Caution
Grafana Alloy is the new name for our distribution of the OTel collector. Grafana Agent has been deprecated and is in Long-Term Support (LTS) through October 31, 2025. Grafana Agent will reach an End-of-Life (EOL) on November 1, 2025. Read more about why we recommend migrating to Grafana Alloy.
This is documentation for the next version of Agent. For the latest stable release, go to the latest version.
discovery.triton
discovery.triton discovers Triton Container Monitors and exposes them as targets.
Usage
discovery.triton "LABEL" {
account = ACCOUNT
dns_suffix = DNS_SUFFIX
endpoint = ENDPOINT
}Arguments
The following arguments are supported:
| Name | Type | Description | Default | Required |
|---|---|---|---|---|
account | string | The account to use for discovering new targets. | yes | |
role | string | The type of targets to discover. | "container" | no |
dns_suffix | string | The DNS suffix that is applied to the target. | yes | |
endpoint | string | The Triton discovery endpoint. | yes | |
groups | list(string) | A list of groups to retrieve targets from. | no | |
port | int | The port to use for discovery and metrics scraping. | 9163 | no |
refresh_interval | duration | The refresh interval for the list of targets. | 60s | no |
version | int | The Triton discovery API version. | 1 | no |
role can be set to:
"container"to discover virtual machines (SmartOS zones, lx/KVM/bhyve branded zones) running on Triton"cn"to discover compute nodes (servers/global zones) making up the Triton infrastructure
groups is only supported when role is set to "container". If omitted all
containers owned by the requesting account are scraped.
Blocks
The following blocks are supported inside the definition of
discovery.triton:
| Hierarchy | Block | Description | Required |
|---|---|---|---|
| tls_config | tls_config | TLS configuration for requests to the Triton API. | no |
tls_config block
| Name | Type | Description | Default | Required |
|---|---|---|---|---|
ca_pem | string | CA PEM-encoded text to validate the server with. | no | |
ca_file | string | CA certificate to validate the server with. | no | |
cert_pem | string | Certificate PEM-encoded text for client authentication. | no | |
cert_file | string | Certificate file for client authentication. | no | |
insecure_skip_verify | bool | Disables validation of the server certificate. | no | |
key_file | string | Key file for client authentication. | no | |
key_pem | secret | Key PEM-encoded text for client authentication. | no | |
min_version | string | Minimum acceptable TLS version. | no | |
server_name | string | ServerName extension to indicate the name of the server. | no |
The following pairs of arguments are mutually exclusive and can’t both be set simultaneously:
ca_pemandca_filecert_pemandcert_filekey_pemandkey_file
When configuring client authentication, both the client certificate (using
cert_pem or cert_file) and the client key (using key_pem or key_file)
must be provided.
When min_version is not provided, the minimum acceptable TLS version is
inherited from Go’s default minimum version, TLS 1.2. If min_version is
provided, it must be set to one of the following strings:
"TLS10"(TLS 1.0)"TLS11"(TLS 1.1)"TLS12"(TLS 1.2)"TLS13"(TLS 1.3)
Exported fields
The following fields are exported and can be referenced by other components:
| Name | Type | Description |
|---|---|---|
targets | list(map(string)) | The set of targets discovered from the Triton API. |
When role is set to "container", each target includes the following labels:
__meta_triton_groups: The list of groups belonging to the target joined by a comma separator.__meta_triton_machine_alias: The alias of the target container.__meta_triton_machine_brand: The brand of the target container.__meta_triton_machine_id: The UUID of the target container.__meta_triton_machine_image: The target container’s image type.__meta_triton_server_id: The server UUID the target container is running on.
When role is set to "cn" each target includes the following labels:
__meta_triton_machine_alias: The hostname of the target (requires triton-cmon 1.7.0 or newer).__meta_triton_machine_id: The UUID of the target.
Component health
discovery.triton is only reported as unhealthy when given an invalid
configuration. In those cases, exported fields retain their last healthy
values.
Debug information
discovery.triton does not expose any component-specific debug information.
Debug metrics
discovery.triton does not expose any component-specific debug metrics.
Example
discovery.triton "example" {
account = TRITON_ACCOUNT
dns_suffix = TRITON_DNS_SUFFIX
endpoint = TRITON_ENDPOINT
}
prometheus.scrape "demo" {
targets = discovery.triton.example.targets
forward_to = [prometheus.remote_write.demo.receiver]
}
prometheus.remote_write "demo" {
endpoint {
url = PROMETHEUS_REMOTE_WRITE_URL
basic_auth {
username = USERNAME
password = PASSWORD
}
}
}Replace the following:
TRITON_ACCOUNT: Your Triton account.TRITON_DNS_SUFFIX: Your Triton DNS suffix.TRITON_ENDPOINT: Your Triton endpoint.PROMETHEUS_REMOTE_WRITE_URL: The URL of the Prometheus remote_write-compatible server to send metrics to.USERNAME: The username to use for authentication to the remote_write API.PASSWORD: The password to use for authentication to the remote_write API.
Compatible components
discovery.triton has exports that can be consumed by the following components:
- Components that consume Targets
Note
Connecting some components may not be sensible or components may require further configuration to make the connection work correctly. Refer to the linked documentation for more details.
Was this page helpful?
Related resources from Grafana Labs
