github.com/hernad/nomad@v1.6.112/e2e/metrics/input/prometheus.nomad (about) 1 # Copyright (c) HashiCorp, Inc. 2 # SPDX-License-Identifier: MPL-2.0 3 4 job "prometheus" { 5 datacenters = ["dc1", "dc2"] 6 type = "service" 7 8 constraint { 9 attribute = "${attr.kernel.name}" 10 value = "linux" 11 } 12 13 group "monitoring" { 14 count = 1 15 16 restart { 17 attempts = 2 18 interval = "30m" 19 delay = "15s" 20 mode = "fail" 21 } 22 23 ephemeral_disk { 24 size = 300 25 } 26 27 network { 28 port "prometheus_ui" { 29 to = 9090 30 } 31 } 32 33 task "prometheus" { 34 template { 35 change_mode = "noop" 36 destination = "local/prometheus.yml" 37 38 data = <<EOH 39 --- 40 global: 41 scrape_interval: 5s 42 evaluation_interval: 5s 43 44 scrape_configs: 45 46 - job_name: 'nomad_metrics' 47 48 consul_sd_configs: 49 - server: '{{ env "NOMAD_IP_prometheus_ui" }}:8500' 50 51 relabel_configs: 52 - source_labels: ['__meta_consul_tags'] 53 regex: '(.*)http(.*)' 54 action: keep 55 56 scheme: https 57 tls_config: 58 ca_file: '/etc/nomad.d/tls/ca.crt' 59 cert_file: '/etc/nomad.d/tls/agent.crt' 60 key_file: '/etc/nomad.d/tls/agent.key' 61 62 scrape_interval: 5s 63 metrics_path: /v1/metrics 64 params: 65 format: ['prometheus'] 66 EOH 67 68 } 69 70 driver = "docker" 71 72 config { 73 image = "prom/prometheus:latest" 74 75 volumes = [ 76 "local/prometheus.yml:/etc/prometheus/prometheus.yml", 77 ] 78 79 # TODO: https://github.com/hernad/nomad/issues/11484 80 # This is very much not how we should do this, because it 81 # exposes the client's mTLS cert to the task and lets the 82 # prometheus masquerade as the client. 83 mount { 84 type = "bind" 85 target = "/etc/nomad.d/tls" 86 source = "/etc/nomad.d/tls" 87 readonly = true 88 } 89 90 ports = ["prometheus_ui"] 91 } 92 93 service { 94 name = "prometheus" 95 tags = ["urlprefix-/"] 96 port = "prometheus_ui" 97 98 check { 99 name = "prometheus_ui port alive" 100 type = "http" 101 path = "/-/healthy" 102 interval = "10s" 103 timeout = "2s" 104 } 105 } 106 } 107 } 108 }