access to specific hosts allowed to scrape metrics:
| [[outputs.
| ## Use HTTP Basic Authentication.
| # basic_username = "Foo"
| # basic_password = "Bar"
|
| ## If set, the IP Ranges which are allowed to access metrics.
| ## ex: ip_range = ["192.168.0.0/24", "192.168.1.0/30"]
| # ip_range = []
Can we have the charm expose these two? Specifically, we'd like ip_range but basic authentication I think would also be useful for users.
Thanks,
Haw
Related branches
~barryprice/charm-telegraf:add_ip_range_support
- Haw Loeung: Approve (+1)
- Canonical IS Reviewers: Pending requested
- BootStack Reviewers: Pending requested
-
Diff: 188 lines (+57/-9)5 files modifiedsrc/config.yaml (+6/-0)
src/reactive/telegraf.py (+27/-7)
src/templates/prometheus_client.tmpl (+1/-0)
src/tests/functional/tests/bundles/bionic-monitoring.yaml (+1/-0)
src/tests/unit/test_telegraf.py (+22/-2)
~sajoupa/charm-telegraf:add_ip_range_support
Superseded
for merging
into
charm-telegraf:master
- Haw Loeung: Approve (+1)
- BootStack Reviewers: Pending requested
-
Diff: 188 lines (+57/-9)5 files modifiedsrc/config.yaml (+6/-0)
src/reactive/telegraf.py (+27/-7)
src/templates/prometheus_client.tmpl (+1/-0)
src/tests/functional/tests/bundles/bionic-monitoring.yaml (+1/-0)
src/tests/unit/test_telegraf.py (+22/-2)
Changed in charm-telegraf: | |
importance: | Undecided → Wishlist |
Changed in charm-telegraf: | |
assignee: | nobody → Laurent Sesques (sajoupa) |
Changed in charm-telegraf: | |
status: | New → In Progress |
Changed in charm-telegraf: | |
assignee: | Laurent Sesques (sajoupa) → Barry Price (barryprice) |
status: | In Progress → Fix Committed |
Changed in charm-telegraf: | |
status: | Fix Committed → Fix Released |
assignee: | Barry Price (barryprice) → nobody |
To post a comment you must log in.
Any chance this could be prioritised higher? We have machines deployed on edge and in various public clouds where Juju would open up access to all. Would be nice to lock down / restrict at least via ip_range.