discovery.triton
discovery.triton
discovers Triton Container Monitors and exposes them as targets.
Usage
discovery.triton "LABEL" {
account = ACCOUNT
dns_suffix = DNS_SUFFIX
endpoint = ENDPOINT
}
Arguments
The following arguments are supported:
Name | Type | Description | Default | Required |
---|---|---|---|---|
account | string | The account to use for discovering new targets. | yes | |
role | string | The type of targets to discover. | "container" | no |
dns_suffix | string | The DNS suffix that is applied to the target. | yes | |
endpoint | string | The Triton discovery endpoint. | yes | |
groups | list(string) | A list of groups to retrieve targets from. | no | |
port | int | The port to use for discovery and metrics scraping. | 9163 | no |
refresh_interval | duration | The refresh interval for the list of targets. | 60s | no |
version | int | The Triton discovery API version. | 1 | no |
role
can be set to:
"container"
to discover virtual machines (SmartOS zones, lx/KVM/bhyve branded zones) running on Triton"cn"
to discover compute nodes (servers/global zones) making up the Triton infrastructure
groups
is only supported when role
is set to "container"
.
If omitted all containers owned by the requesting account are scraped.
Blocks
The following blocks are supported inside the definition of
discovery.triton
:
Hierarchy | Block | Description | Required |
---|---|---|---|
tls_config | tls_config | TLS configuration for requests to the Triton API. | no |
tls_config block
Name | Type | Description | Default | Required |
---|---|---|---|---|
ca_pem | string | CA PEM-encoded text to validate the server with. | no | |
ca_file | string | CA certificate to validate the server with. | no | |
cert_pem | string | Certificate PEM-encoded text for client authentication. | no | |
cert_file | string | Certificate file for client authentication. | no | |
insecure_skip_verify | bool | Disables validation of the server certificate. | no | |
key_file | string | Key file for client authentication. | no | |
key_pem | secret | Key PEM-encoded text for client authentication. | no | |
min_version | string | Minimum acceptable TLS version. | no | |
server_name | string | ServerName extension to indicate the name of the server. | no |
The following pairs of arguments are mutually exclusive and can’t both be set simultaneously:
ca_pem
andca_file
cert_pem
andcert_file
key_pem
andkey_file
When configuring client authentication, both the client certificate (using
cert_pem
or cert_file
) and the client key (using key_pem
or key_file
)
must be provided.
When min_version
is not provided, the minimum acceptable TLS version is
inherited from Go’s default minimum version, TLS 1.2. If min_version
is
provided, it must be set to one of the following strings:
"TLS10"
(TLS 1.0)"TLS11"
(TLS 1.1)"TLS12"
(TLS 1.2)"TLS13"
(TLS 1.3)
Exported fields
The following fields are exported and can be referenced by other components:
Name | Type | Description |
---|---|---|
targets | list(map(string)) | The set of targets discovered from the Triton API. |
When role
is set to "container"
, each target includes the following labels:
__meta_triton_groups
: The list of groups belonging to the target joined by a comma separator.__meta_triton_machine_alias
: The alias of the target container.__meta_triton_machine_brand
: The brand of the target container.__meta_triton_machine_id
: The UUID of the target container.__meta_triton_machine_image
: The target container’s image type.__meta_triton_server_id
: The server UUID the target container is running on.
When role
is set to "cn"
each target includes the following labels:
__meta_triton_machine_alias
: The hostname of the target (requires triton-cmon 1.7.0 or newer).__meta_triton_machine_id
: The UUID of the target.
Component health
discovery.triton
is only reported as unhealthy when given an invalid configuration.
In those cases, exported fields retain their last healthy values.
Debug information
discovery.triton
does not expose any component-specific debug information.
Debug metrics
discovery.triton
does not expose any component-specific debug metrics.
Example
discovery.triton "example" {
account = TRITON_ACCOUNT
dns_suffix = TRITON_DNS_SUFFIX
endpoint = TRITON_ENDPOINT
}
prometheus.scrape "demo" {
targets = discovery.triton.example.targets
forward_to = [prometheus.remote_write.demo.receiver]
}
prometheus.remote_write "demo" {
endpoint {
url = PROMETHEUS_REMOTE_WRITE_URL
basic_auth {
username = USERNAME
password = PASSWORD
}
}
}
Replace the following:
TRITON_ACCOUNT
: Your Triton account.TRITON_DNS_SUFFIX
: Your Triton DNS suffix.TRITON_ENDPOINT
: Your Triton endpoint.PROMETHEUS_REMOTE_WRITE_URL
: The URL of the Prometheus remote_write-compatible server to send metrics to.USERNAME
: The username to use for authentication to the remote_write API.PASSWORD
: The password to use for authentication to the remote_write API.
Compatible components
discovery.triton
has exports that can be consumed by the following components:
- Components that consume Targets
Note
Connecting some components may not be sensible or components may require further configuration to make the connection work correctly. Refer to the linked documentation for more details.