使用 nginx 重定向 prometheus 调用时出错
Posted
技术标签:
【中文标题】使用 nginx 重定向 prometheus 调用时出错【英文标题】:Error redirecting prometheus call with nginx 【发布时间】:2021-02-12 12:21:47 【问题描述】:为什么我在验证呼叫 http://<ip-external>:80 后收到 404 错误?
我想在调用的时候,他用用户名和密码认证,在prometheus的页面后返回
docker.compose.yml
version: '3.1'
services:
prometheus:
image: prom/prometheus
container_name: meta_prometheus
user: '0'
volumes:
- /etc/prometheus:/etc/prometheus
- /prometheus/data:/prometheus/data
command:
- '--config.file=/etc/prometheus/prometheus.yml'
- '--storage.tsdb.path=/prometheus/data'
ports:
- 9090:9090
network_mode: host
nginx.conf
pid /etc/nginx/logs/nginx.pid;
http
server
listen 0.0.0.0:80;
location /
proxy_pass http://localhost:9090/;
auth_basic "Prometheus";
auth_basic_user_file ".htpasswd";
events
返回
参考:https://www.robustperception.io/adding-basic-auth-to-prometheus-with-nginx
Nginx 版本:1.9
操作系统:红帽企业 Linux 7.9
【问题讨论】:
能否尝试将“listen 0.0.0.0:80”替换为“listen 80”,重启nginx再试一次? 我更新了,还是一样的问题,是不是和外部防火墙规则有关系? 80端口连接,3000是localhost 【参考方案1】:由于我花了很多时间来了解如何做所有事情,以下是使用身份验证和 HTTPS 安装 prometheus 的完整过程
Docker 编写:
version: '3.1'
services:
prometheus:
image: prom/prometheus
container_name: prometheus
user: '0'
volumes:
- /etc/prometheus:/etc/prometheus
- /prometheus/data:/prometheus/data
command:
- '--config.file=/etc/prometheus/prometheus.yml'
- '--storage.tsdb.path=/prometheus/data'
ports:
- 9090:9090
network_mode: host
Docker 命令:
docker-compose up -d
用户
htpasswd /docker/htpasswd/prometheus username-here
Nginx
2. yum install mod_ssl
3. yum install openssl
4. openssl genrsa -out ca.key 2048
5. openssl req -new -key ca.key -out ca.csr
6. openssl x509 -req -days 365 -in ca.csr -signkey ca.key -out ca.crt
7. cp ca.crt /etc/pki/tls/certs
9. cp ca.key /etc/pki/tls/private/
10. cp ca.csr /etc/pki/tls/private
11. yum install gcc-c++ pcre-dev pcre-devel zlib-devel
12. cd /tmp/;wget http://nginx.org/download/nginx-1.9.9.tar.gz
13. tar zxf nginx-1.9.9.tar.gz
14. cd /tmp/;wget https://www.openssl.org/source/openssl-1.0.1t.tar.gz
15. tar zxf openssl-1.0.1t.tar.gz
16. mv /tmp/openssl-1.0.1t/ /etc/openssl-1.0
17. useradd --no-create-home --shell /bin/false nginx
18. cd nginx-1.9.9
Execute the command below
./configure --conf-path=/etc/nginx/nginx.conf \
--error-log-path=/var/log/nginx/error.log \
--http-log-path=/var/log/nginx/access.log \
--user=nginx \
--group=nginx \
--with-openssl=/etc/openssl-1.0 \
--with-http_ssl_module \
--pid-path=/run/nginx.pid
19. make -j2
20. make install
21. vim /etc/systemd/system/nginx.service
[Unit]
Description=The NGINX HTTP and reverse proxy server
After=syslog.target network.target remote-fs.target nss-lookup.target
[Service]
Type=forking
PIDFile=/run/nginx.pid
ExecStartPre=/usr/local/nginx/sbin/nginx -t
ExecStart=/usr/local/nginx/sbin/nginx
ExecReload=/usr/local/nginx/sbin/nginx -s reload
ExecStop=/bin/kill -s QUIT $MAINPID
PrivateTmp=true
[Install]
WantedBy=multi-user.target
22. vim /etc/nginx/nginx.conf
pid /run/nginx.pid;
http
server
listen 443 ssl;
server_name localhost;
ssl_certificate /etc/pki/tls/certs/ca.crt;
ssl_certificate_key /etc/pki/tls/private/ca.key;
ssl_session_timeout 5m;
location /
resolver 127.0.0.1 valid=30s;
proxy_pass http://localhost:9090/;
auth_basic "Protected by sidecar proxy!";
auth_basic_user_file /docker/htpasswd/prometheus;
events
23. systemctl daemon-reload
24. systemctl enable nginx
25. systemctl start nginx
26. systemctl status nginx
【讨论】:
以上是关于使用 nginx 重定向 prometheus 调用时出错的主要内容,如果未能解决你的问题,请参考以下文章