Last time we only covered how to install Prometheus, but we didn't cover how to make sure it is always up, nor the firewall rules. The purpose of this series is not just to install Prometheus but to showcase some parts of Linux. For instance, in this one using service definitions and adding basic firewall rules.

Defining services

Ubuntu 16.04

The service definition of your Prometheus.

File path: /etc/systemd/system/prometheus.service

Content:

[Unit] Description=Prometheus Wants=network-online.target After=network-online.target [Service] User=prometheus Group=prometheus Type=simple ExecStart=/usr/local/bin/prometheus \ --config.file /etc/prometheus/prometheus.yml \ --storage.tsdb.path /var/lib/prometheus/ \ --web.console.templates=/etc/prometheus/consoles \ --web.console.libraries=/etc/prometheus/console_libraries [Install] WantedBy=multi-user.target

And for Node Exporter.

File path: /etc/systemd/system/node-exporter.service

[Unit] Description=Node Exporter Requires=network-online.target [Service] User=node_exporter Group=node_exporter Type=simple ExecStart=/usr/local/bin/node_exporter [Install] WantedBy=multi-user.target

Ubuntu 14.04

The service definition of your Prometheus.

File path: /etc/init/prometheus.conf

Content:

description "Prometheus service" # automatically re-spawn for 10 times with 5 seconds interval and then it will not start again respawn respawn limit 10 5 # To start when server boots start on startup # Start the service with prometheus user exec su -c ' /usr/local/bin/prometheus --config.file /etc/prometheus/prometheus.yml --storage.tsdb.path /var/lib/prometheus/ --web.console.templates=/etc/prometheus/consoles --web.console.libraries=/etc/prometheus/console_libraries' prometheus

The service definition of Node Exporter.

File path: /etc/init/node_exporter.conf

Content:

description "node_exporter service" # automatically respawn for 10 times with 5 seconds interval and then it will not start again respawn respawn limit 10 5 # To start when server boots start on startup # Start the service with node_exporter user exec su -c '/usr/bin/node_exporter' node_exporter

Now that the services are defined and hopefully up, we can set the firewall rules:

If you are using Cloud 66 you only need to go to your stack page/networks & settings and then open the Prometheus port (default 9090 ) to your own IP.

Using ufw you need to run:

# For Prometheus sudo ufw allow from <your IP> to any port 9090 # For Node Exporter sudo ufw allow from <Prometheus-server-IP> to any port 9100

Using iptables:

# For Prometheus sudo iptables -I INPUT 1 -s <your-IP> -p tcp --dport 9090 -j ACCEPT # For Node Exporter sudo iptables -I INPUT 1 -s <Prometheus-server-IP> -p tcp --dport 9100 -j ACCEPT

How to find your IP?

In your terminal run (this is really useful for using in scripts):

curl ifconfig.me

or

dig +short myip.opendns.com @resolver1.opendns.com

Or search for "what is my ip" in your browser

Next stop setting up Grafana the beautiful dashboard!

Catch up with Part 1: What's up? DIY Monitoring with Prometheus.