Add use_proxy_dns to bypass local DNS resolution #554
Conversation
Signed-off-by: Pascal Fautré <[email protected]>
Signed-off-by: Pascal Fautré <[email protected]>
|
As indicated this breaks other features, so doesn't make sense. As I've previously stated I'd consider a feature to better test HTTP proxies, but DNS resolution of whatever is passed in with the URL needs to stay inside the blackbox exporter. |
|
I really don't get it why you states it breaks other features. Please reconsider accepting this PR. |
|
The purpose of the blackbox exporter is to test many many replicas of a service, including knowing what it was that you actually tested. If a proxy does resolution we don't know what was tested, and as mentioned before that http proxies are supported at all is because it happens to come from the http library we use - it was never an intended feature of the blackbox exporter. If you need to test things at the far end of a proxy, you can have Prometheus use the proxy_url and put the blackbox exporter on the other side of the proxy. |
|
We are not authorised to install an exporter on the far end of the proxy and the purpose is to test wether the service is working from here. |
|
We can't cover every possible deployment model to work in the easiest way possible I'm afraid, and we end up presuming that there is only one DNS view. Monitoring many many replicas of a service is explicitly the design goal, in this case the idea would be to test that each of multiple proxy servers work for getting to some HTTP fixed endpoint - which isn't supported as noone has proposed a PR/design yet. I believe what I proposed would have caught that particular issue, as Prometheus wouldn't have been able to get to the blackbox exporter.
Unfortunately we can't help with problems arising due to internal policies/politics, as otherwise that becomes a general argument for everything. |
|
Could we have additional opinions about this PR or are you the sole contributor to have a voice for this repository ? |
|
I'm the sole maintainer of this repo, per our governance you can bring it up on the developers list. |
|
We also need this and have been monitoring answer since issue #303 ... We have a list of third party providers that we need to monitor, as a breakdown from one of them directly breaks our ability to function. Our instances are hosted on AWS EC2 and all go through a proxy to the 3rd party providers... Any update on this much desired feature? |
|
As I've already indicated this feature as-stated will not be accepted. I'd suggest looking at moving where the exporter runs, or fixing your proxy server to work with IP addresses. |
|
Although it's stated that it won't be implemented, I'd also need this feature. The ugly workaround I'm implementing is creating "fake" DNS records in my internal DNS server so the probe sees they exist and then the probe works as expected |
|
This is frustrating... I also need this feature. |
@brian-brazil can you please elaborate on what exact features will be impacted by this change? Most proxy setups do ACLs based on DNS names because IPs are not constants. |
|
As indicated above, it breaks the ability to see what you talked to. I'll be closing this now, as there's no plans to accept any feature like this. As previously stated I am willing to consider features to allow probing of http proxies. |
Changes picked up from original PR prometheus#554 which was rejected by maintainer.
Changes picked up from original PR prometheus#554 which was rejected by maintainer.
|
We would also be happy about this feature 😞 |
|
@dbluxo that is why there are 552 forks ;) |
|
Like this PR, PR-338 was also rejected. Also with the hint to discuss it on the prometheus developers list. Has anyone tried it yet? |
|
@dbluxo changes in this PR works perfectly fine. |
Addressing issue #553 and possibly #264 .