All Products
Search
Document Center

Application Real-Time Monitoring Service:Use remote read endpoints and remote write endpoints

Last Updated:Jan 31, 2024

Managed Service for Prometheus of Application Real-Time Monitoring Service (ARMS) provides remote read and remote write endpoints. You can use the endpoints to remotely store monitoring data. This topic describes how to use the remote read and remote write endpoints to write monitoring data from open source Prometheus to Managed Service for Prometheus.

Limits

Remote read and remote write endpoints do not support HTTP/2.

Prerequisites

Prometheus instances are created. For more information, see the following topics:

Step 1: (Optional) Grant the read and write permissions on ARMS to a RAM user

This section describes how to grant the read and write permissions on ARMS to a RAM user within the Alibaba Cloud account that was used to create the Prometheus instance. If you want to use the AccessKey ID and secret of the RAM user to perform remote read and write operations, authorization is required.

  1. Log on to the Resource Access Management (RAM) console with an Alibaba Cloud account.

  2. In the left-side navigation pane, choose Permissions > Grants.

  3. On the Grants page, click Grant Permission.

  4. In the Grant Permission panel, set the Principal parameter to the username of the RAM user to whom you want to grant read and write permissions.

  5. On the System Policy tab in the Select Policy section, enter a policy name in the search box to search for a policy. In the search result, click the policy name to add the policy to the Selected section on the right. Then, click OK.

    ARMS provides two system policies to grant full permissions or read-only permissions. You can select a system policy based on your business requirements.

    • AliyunARMSFullAccess: grants full permissions to RAM users on ARMS. RAM users can view, edit, or delete instances of all sub-services.

    • AliyunARMSReadOnlyAccess: grants read-only permissions to RAM users on ARMS. RAM users can view the instance information of each sub-service, and cannot modify or delete the information.

      Important

      To grant the read-only permissions on all ARMS features to a specific resource group, you must attach the AliyunARMSReadOnlyAccess policy to and grant the ReadTraceApp permission to the resource group. Otherwise, ARMS cannot display the application list that belongs to the authenticated resource group.

Step 2: Obtain the remote read and remote write endpoints

  1. Log on to the ARMS console.
  2. In the left-side navigation pane, choose Prometheus Service > Prometheus Instances.
  3. On the Instances page, select the region where the Prometheus instance that you want to manage is created and click Settings in the Actions column.

  4. On the Settings tab, copy the public or private remote read and remote write endpoints based on your business requirements.

    获取Remote Read和Write

Step 3: Configure open source Prometheus

  1. Install open source Prometheus. For more information, see Prometheus documentation.

  2. Open the Prometheus.yaml configuration file and append the following content to the file. Replace the remote_write and remote_read parameters with the endpoints that you obtained in Step 2. Then, save the file.

    global:
      scrape_interval:     15s
      evaluation_interval: 15s
    scrape_configs:
      - job_name: 'prometheus'
        static_configs:
        - targets: ['localhost:9090']
    remote_write:
      // Set the value to the remote write endpoint that you obtained. 
      - url: "http://ts-xxxxxxxxxxxx.hitsdb.rds.aliyuncs.com:3242/api/prom_write"
        basic_auth:   
          // Set the username and password parameters to the AccessKey ID and AccessKey secret of your Alibaba Cloud account. 
          username: access-key-id
          password: access-key-secret
    remote_read:
      // Set the value to the remote read endpoint that you obtained. 
      - url: "http://ts-xxxxxxxxxxxx.hitsdb.rds.aliyuncs.com:3242/api/prom_read"
        read_recent: true
    Note
    • Managed Service for Prometheus provides public and private remote read and remote write endpoints. For both endpoint types, you must set the username and password parameters.

    • Set the username and password parameters to the AccessKey ID and AccessKey secret of your Alibaba Cloud account. For more information about how to obtain an AccessKey pair, see Obtain an AccessKey pair.

    • This topic also describes how to grant the read and write permissions on ARMS to a RAM user within the Alibaba Cloud account that was used to create the Prometheus instance. If you want to use the AccessKey ID and secret of the RAM user to perform remote read and write operations, authorization is required. For more information, see Step 1.

View the monitoring data of open source Prometheus

After you run open source Prometheus, you can view the monitoring data of open source Prometheus on a Grafana dashboard.

  1. Log on to the ARMS console.
  2. In the left-side navigation pane, choose Prometheus Service > Prometheus Instances.
  3. In the top navigation bar of the ARMS console, select the region where the Prometheus instance to which the monitoring data of open source Prometheus is written resides. Then, click the name of the instance.

  4. On the Dashboards page, click the name of dashboard that you want to view.