---
title: "discovery.triton | Grafana Alloy documentation"
description: "Learn about discovery.triton"
---

# `discovery.triton`

`discovery.triton` discovers [Triton](https://www.tritondatacenter.com) Container Monitors and exposes them as targets.

## Usage

Alloy ![Copy code to clipboard](/media/images/icons/icon-copy-small-2.svg) Copy

```alloy
discovery.triton "<LABEL>" {
    account    = "<ACCOUNT>"
    dns_suffix = "<DNS_SUFFIX>"
    endpoint   = "<ENDPOINT>"
}
```

## Arguments

You can use the following arguments with `discovery.triton`:

Expand table

| Name               | Type           | Description                                         | Default       | Required |
|--------------------|----------------|-----------------------------------------------------|---------------|----------|
| `account`          | `string`       | The account to use for discovering new targets.     |               | yes      |
| `dns_suffix`       | `string`       | The DNS suffix that’s applied to the target.        |               | yes      |
| `endpoint`         | `string`       | The Triton discovery endpoint.                      |               | yes      |
| `groups`           | `list(string)` | A list of groups to retrieve targets from.          |               | no       |
| `port`             | `int`          | The port to use for discovery and metrics scraping. | `9163`        | no       |
| `refresh_interval` | `duration`     | The refresh interval for the list of targets.       | `"60s"`       | no       |
| `role`             | `string`       | The type of targets to discover.                    | `"container"` | no       |
| `version`          | `int`          | The Triton discovery API version.                   | `1`           | no       |

`groups` is only supported when `role` is set to `"container"`. If you omit `groups`, all containers owned by the requesting account are scraped.

`role` can be set to:

- `"container"` to discover virtual machines (SmartOS zones, lx/KVM/bhyve branded zones) running on Triton.
- `"cn"` to discover compute nodes (servers/global zones) making up the Triton infrastructure.

## Blocks

You can use the following block with `discovery.triton`:

No valid configuration blocks found.

### `tls_config`

The `tls_config` block configures TLS settings for requests to the Triton API.

Expand table

| Name                   | Type     | Description                                              | Default | Required |
|------------------------|----------|----------------------------------------------------------|---------|----------|
| `ca_pem`               | `string` | CA PEM-encoded text to validate the server with.         |         | no       |
| `ca_file`              | `string` | CA certificate to validate the server with.              |         | no       |
| `cert_pem`             | `string` | Certificate PEM-encoded text for client authentication.  |         | no       |
| `cert_file`            | `string` | Certificate file for client authentication.              |         | no       |
| `insecure_skip_verify` | `bool`   | Disables validation of the server certificate.           |         | no       |
| `key_file`             | `string` | Key file for client authentication.                      |         | no       |
| `key_pem`              | `secret` | Key PEM-encoded text for client authentication.          |         | no       |
| `min_version`          | `string` | Minimum acceptable TLS version.                          |         | no       |
| `server_name`          | `string` | ServerName extension to indicate the name of the server. |         | no       |

The following pairs of arguments are mutually exclusive and can’t both be set simultaneously:

- `ca_pem` and `ca_file`
- `cert_pem` and `cert_file`
- `key_pem` and `key_file`

When configuring client authentication, both the client certificate (using `cert_pem` or `cert_file`) and the client key (using `key_pem` or `key_file`) must be provided.

When `min_version` isn’t provided, the minimum acceptable TLS version is inherited from Go’s default minimum version, TLS 1.2. If `min_version` is provided, it must be set to one of the following strings:

- `"TLS10"` (TLS 1.0)
- `"TLS11"` (TLS 1.1)
- `"TLS12"` (TLS 1.2)
- `"TLS13"` (TLS 1.3)

## Exported fields

The following fields are exported and can be referenced by other components:

Expand table

| Name      | Type                | Description                                        |
|-----------|---------------------|----------------------------------------------------|
| `targets` | `list(map(string))` | The set of targets discovered from the Triton API. |

When `role` is set to `"container"`, each target includes the following labels:

- `__meta_triton_groups`: The list of groups belonging to the target joined by a comma separator.
- `__meta_triton_machine_alias`: The alias of the target container.
- `__meta_triton_machine_brand`: The brand of the target container.
- `__meta_triton_machine_id`: The UUID of the target container.
- `__meta_triton_machine_image`: The target container’s image type.
- `__meta_triton_server_id`: The server UUID the target container is running on.

When `role` is set to `"cn"` each target includes the following labels:

- `__meta_triton_machine_alias`: The hostname of the target. Requires triton-cmon 1.7.0 or newer.
- `__meta_triton_machine_id`: The UUID of the target.

## Component health

`discovery.triton` is only reported as unhealthy when given an invalid configuration. In those cases, exported fields retain their last healthy values.

## Debug information

`discovery.triton` doesn’t expose any component-specific debug information.

## Debug metrics

`discovery.triton` doesn’t expose any component-specific debug metrics.

## Example

Alloy ![Copy code to clipboard](/media/images/icons/icon-copy-small-2.svg) Copy

```alloy
discovery.triton "example" {
    account    = "<TRITON_ACCOUNT>"
    dns_suffix = "<TRITON_DNS_SUFFIX>"
    endpoint   = "<TRITON_ENDPOINT>"
}

prometheus.scrape "demo" {
    targets    = discovery.triton.example.targets
    forward_to = [prometheus.remote_write.demo.receiver]
}

prometheus.remote_write "demo" {
    endpoint {
        url = "<PROMETHEUS_REMOTE_WRITE_URL>"

        basic_auth {
            username = "<USERNAME>"
            password = "<PASSWORD>"
        }
    }
}
```

Replace the following:

- *`<TRITON_ACCOUNT>`* : Your Triton account.
- *`<TRITON_DNS_SUFFIX>`* : Your Triton DNS suffix.
- *`<TRITON_ENDPOINT>`* : Your Triton endpoint.
- *`<PROMETHEUS_REMOTE_WRITE_URL>`* : The URL of the Prometheus remote\_write-compatible server to send metrics to.
- *`<USERNAME>`* : The username to use for authentication to the `remote_write` API.
- *`<PASSWORD>`* : The password to use for authentication to the `remote_write` API.

## Compatible components

`discovery.triton` has exports that can be consumed by the following components:

- Components that consume [Targets](../../../compatibility/#targets-consumers)

> Note
> 
> Connecting some components may not be sensible or components may require further configuration to make the connection work correctly. Refer to the linked documentation for more details.