Install an External Node Exporter
Video Lecture
Description
Now we will install an external Prometheus Node Exporter on a different server.
sudo apt update
sudo apt install prometheus-node-exporter
Now check the node exporter is running.
sudo service prometheus-node-exporter status
You can stop, start or restart a node exporter using
sudo service prometheus-node-exporter stop
sudo service prometheus-node-exporter start
sudo service prometheus-node-exporter restart
To know which version you have installed, you can type,
prometheus-node-exporter --version
Node exporter will now be running on http://[your domain or IP]:9100/metrics
You can now block port 9100 externally, but leave it open internally for localhost.
And optionally, you can also allow a specific IP address or domain on the internet to access the port.
iptables -A INPUT -p tcp -s IP-ADDRESS-OR-DOMAIN_NAME --dport 9100 -j ACCEPT
iptables -A INPUT -p tcp -s localhost --dport 9100 -j ACCEPT
iptables -A INPUT -p tcp --dport 9100 -j DROP
iptables -L
Warning
iptables settings will be lost in case of system reboot. You will need to reapply them manually,
or
install iptables-persistent
sudo apt install iptables-persistent
This will save your settings into two files called,
/etc/iptables/rules.v4
/etc/iptables/rules.v6
Any changes you make to the iptables configuration won't be auto saved to these persistent files, so if you want to update these files with any changes, then use the commands,
iptables-save > /etc/iptables/rules.v4
iptables-save > /etc/iptables/rules.v6
Add the new scrape config for the new node exporter to the Prometheus configuration YML on your Prometheus server.
sudo nano /etc/prometheus/prometheus.yml
Scroll down to the bottom and add a new scrape target to the existing node job
- job_name: 'node'
static_configs:
- targets: ['localhost:9100']
- targets: ['other-server-ip-or-domain:9100']
Check changes to the config are syntactically correct
promtool check config /etc/prometheus/prometheus.yml
And if OK, then restart the Prometheus service.
sudo service prometheus restart
sudo service prometheus status
If you want to add SSL to the external node exporter you can also use an Nginx reverse proxy and add a path specific for the node exporter.
Example, for a server config you can add a metrics location.
server {
server_name YOUR-DOMAIN-NAME;
... (other typical nginx settings such as ports, ssl cert paths, etc for your website)
location /metrics {
allow REMOTE_IP_ADDRESS_WHICH_IS_ALLOWED_TO_QUERY_THIS_ENDPOINT;
deny all;
proxy_pass http://localhost:9100/metrics;
}
... (other typical nginx settings such as ports, ssl cert paths, etc for your website)
Prometheus 2.31 and Ubuntu 22.04 Notes
In this video, the APT package manager installed promethues-node-exporter
version 0.18.1. The updated APT package manager may install version 1.3.1.
There are no considerable differences to be aware of as shown and discussed in the video in case your APT manage installed the newer promethues-node-exporter
release.