Forum Discussion

Altocumulus

Dec 29, 2022

F5 Telmeter to Node Exporter

Hello, I want to stream F5 Telemetry to Node_exporter because node exporter is integrated with Oracle cloud. how ever the node_exporter config accepts only HTTP URLs as we know the F5 endpoint is...

JRahm
Jan 18, 2023
Dropped the ball, raindrop18, sorry about that! So you need to query http://, not https://, because of a limitation in the node_exporter, but you don't want to expose the BIG-IP username/password?

Not sure I can recommend that scenario, but if you wanted to try something (caution: rolling your own crypto is bad) you could send a salted hash in a cookie from a string you choose (not username/password) and then in an iRule on a virtual listening on port 80 with a client-addr requirement of your node_exporter system, have that known string also salted and hashed to compare, and then in the iRule set node as localhost and insert as basic auth your username/password in iRule with your TS endpoint URI...again, this is a bad idea, but it is possible.

JRahm

Admin

Hi raindrop18 , I don't have much exposure to telemetry streaming, but I'll try to point you in the rigth direction.

Are you trying to stream to the Node_exporter or connect to BIG-IP from it?

If the former, can you set the consumer protocol to http?

If that doesn't work, can you use BIG-IP as a proxy and and use a virtual to receive https from TS and then be in the clear on the server side to your collector?

If you can get back to me with more details, I'll ask around internally for help.

raindrop18

Altocumulus

Jan 11, 2023

Thanks, JRham

sorry for the late response, so I am trying to pull the metrics from F5 to node_exporter. I want to use HTTPS since I don't want the user/password to be on the clear test while connecting the F5 and pulling the metrics if I have to use HTTP.

do you have any suggestions?

Eli

JRahm
Admin
Jan 18, 2023
Dropped the ball, raindrop18, sorry about that! So you need to query http://, not https://, because of a limitation in the node_exporter, but you don't want to expose the BIG-IP username/password?

Not sure I can recommend that scenario, but if you wanted to try something (caution: rolling your own crypto is bad) you could send a salted hash in a cookie from a string you choose (not username/password) and then in an iRule on a virtual listening on port 80 with a client-addr requirement of your node_exporter system, have that known string also salted and hashed to compare, and then in the iRule set node as localhost and insert as basic auth your username/password in iRule with your TS endpoint URI...again, this is a bad idea, but it is possible.
- raindrop18
  Altocumulus
  Feb 16, 2023
  Thanks!

Recent Discussions

Under Attack? F5 Will Help You.
Contacting F5 Support?

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

Forum Discussion

F5 Telmeter to Node Exporter

Recent Discussions

TS Declarations for DNS

APM file and registry key date check 8 days old

SSL bridging without SSL proxy forward

Should config via cli rather than gui?

APM Modern Customization - modify Header in user-common.js and form in user-logon.js

Related Content

Export all node list

Insights of F5 Distributed Cloud WAAP Events Export, New Operators and Trends features

Export Virtual Server Configuration in CSV - tmsh cli script

Problem about Export imformation to Excel

Export GTM/DNS Configuration in CSV - tmsh cli script

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS