Kuma facilitates consistent traffic metrics across all dataplanes in your mesh.
A user can enable traffic metrics by editing a Mesh resource and providing the desired Mesh-wide configuration. If necessary, metrics configuration can be customized for each Dataplane individually, e.g. to override the default metrics port that might be already in use on that particular machine.
Out-of-the-box, Kuma provides full integration with Prometheus:
if enabled, every dataplane will expose its metrics in Prometheus format
furthemore, Kuma will make sure that Prometheus can automatically find every dataplane in the mesh
To collect metrics from Kuma, you need to first expose metrics from Dataplanes and then configure Prometheus to collect them.
apiVersion: kuma.io/v1alpha1
kind: Mesh
metadata:name: default
spec:metrics:enabledBackend: prometheus-1backends:-name: prometheus-1type: prometheus
conf:skipMTLS:falseport:5670path: /metrics
tags:# tags that can be referred in Traffic Permission when metrics are secured by mTLS kuma.io/service: dataplane-metrics
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16
type: Mesh
name: default
metrics:enabledBackend: prometheus-1backends:-name: prometheus-1type: prometheus
conf:skipMTLS:true# by default mTLS metrics are also protected by mTLS. Scraping metrics with mTLS without transparent proxy is not supported at the moment.
1 2 3 4 5 6 7 8 9
which is a convenient shortcut for
type: Mesh
name: default
metrics:enabledBackend: prometheus-1backends:-name: prometheus-1type: prometheus
conf:skipMTLS:trueport:5670path: /metrics
tags:# tags that can be referred in Traffic Permission when metrics are secured by mTLS kuma.io/service: dataplane-metrics
1 2 3 4 5 6 7 8 9 10 11 12 13
Both snippets from above instruct Kuma to configure every dataplane in the mesh default to expose an HTTP endpoint with Prometheus metrics on port 5670 and URI path /metrics.
Although dataplane metrics are now exposed, Prometheus doesn't know anything about it just yet.
To help Prometheus to automatically discover dataplanes, Kuma provides a tool - kuma-prometheus-sd.
kuma-prometheus-sd is meant to run alongside Prometheus instance.
It knows location of Kuma Control Plane is and can fetch an up-to-date list of dataplanes from it.
It then transforms that information into a format that Prometheus can understand, and saves it into a file on disk.
Prometheus watches for changes to that file and updates its scraping configuration accordingly.
Use kumactl install metrics | kubectl apply -f - to deploy configured Prometheus with Grafana.
Kuma lets you expose Dataplane metrics in a secure way by leveraging mTLS. Prometheus needs to be a part of the Mesh for this feature to work, which is the default deployment model when kumactl install metrics is used on Kubernetes.
Make sure that mTLS is enabled in the Mesh.
apiVersion: kuma.io/v1alpha1
kind: Mesh
metadata:name: default
spec:mtls:enabledBackend: ca-1backends:-name: ca-1type: builtin
metrics:enabledBackend: prometheus-1backends:-name: prometheus-1type: prometheus
conf:port:5670path: /metrics
skipMTLS:falsetags:# tags that can be referred in Traffic Permission kuma.io/service: dataplane-metrics