I have an application that will be monitored by Prometheus,
but the application need the custom header key like :
x-auth-token: <customrandomtoken>
What should I do with prometheus.yml?
Prometheus itself does not have a way to define custom headers in order to reach an exporter. The idea of adding the feature was discussed in this GitHub issue. Tl;dr: if you need a custom header, inject it with a forward proxy (I posted an example in another answer).
The prometheus-blackbox-exporter tag suggest that the question is about the exporter that makes probes, which is a separate thing and it does have a way to set headers. Only, it does not scrape metrics, it makes them.
Blackbox exporter has it's own configuration file and it consists of modules. A module is a set of parameters, defining how to do the probe and what result to expect. Here is an example of a module that looks for 200-299 response code and uses X-Auth-Token header:
modules:
http_2xx_with_header:
prober: http
http:
headers:
X-Auth-Token: skdjfh98732hjf22exampletoken
More examples can be found here and the list of configuration options - here.
When you made the blackbox exporter to load the new configuration, you need to adjust Prometheus configuration as well:
scrape_configs:
- job_name: 'blackbox'
metrics_path: /probe
params:
module: [http_2xx_with_header] # <- Here goes the name of the new module
static_configs:
- targets:
- http://prometheus.io
relabel_configs:
- source_labels: [__address__]
target_label: __param_target
- source_labels: [__param_target]
target_label: instance
- target_label: __address__
replacement: 127.0.0.1:9115
Prometheus doesn't support specifying custom HTTP headers, which must be sent with each scrape request to scrape target :( However, it supports specifying Authorization header via authorization and basic_auth options at scrape_config section.
For example, the following config instructs Prometheus to send Authorization: My-Auth my-super-secret header with each scrape request to http://localhost:8428/metrics:
scrape_configs:
- job_name: foo
authorization:
type: "My-Auth"
credentials: "my-super-secret"
static_configs:
- targets: ["localhost:8428"]
P.S. If you still need sending custom http headers with each request to remote target, then take a look at vmagent - monitoring agent, which understands Prometheus scrape configs and can scrape Prometheus targets. This is a project I work on. It provides additional features on top of standard scrape_configs from Prometheus, including headers option - see these docs. The headers option allows specifying arbitrary number of additional http headers, which need to be sent to scrape target. For example, the following config instructs sending x-auth-token: <customrandomtoken> http header with each request to http://foobar:1234:
scrape_configs:
- job_name: foo
headers:
- "x-auth-token: <customrandomtoken>"
static_configs:
- targets: ["foobar:1234"]
Related
I'm aware of the fact that the regex middleware can be used as a docker-compose label and be externally configured in a for example treafik dynamic file
What I want to achieve is the same behavior on a global scale, which means all request coming into traffic on example.de should be redirected to example.com.
example.de/start -> example.com/start
Is there a way I can achieve this redirection behavior without specifying the middleware in every single docker-compose file ?
docker-compose.yml
- traefik.http.routers.test.middlewares=test-de-redirect#file
traefik_dynamic.yml
http:
middlewares:
test-de-redirect:
redirectRegex:
regex: "https://(.*)?example.de(.*)"
replacement: "https://${1}example.com${2}"
RedirectRegex
TLDR
I cant figure out how to format my post request for my AWS Lambda API created with serverless
Current Implementation
I have a Lambda function created using the serverless framework. I have two functions; a function which prints out all modules and their version, and another that does a prediction on data sent via a post request. It handles dependency storage by mounting an EFS volume, here's the serverless.yml
service: test3Predict
plugins:
- serverless-pseudo-parameters
custom:
efsAccessPoint: fsap-**********
LocalMountPath: /mnt/efs
subnetsId: subnet-**********
securityGroup: sg-**********
provider:
name: aws
runtime: python3.6
region: us-east-2
timeout: 20
package:
exclude:
- node_modules/**
- .vscode/**
- .serverless/**
- .pytest_cache/**
- __pychache__/**
functions:
ohPredict:
handler: handler.lambda_handler_OH
environment: # Service wide environment variables
MNT_DIR: ${self:custom.LocalMountPath}
vpc:
securityGroupIds:
- ${self:custom.securityGroup}
subnetIds:
- ${self:custom.subnetsId}
iamManagedPolicies:
- arn:aws:iam::aws:policy/AmazonElasticFileSystemClientReadWriteAccess
events:
- http:
path: ohPredict
method: get
fileSystemConfig:
localMountPath: '${self:custom.LocalMountPath}'
arn: 'arn:aws:elasticfilesystem:${self:provider.region}:#{AWS::AccountId}:access-point/${self:custom.efsAccessPoint}'
test:
handler: handler.test
environment: # Service wide environment variables
MNT_DIR: ${self:custom.LocalMountPath}
vpc:
securityGroupIds:
- ${self:custom.securityGroup}
subnetIds:
- ${self:custom.subnetsId}
iamManagedPolicies:
- arn:aws:iam::aws:policy/AmazonElasticFileSystemClientReadWriteAccess
events:
- http:
path: test
method: get
fileSystemConfig:
localMountPath: '${self:custom.LocalMountPath}'
arn: 'arn:aws:elasticfilesystem:${self:provider.region}:#{AWS::AccountId}:access-point/${self:custom.efsAccessPoint}'
It seems like the test is working; If I run sls deploy and enter the URL for my test function in a browser, I get the expected output.
Problem
The ohPredict function is not working as well. When I send it a post request with the requests python module,
url = 'https://****.execute-api.****.amazonaws.com/dev/ohPredict'
myobj = {"data": data}
x = requests.post(url, json=myobj)
res = eval(x.text)
print(res)
I get the following error:
{'message': 'Missing Authentication Token'}
I ran a test with a simple lambda function and a post request without using serverless, and that was all the code I needed. I figured I would try experimenting and supplying a few values, and I ended up with this:
url = 'https://****.execute-api.****.amazonaws.com/dev/ohPredict'
myobj = {"data": data}
x = requests.post(url, headers={'Authorization': 'FOO'}, json=myobj)
res = eval(x.text)
print(res)
which resulted in:
{'message': "Authorization header requires 'Credential' parameter. Authorization header requires 'Signature' parameter. Authorization header requires 'SignedHeaders' parameter. Authorization header requires existence of either a 'X-Amz-Date' or a 'Date' header. Authorization=FOO"}
I tried playing around with supplying other values, and didn't get any change in the output. How can I get my post request to be recieved by my function?
As mentioned by yvesonline, the problem was the method. This was fixed by simply replacing method: get to method: post
I am facing fellow two problems related to Swagger open API
I am not able to pass custom header through swagger open API while calling my API, please suggest how can we pass custom header, through swagger open API.
When I added POI dependency on my project's pom.xml, it stopped working through swagger open API, however, it is working with the postman, please suggest what could be the issue.
From Describing Parameters:
An API call may require that custom headers be sent with an HTTP request. OpenAPI lets you define custom request headers as in: header parameters. For example, suppose, a call to GET /ping requires the X-Request-ID header:
GET /ping HTTP/1.1
Host: example.com
X-Request-ID: 77e1c83b-7bb0-437b-bc50-a7a58e5660ac
Using OpenAPI 3.0, you would define this operation as follows:
paths:
/ping:
get:
summary: Checks if the server is alive
parameters:
- in: header
name: X-Request-ID
schema:
type: string
format: uuid
required: true
I'm trying to use envoy ratelimiting functionality and need to ratelimit based on the entire url in my request, e.g. https://myenvoy.com/path/to/smth
Here is a part of my envoy.yaml
routes:
- match: { prefix: "/" }
route:
cluster: backend
rate_limits:
- stage: 0
actions:
- {request_headers: {header_name: ":path", descriptor_key: "path"}}
When I run
curl -k https://myenvoy.com/path/to/smth
The above configuration creates descriptor value /path/to/smth whereas I would like to have descriptor of value https://myenvoy.com/path/to/smth
Is it possible to configure that with envoy?
Thank you
PS: I looked at these header values and tried to use some, but it didn't help
https://github.com/envoyproxy/envoy/blob/master/source/common/http/headers.h
From further investigation,
- {request_headers: {header_name: "host", descriptor_key: "host"}}
does the job
I have an URL like this:
/id/{idnumber}/status
In this URL, /id/{idnumber} is the API base path, and /status is the resource.
I know that OpenAPI (Swagger) allows parameters in paths, like so:
paths:
/id/{number}/status:
but this is not what I need, because /id/{idnumber} is the base path and not part of the resoruce path.
Is there any way to have a parameter in the base path?
host: my.api.com
basePath: /id/{idnumber} # <---
paths:
/status:
Parameterized base paths are supported in OpenAPI 3.x, using server variables:
openapi: 3.0.0
...
servers:
- url: https://my.api.com/id/{number}
variables:
number:
default: '-1'
Note that server variables MUST have a default value - it will be used if the client does not supply a value.
For details, see:
Server Object and Server Variable Object sections of the the OpenAPI 3.0 Specification
API Server and Base URL on swagger.io
I don't think basePath allows variables.
For your case, you don't need to use basePath. You can simply put /id/{idnumber} in the URL path. For example:
"/pet/{petId}": {