Uploaded image for project: 'Percona Monitoring and Management'
  1. Percona Monitoring and Management
  2. PMM-7570

Specify Custom Basic Auth password for Agents when adding Services


    • Improvement
    • Status: Done
    • Medium
    • Resolution: Fixed
    • None
    • 2.21.0
    • Inventory
    • None
    • 3
    • Yes
    • Yes
    • [obsolete] C/S Core


      User story
      As a PMM user, I want to be able to specify a custom password for accessing metrics from exporters, so that I can simplify additional data collection by external Prometheus

      pmm-admin add ... --agent-password='mypass' ..

      Acceptance criteria

      • User able to specify a custom password for BAsic Auth used to access the metrics endpoint
      • metrics collection for PMM works the same as with the current passwords schema (agent Id)
      • custom password exposed in Inventory UI/API so the user is able to differentiate between custom and standard passwords

      Out of scope:

      • validation for custom password
      • setting a password for HAProxy monitoring or External Services monitoring 

      Suggested implementation:
      1. Add a new flag to all commands in pmm-admin

      2. Extend API

      3. In pmm-managed add migration. Store and select new pass from DB and pass it to pmm-agent

      4. Add tests


      How to test:

      1. Run PMM server.
      2. Run MySQL, ProxySQL, MongoDB and PostgreSQL.
      3. Add all of them by pmm-admin command add with flag --agent-password which setup new password for endpoint /metrics instead agent ID. User is still pmm.
      4. Check that everyting is working properly.
      5. Check /metrics endpoint for all exporters and log in with new password.



      Should be tested for all services

      UPD. Agent password shouldn't be exposed on UI


        Issue Links



              jiri.ctvrtka Jiří Čtvrtka
              roma.novikov Roma Novikov
              0 Vote for this issue
              5 Start watching this issue



                Smart Checklist