This repository provides code for a simple Prometheus metrics exporter
for OpenVPN. Right now it can parse files
generated by OpenVPN's --status
, having one of the following formats:
- Client statistics,
- Server statistics with
--status-version 2
(comma delimited), - Server statistics with
--status-version 3
(tab delimited).
As it is not uncommon to run multiple instances of OpenVPN on a single
system (e.g., multiple servers, multiple clients or a mixture of both),
this exporter can be configured to scrape and export the status of
multiple status files, using the -openvpn.status_paths
command line
flag. Paths need to be comma separated. Metrics for all status files are
exported over TCP port 9176.
Please refer to this utility's main()
function for a full list of
supported command line flags.
For clients status files, the exporter generates metrics that may look like this:
openvpn_client_auth_read_bytes_total{status_path="..."} 3.08854782e+08
openvpn_client_post_compress_bytes_total{status_path="..."} 4.5446864e+07
openvpn_client_post_decompress_bytes_total{status_path="..."} 2.16965355e+08
openvpn_client_pre_compress_bytes_total{status_path="..."} 4.538819e+07
openvpn_client_pre_decompress_bytes_total{status_path="..."} 1.62596168e+08
openvpn_client_tcp_udp_read_bytes_total{status_path="..."} 2.92806201e+08
openvpn_client_tcp_udp_write_bytes_total{status_path="..."} 1.97558969e+08
openvpn_client_tun_tap_read_bytes_total{status_path="..."} 1.53789941e+08
openvpn_client_tun_tap_write_bytes_total{status_path="..."} 3.08764078e+08
openvpn_status_update_time_seconds{status_path="..."} 1.490092749e+09
openvpn_up{status_path="..."} 1
For server status files (both version 2 and 3), the exporter generates metrics that may look like this:
openvpn_server_client_received_bytes_total{common_name="...",connection_time="...",real_address="...",status_path="...",username="...",virtual_address="..."} 139583
openvpn_server_client_sent_bytes_total{common_name="...",connection_time="...",real_address="...",status_path="...",username="...",virtual_address="..."} 710764
openvpn_server_route_last_reference_time_seconds{common_name="...",real_address="...",status_path="...",virtual_address="..."} 1.493018841e+09
openvpn_status_update_time_seconds{status_path="..."} 1.490089154e+09
openvpn_up{status_path="..."} 1
openvpn_server_connected_clients 1
Usage of openvpn_exporter:
-openvpn.status_paths string
Paths at which OpenVPN places its status files. (default "examples/client.status,examples/server2.status,examples/server3.status")
-web.listen-address string
Address to listen on for web interface and telemetry. (default ":9176")
-web.telemetry-path string
Path under which to expose metrics. (default "/metrics")
E.g:
openvpn_exporter -openvpn.status_paths /etc/openvpn/openvpn-status.log
Build the image:
docker build --force-rm=true -t openvpn_exporter .
The final image is around 8MB. A temporary image has been downloaded(Golang) to make the final one. Once built, this temporary image become orphan, you can delete it:
docker rmi -f $(docker images | grep "<none>" | awk "{print \$3}")
To use with docker you must mount your status file to /etc/openvpn_exporter/server.status
.
docker run -it -p 9176:9176 -v /path/to/openvpn_server.status:/etc/openvpn_exporter/server.status openvpn_exporter
Metrics should be available on your host IP: http://<host_ip>:9176/metrics. E.g: http://10.39.9.94:9176/metrics
Use the docker image to copy the built binary into a mounted volume
docker run -it -v /local/empty/folder:/volume openvpn_exporter cp openvpn_exporter /volume