Skip to content

Add multi-target support #1063

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 15 commits into
base: master
Choose a base branch
from
Open

Add multi-target support #1063

wants to merge 15 commits into from

Conversation

pincher95
Copy link

PR: Add multi-target /probe endpoint + auth-modules (fixes #1062)

This PR implements the feature described in issue #1062 (“multi-target scraping”).

───────────────────────────────
What’s new
───────────────────────────────

  1. /probe endpoint
    Accepts ?target= and (optionally) auth_module=.
    For each request the exporter spins up a throw-away Prometheus registry, registers the usual collectors with the supplied ES URL, gathers, and streams metrics.

  2. Auth-module support (--config.file=)
    Simple YAML schema modelled after postgres_exporter & mysqld_exporter.

    auth_modules:
  prod_basic:
    type: userpass
    userpass:
      username: metrics
      password: s3cr3t

  staging_key:
    type: apikey
    apikey: BASE64IDKEY==

  # options: <k:v> are appended as DSN query parameters when present

  3. Alias on /metrics
    Requests that already contain target= are internally forwarded to the probe handler, so users may keep path: /metrics in ServiceMonitors if they wish.

  4. Per-module API key support
    type: apikey injects the Authorization: ApiKey … header for that probe only.

  5. Docs & examples

    • README: updated multi-target section with full table of supported auth types.
    • examples/auth_modules.yml shows userpass, apikey.

  6. Unit tests

    • config loader round-trip.
    • Validation edge cases for validateProbeParams.

───────────────────────────────
Compatibility
───────────────────────────────

  • Single-target usage unchanged/metrics without target= still returns the startup cluster.
  • All existing CLI flags (TLS, indices, AWS signing, …) still apply.
  • No exported metrics renamed.

───────────────────────────────
Prometheus sample config
───────────────────────────────

- job_name: es-multi
  metrics_path: /probe
  params:
    auth_module: [prod_basic]
  static_configs:
    - targets:
        - https://es-prod:9200
    - targets:
        - https://es-staging:9200
      labels:
        __param_auth_module: staging_key
  relabel_configs:
    - source_labels: [__address__]
      target_label: __param_target
    - source_labels: [__param_target]
      target_label: instance
    - target_label: __address__
      replacement: exporter:9114

───────────────────────────────
Commit outline
───────────────────────────────

  1. refactor: probe handler, alias logic
  2. feat: YAML auth-module loader (userpass, apikey)
  3. docs: README + example file
  4. tests: config loader & validation
  5. CHANGELOG entry

Feedback / suggestions welcome!

@pincher95 pincher95 force-pushed the add-multi-target-support branch 2 times, most recently from 0f39926 to 94732c6 Compare July 27, 2025 14:13
pincher95 added 5 commits July 28, 2025 14:08
@pincher95
Add multi-target support
b943477 
Signed-off-by: pincher95 <yuri.tsuprun@logz.io>
@pincher95
Update example-prometheus.yml
f07a507 
Signed-off-by: pincher95 <yuri.tsuprun@logz.io>
@pincher95
Make es.uri optional by setting default to empty string check if it…
9419d4a 
…'s empty and if so, don't parse it

Signed-off-by: pincher95 <yuri.tsuprun@logz.io>

Signed-off-by: pincher95 <yuri.tsuprun@logz.io>
@pincher95
Update README.md
1760344 
Signed-off-by: pincher95 <yuri.tsuprun@logz.io>
@pincher95
Add sanity target scheme validation
8bafbac 
Signed-off-by: pincher95 <yuri.tsuprun@logz.io>
@pincher95 pincher95 force-pushed the add-multi-target-support branch from b3486c1 to 8bafbac Compare July 28, 2025 18:08
sysadmind
sysadmind requested changes Jul 30, 2025
View reviewed changes
Copy link
Contributor

@sysadmind sysadmind left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I need to spend more time with the code to provide all of my feedback, but want to provide what I have ready while I gave it the first pass.

pincher95 added 4 commits July 30, 2025 07:20
@pincher95
Change yaml package to go.yaml.in/yaml/v3
427393e 
Signed-off-by: pincher95 <yuri.tsuprun@logz.io>
@pincher95
Update yaml package to go.yaml.in/yaml/v3
fbff1ef 
Signed-off-by: pincher95 <yuri.tsuprun@logz.io>
@pincher95
Update CHANGELOG.md
abff638 
Signed-off-by: pincher95 <yuri.tsuprun@logz.io>
@pincher95
Remove whitespaces from README.md
e5e6dfc 
Signed-off-by: pincher95 <yuri.tsuprun@logz.io>
@pincher95 pincher95 requested a review from sysadmind July 31, 2025 21:17
sysadmind
sysadmind requested changes Aug 1, 2025
View reviewed changes
Copy link
Contributor

@sysadmind sysadmind left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I think the guts of this are really solid. It did take me some time to give a proper review so once the changes are pushed up, I will need to allocate some time to re-review. Thanks for submitting this, I think it will be a good improvement.

@pincher95
Add testing for apikey authentication module
786887a 
Update examples/auth_modules.yml
Fix main.go to apply userpass credentials only if the module type is explicitly set to userpass.

Signed-off-by: pincher95 <yuri.tsuprun@logz.io>
@pincher95
Add Load-time validation for the auth module config file during startup
b460425 
Keep light-weight validation for the probe params during runtime
Add AWS SigV4 authentication module support

Signed-off-by: pincher95 <yuri.tsuprun@logz.io>
@pincher95
Expose error in the logger
75c65df 
Signed-off-by: pincher95 <yuri.tsuprun@logz.io>
@pincher95
Add TLS config per target support
39f664c 
Add TLS config validation
Update config test to include TLS config

Signed-off-by: pincher95 <yuri.tsuprun@logz.io>
@pincher95
Indices and Shards collectors now fetch cluster_name once from GET / …
4b2dd61 
…when no clusterinfo retriever is attached, avoiding the previous "unknown_cluster" label.

Signed-off-by: pincher95 <yuri.tsuprun@logz.io>
@pincher95
Removed the special-case logic that redirected /metrics?target= reque…
631f5cb 
…sts to /probe.

Updated auth_modules.yml to include AWS SigV4 signing and mTLS support.

Signed-off-by: pincher95 <yuri.tsuprun@logz.io>
@pincher95 pincher95 requested a review from sysadmind August 3, 2025 15:20
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@sysadmind sysadmind Awaiting requested review from sysadmind

Requested changes must be addressed to merge this pull request.

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Add multi-target support
2 participants
@pincher95 @sysadmind