Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

docs(prometheus-scaler): 📝 Add customHeaders parameter #1064

Merged
merged 9 commits into from
Feb 27, 2023
Merged

docs(prometheus-scaler): 📝 Add customHeaders parameter #1064

Changes from 5 commits
Commits
Show all changes
9 commits
Select commit Hold shift + click to select a range
fcfe820
docs(prometheus-scaler): 📝 Add customHeaders parameter
prashant-shahi Feb 7, 2023
eff1b70
docs(prometheus-scaler): 📝 Add custom auth mode and example
prashant-shahi Feb 7, 2023
77727e6
docs(prometheus-scaler): 📝 update custom header examples
prashant-shahi Feb 7, 2023
f02ffb1
docs(prometheus-scaler): 📝 custom authentication related
prashant-shahi Feb 8, 2023
13c046e
Merge branch 'main' into docs/prometheus-headers
prashant-shahi Feb 13, 2023
00d2361
Merge branch 'main' into docs/prometheus-headers
prashant-shahi Feb 22, 2023
483f58c
docs(prometheus-scaler): 📝 cortexOrgID deprecation
prashant-shahi Feb 22, 2023
0c83133
docs(prometheus-scaler): 📝 custom auth info in custom headers
prashant-shahi Feb 22, 2023
3b71452
docs(prometheus-scaler): 📝 update deprecation message as per deprecat…
prashant-shahi Feb 24, 2023
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
58 changes: 57 additions & 1 deletion content/docs/2.10/scalers/prometheus.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -23,6 +23,7 @@ triggers:
# Optional fields:
namespace: example-namespace # for namespaced queries, eg. Thanos
cortexOrgID: my-org # Optional. X-Scope-OrgID header for Cortex.
customHeaders: X-Client-Id=cid,X-Tenant-Id=tid,X-Organization-Id=oid # Optional. Custom headers to include in query.
ignoreNullValues: false # Default is `true`, which means ignoring the empty value list from Prometheus. Set to `false` the scaler will return error when Prometheus target is lost
unsafeSsl: "false" # Default is `false`, Used for skipping certificate check when having self signed certs for Prometheus endpoint
```
Expand All @@ -36,12 +37,13 @@ triggers:
- `activationThreshold` - Target value for activating the scaler. Learn more about activation [here](./../concepts/scaling-deployments.md#activating-and-scaling-thresholds).(Default: `0`, Optional, This value can be a float)
- `namespace` - A namespace that should be used for namespaced queries. These are required by some highly available Prometheus setups, such as [Thanos](https://thanos.io). (Optional)
- `cortexOrgID` - The `X-Scope-OrgID` header to query multi tenant [Cortex](https://cortexmetrics.io/) or [Mimir](https://grafana.com/oss/mimir/). (Optional)
prashant-shahi marked this conversation as resolved.
Show resolved Hide resolved
- `customHeaders` - Custom headers to include while querying the prometheus endpoint. In case of authentication headers, use custom authentication or relevant `authModes` instead. (Optional)
- `ignoreNullValues` - Value to reporting error when Prometheus target is lost (Values: `true`,`false`, Default: `true`, Optional)
- `unsafeSsl` - Used for skipping certificate check e.g: using self signed certs (Values: `true`,`false`, Default: `false`, Optional)

### Authentication Parameters

Prometheus Scaler supports three types of authentication - bearer authentication, basic authentication and TLS authentication.
Prometheus Scaler supports four types of authentication - bearer authentication, basic authentication, TLS authentication and custom authentication.

You can use `TriggerAuthentication` CRD to configure the authentication. It is possible to specify multiple authentication types i.e. `authModes: "tls,basic"` Specify `authModes` and other trigger parameters along with secret credentials in `TriggerAuthentication` as mentioned below:

Expand All @@ -60,6 +62,11 @@ You can use `TriggerAuthentication` CRD to configure the authentication. It is p
- `cert` - Certificate for client authentication. This is a required field.
- `key` - Key for client authentication. Optional. This is a required field.

**Custom authentication:**
- `authModes`: It must contain `custom` in case of Custom Authentication. Specify this in trigger configuration.
- `customAuthHeader`: Custom Authorization Header name to be used. This is required field.
- `customAuthValue`: Custom Authorization Header value. This is required field.

> 💡 **NOTE:**It's also possible to set the CA certificate regardless of the selected `authModes` (also without any authentication). This might be useful if you are using an enterprise CA.

### Example
Expand Down Expand Up @@ -295,3 +302,52 @@ spec:
authenticationRef:
name: keda-prom-creds
```

Here is an example of a prometheus scaler with Custom Authentication, define the `Secret` and `TriggerAuthentication` as follows

```yaml
apiVersion: v1
kind: Secret
metadata:
name: keda-prom-secret
namespace: default
data:
customAuthHeader: "X-AUTH-TOKEN"
customAuthValue: "auth-token"
---
apiVersion: keda.sh/v1alpha1
kind: TriggerAuthentication
metadata:
name: keda-prom-creds
namespace: default
spec:
secretTargetRef:
- parameter: customAuthHeader
name: keda-prom-secret
key: customAuthHeader
- parameter: customAuthValue
name: keda-prom-secret
key: customAuthValue
---
apiVersion: keda.sh/v1alpha1
kind: ScaledObject
metadata:
name: prometheus-scaledobject
namespace: keda
labels:
deploymentName: dummy
spec:
maxReplicaCount: 12
scaleTargetRef:
name: dummy
triggers:
- type: prometheus
metadata:
serverAddress: http://<prometheus-host>:9090
metricName: http_requests_total
threshold: '100'
query: sum(rate(http_requests_total{deployment="my-deployment"}[2m]))
authModes: "custom"
authenticationRef:
name: keda-prom-creds
```