Prometheus exporter plugin for Discourse

Official Prometheus Exporter for Discourse

Repo: https://github.com/discourse/discourse-prometheus

The Discourse Prometheus plugin collects key metrics from Discourse and exposes them in the /metrics path so prometheus can consume them.

These metrics can be used to Graph all sorts of data like:

Median and 99th percentile times for topic / categories / top and latest pages. Breaking down execution time between SQL/Redis and App.

Page view tracking

Error tracking

Ruby object space tracking including allocation rate, heaps and so on.

Hosted V8 memory statistics

Scheduled Job Queue and Sidekiq job durations and executions.

To see a full list of metrics available, install the plugin and visit SITENAME/metrics as an admin.

Out of the box we allow the metrics route to admins and private ips.


Discourse Prometheus is smart enough to aggregate data for all forked unicorn processes and present it as cohesive metrics on a single endpoint. We use it internally to keep track of our sites.

Sample dashboard at: https://grafana.com/dashboards/3539


Discourse global setting called prometheus_trusted_ip_allowlist_regex (env: DISCOURSE_PROMETHEUS_TRUSTED_IP_ALLOWLIST_REGEX) is allowing to set Prometheus’s trusted IP addresses. The setting accepts regular expression to set advanced IP ranges. This is useful in a case when Prometheus IP address is dynamic.

36 Likes

What is the correct format of _REGEX in the app.yml file?

Is this correct?

  DISCOURSE_PROMETHEUS_TRUSTED_IP_ALLOWLIST_REGEX: "(35.247.25.222|34.83.69.98|35.192.150.184)"

I’m will be attempting to list all IP’s used by grafana.com for scraping (https://grafana.com/api/hosted-grafana/source-ips.txt)

1 Like

Looks more or less right. You may want to escape .s though and add ^ and $

1 Like

I probably should have added that it doesn’t work…

I have tried adding my machine’s IP address and it cannot access the metrics without logging into Discourse.

I take your point about the escaping the dot. In this case the regex will only be supplied with IP addresses, so escaping the dot doesn’t change the result but does make it harder to read. Also, grafana.com use up to 100 IP’s to pull data so this line might become too long…

1 Like

Seems that $ is being escaped in the translation from containers/<container>.conf to the container environment.

Container config:

  ## Allowed IPs for Prometheus metrics
  DISCOURSE_PROMETHEUS_TRUSTED_IP_ALLOWLIST_REGEX: "^10.20.20.5$"

Container environment.

declare -x DISCOURSE_PROMETHEUS_TRUSTED_IP_ALLOWLIST_REGEX="^10.20.20.5\$"
2 Likes

Are there any steps that need to be adjusted for using the multiple container setup that splites out redis/postgres in to data and the rest in to web_only? I’ve only added the plugin to the web_only container config.

I have the official dashboard set up in grafana and Redis RSS and Postgres Size are both N/A.

Container CPU usage and Container Memory Usage are No data but that might be from missing cadvisor on the host?

My yaml:

  - job_name: 'discourse_prometheus'
    scrape_interval: 1s
    metrics_path: /metrics
    scheme: https
    static_configs:
      - targets: ['<redact>:443']

That seems correct - bash needs the $ to be escaped.

1 Like

Not necessarily, but I guess it depends on what you are using to do the regex comparison.

#!/usr/bin/env bash

TARGET="10.20.20.5"
TARGET2="10.20.20.50"

if [[ "^10.20.20.5$" =~ $TARGET ]]; then
        echo "TARGET Matched Non-escaped"
fi

if [[ "^10.20.20.5\$" =~ $TARGET ]]; then
        echo "TARGET Matched escaped"
fi


if [[ "^10.20.20.5$" =~ $TARGET2 ]]; then
        echo "TARGET2 Matched Non-escaped"
fi

if [[ "^10.20.20.5\$" =~ $TARGET2 ]]; then
        echo "TARGET2 Matched escaped"
fi
+ TARGET=10.20.20.5
+ TARGET2=10.20.20.50
+ [[ ^10.20.20.5$ =~ 10.20.20.5 ]]
+ echo 'TARGET Matched Non-escaped'
TARGET Matched Non-escaped
+ [[ ^10.20.20.5$ =~ 10.20.20.5 ]]
+ echo 'TARGET Matched escaped'
TARGET Matched escaped
+ [[ ^10.20.20.5$ =~ 10.20.20.50 ]]
+ [[ ^10.20.20.5$ =~ 10.20.20.50 ]]

Native Grafana IP white-list import for easier use of the Prometheus plugin:

Is this still on the table as this would make it much easier for people to use the plugin without setting up an own server and use Grafana’s SAAS solution out of the box?