Comments (1)
ribbybibby
commented on July 18, 2024
I guess you might be able to run the exporter as a sidecar container in the pod and use a shared volume to share the certificates with the exporter: https://kubernetes.io/docs/tasks/access-application-cluster/communicate-containers-same-pod-shared-volume/.
If your certificates are being mounted from secrets in the cluster, you could use the secret prober. In general it's probably better to mount certificates into pods like this anyway, rather than relying on them being in the container filesystem in the pod already.
Another option might be to look for files recursively on the node in the 'merged' directory:
curl "localhost:9219/probe?module=file&target=/var/lib/docker/overlay2/*/merged/**/*.pem"
This might be quite slow and you'd probably need pretty beefy permissions. I suppose you might also struggle to associate the path on disk back to the running pod. You might need to do some fancy label_replace stuff to associate the container id in the path back to a container in a pod.
from ssl_exporter.
Related Issues (20)
- OCSP server check? HOT 3
- Container has runAsNonRoot and image has non-numeric user (ssl), cannot verify user is non-root HOT 1
- go-restful lib in 2.4.1 having CRTICAL vulnerability HOT 1
- Consider defaulting to no modules
- Request for `dry-run` feature
- Consider allowing setting up custom headers on the HTTPS module HOT 3
- Crypto Go :we are a research group to help developers build secure applications.
- X-Prometheus-Scrape-Timeout-Seconds and network latency
- ssl_exporter dont export timestamp to prometheus HOT 2
- How can I custom the resolve IP for tls certificate check ? HOT 2
- The Certificate is revoked, but exporter ssl_ocsp_response_status is Good
- What format is the serial number in? HOT 1
- OCSP status HOT 2
- How can I monitor an IPv6 domain name? HOT 1
- Allow to use remote http\https resources in PEM file module HOT 3
- dnsnames with commas HOT 2
- Update github.com/prometheus/client_golang/prometheus/promhttp to >= 1.11.1 HOT 1
- Is the go.mod file broken? HOT 7
- Is this project still active HOT 1
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from ssl_exporter.