Only expose /metrics for Fly internal scraper

mathiasn · January 19, 2022, 8:34pm

Hello,
I just added a /metrics endpoint to my app to leverage the prometheus instance of Fly. But I don’t want to expose it publicly.
For Elixir there is a library to bind conditions to a plug (e.g. authentication or whatever can be passed). What’s the best practice way here at Fly to expose a metrics endpoint without exposing it publicly? Thanks.

charsleysa · January 19, 2022, 8:42pm

Hi @mathiasn

A fairly easy way is to expose metrics on a different port that is not exposed publicly in fly.toml, only in the metrics section.
The fly metrics scraper will still be able to access the port and it won’t be publicly accessible.

kikko088 · September 21, 2024, 5:08pm

@charsleysa can you explain your solution? this is my fly.toml

[http_service]
  internal_port = 3000
  force_https = true
  auto_stop_machines = true
  auto_start_machines = true
  min_machines_running = 0
  processes = ["app"]

[metrics]
  port = 3000
  path = "/metrics"
  processes = ["app"]

[env]
  PORT="3000"
  HOSTNAME="0.0.0.0"

the app (nodejs) is serving the metrics using prom-client,

mayailurus · September 22, 2024, 1:15pm

Added metrics

Topic		Replies	Views
Authenticated requests for health_checks and Prometheus Metric Scraping? Questions / Help metrics	7	1209	November 29, 2022
Hide metrics endpoint metrics , proxy	4	53	September 30, 2024
Prometheus endpoint configuration Questions / Help	5	554	March 30, 2022
Prometheus metrics - any way to federate/scrape it? metrics	5	1394	October 7, 2022
Is there a way to get the built-in Prometheus Scraper's ip address? Questions / Help metrics , laravel	1	25	October 1, 2024

Only expose /metrics for Fly internal scraper

Related topics