Skip to main content

Prometheus

Reading time: 0 minute(s) (0 words)

Prometheus is an open-source software application used for event monitoring and alerting. It records real-time metrics in a time series database built using an HTTP pull model, with flexible query language and real-time alerting.

Scope of Support​

Currently, Prometheus integration supports Agent configuration only.

Authentication​

Prometheus does not provide an authentication layer, the Nobl9 Agent only collects the URL for the Prometheus integration definition. Authentication is up to the user. Operators are expected to run an authenticating reverse proxy in front of their services, such as NGINX using basic auth or an OAuth2 proxy.

URL​

Prometheus Agent makes requests to Range Queries | Prometheus Documentation API endpoint in the form /api/v1/query_range. For example:

GET /api/v1/query_range
POST /api/v1/query_range

Hence, do not include the above API path in the URL. Specify only the base URL for the Prometheus server. For example, if your Prometheus server is available under <http://prometheus.example.com> and you access API via <http://prometheus.example.com/api/v1>, use only <http://prometheus.example.com>.

Other APIs or Web UIs have similar path endings, which should also be omitted, for example, the /graph part of the path.

The Prometheus integration does not integrate directly with data exposed from services in the Prometheus Format | Prometheus Documentation, usually under /metrics path. Do not set the URL to metrics exposed directly from such a service.

Authenticating Prometheus Agent with the basic_auth Proxy​

Since Prometheus does not provide an authentication layer, the authentication method is up to the users. Normally, Loki's users are expected to run an authenticating reverse proxy in front of their services, such as NGINX using basic_auth proxy.

If that's the method you use, the Nobl9 Agent version equal to or higher than 0.40.0, allows you to send an additional Authorization request header with the basic_auth. Refer to the section below for more details.

Authenticating Prometheus Agent with the bearer_token Method​

You can also choose to authenticate the Nobl9 Prometheus Agent with bearer_token. If you choose this method, you need to specify the variables for AUTH_METHOD and BEARER_TOKEN when deploying your Prometheus agent in Docker or Kubernetes. Refer to the section below for more details.

Adding Prometheus as a Data Source in the UI​

To add Prometheus as a data source in Nobl9 using the Agent connection method, follow these steps:

  1. Navigate to Integrations > Sources.
  2. Click the button.
  3. Click the relevant Source icon.
  4. Choose a relevant connection method (Agent or Direct), then configure the source as described below.

Prometheus Agent​

Agent Configuration in the UI​

Follow the instructions below to create your Prometheus Agent connection:

  1. Add the URL to connect to your data source (mandatory).
    Refer to the Authentication section for more details.
  1. Select a Project.
    Specifying a Project is helpful when multiple users are spread across multiple teams or projects. When the Project field is left blank then object is assigned to project default.
  2. Enter a Display Name.
    You can enter a friendly name with spaces in this field.
  3. Enter a Name.
    The name is mandatory and can only contain lowercase, alphanumeric characters and dashes (for example, my-project-name). This field is populated automatically when you enter a display name, but you can edit the result.
  4. Enter a Description.
    Here you can add details such as who is responsible for the integration (team/owner) and the purpose of creating it.
  5. Customize the Query delay to set a customized delay for queries when pulling the data from the data source.
    • The default value for query delay is 0 seconds
    info
    Changing the Query delay may affect your SLI data. For more details, check the Query delay documentation.
    caution
    Query Delay is only available in Beta Agent/Direct release channels.

    Note that if you’re already using Agent in the Beta version, you’ll see the option to configure Query Delay in the UI - however, in order for Query Delay to work, your Agent needs to run at least this version: 0.65.0-beta09.

    Contact Nobl9 Support to activate this feature.
  6. Enter a Maximum Period for Historical Data Retrieval.
    • This value defines how far back in the past your data will be retrieved.
    • The value for the Maximum period of data retrieval depends on the Source. Check the Replay documentation for details.
    • Entering a more extended Period might slow down the loading time when creating an SLO.
      • The value must be a positive integer.
  7. Enter a Default Period for Historical Data Retrieval.
    • It is the Period that will be used by the SLO connected to this data source.
    • The value must be a positive integer or 0.
    • By default, this value is set to 0. If you set it to >0, you will create an SLO with Replay.
  8. Click the Add Data Source button.

Agent Using CLI - YAML​

The YAML for setting up an Agent connection to Prometheus looks like this:

apiVersion: n9/v1alpha
kind: Agent
metadata:
  name: prometheus-agent
  displayName: Prometheus Agent # optional
  project: default
spec:
  description: Agent settings for Prometheus datasource # optional
  sourceOf:
    - Metrics
    - Services
  queryDelay:
      unit: Minute # string, one of: Second || Minute
      value: 720 # numeric, must be a number lesser than 1440 minutes (24 hours)
  prometheus:
    url: http://prometheus.example.com
  historicalDataRetrieval:
      maxDuration:
        value: 30 # integer greater than or equal to 0
        unit: Day # accepted values: Minute, Hour, Day
      defaultDuration: # value must be less than or equal to value of maxDuration
        value: 0 # integer greater than or equal to 0
        unit: Day # accepted values: Minute, Hour, Day

Important notes:

Agent specification for Prometheus has one field:

warning

You can deploy only one Agent in one YAML file by using the sloctl apply command.

Deploying Prometheus Agent​

When you add the data source, Nobl9 automatically generates a Kubernetes configuration and a Docker command line for you to use to deploy the Agent. Both of these are available in the web UI, under the Agent Configuration section. Be sure to swap in your credentials.

If you use Kubernetes, you can apply the supplied YAML config file to a Kubernetes cluster to deploy the Agent. It will look something like this:

# DISCLAIMER: This deployment description contains only the fields necessary for the purpose of this demo.
# It is not a ready-to-apply k8s deployment description, and the client_id and client_secret are only exemplary values.

apiVersion: v1
kind: Secret
metadata:
  name: nobl9-agent-nobl9-dev-default-name
  namespace: default
type: Opaque
stringData:
  client_id: "unique_client_id"
  client_secret: "unique_client_secret"
---
apiVersion: apps/v1
kind: Deployment
metadata:
  name: nobl9-agent-nobl9-dev-default-name
  namespace: default
spec:
  replicas: 1
  selector:
    matchLabels:
      nobl9-agent-name: "prometheus-agent"
      nobl9-agent-project: "default"
      nobl9-agent-organization: "nobl9-dev"
  template:
    metadata:
      labels:
        nobl9-agent-name: "prometheus-agent"
        nobl9-agent-project: "default"
        nobl9-agent-organization: "nobl9-dev"
    spec:
      containers:
        - name: agent-container
          image: nobl9/agent:latest
          resources:
            requests:
              memory: "350Mi"
              cpu: "0.1"
          env:
            - name: N9_CLIENT_ID
              valueFrom:
                secretKeyRef:
                  key: client_id
                  name: nobl9-agent-nobl9-dev-default-name
            - name: N9_CLIENT_SECRET
              valueFrom:
                secretKeyRef:
                  key: client_secret
                  name: nobl9-agent-nobl9-dev-default-name
            # The N9_METRICS_PORT is a variable specifying the port to which the /metrics and /health endpoints are exposed.
            # The 9090 is the default value and can be changed.
            # If you don’t want the metrics to be exposed, comment out or delete the N9_METRICS_PORT variable.
            - name: N9_METRICS_PORT
              value: "9090"

Deploying Prometheus Agent with basic_auth Method​

To enable basic_auth for the Agent, you need to pass optional environmental variables to an Agent:

  • AUTH_METHOD: basic_auth - is a fixed value but it must be passed to let know Agent that basic_auth will be used.

    • USERNAME: REDACTED - username for basic_auth.

    • PASSWORD: REDACTED - password for basic_auth.

If you use Kubernetes, you can apply the supplied YAML config file to a Kubernetes cluster to deploy the Agent using basic_auth method. It will look something like this:

# DISCLAIMER: This deployment description contains only the fields necessary for the purpose of this demo.
# It is not a ready-to-apply k8s deployment description, and the client_id and client_secret are only exemplary values.

apiVersion: v1
kind: Secret
metadata:
  name: nobl9-agent-nobl9-dev-stable-prometheus
  namespace: default
type: Opaque
stringData:
  client_id: "REDACTED"
  client_secret: "REDACTED"
  basic_auth_username: "REDACTED"
  basic_auth_password: "REDACTED"
---
apiVersion: apps/v1
kind: Deployment
metadata:
  name: nobl9-agent-nobl9-dev-stable-prometheus
  namespace: default
spec:
  replicas: 1
  selector:
    matchLabels:
      nobl9-agent-name: "prometheus"
      nobl9-agent-project: "prometheus"
      nobl9-agent-organization: "nobl9-dev-stable"
  template:
    metadata:
      labels:
        nobl9-agent-name: "prometheus"
        nobl9-agent-project: "prometheus"
        nobl9-agent-organization: "nobl9-dev-stable"
    spec:
      containers:
        - name: agent-container
          image: nobl9/agent:latest
          resources:
            requests:
              memory: "350Mi"
              cpu: "0.1"
          env:
            - name: N9_CLIENT_ID
              valueFrom:
                secretKeyRef:
                  key: client_id
                  name: nobl9-agent-nobl9-dev-stable-prometheus
            - name: N9_CLIENT_SECRET
              valueFrom:
                secretKeyRef:
                  key: client_secret
                  name: nobl9-agent-nobl9-dev-stable-prometheus
            - name: AUTH_METHOD
              value: "basic_auth"
            - name: USERNAME
              valueFrom:
                secretKeyRef:
                  key: basic_auth_username
                  name: nobl9-agent-nobl9-dev-prometheus-with-basic-auth
            - name: PASSWORD
              valueFrom:
                secretKeyRef:
                  key: basic_auth_password
                  name: nobl9-agent-nobl9-dev-prometheus-with-basic-auth
            # The N9_METRICS_PORT is a variable specifying the port to which the /metrics and /health endpoints are exposed.
            # The 9090 is the default value and can be changed.
            # If you don’t want the metrics to be exposed, comment out or delete the N9_METRICS_PORT variable.
            - name: N9_METRICS_PORT
              value: "9090"

Deploying Prometheus Agent with bearer_token Method​

If you use Kubernetes, you can apply the supplied YAML config file to a Kubernetes cluster to deploy the Agent using bearer_token method. It will look something like this:

# DISCLAIMER: This deployment description contains only the fields necessary for the purpose of this demo.
# It is not a ready-to-apply k8s deployment description, and the client_id and client_secret are only exemplary values.

apiVersion: v1
kind: Secret
metadata:
  name: nobl9-agent-nobl9-dev-stable-prometheus
  namespace: default
type: Opaque
stringData:
  client_id: "REDACTED"
  client_secret: "REDACTED"
---
apiVersion: apps/v1
kind: Deployment
metadata:
  name: nobl9-agent-nobl9-dev-stable-prometheus
  namespace: default
spec:
  replicas: 1
  selector:
    matchLabels:
      nobl9-agent-name: "prometheus"
      nobl9-agent-project: "prometheus"
      nobl9-agent-organization: "nobl9-dev-stable"
  template:
    metadata:
      labels:
        nobl9-agent-name: "prometheus"
        nobl9-agent-project: "prometheus"
        nobl9-agent-organization: "nobl9-dev-stable"
    spec:
      containers:
        - name: agent-container
          image: nobl9/agent:latest
          resources:
            requests:
              memory: "350Mi"
              cpu: "0.1"
          env:
            - name: N9_CLIENT_ID
              valueFrom:
                secretKeyRef:
                  key: client_id
                  name: nobl9-agent-nobl9-dev-stable-prometheus
            - name: N9_CLIENT_SECRET
              valueFrom:
                secretKeyRef:
                  key: client_secret
                  name: nobl9-agent-nobl9-dev-stable-prometheus
            - name: AUTH_METHOD
              value: "bearer_token"
            - name: BEARER_TOKEN
              value: "/path/to/file"
            # The N9_METRICS_PORT is a variable specifying the port to which the /metrics and /health endpoints are exposed.
            # The 9090 is the default value and can be changed.
            # If you don’t want the metrics to be exposed, comment out or delete the N9_METRICS_PORT variable.
            - name: N9_METRICS_PORT
              value: "9090"

Creating SLOs with Prometheus​

Creating SLOs in the UI​

Follow the instructions below to create your SLOs with Prometheus in the UI:

  1. Navigate to Service Level Objectives.

  2. Click the button.

  3. In step 1 of the SLO wizard, select the Service the SLO will be associated with.

  4. In step 2, select Prometheus as the Data Source for your SLO, then specify the Metric. You can choose either a Threshold Metric, where a single time series is evaluated against a threshold or a Ratio Metric, which allows you to enter two time series to compare (for example, a count of good requests and total requests).

    note

    For the Ratio Metric, you can choose the Data Count Method:

    • For the Non-incremental method, we expect it to be the components of the sum.
    • For the Incremental method, we expect the value of a metric to be the current sum of some numerator.

    For more information, refer to the SLO Calculations Guide.

  5. Enter a Query, or Good Query and Total Query for the metric you selected. The following are query examples:

    • Threshold metric for Prometheus:
      Query: myapp_server_requestMsec{host="*",job="nginx"}

    • Ratio metric for Prometheus:
      Good Query: sum(production_http_response_time_seconds_hist_bucket{method=~"GET|POST",status=~"2..|3..",le="1"})

      Total Query: sum(production_http_response_time_seconds_hist_bucket{method=~"GET|POST",le="+Inf"})

  6. In step 3, define a Time Window for the SLO.

  7. In step 4, specify the Error Budget Calculation Method and your Objective(s).

  8. In step 5, add a Name, Description, and other details about your SLO. You can also select Alert Policies and Labels on this screen.

  9. When you’re done, click Create SLO.

SLOs Using Prometheus - YAML samples​

Here’s an example of Prometheus using a rawMetric (Threshold metric):

apiVersion: n9/v1alpha
kind: SLO
metadata:
 displayName: prometheus-calendar-occurrences-threshold
 name: prometheus-calendar-occurrences-threshold
 project: my-prometheus
spec:
 budgetingMethod: Occurrences
 description: ""
 indicator:
   metricSource:
     name: prometheus
 service: my-prometheus-slo
 objectives:
 - target: 0.8
   op: lte
   rawMetric:
     query:
       prometheus:
         promql: myapp_server_requestMsec{host="*",job="nginx"}
   displayName: average
   value: 200
 - target: 0.5
   op: lte
   rawMetric:
     query:
       prometheus:
         promql: myapp_server_requestMsec{host="*",job="nginx"}
   displayName: so-so
   value: 150
  timeWindows:
    - calendar:
        startTime: "2020-11-14 11:00:00"
        timeZone: Etc/UTC
      count: 1
      isRolling: false
      unit: Day

Specification for metric from Prometheus always has one mandatory field:

  • promql – a Prometheus query in the language called PromQL | Prometheus Documentation (Prometheus Query Language) that lets the user select and aggregate time series data in real time.

Querying the Prometheus Server​

The Nobl9 agent leverages the Prometheus API parameters. It pulls data at a per-minute interval from the Prometheus server.

Cortex Support with Nobl9 Prometheus Agent​

Cortex | Cortex Documentation is a database based on Prometheus with compatible API. Therefore, it is possible to use Cortex with the Nobl9 Prometheus Agent.

Cortex cluster setup is out of the scope of this document and is described in the Cortex documentation. Cortex deployment can be simplified with the official Helm chart.

As described in Cortex Architecture | Cortex Documentation, Prometheus API is exposed by the Nginx under default address <http://cortex-nginx/prometheus.> This address can be used as Prometheus URL in the Agent configuration panel. The default Prometheus endpoint can be changed according to the API documentation | Cortex Documentation. In that case, the Agent needs to access the /api/v1/query_range endpoint.

Grafana Cloud Support with Nobl9 Prometheus Agent​

Grafana Cloud is an observability platform that leverages Prometheus by directly interacting with the Prometheus HTTP API | Prometheus Documentation. Therefore, it is possible to use Grafana Cloud solution with the Nobl9 Prometheus Agent.

To use Grafana Cloud with Prometheus, you must authenticate your Prometheus Agent with the basic_auth proxy. Refer to the section above for more details.

As described in Analyzing metrics usage with the Prometheus API | Grafana Cloud Documentation, Prometheus API is exposed through the /api/prom/api/v1/query_range endpoint which is accessed by the Nobl9 agent.

To use Grafana Cloud with Nobl9, you need to append /api/prom/ to the end of the URL you configure your Grafana Source in the UI wizard for a regular Prometheus data integration. Thus, instead of http://HOST/, you need to enter http://HOST/api/prom/ in the Source Creation Wizard.

For more details, check Grafana Cloud Documentation.

Thanos Support with Nobl9 Prometheus Agent​

Thanos is High Availability Prometheus setup and can be used with Nobl9 Prometheus Agent.

Thanos cluster setup is out of the scope of this document and is described in the Thanos Components Documentation.

Thanos exposes Prometheus API using Querier. Querier address must be used as Prometheus URL in Nobl9 Agent configuration.

Other​

Setting up a Prometheus SLO with NOBL9 (video)

Agent Metrics | Nobl9 Documentation

Creating SLOs via Terraform | Nobl9 Terraform Documentation

Creating Agents via Terraform | Nobl9 Terraform Documentation

Last updated on