jack/Distributed-Prometheus
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feat: 引入 vmauth 鉴权与严格多租户

Browse Source 
- 对外端口统一为 18428(vmauth 入口),VM 不再直接暴露宿主机端口
- 边缘 vmagent 与中央 Prometheus remote_write 增加 basic auth
- 支持 tenants.csv 驱动的 per-tenant 写入/查询隔离,并提供管理员跨租户只读查询
- 更新 Grafana provisioning 与部署/文档

Made-with: Cursor
This commit is contained in:
root
2026-04-22 11:41:13 +00:00
parent ab1515dffb
commit c4825c2d27
21 changed files with 278 additions and 37 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
doc/BEST_PRACTICES.md
View File

@@ -40,14 +40,14 @@
# 开放端口
firewall-cmd --permanent --add-port=3000/tcp # Grafana
firewall-cmd --permanent --add-port=9091/tcp # Prometheus
firewall-cmd --permanent --add-port=8428/tcp # VictoriaMetrics
firewall-cmd --permanent --add-port=18428/tcp # VictoriaMetrics
firewall-cmd --permanent --add-port=9093/tcp # Alertmanager
firewall-cmd --reload
```
**边缘节点**
- 不需要开放端口(只做数据推送)
- 确保可以访问中央服务器 8428 端口
- 确保可以访问中央服务器 18428 端口
#### 网络优化