How to collect Juju metrics

See also:

This documents shows how to collect metrics about Juju itself using Prometheus.

It is possible for charmed operators to collect metrics about other charmed operators (see Metric collecting charmed operators ).

Contents:

Connect Juju to Prometheus

Each controller provides an HTTPS endpoint to expose Prometheus metrics. To feed these metrics into Prometheus, you must add a new scrape target to your already installed and running Prometheus instance. For this use case, the only constraint on where Prometheus is running is that the server must be able to contact the controller’s API address/port.

Add authorisation information

The Juju controller’s metrics endpoint requires authorisation, so create a user and password for Prometheus to use:

juju add-user prometheus
juju change-user-password prometheus

When prompted, enter the password twice:

new password: <password>
type new password again: <password>

For the prometheus user to be able to access the metrics endpoint, grant the user read access to the controller model:

juju grant prometheus read controller

Skip validation

Juju serves the metrics over HTTPS, with no option of degrading to HTTP. You can configure your Prometheus instance to skip validation, or enter this to store the controller’s CA certificate in a file for Prometheus to verify the server’s certificate against:

juju controller-config ca-cert > /path/to/juju-ca.crt

Add a scrape target

To add a scrape target to Prometheus, add the following to prometheus.yaml:

scrape_configs:
  job_name: juju
    metrics_path: /introspection/metrics
    scheme: https
    static_configs:
      targets: ['<controller-address>:17070']
    basic_auth:
      username: user-prometheus
      password: <password>
    tls_config:
      ca_file: /path/to/juju-ca.crt

The username syntax in the scrape_configs is important and should contain the user- portion.

I hope that I can use reply to suggest some improvements.

On this page I am missing the minimal version of juju that supports this feature. Would be great to know that.

And some tacking of changes in metrics (if any) over the versions that are released.

Hi,

There are a couple of issues with the suggested scrape_config format:

The tls_config and basic_auth fields should be at the same level as job_name, and the targets entry should be prepended with a hyphen.

The sample below implements those adjustments:

scrape_configs:
  job_name: juju
    metrics_path: /introspection/metrics
    scheme: https
    static_configs:
      - targets: ['<controller-address>:17070']
  basic_auth:
    username: user-prometheus
    password: <password>
  tls_config:
    ca_file: /path/to/juju-ca.crt

Thanks!