d506e5d50c
* docs: include OS-specific docker-compose install instructions + minor fixes * Update website/docs/installation/kubernetes.md Co-authored-by: Tana M Berry <tanamarieberry@yahoo.com> Signed-off-by: Fletcher Heisler <fheisler@users.noreply.github.com> * Update website/docs/installation/configuration.mdx Co-authored-by: Tana M Berry <tanamarieberry@yahoo.com> Signed-off-by: Fletcher Heisler <fheisler@users.noreply.github.com> * Update website/docs/installation/configuration.mdx Co-authored-by: Tana M Berry <tanamarieberry@yahoo.com> Signed-off-by: Fletcher Heisler <fheisler@users.noreply.github.com> * Update configuration.mdx HTTPS description clarification Signed-off-by: Fletcher Heisler <fheisler@users.noreply.github.com> * Update certificates.md for more clarity, simpler language Signed-off-by: Fletcher Heisler <fheisler@users.noreply.github.com> * Update kubernetes.md . > ; Signed-off-by: Fletcher Heisler <fheisler@users.noreply.github.com> * Update configuration.mdx clarifications Signed-off-by: Fletcher Heisler <fheisler@users.noreply.github.com> * bye windows * take old config env vars back out --------- Signed-off-by: Fletcher Heisler <fheisler@users.noreply.github.com> Co-authored-by: Fletcher Heisler <fletcher@goauthentik.io> Co-authored-by: Tana M Berry <tanamarieberry@yahoo.com>
30 lines
1.4 KiB
Markdown
30 lines
1.4 KiB
Markdown
---
|
|
title: Monitoring
|
|
---
|
|
|
|
authentik can be easily monitored in multiple ways.
|
|
|
|
## Server monitoring
|
|
|
|
Configure your monitoring software to send requests to `/-/health/live/`, which will return a `HTTP 204` response as long as authentik is running. You can also send HTTP requests to `/-/health/ready/`, which will return `HTTP 204` if both PostgreSQL and Redis connections can be/have been established correctly.
|
|
|
|
## Worker monitoring
|
|
|
|
The worker container can be monitored by running `ak healthcheck` in the worker container. This will ping the worker and ensure it can communicate with redis as required.
|
|
|
|
## Outpost monitoring
|
|
|
|
Both kinds of outpost (proxy and LDAP) listen on a separate port (9300) and can be monitored by sending HTTP requests to `/outpost.goauthentik.io/ping`.
|
|
|
|
---
|
|
|
|
Both Docker Compose and Kubernetes deployments use these methods by default to determine when authentik is ready after starting, and to only route traffic to healthy instances; unhealthy instances are restarted.
|
|
|
|
## Metrics
|
|
|
|
Both the core authentik server and any outposts expose Prometheus metrics on a separate port (9300), which can be scraped to gather further insight into authentik's state. The metrics require no authentication, as they are hosted on a separate, non-exposed port by default.
|
|
|
|
You can find an example dashboard here: [grafana.com](https://grafana.com/grafana/dashboards/14837-authentik/)
|
|
|
|
|