Collect Juju metrics

This page covers how to collect metrics about Juju itself using Prometheus.

It is possible for charmed operators to collect metrics about other charmed operators (see Metric collecting charmed operators ).

Page content:

Connecting Juju to Prometheus

Each controller provides an HTTPS endpoint to expose Prometheus metrics. To feed these metrics into Prometheus, you must add a new scrape target to your already installed and running Prometheus instance. For this use case, the only constraint on where Prometheus is running is that the server must be able to contact the controller’s API address/port.

Adding authorisation information

The Juju controller’s metrics endpoint requires authorisation, so create a user and password for Prometheus to use:

juju add-user prometheus
juju change-user-password prometheus

When prompted, enter the password twice:

new password: <password>
type new password again: <password>

For the prometheus user to be able to access the metrics endpoint, grant the user read access to the controller model:

juju grant prometheus read controller

Skip validation

Juju serves the metrics over HTTPS, with no option of degrading to HTTP. You can configure your Prometheus instance to skip validation, or enter this to store the controller’s CA certificate in a file for Prometheus to verify the server’s certificate against:

juju controller-config ca-cert > /path/to/juju-ca.crt

Add a scrape target

To add a scrape target to Prometheus, add the following to prometheus.yaml:

scrape_configs:
  job_name: juju
    metrics_path: /introspection/metrics
    scheme: https
    static_configs:
      targets: ['<controller-address>:17070']
    basic_auth:
      username: user-prometheus
      password: <password>
    tls_config:
      ca_file: /path/to/juju-ca.crt

The username syntax in the scrape_configs is important and should contain the user- portion.


Last updated 20 days ago.