Details
-
Improvement
-
Status: Done
-
Medium
-
Resolution: Fixed
-
None
-
None
-
3
-
Yes
-
Yes
-
Yes
-
C/S Core
Description
User story
As a PMM user, I want to be able to specify a custom password for accessing metrics from exporters, so that I can simplify additional data collection by external Prometheus
UI/UX:
pmm-admin add ... --agent-password='mypass' ..
Acceptance criteria
- User able to specify a custom password for BAsic Auth used to access the metrics endpoint
- metrics collection for PMM works the same as with the current passwords schema (agent Id)
- custom password exposed in Inventory UI/API so the user is able to differentiate between custom and standard passwords
Out of scope:
- validation for custom password
- setting a password for HAProxy monitoring or External Services monitoring
Suggested implementation:
1. Add a new flag to all commands in pmm-admin
2. Extend API
3. In pmm-managed add migration. Store and select new pass from DB and pass it to pmm-agent
4. Add tests
How to test:
1. Run PMM server.
2. Run MySQL, ProxySQL, MongoDB and PostgreSQL.
3. Add all of them by pmm-admin command add with flag --agent-password which setup new password for endpoint /metrics instead agent ID. User is still pmm.
4. Check that everyting is working properly.
5. Check /metrics endpoint for all exporters and log in with new password.
Details:
Should be tested for all services
UPD. Agent password shouldn't be exposed on UI
