search

MindFlavor / prometheus_wireguard_exporter

A Prometheus exporter for WireGuard, written in Rust.
https://mindflavor.github.io/prometheus_wireguard_exporter
MIT License
463 stars 49 forks source link

No Metrics shown #86

Closed martinjgrunwald closed 2 years ago

martinjgrunwald commented 2 years ago

I just cannot get the exporter to show me any information about the peers. All i get is this:

# HELP wireguard_sent_bytes_total Bytes sent to the peer
# TYPE wireguard_sent_bytes_total counter

# HELP wireguard_received_bytes_total Bytes received from the peer
# TYPE wireguard_received_bytes_total counter

# HELP wireguard_latest_handshake_seconds Seconds from the last handshake
# TYPE wireguard_latest_handshake_seconds gauge

This is my docker-compose:

version: "3"
services:
  wireguard-exporter:
    image: mindflavor/prometheus-wireguard-exporter:latest
    container_name: wireguard-exporter
    cap_add:
      - NET_ADMIN
    volumes:
      - /etc/localtime:/etc/localtime:ro
    ports:
      - 9586:9586
    command:
      - -a
      - -v
      - -i wg0
    restart: unless-stopped

And this is my wg0.conf:

[Interface]
PrivateKey = XXX
Address = 10.6.0.1/24
ListenPort = 51820
### begin Peer1 ###
[Peer]
PublicKey = XXX
PresharedKey = XXX
AllowedIPs = 10.6.0.2/32
### end Peer1 ###
### begin Peer2 ###
[Peer]
PublicKey = D+F23yYyf0voOydY6WUbeNvs8NGu/PEPFh+SM8Db3kY=
PresharedKey = nKdXvY3mnfbGu7o+VIK9ySTW5u0HhASrSdXMHSfuRUM=
AllowedIPs = 10.6.0.3/32
### end Peer2 ###
...

If I manually type sudo wg show all dump however it does show me information about the peers.

What did I do wrong? 😑

nmcc1212 commented 2 years ago

same

nmcc1212 commented 2 years ago

i enabled verbose mode and got this TRACE prometheus_wireguard_exporter] wg show all dump stderr == Unable to access interface wg0: Operation not permitted

mikafouenski commented 2 years ago

Hello,

If anyone reading this issue, you have to be net host for the exporter to see the wireguard interface.
Also, I found out that when running inside a container with the 3.6.1 version, you need to add the PROMETHEUS_WIREGUARD_EXPORTER_PREPEND_SUDO_ENABLED env var.

My compose:

  prometheus-wireguard-exporter:
    image: mindflavor/prometheus-wireguard-exporter:3.6.1
    restart: unless-stopped
    cap_add:
      - NET_ADMIN
    network_mode: host
    environment:
      TZ: Europe/Paris
      PROMETHEUS_WIREGUARD_EXPORTER_PREPEND_SUDO_ENABLED: true
      PROMETHEUS_WIREGUARD_EXPORTER_ADDRESS: 127.0.0.1
      PROMETHEUS_WIREGUARD_EXPORTER_INTERFACES: wg0
      PROMETHEUS_WIREGUARD_EXPORTER_EXPORT_REMOTE_IP_AND_PORT_ENABLED: true
martinjgrunwald commented 2 years ago

Thank you so much! My Problem was both the PROMETHEUS_WIREGUARD_EXPORTER_PREPEND_SUDO_ENABLED env var and the network_mode: host. I guess I never tried these two together.

My compose now looks like this:

version: "3"
services:
  wireguard-exporter:
    image: mindflavor/prometheus-wireguard-exporter:latest
    container_name: wireguard-exporter
    cap_add:
      - NET_ADMIN
    volumes:
      - /etc/localtime:/etc/localtime:ro
    network_mode: host
    environment:
      - TZ=Europe/Berlin
      - PROMETHEUS_WIREGUARD_EXPORTER_PREPEND_SUDO_ENABLED=true
      - PROMETHEUS_WIREGUARD_EXPORTER_INTERFACES=wg0
      - PROMETHEUS_WIREGUARD_EXPORTER_EXPORT_REMOTE_IP_AND_PORT_ENABLED=true
    restart: unless-stopped

edit: syntax highlighting