From fcfe8203744303532e075f552e9cba2b558201c2 Mon Sep 17 00:00:00 2001 From: Prashant Shahi Date: Tue, 7 Feb 2023 17:18:44 +0530 Subject: [PATCH 1/7] =?UTF-8?q?docs(prometheus-scaler):=20=F0=9F=93=9D=20A?= =?UTF-8?q?dd=20customHeaders=20parameter?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Prashant Shahi --- content/docs/2.10/scalers/prometheus.md | 2 ++ 1 file changed, 2 insertions(+) diff --git a/content/docs/2.10/scalers/prometheus.md b/content/docs/2.10/scalers/prometheus.md index 4a7a0a4a5..55db761c1 100644 --- a/content/docs/2.10/scalers/prometheus.md +++ b/content/docs/2.10/scalers/prometheus.md @@ -23,6 +23,7 @@ triggers: # Optional fields: namespace: example-namespace # for namespaced queries, eg. Thanos cortexOrgID: my-org # Optional. X-Scope-OrgID header for Cortex. + customHeaders: X-Client-Id=cid,X-Tenant-Id=tid,X-Auth-Token=authtoken # Optional. Custom headers to include in query. ignoreNullValues: false # Default is `true`, which means ignoring the empty value list from Prometheus. Set to `false` the scaler will return error when Prometheus target is lost unsafeSsl: "false" # Default is `false`, Used for skipping certificate check when having self signed certs for Prometheus endpoint ``` @@ -36,6 +37,7 @@ triggers: - `activationThreshold` - Target value for activating the scaler. Learn more about activation [here](./../concepts/scaling-deployments.md#activating-and-scaling-thresholds).(Default: `0`, Optional, This value can be a float) - `namespace` - A namespace that should be used for namespaced queries. These are required by some highly available Prometheus setups, such as [Thanos](https://thanos.io). (Optional) - `cortexOrgID` - The `X-Scope-OrgID` header to query multi tenant [Cortex](https://cortexmetrics.io/) or [Mimir](https://grafana.com/oss/mimir/). (Optional) +- `customHeaders` - Custom headers to include while querying the prometheus endpoint. - `ignoreNullValues` - Value to reporting error when Prometheus target is lost (Values: `true`,`false`, Default: `true`, Optional) - `unsafeSsl` - Used for skipping certificate check e.g: using self signed certs (Values: `true`,`false`, Default: `false`, Optional) From eff1b70a64eef0a5ba197ea84eb6d2d46a94ef22 Mon Sep 17 00:00:00 2001 From: Prashant Shahi Date: Tue, 7 Feb 2023 19:24:57 +0530 Subject: [PATCH 2/7] =?UTF-8?q?docs(prometheus-scaler):=20=F0=9F=93=9D=20A?= =?UTF-8?q?dd=20custom=20auth=20mode=20and=20example?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Prashant Shahi --- content/docs/2.10/scalers/prometheus.md | 56 ++++++++++++++++++++++++- 1 file changed, 55 insertions(+), 1 deletion(-) diff --git a/content/docs/2.10/scalers/prometheus.md b/content/docs/2.10/scalers/prometheus.md index 55db761c1..551eb2be7 100644 --- a/content/docs/2.10/scalers/prometheus.md +++ b/content/docs/2.10/scalers/prometheus.md @@ -23,7 +23,7 @@ triggers: # Optional fields: namespace: example-namespace # for namespaced queries, eg. Thanos cortexOrgID: my-org # Optional. X-Scope-OrgID header for Cortex. - customHeaders: X-Client-Id=cid,X-Tenant-Id=tid,X-Auth-Token=authtoken # Optional. Custom headers to include in query. + customHeaders: X-Client-Id=cid,X-Tenant-Id=tid,X-Organization-Token=oid # Optional. Custom headers to include in query. ignoreNullValues: false # Default is `true`, which means ignoring the empty value list from Prometheus. Set to `false` the scaler will return error when Prometheus target is lost unsafeSsl: "false" # Default is `false`, Used for skipping certificate check when having self signed certs for Prometheus endpoint ``` @@ -62,6 +62,11 @@ You can use `TriggerAuthentication` CRD to configure the authentication. It is p - `cert` - Certificate for client authentication. This is a required field. - `key` - Key for client authentication. Optional. This is a required field. +**Custom authentication:** +- `authModes`: It must contain `custom` in case of Custom Authentication. Specify this in trigger configuration. +- `customAuthHeader`: Custom Authorization Header name to be used. This is required field. +- `customAuthValue`: Custom Authorization Header value. This is required field. + > 💡 **NOTE:**It's also possible to set the CA certificate regardless of the selected `authModes` (also without any authentication). This might be useful if you are using an enterprise CA. ### Example @@ -297,3 +302,52 @@ spec: authenticationRef: name: keda-prom-creds ``` + +Here is an example of a prometheus scaler with Custom Authentication, define the `Secret` and `TriggerAuthentication` as follows + +```yaml +apiVersion: v1 +kind: Secret +metadata: + name: keda-prom-secret + namespace: default +data: + customAuthHeader: "X-AUTH-TOKEN" + customAuthValue: "auth-token" +--- +apiVersion: keda.sh/v1alpha1 +kind: TriggerAuthentication +metadata: + name: keda-prom-creds + namespace: default +spec: + secretTargetRef: + - parameter: customAuthHeader + name: keda-prom-secret + key: customAuthHeader + - parameter: customAuthValue + name: keda-prom-secret + key: customAuthValue +--- +apiVersion: keda.sh/v1alpha1 +kind: ScaledObject +metadata: + name: prometheus-scaledobject + namespace: keda + labels: + deploymentName: dummy +spec: + maxReplicaCount: 12 + scaleTargetRef: + name: dummy + triggers: + - type: prometheus + metadata: + serverAddress: http://:9090 + metricName: http_requests_total + threshold: '100' + query: sum(rate(http_requests_total{deployment="my-deployment"}[2m])) + authModes: "custom" + authenticationRef: + name: keda-prom-creds +``` From 77727e6a82eba8aa0fb7865a24691bfcbc92345b Mon Sep 17 00:00:00 2001 From: Prashant Shahi Date: Wed, 8 Feb 2023 01:29:58 +0530 Subject: [PATCH 3/7] =?UTF-8?q?docs(prometheus-scaler):=20=F0=9F=93=9D=20u?= =?UTF-8?q?pdate=20custom=20header=20examples?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Prashant Shahi --- content/docs/2.10/scalers/prometheus.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/content/docs/2.10/scalers/prometheus.md b/content/docs/2.10/scalers/prometheus.md index 551eb2be7..7df41f4d1 100644 --- a/content/docs/2.10/scalers/prometheus.md +++ b/content/docs/2.10/scalers/prometheus.md @@ -23,7 +23,7 @@ triggers: # Optional fields: namespace: example-namespace # for namespaced queries, eg. Thanos cortexOrgID: my-org # Optional. X-Scope-OrgID header for Cortex. - customHeaders: X-Client-Id=cid,X-Tenant-Id=tid,X-Organization-Token=oid # Optional. Custom headers to include in query. + customHeaders: X-Client-Id=cid,X-Tenant-Id=tid,X-Organization-Id=oid # Optional. Custom headers to include in query. ignoreNullValues: false # Default is `true`, which means ignoring the empty value list from Prometheus. Set to `false` the scaler will return error when Prometheus target is lost unsafeSsl: "false" # Default is `false`, Used for skipping certificate check when having self signed certs for Prometheus endpoint ``` From f02ffb10e7f707217883e6a9d84bf871482b0e23 Mon Sep 17 00:00:00 2001 From: Prashant Shahi Date: Wed, 8 Feb 2023 16:03:30 +0530 Subject: [PATCH 4/7] =?UTF-8?q?docs(prometheus-scaler):=20=F0=9F=93=9D=20c?= =?UTF-8?q?ustom=20authentication=20related?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Prashant Shahi --- content/docs/2.10/scalers/prometheus.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/content/docs/2.10/scalers/prometheus.md b/content/docs/2.10/scalers/prometheus.md index 7df41f4d1..8d2a29799 100644 --- a/content/docs/2.10/scalers/prometheus.md +++ b/content/docs/2.10/scalers/prometheus.md @@ -37,13 +37,13 @@ triggers: - `activationThreshold` - Target value for activating the scaler. Learn more about activation [here](./../concepts/scaling-deployments.md#activating-and-scaling-thresholds).(Default: `0`, Optional, This value can be a float) - `namespace` - A namespace that should be used for namespaced queries. These are required by some highly available Prometheus setups, such as [Thanos](https://thanos.io). (Optional) - `cortexOrgID` - The `X-Scope-OrgID` header to query multi tenant [Cortex](https://cortexmetrics.io/) or [Mimir](https://grafana.com/oss/mimir/). (Optional) -- `customHeaders` - Custom headers to include while querying the prometheus endpoint. +- `customHeaders` - Custom headers to include while querying the prometheus endpoint. In case of authentication headers, use custom authentication or relevant `authModes` instead. (Optional) - `ignoreNullValues` - Value to reporting error when Prometheus target is lost (Values: `true`,`false`, Default: `true`, Optional) - `unsafeSsl` - Used for skipping certificate check e.g: using self signed certs (Values: `true`,`false`, Default: `false`, Optional) ### Authentication Parameters -Prometheus Scaler supports three types of authentication - bearer authentication, basic authentication and TLS authentication. +Prometheus Scaler supports four types of authentication - bearer authentication, basic authentication, TLS authentication and custom authentication. You can use `TriggerAuthentication` CRD to configure the authentication. It is possible to specify multiple authentication types i.e. `authModes: "tls,basic"` Specify `authModes` and other trigger parameters along with secret credentials in `TriggerAuthentication` as mentioned below: From 483f58ce6abaff7aacb774100f3013c25761f71e Mon Sep 17 00:00:00 2001 From: Prashant Shahi Date: Wed, 22 Feb 2023 20:42:00 +0530 Subject: [PATCH 5/7] =?UTF-8?q?docs(prometheus-scaler):=20=F0=9F=93=9D=20c?= =?UTF-8?q?ortexOrgID=20deprecation?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Prashant Shahi --- content/docs/2.10/scalers/prometheus.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/content/docs/2.10/scalers/prometheus.md b/content/docs/2.10/scalers/prometheus.md index 8d2a29799..c652cfe50 100644 --- a/content/docs/2.10/scalers/prometheus.md +++ b/content/docs/2.10/scalers/prometheus.md @@ -22,7 +22,7 @@ triggers: activationThreshold: '5.5' # Optional fields: namespace: example-namespace # for namespaced queries, eg. Thanos - cortexOrgID: my-org # Optional. X-Scope-OrgID header for Cortex. + cortexOrgID: my-org # Deprecated: Use custom headers instead to set X-Scope-OrgID header for Cortex. (see below) customHeaders: X-Client-Id=cid,X-Tenant-Id=tid,X-Organization-Id=oid # Optional. Custom headers to include in query. ignoreNullValues: false # Default is `true`, which means ignoring the empty value list from Prometheus. Set to `false` the scaler will return error when Prometheus target is lost unsafeSsl: "false" # Default is `false`, Used for skipping certificate check when having self signed certs for Prometheus endpoint @@ -36,7 +36,7 @@ triggers: - `threshold` - Value to start scaling for. (This value can be a float) - `activationThreshold` - Target value for activating the scaler. Learn more about activation [here](./../concepts/scaling-deployments.md#activating-and-scaling-thresholds).(Default: `0`, Optional, This value can be a float) - `namespace` - A namespace that should be used for namespaced queries. These are required by some highly available Prometheus setups, such as [Thanos](https://thanos.io). (Optional) -- `cortexOrgID` - The `X-Scope-OrgID` header to query multi tenant [Cortex](https://cortexmetrics.io/) or [Mimir](https://grafana.com/oss/mimir/). (Optional) +- `cortexOrgID` - **Deprecated in favor of `customHeaders`** and will be removed in a future release. Use `customHeaders: X-Scope-OrgID=##` instead to query multi tenant [Cortex](https://cortexmetrics.io/) or [Mimir](https://grafana.com/oss/mimir/). (Optional) - `customHeaders` - Custom headers to include while querying the prometheus endpoint. In case of authentication headers, use custom authentication or relevant `authModes` instead. (Optional) - `ignoreNullValues` - Value to reporting error when Prometheus target is lost (Values: `true`,`false`, Default: `true`, Optional) - `unsafeSsl` - Used for skipping certificate check e.g: using self signed certs (Values: `true`,`false`, Default: `false`, Optional) From 0c83133975b0cec095ef0734d479c7e18dc60c23 Mon Sep 17 00:00:00 2001 From: Prashant Shahi Date: Wed, 22 Feb 2023 20:43:15 +0530 Subject: [PATCH 6/7] =?UTF-8?q?docs(prometheus-scaler):=20=F0=9F=93=9D=20c?= =?UTF-8?q?ustom=20auth=20info=20in=20custom=20headers?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Prashant Shahi --- content/docs/2.10/scalers/prometheus.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/content/docs/2.10/scalers/prometheus.md b/content/docs/2.10/scalers/prometheus.md index c652cfe50..65f4e6fef 100644 --- a/content/docs/2.10/scalers/prometheus.md +++ b/content/docs/2.10/scalers/prometheus.md @@ -23,7 +23,7 @@ triggers: # Optional fields: namespace: example-namespace # for namespaced queries, eg. Thanos cortexOrgID: my-org # Deprecated: Use custom headers instead to set X-Scope-OrgID header for Cortex. (see below) - customHeaders: X-Client-Id=cid,X-Tenant-Id=tid,X-Organization-Id=oid # Optional. Custom headers to include in query. + customHeaders: X-Client-Id=cid,X-Tenant-Id=tid,X-Organization-Id=oid # Optional. Custom headers to include in query. In case of auth header, use the custom authentication or relevant authModes. ignoreNullValues: false # Default is `true`, which means ignoring the empty value list from Prometheus. Set to `false` the scaler will return error when Prometheus target is lost unsafeSsl: "false" # Default is `false`, Used for skipping certificate check when having self signed certs for Prometheus endpoint ``` From 3b714529ee8bec0c370eee4583306dd71c660459 Mon Sep 17 00:00:00 2001 From: Prashant Shahi Date: Sat, 25 Feb 2023 01:40:13 +0530 Subject: [PATCH 7/7] =?UTF-8?q?docs(prometheus-scaler):=20=F0=9F=93=9D=20u?= =?UTF-8?q?pdate=20deprecation=20message=20as=20per=20deprecation=20policy?= =?UTF-8?q?=20in=20kedacore/governance?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Prashant Shahi --- content/docs/2.10/scalers/prometheus.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/content/docs/2.10/scalers/prometheus.md b/content/docs/2.10/scalers/prometheus.md index 65f4e6fef..708e09e29 100644 --- a/content/docs/2.10/scalers/prometheus.md +++ b/content/docs/2.10/scalers/prometheus.md @@ -22,7 +22,7 @@ triggers: activationThreshold: '5.5' # Optional fields: namespace: example-namespace # for namespaced queries, eg. Thanos - cortexOrgID: my-org # Deprecated: Use custom headers instead to set X-Scope-OrgID header for Cortex. (see below) + cortexOrgID: my-org # DEPRECATED: This parameter is deprecated as of KEDA v2.10 in favor of customHeaders and will be removed in version 2.12. Use custom headers instead to set X-Scope-OrgID header for Cortex. (see below) customHeaders: X-Client-Id=cid,X-Tenant-Id=tid,X-Organization-Id=oid # Optional. Custom headers to include in query. In case of auth header, use the custom authentication or relevant authModes. ignoreNullValues: false # Default is `true`, which means ignoring the empty value list from Prometheus. Set to `false` the scaler will return error when Prometheus target is lost unsafeSsl: "false" # Default is `false`, Used for skipping certificate check when having self signed certs for Prometheus endpoint @@ -36,7 +36,7 @@ triggers: - `threshold` - Value to start scaling for. (This value can be a float) - `activationThreshold` - Target value for activating the scaler. Learn more about activation [here](./../concepts/scaling-deployments.md#activating-and-scaling-thresholds).(Default: `0`, Optional, This value can be a float) - `namespace` - A namespace that should be used for namespaced queries. These are required by some highly available Prometheus setups, such as [Thanos](https://thanos.io). (Optional) -- `cortexOrgID` - **Deprecated in favor of `customHeaders`** and will be removed in a future release. Use `customHeaders: X-Scope-OrgID=##` instead to query multi tenant [Cortex](https://cortexmetrics.io/) or [Mimir](https://grafana.com/oss/mimir/). (Optional) +- `cortexOrgID` - DEPRECATED: This parameter is deprecated as of KEDA v2.10 in favor of `customHeaders` and will be removed in version 2.12. Use `customHeaders: X-Scope-OrgID=##` instead to query multi tenant [Cortex](https://cortexmetrics.io/) or [Mimir](https://grafana.com/oss/mimir/). (Optional) - `customHeaders` - Custom headers to include while querying the prometheus endpoint. In case of authentication headers, use custom authentication or relevant `authModes` instead. (Optional) - `ignoreNullValues` - Value to reporting error when Prometheus target is lost (Values: `true`,`false`, Default: `true`, Optional) - `unsafeSsl` - Used for skipping certificate check e.g: using self signed certs (Values: `true`,`false`, Default: `false`, Optional)