http panic trying to scrape from localhost:someport (ssh tunnel to the actual idrac)

[joeloplot]

I'm trying to do a quick proof of concept for scraping from an iDrac via a ssh tunnel and portforward.

After I ssh, I can access the iDrac's redfish api at https://127.0.0.1:8443/redfish/v1

which returns me:
{"@odata.context":"/redfish/v1/$metadata#ServiceRoot.ServiceRoot","@odata.id":"/redfish/v1","@odata.type":"#ServiceRoot.v1_5_2.ServiceRoot","AccountService":{"@odata.id":"/redfish/v1/AccountService"},"CertificateService":{"@odata.id":"/redfish/v1/CertificateService"},"Chassis":{"@odata.id":"/redfish/v1/Chassis"},"Description":"Root Service","EventService":{"@odata.id":"/redfish/v1/EventService"},"Fabrics":{"@odata.id":"/redfish/v1/Fabrics"},"Id":"RootService","JobService":{"@odata.id":"/redfish/v1/JobService"},"JsonSchemas":{"@odata.id":"/redfish/v1/JsonSchemas"},"Links":{"Sessions":{"@odata.id":"/redfish/v1/SessionService/Sessions"}},"Managers":{"@odata.id":"/redfish/v1/Managers"},"Name":"Root Service","Oem":{"Dell":{"@odata.context":"/redfish/v1/$metadata#DellServiceRoot.DellServiceRoot","@odata.type":"#DellServiceRoot.v1_0_0.DellServiceRoot","IsBranded":1,"ManagerMACAddress":"2c:ea:7f:52:28:76","ServiceTag":"1LH5Q53"}},"Product":"Integrated Remote Access Controller","ProtocolFeaturesSupported":{"ExcerptQuery":false,"ExpandQuery":{"ExpandAll":true,"Levels":true,"Links":true,"MaxLevels":1,"NoLinks":true},"FilterQuery":true,"OnlyMemberQuery":true,"SelectQuery":true},"RedfishVersion":"1.6.0","Registries":{"@odata.id":"/redfish/v1/Registries"},"SessionService":{"@odata.id":"/redfish/v1/SessionService"},"Systems":{"@odata.id":"/redfish/v1/Systems"},"Tasks":{"@odata.id":"/redfish/v1/TaskService"},"TelemetryService":{"@odata.id":"/redfish/v1/TelemetryService"},"UpdateService":{"@odata.id":"/redfish/v1/UpdateService"},"Vendor":" "}
so I am confident the iDrac is working and that the ssh tunnel works.

However, when I try to access this port with idrac_exporter, I get the following error, consistently:

goroutine 14 [running]:
net/http.(*conn).serve.func1()
	/opt/homebrew/Cellar/go/1.20.4/libexec/src/net/http/server.go:1854 +0xb0
panic({0x1047f48c0, 0x104b306c0})
	/opt/homebrew/Cellar/go/1.20.4/libexec/src/runtime/panic.go:890 +0x258
github.com/mrlhansen/idrac_exporter/internal/config.(*RootConfig).GetHostCfg(0x104b422e0, {0x1400002c6a4, 0xe})
	/Users/joel.bernstein/go/pkg/mod/github.com/mrlhansen/idrac_exporter@v0.0.0-20230611094054-4368efa6f3c2/internal/config/config.go:44 +0x148
github.com/mrlhansen/idrac_exporter/internal/collector.GetCollector({0x1400002c6a4, 0xe})
	/Users/joel.bernstein/go/pkg/mod/github.com/mrlhansen/idrac_exporter@v0.0.0-20230611094054-4368efa6f3c2/internal/collector/collector.go:328 +0x224
main.MetricsHandler({0x104876d70, 0x140001a42a0}, 0x14000196700)
	/Users/joel.bernstein/go/pkg/mod/github.com/mrlhansen/idrac_exporter@v0.0.0-20230611094054-4368efa6f3c2/cmd/idrac_exporter/handler.go:40 +0xe8
net/http.HandlerFunc.ServeHTTP(0x14000104ad8?, {0x104876d70?, 0x140001a42a0?}, 0x10?)
	/opt/homebrew/Cellar/go/1.20.4/libexec/src/net/http/server.go:2122 +0x38
net/http.(*ServeMux).ServeHTTP(0x1400002c69d?, {0x104876d70, 0x140001a42a0}, 0x14000196700)
	/opt/homebrew/Cellar/go/1.20.4/libexec/src/net/http/server.go:2500 +0x140
net/http.serverHandler.ServeHTTP({0x1400018ec30?}, {0x104876d70, 0x140001a42a0}, 0x14000196700)
	/opt/homebrew/Cellar/go/1.20.4/libexec/src/net/http/server.go:2936 +0x2d8
net/http.(*conn).serve(0x1400019a510, {0x104877120, 0x14000212540})
	/opt/homebrew/Cellar/go/1.20.4/libexec/src/net/http/server.go:1995 +0x560
created by net/http.(*Server).Serve
	/opt/homebrew/Cellar/go/1.20.4/libexec/src/net/http/server.go:3089 +0x520

I've configured the login credentials in idrac.yml

I've tested both with a version pulled with go install and a locally built one, both on local machine or in docker.
What am I doing wrong?

[joeloplot]

I guess it's the use of host:port rather than just host? Would this be difficult to fix?

[mrlhansen]

A couple of questions:

• Do you call the iDRAC exporter using ?target=127.0.0.1:8443 ?
• What do you have in the configuration file under hosts ?

[joeloplot]

Yes, that’s how I call it. I tried simply configuring with default.

…

On 13. Jun 2023, at 10:56, Martin Hansen ***@***.***> wrote: A couple of questions: Do you call the iDRAC exporter using ?target=127.0.0.1:8443 ? What do you have in the configuration file under hosts ? — Reply to this email directly, view it on GitHub <#27 (comment)>, or unsubscribe <https://github.com/notifications/unsubscribe-auth/A7DMX4HDPIEATMCOFC3APHTXLATLBANCNFSM6AAAAAAZDVD4KI>. You are receiving this because you authored the thread.

-- <http://holoplot.com/?utm_source=email&utm_medium=sg&utm_campaign=Holoplot_Signature+> *HOLOPLOT GmbH - Headquarters* Ringbahnstr. 12 (10-14) / A2 12099 Berlin, Germany +49 (0) 30 40745812 *HOLOPLOT GmbH - Manufacturing* Alboinstr. 17-23 / Hall 12 12103 Berlin, Germany +49 (0) 30 959988740 www.holoplot.com <https://holoplot.com/> Follow us on <https://www.facebook.com/OriginalHOLOPLOT/?utm_source=email&utm_medium=sg&utm_campaign=Holoplot_Signature+> LinkedIn <https://www.linkedin.com/company/holoplot-gmbh?utm_source=email&utm_medium=sg&utm_campaign=Holoplot_Signature+>. Roman Sick – CEO | HRB183974B, Register Court Charlottenburg, Germany | EU Tax-Registration No. DE277000701 This e-mail contains confidential and/or privileged information. If you are not the intended recipient (or have received this e-mail in error) please notify the sender immediately and destroy this e-mail. Any unauthorized copying, disclosure or distribution of the information in this e-mail is strictly forbidden.

[mrlhansen]

That is strange, it works for me. If I start a tunnel using:

ssh -N -L 8443:idrac-ip:443 remote-server

and call:

curl localhost:9348/metrics?target=127.0.0.1:8443

with the following config:

address: 127.0.0.1
port: 9348
timeout: 10
retries: 2
hosts:
  default:
    username: myuser
    password: mypassword
metrics:
  system: true
  sensors: true
  power: true
  sel: false
  storage: false
  memory: false

Then everything works.

[joeloplot]

That is odd. I will try to see whether I can reproduce this again. Thanks for investigating, I hope it’s not a waste of your time

…

On 13. Jun 2023, at 11:23, Martin Hansen ***@***.***> wrote: That is strange, it works for me. If I start a tunnel using: ssh -N -L 8443:idrac-ip:443 remote-server and call: curl localhost:9348/metrics?target=127.0.0.1:8443 with the following config: address: 127.0.0.1 port: 9348 timeout: 10 retries: 2 hosts: default: username: myuser password: mypassword metrics: system: true sensors: true power: true sel: false storage: false memory: false Then everything works. — Reply to this email directly, view it on GitHub <#27 (comment)>, or unsubscribe <https://github.com/notifications/unsubscribe-auth/A7DMX4FXSQYXEXGX222WSNTXLAWQFANCNFSM6AAAAAAZDVD4KI>. You are receiving this because you authored the thread.

-- <http://holoplot.com/?utm_source=email&utm_medium=sg&utm_campaign=Holoplot_Signature+> *HOLOPLOT GmbH - Headquarters* Ringbahnstr. 12 (10-14) / A2 12099 Berlin, Germany +49 (0) 30 40745812 *HOLOPLOT GmbH - Manufacturing* Alboinstr. 17-23 / Hall 12 12103 Berlin, Germany +49 (0) 30 959988740 www.holoplot.com <https://holoplot.com/> Follow us on <https://www.facebook.com/OriginalHOLOPLOT/?utm_source=email&utm_medium=sg&utm_campaign=Holoplot_Signature+> LinkedIn <https://www.linkedin.com/company/holoplot-gmbh?utm_source=email&utm_medium=sg&utm_campaign=Holoplot_Signature+>. Roman Sick – CEO | HRB183974B, Register Court Charlottenburg, Germany | EU Tax-Registration No. DE277000701 This e-mail contains confidential and/or privileged information. If you are not the intended recipient (or have received this e-mail in error) please notify the sender immediately and destroy this e-mail. Any unauthorized copying, disclosure or distribution of the information in this e-mail is strictly forbidden.