Prometheus OpenLDAP Exporter
Export metrics from your OpenLDAP servers to your Prometheus monitoring system.
Prerequisites
You'll need a working OpenLDAP server, and a working Prometheus server. Setup and installation of those is left as an exercise to the reader.
The exporter service is developed and tested using Python 2. The ldaptor requires features in Twisted that have not been ported to Python 3 as of Twisted 16.4.0.
How it Works
The OpenLDAP exporter opens up a new LDAP connection to the OpenLDAP
server each time Prometheus scrapes the exporter. LDAP objects with
the objectClass
of monitorCounterObject
or
monitoredObject
under the cn=Monitor
base are searched
for. Any objects that are found that have data that can be converted
to a floating point number are exported as metrics with the object's
distinguished name as a label.
See the OpenLDAP Manual for more information on how OpenLDAP exposes performance metrics.
Installation
git clone https://github.com/jcollie/openldap_exporter.git
cd openldap_exporter
virtualenv --python=/usr/bin/python2 /opt/openldap_exporter
/opt/openldap_exporter/bin/pip install --requirement requirements.txt
cp openldap_exporter.py /opt/openldap_exporter
cp openldap_exporter.yml /opt/openldap_exporter
vi /opt/openldap_exporter/openldap_exporter.yml
# edit configuration file
cp openldap_exporter.service /etc/systemd/system
systemctl daemon-reload
systemctl enable openldap_exporter
systemctl start openldap_exporter
Docker Build
docker build . -t openldap_exporter
Configuration
OpenLDAP
The OpenLDAP configuration needs to be modified to allow querying the monitoring database over a remote connection. The following command should be run on the OpenLDAP server:
# ldapmodify -Y EXTERNAL -H ldapi:// <<EOF
dn: olcDatabase={1}monitor,cn=config
changetype: modify
replace: olcAccess
olcAccess: to * by dn.base="gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth" read by dn.base="cn=Manager,dc=example,dc=com" read by * none
-
EOF
Replace cn=Manager,dc=example,dc=com
with the distinguished name
of the user that you want to read the metrics with.
Consult the OpenLDAP manual for more information on configuring OpenLDAP access lists.
Exporter
Local Installation
The exporter is configured using command line options:
usage: openldap_exporter [-h] --config CONFIG
Prometheus OpenLDAP exporter
optional arguments:
-h, --help show this help message and exit
--config CONFIG configuration file
The configuration file is a YAML formatted file that looks like this:
---
server: tcp:port=9142
client: tcp:host=127.0.0.1:port=389
binddn: cn=Manager,dc=example,dc=com
bindpw: changeme
Twisted server endpoint specifiers are described here. Twisted client endpoint specifiers are described here.
Docker Installation
docker run -d -v <location of the config>/openldap_exporter.yml:/config/openldap_exporter.yml -p 9142:9142 --net host openldap_exporter
Prometheus
Add a job to your Promethus configuration that looks like the following:
scrape_configs:
- job_name: 'openldap'
scrape_interval: 30s
scrape_timeout: 10s
target_groups:
- targets:
- 'localhost:9142'
Example Output
openldap_up 1
openldap_monitor_counter_object{dn="cn=Max File Descriptors,cn=Connections,cn=Monitor"} 1024.0
openldap_monitor_counter_object{dn="cn=Total,cn=Connections,cn=Monitor"} 1553.0
openldap_monitor_counter_object{dn="cn=Current,cn=Connections,cn=Monitor"} 5.0
openldap_monitor_counter_object{dn="cn=Bytes,cn=Statistics,cn=Monitor"} 57082372.0
openldap_monitor_counter_object{dn="cn=PDU,cn=Statistics,cn=Monitor"} 2243556.0
openldap_monitor_counter_object{dn="cn=Entries,cn=Statistics,cn=Monitor"} 567713.0
openldap_monitor_counter_object{dn="cn=Referrals,cn=Statistics,cn=Monitor"} 0.0
openldap_monitor_counter_object{dn="cn=Read,cn=Waiters,cn=Monitor"} 5.0
openldap_monitor_counter_object{dn="cn=Write,cn=Waiters,cn=Monitor"} 0.0
openldap_monitored_object{dn="cn=Max,cn=Threads,cn=Monitor"} 16.0
openldap_monitored_object{dn="cn=Max Pending,cn=Threads,cn=Monitor"} 0.0
openldap_monitored_object{dn="cn=Open,cn=Threads,cn=Monitor"} 9.0
openldap_monitored_object{dn="cn=Starting,cn=Threads,cn=Monitor"} 0.0
openldap_monitored_object{dn="cn=Active,cn=Threads,cn=Monitor"} 1.0
openldap_monitored_object{dn="cn=Pending,cn=Threads,cn=Monitor"} 0.0
openldap_monitored_object{dn="cn=Backload,cn=Threads,cn=Monitor"} 1.0
openldap_monitored_object{dn="cn=Uptime,cn=Time,cn=Monitor"} 3351414.0
License
Copyright © 2017 by Jeffrey C. Ollie [email protected]
This program is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version.
This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.
You should have received a copy of the GNU General Public License along with this program. If not, see http://www.gnu.org/licenses/.
openldap_exporter's People
Forkers
guillaumesmaha mmuehlenhoff tegebe billmoritz magicrobotmonkey jincychacko djvl dev-e imejri elinnore worteksopenldap_exporter's Issues
connection lost before unbind ldap client
Wrong Content-Type: text/html on all responses
When building and running the exporter locally with Docker using the provided commands from the README against an openldap server I get with curl:
> GET / HTTP/1.1
> Host: localhost:9142
> User-Agent: curl/7.52.1
> Accept: */*
>
< HTTP/1.1 404 Not Found
< Date: Tue, 21 Aug 2018 12:50:01 GMT
< Content-Length: 153
< Content-Type: text/html; charset=utf-8
< Server: TwistedWeb/16.4.0
<
<html>
<head><title>404 - No Such Resource</title></head>
<body>
<h1>No Such Resource</h1>
<p>No such child resource.</p>
</body>
</html>
Shouldn't the RootPage also output OK
?
> GET /metrics HTTP/1.1
> Host: localhost:9142
> User-Agent: curl/7.52.1
> Accept: */*
>
< HTTP/1.1 200 OK
< Transfer-Encoding: chunked
< Date: Tue, 21 Aug 2018 12:50:30 GMT
< Content-Type: text/html
< Server: TwistedWeb/16.4.0
<
openldap_monitored_op{dn="cn=Bind,cn=Operations,cn=Monitor"} 10.0
openldap_monitored_op{dn="cn=Unbind,cn=Operations,cn=Monitor"} 8.0
openldap_monitored_op{dn="cn=Search,cn=Operations,cn=Monitor"} 16.0
openldap_monitored_op{dn="cn=Compare,cn=Operations,cn=Monitor"} 0.0
openldap_monitored_op{dn="cn=Modify,cn=Operations,cn=Monitor"} 0.0
openldap_monitored_op{dn="cn=Modrdn,cn=Operations,cn=Monitor"} 0.0
openldap_monitored_op{dn="cn=Add,cn=Operations,cn=Monitor"} 0.0
openldap_monitored_op{dn="cn=Delete,cn=Operations,cn=Monitor"} 0.0
openldap_monitored_op{dn="cn=Abandon,cn=Operations,cn=Monitor"} 0.0
openldap_monitored_op{dn="cn=Extended,cn=Operations,cn=Monitor"} 0.0
openldap_up 1
openldap_monitor_counter_object{dn="cn=Max File Descriptors,cn=Connections,cn=Monitor"} 1024.0
openldap_monitor_counter_object{dn="cn=Total,cn=Connections,cn=Monitor"} 1010.0
openldap_monitor_counter_object{dn="cn=Current,cn=Connections,cn=Monitor"} 1.0
openldap_monitor_counter_object{dn="cn=Bytes,cn=Statistics,cn=Monitor"} 199701.0
openldap_monitor_counter_object{dn="cn=PDU,cn=Statistics,cn=Monitor"} 423.0
openldap_monitor_counter_object{dn="cn=Entries,cn=Statistics,cn=Monitor"} 397.0
openldap_monitor_counter_object{dn="cn=Referrals,cn=Statistics,cn=Monitor"} 0.0
openldap_monitor_counter_object{dn="cn=Read,cn=Waiters,cn=Monitor"} 1.0
openldap_monitor_counter_object{dn="cn=Write,cn=Waiters,cn=Monitor"} 0.0
openldap_monitored_object{dn="cn=Max,cn=Threads,cn=Monitor"} 16.0
openldap_monitored_object{dn="cn=Max Pending,cn=Threads,cn=Monitor"} 0.0
openldap_monitored_object{dn="cn=Open,cn=Threads,cn=Monitor"} 3.0
openldap_monitored_object{dn="cn=Starting,cn=Threads,cn=Monitor"} 0.0
openldap_monitored_object{dn="cn=Active,cn=Threads,cn=Monitor"} 1.0
openldap_monitored_object{dn="cn=Pending,cn=Threads,cn=Monitor"} 0.0
openldap_monitored_object{dn="cn=Backload,cn=Threads,cn=Monitor"} 1.0
openldap_monitored_object{dn="cn=Uptime,cn=Time,cn=Monitor"} 1187.0
For some reasons the self.request.setHeader(b'Content-Type', b'text/plain; charset=utf-8; version=0.0.4')
is ignored. What could be the reason and how to fix?
What's openldap_exporter license?
Hi,
thanks for openldap_exporter
! I couldn't find any license information, under which license is it released?
thanks!
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.