node_exporter/https
ksherryBAE aede04172c Adding TLS to node exporter - cleaner version (#1277)
Add support for https connections.

Signed-off-by: ksherryBAE <kieran.sherry@baesystems.com>
Signed-off-by: James Ritchie <james.g.ritchie@baesystems.com>
Signed-off-by: Simon Pasquier <spasquie@redhat.com>
Signed-off-by: Ben RIdley <benridley29@gmail.com>
2019-11-16 00:12:57 +01:00
..
testdata Adding TLS to node exporter - cleaner version (#1277) 2019-11-16 00:12:57 +01:00
README.md Adding TLS to node exporter - cleaner version (#1277) 2019-11-16 00:12:57 +01:00
tls_config.go Adding TLS to node exporter - cleaner version (#1277) 2019-11-16 00:12:57 +01:00
tls_config_test.go Adding TLS to node exporter - cleaner version (#1277) 2019-11-16 00:12:57 +01:00
web-config.yml Adding TLS to node exporter - cleaner version (#1277) 2019-11-16 00:12:57 +01:00

HTTPS Package for Prometheus

The https directory contains a Go package and a sample configuration file for running node_exporter with HTTPS instead of HTTP. When running a server with TLS use the flag --web.config

e.g. ./node_exporter --web.config="web-config.yml" If the config is kept within the https directory.

The config file should be written in YAML format, and is reloaded on each connection to check for new certificates and/or authentication policy.

##Sample Config:

tlsConfig :
  # Certificate and key files for server to use to authenticate to client
  tlsCertPath : <filename>
  tlsKeyPath : <filename>

  # Server policy for client authentication. Maps to ClientAuth Policies
  # For more detail on clientAuth options: [ClientAuthType](https://golang.org/pkg/crypto/tls/#ClientAuthType)
  [ clientAuth : <string> | default = "NoClientCert" ]

  # CA certificate for client certificate authentication to the server
  [ clientCAs : <filename> ]