CL-Softwares
/
telegraf
8
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

docs: explain proxmox user/token and node_name (#11487)

This commit is contained in:
Joshua Powers 2022-07-12 14:36:10 -06:00 committed by GitHub
parent 19b77ad507
commit a5bc5b5974
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 28 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

27
plugins/inputs/proxmox/README.md
View File

@ -13,7 +13,11 @@ Telegraf minimum version: Telegraf 1.16.0
## API connection configuration. The API token was introduced in Proxmox v6.2. Required permissions for user and token: PVEAuditor role on /. ## API connection configuration. The API token was introduced in Proxmox v6.2. Required permissions for user and token: PVEAuditor role on /.
base_url = "https://localhost:8006/api2/json" base_url = "https://localhost:8006/api2/json"
api_token = "USER@REALM!TOKENID=UUID" api_token = "USER@REALM!TOKENID=UUID"
## Node name, defaults to OS hostname ## Node name, defaults to OS hostname
## Unless Telegraf is on the same host as Proxmox, setting this is required
## for Telegraf to successfully connect to Proxmox. If not on the same host,
## leaving this empty will often lead to a "search domain is not set" error.
# node_name = "" # node_name = ""
## Optional TLS Config ## Optional TLS Config
@ -29,9 +33,26 @@ Telegraf minimum version: Telegraf 1.16.0
### Permissions ### Permissions
The plugin will need to have access to the Proxmox API. An API token must be The plugin will need to have access to the Proxmox API. In Proxmox API tokens
provided with the corresponding user being assigned at least the PVEAuditor role are a subset of the corresponding user. This means an API token cannot execute
on /. commands that the user cannot either.
For Telegraf, an API token and user must be provided with at least the
PVEAuditor role on /. Below is an example of creating a telegraf user and token
and then ensuring the user and token have the correct role:
```s
## Create a influx user with PVEAuditor role
pveum user add influx@pve
pveum acl modify / -role PVEAuditor -user influx@pve
## Create a token with the PVEAuditor role
pveum user token add influx@pve monitoring -privsep 1
pveum acl modify / -role PVEAuditor -token 'influx@pve!monitoring'
```
See this [Proxmox docs example][1] for further details.
[1]: https://pve.proxmox.com/wiki/User_Management#_limited_api_token_for_monitoring
## Metrics ## Metrics

4
plugins/inputs/proxmox/sample.conf
View File

@ -3,7 +3,11 @@
## API connection configuration. The API token was introduced in Proxmox v6.2. Required permissions for user and token: PVEAuditor role on /. ## API connection configuration. The API token was introduced in Proxmox v6.2. Required permissions for user and token: PVEAuditor role on /.
base_url = "https://localhost:8006/api2/json" base_url = "https://localhost:8006/api2/json"
api_token = "USER@REALM!TOKENID=UUID" api_token = "USER@REALM!TOKENID=UUID"
## Node name, defaults to OS hostname ## Node name, defaults to OS hostname
## Unless Telegraf is on the same host as Proxmox, setting this is required
## for Telegraf to successfully connect to Proxmox. If not on the same host,
## leaving this empty will often lead to a "search domain is not set" error.
# node_name = "" # node_name = ""
## Optional TLS Config ## Optional TLS Config