ForgeRock Prometheus Monitoring on Kubernetes

This topic contains 5 replies, has 3 voices, and was last updated by  Nicolas Seigneur 1 year, 2 months ago.

  • Author
    Posts
  • #21941
     Nicolas Seigneur 
    Participant

    Having used Prometheus Monitoring in our infrastructure for over a year, we were very excited to see ForgeRock adding support for Prometheus Metrics in the complete 6.0 release.

    We wanted to share more with the ForgeRock Community, specifically around DevOps. For that reason, we have started a new blog with two entries explaining the concepts and providing more details on our current implementation.

    You can head over to our Blog Entry and discuss any questions you may have in this entry. We hope to provide more content in the near future, let us know what you would like to see!

    Nicolas

    #21942
     Warren Strange 
    Participant

    Awesome! Thanks for sharing Nicolas.

    #21944
     JnRouvignac 
    Participant

    Thanks a lot! We’re very happy to hear about the positive feedback!

     

    Also from http://idstacks.io/blog_prom_2.html, note that this statement is not true:

    One important note is that Directory Services /metrics/prometheus does not support anonymous HTTP requests, they must be authenticated, for that reason, we first had to create a Kubernetes secret.

    You can enable anonymous access like this (although non anonymous is more secure):

    bin/dsconfig -h opendj.example.com -p 4444 -D "cn=Directory Manager" -w password --trustAll --no-prompt set-http-endpoint-prop --endpoint-name /metrics/prometheus --set authorization-mechanism:HTTP\ Anonymous

    I also noted a typo: “Direcrory”

    #21945
     JnRouvignac 
    Participant

    Oh and does http://idstacks.io/blog.html have an RSS or Atom feed to which I can subscribe?

    #21967
     Nicolas Seigneur 
    Participant

    Thanks for the feedback JnRouvignac.

    Regarding setting /metrics/prometheus as HTTP\ Anonymous we did try to set this with the interactive dsconfig and it was rejected, this was before we ran the server in --productionMode. I will clarify in our post that it is protected by default.

    Adding RSS feed to the blog is on top of the list, we will add a feed along with our post.

    Nicolas

    #21968
     Nicolas Seigneur 
    Participant

    I corrected the entry and I have added a simple RSS feed to our Main Page and Blog, you should be able to pick it up under http://idstacks.io/

    Thanks again for pointing this out.

    Nicolas

Viewing 6 posts - 1 through 6 (of 6 total)

You must be logged in to reply to this topic.

©2019 ForgeRock - we provide an identity and access platform to secure every online relationship for the enterprise market, educational sector and even entire countries. Click to view our privacy policy and terms of use.

Log in with your credentials

Forgot your details?