Menu

Caution

Grafana Alloy is the new name for our distribution of the OTel collector. Grafana Agent has been deprecated and is in Long-Term Support (LTS) through October 31, 2025. Grafana Agent will reach an End-of-Life (EOL) on November 1, 2025. Read more about why we recommend migrating to Grafana Alloy.

Important: This documentation is about an older version. It's relevant only to the release noted, many of the features and functions have been updated or replaced. Please view the current version.

Open source

discovery.digitalocean

discovery.digitalocean discovers DigitalOcean Droplets and exposes them as targets.

Usage

river
discovery.digitalocean "LABEL" {
    // Use one of:
    // bearer_token      = BEARER_TOKEN
    // bearer_token_file = PATH_TO_BEARER_TOKEN_FILE
}

Arguments

The following arguments are supported:

NameTypeDescriptionDefaultRequired
portnumberPort to be appended to the __address__ label for each Droplet.80no
refresh_intervaldurationFrequency to refresh list of Droplets."1m"no
bearer_tokensecretBearer token to authenticate with.no
bearer_token_filestringFile containing a bearer token to authenticate with.no
proxy_urlstringHTTP proxy to proxy requests through.no
follow_redirectsboolWhether redirects returned by the server should be followed.trueno
enable_http2boolWhether HTTP2 is supported for requests.trueno

The DigitalOcean API uses bearer tokens for authentication, see more about it in the DigitalOcean API documentation.

Exactly one of the bearer_token and bearer_token_file arguments must be specified to authenticate against DigitalOcean.

Blocks

The discovery.digitalocean component does not support any blocks, and is configured fully through arguments.

Exported fields

The following fields are exported and can be referenced by other components:

NameTypeDescription
targetslist(map(string))The set of targets discovered from the DigitalOcean API.

Each target includes the following labels:

  • __meta_digitalocean_droplet_id: ID of the Droplet.
  • __meta_digitalocean_droplet_name: Name of the Droplet.
  • __meta_digitalocean_image: The image slug (unique text identifier of the image) used to create the Droplet.
  • __meta_digitalocean_image_name: Name of the image used to create the Droplet.
  • __meta_digitalocean_private_ipv4: The private IPv4 address of the Droplet.
  • __meta_digitalocean_public_ipv4: The public IPv4 address of the Droplet.
  • __meta_digitalocean_public_ipv6: The public IPv6 address of the Droplet.
  • __meta_digitalocean_region: The region the Droplet is running in.
  • __meta_digitalocean_size: The size of the Droplet.
  • __meta_digitalocean_status: The current status of the Droplet.
  • __meta_digitalocean_features: Optional properties configured for the Droplet, such as IPV6 networking, private networking, or backups.
  • __meta_digitalocean_tags: The tags assigned to the Droplet.
  • __meta_digitalocean_vpc: The ID of the VPC where the Droplet is located.

Each discovered Droplet maps to one target.

Component health

discovery.digitalocean is only reported as unhealthy when given an invalid configuration. In those cases, exported fields retain their last healthy values.

Debug information

discovery.digitalocean does not expose any component-specific debug information.

Debug metrics

discovery.digitalocean does not expose any component-specific debug metrics.

Example

This would result in targets with __address__ labels like: 192.0.2.1:8080:

river
discovery.digitalocean "example" {
  port             = 8080
  refresh_interval = "5m"
  bearer_token     = "my-secret-bearer-token"
}

prometheus.scrape "demo" {
  targets    = discovery.digitalocean.example.targets
  forward_to = [prometheus.remote_write.demo.receiver]
}

prometheus.remote_write "demo" {
  endpoint {
    url = PROMETHEUS_REMOTE_WRITE_URL

    basic_auth {
      username = USERNAME
      password = PASSWORD
    }
  }
}

Replace the following:

  • PROMETHEUS_REMOTE_WRITE_URL: The URL of the Prometheus remote_write-compatible server to send metrics to.
  • USERNAME: The username to use for authentication to the remote_write API.
  • PASSWORD: The password to use for authentication to the remote_write API.