7,540
edits
Changes
→Using HAproxy Metric Endpoint
=Using HAproxy Metric Endpoint=
HAproxy has a built-in metric endpoint, which by default provides Prometheus metrics. Most , but most of the its metrics it provides are not really usable. There are two metrics metric types that are worth using in prometheusmentioning. One of them counts the responses with 200 http code, and the other counts the responses with 500(bad request).
The metric endpoint (/metrics) is turend turned on by default. This can be turned off, but HAProxy will still collect metrics in the background. The HAproxy pod is made up of two components. One is HAproxy itself and the other is the router-controller that manages the HAproxy configuration. Metrics are collected from both components every 5 seconds by the metric manager. Frontend and backend metrics are bot both collected, grouped by services.
:[[File:ClipCapIt-190808-094455.PNG|600px]]
== Query Metrics ==
There are two ways to query metrics.
# Basic authentication with username + password: Basic authentication calls the / metrics http endpoint to query the metrics.# query from Authentication with Kubernetes using RBAC Rules: For machine processing (e.g. in Prometheus) it is possible to enable RBAC rules rule based authentication for a given service -account to query the metrics.
<br>
=== User + password based authentication ===
The default metric metrics URL is:
<pre>
http: // <user>: <password> @ <router_IP> :<STATS_PORT> / metrics
</pre>
router ClusterIP 172.30.130.191 <none> 80/TCP,443/TCP,1936/TCP 4d
</pre>
You can see that there is an extra port listed upon the default 80 and 433, that is the '''1936'' ', which that is the port of the metrics endpoint.
Now, let's look at examine the definition of the service definition to extract the user username and passpassword:
<source lang="C++">
# kubectl get svc router -n default -o yaml
According to this, the URL of the metrics endpoint using the node's IP address, (minishfit IPin the example), is the URL for the metrics endpoint isfollowing: http://admin:4v9a7ucfMi@192.168.42.64:1936/metrics (You can't invoke this URL in web-browsers as they aren't familiar with this format, use curl for testing itin the command line)
<pre>
# curl admin:4v9a7ucfMi@192.168.42.64:1936/metrics
# HELP apiserver_audit_event_total Counter of audit events generated and sent to the audit backend.
It is possible to query the HAproxy metrics not only with basic authentication, but also with RBAC rules.
<br>
'''cr-prometheus-server-route.yaml'''
The second step is to create a '''ClusterRoleBinding''' that binds the Prometheus serviceAccount belonging to the Prometheus server with the new role.
<br>
'''crb-prometheus-server-route.yaml'''