Project

General

Profile

Actions

Task #6810

open

Add a wireguard prometheus exporter to our infrastructure

Added by Nico Schottelius over 2 years ago. Updated over 2 years ago.

Status:
New
Priority:
Normal
Assignee:
-
Target version:
-
Start date:
06/08/2019
Due date:
% Done:

0%

Estimated time:
PM Check date:
06/09/2019

Description

Parse output from wg show and make it available for prometheus

  • Export "up" vpns
  • Export received/sent traffic
  • Export latest handshake
Actions #1

Updated by Jason Kim over 2 years ago

  • PM Check date set to 06/09/2019
Actions #2

Updated by Evil Ham over 2 years ago

This sounds more interesting to me than "IPv6 is down", but:

Nico Schottelius wrote:

Parse output from wg show and make it available for prometheus

  • Export "up" vpns

I must assume this means a count? Aka: how many peers are defined? how many are up?
Prometheus docs advise against using "per-client" (in this case per-vpn) labels as that can badly kill performance.

  • Export received/sent traffic
  • Export latest handshake

Easily doable from:

wg show all dump

From man wg:

If dump is specified, then several lines are printed; the
first contains in order separated by tab: private-key, public-
key, listen-port, fwmark. Subsequent lines are printed for each
peer and contain in order separated by tab: public-key,
preshared-key, endpoint, allowed-ips, latest-handshake,
transfer-rx, transfer-tx, persistent-keepalive.

Actions #3

Updated by Nico Schottelius over 2 years ago

Re per-client: I see the "prometheus problem" - however it would be very interesting to see which client uses how much traffic / in out, which would help a lot for load balancing (i.e. move clients xyz to vpnserver A)

I wonder if there is a "nice" solution to this

Actions #5

Updated by Nico Schottelius over 2 years ago

  • Subject changed from Create a wireguard prometheus exporter to Add a wireguard prometheus exporter to our infrastructure

Thanks for the hint Evilham!

Actions

Also available in: Atom PDF