Prometheus Metrics Exporter📜
Reference Documentation📜
Overview📜
The Neuvector Metrics Exporter needs authentication configured to be able to provide metrics:
- By default (similar to fluent-bit) the built-in
admin
superuser account is fed in to be able to authenticate. - It is strongly encouraged to use a read-only user for the metrics exporter.
Creating a read-only metrics user📜
Neuvector comes configured with a default admin
user, but it is highly encouraged to create a new user with limited permission. A new user can be created manually in the UI via https://neuvector.bigbang.dev/#/settings/users or be created as part of the built in user initialization, which uses /etc/config/userinitcfg.yaml
.
The following example shows creation of a new metrics
user with the built in reader
role and the corresponding configuration to ensure the CTRL_USERNAME
and CTRL_PASSWORD
are configured to utilize the new user.
values:
controller:
secret:
enabled: true
data:
# This configuration is read in at deploy time and users are created.
userinitcfg.yaml:
users:
- username: metrics
password: bb-M3trics
role: reader
fullname: metrics
monitor:
install: true
exporter:
enabled: true
serviceMonitor:
enabled: true
svc:
enabled: true
CTRL_USERNAME: metrics
CTRL_PASSWORD: bb-M3trics