Node-exporter setup with Systemd
For those who aren’t familiar, node-exporter is a Prometheus exporter that exposes hardware and OS metrics from *NIX kernels.
To get it up and running, there’s a simple guide on Prometheus official docs. The issue with the approach is that running node-exporter by executing binary directly isn’t the most reliable approach in a production environment as there’s no way to ensure that the node_exporter process will run continuously.
This is where systemd
comes in. systemd
is an init system and system maanger and comes with a management tool called systemctl
meant for managing processes, checking statuses, configuration and changing system states.
Now let’s look at how we can use it to set up node-exporter on a Linux machine.
First, download the binary from release page. If you are setting node-exporter as part of your bootstrap script, it may be useful to execute the downloading in a subshell (enclose command in ()
) so that you do not have change directory,
Next, create user and group for running node-exporter process. You do not want to run your process as root.
Then, move binary to /usr/local/bin
and change owner of file to the user (node_exporter
) created above.
Now, create a .service
file to running node-exporter process using systemd.
We now perform a reload and start the process.
We can then check to see if process is running properly.
If you see the following error, it could be due to SELinux being enabled.
By default, SELinux doesn’t allow execution of scripts from /tmp
or user’s /home
directory. Even though the binary has been moved to /usr/local/bin
, the context is still /tmp
.
Check if SELinux is enabled
To fix the permission issue, run the following to update the context and restart the service. Node-exporter process should be able to run after this change.
If you are installing node-exporter on an instance using CIS Hardened image, you may encounter issue accessing the /metrics
endpoint. This is due to the iptable rules.
The following snippet will check for existence of required rule that accepts packets from port: 9100
(default port of node-exporter) and add if rule is missing.