Any way to run this without exposing /metrics publicly?

Question

Any way to run this without exposing /metrics publicly?

SidJain1412 opened this issue 2 years ago · 2 comments

Due to security issues, I don't want my fastAPI app exposing metrics on the same port as the app itself.
Tried exploring some solutions but don't see how this can be achieved, would really appreciate any help!

By the way, really great repo, there's barely anything good out there for observability for FastAPI applications! 🥇

Answer 1 · 2023-06-01T14:24:58.000Z

Hi @SidJain1412

You can skip adding metrics route and start a Prometheus HTTP server on another port as follows:

from prometheus_client import start_http_server

# app.add_route("/metrics", metrics) # don't add the metrics as route

...

if __name__ == "__main__":
    start_http_server(8080) # start Prometheus on 8080 port
    uvicorn.run(app, host="0.0.0.0", port=8000) # FastAPI on 8000 port

Glad to help you 😄.

Answer 2 · 2023-06-06T09:22:47.000Z

Thanks for the reply @blueswen ! I tried this out and it worked 😃
I had to expose port 8080 from docker-compose and the fastapi app dockerfile

Also had to add - targets: ['myapp:8080'] in prometheus/prometheus.yml :static_configs