website/docs: add metrics for monitoring and metrics

closes #4308

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
This commit is contained in:
Jens Langhammer 2023-01-04 20:49:35 +01:00
parent 15ec6a9284
commit 1efc7eecbf
No known key found for this signature in database
3 changed files with 30 additions and 0 deletions

Binary file not shown.

After

Width:  |  Height:  |  Size: 456 KiB

View file

@ -0,0 +1,29 @@
---
title: Monitoring
---
authentik can be easily monitored multiple ways.
## Server monitoring
Configure your monitoring software to send requests to `/-/health/live/`, which will return a HTTP 204 response as long as authentik is running. You can also send HTTP requests to `/-/health/ready/`, which will return HTTP 204 if both PostgreSQL and Redis connections can be/have been established correctly.
## Worker monitoring
The worker container can be monitored by running `/lifecycle/ak healthcheck` in the worker container. This will ping the worker and ensure it can communicate with redis as required.
## Outpost monitoring
Both kinds of outpost (proxy and LDAP) listen on a separate port (9300), and can be monitored by sending HTTP requests to `/outpost.goauthentik.io/ping`.
---
Both docker-compose and Kubernetes deployments use these methods by default to determine when authentik is ready after starting, and to only route traffic to healthy instances, and unhealthy instances are restarted
## Metrics
Both the core authentik server and any outposts expose Prometheus metrics on a separate port (9300), which can be scraped to gather further insight into authentik's state. The metrics require no authentication, as they are hosted on a separate, non-exposed port by default.
You can find an example dashboard here: [grafana.com](https://grafana.com/grafana/dashboards/14837-authentik/)
![](./dashboard.png)

View file

@ -23,6 +23,7 @@ module.exports = {
"installation/reverse-proxy",
"installation/automated-install",
"installation/air-gapped",
"installation/monitoring",
],
},
{